From 893de0c659d9d523a574b05e459671e0c218b68d Mon Sep 17 00:00:00 2001
From: peppelinux <demarcog83@gmail.com>
Date: Tue, 21 Nov 2023 16:20:21 +0100
Subject: [PATCH] feat!: MFA in example project, massive improvements and
 bugfixes

---
 .../workflows/docker-publish-iam-nginx.yml    |   97 ++
 .github/workflows/docker-publish-iam.yml      |   94 ++
 .github/workflows/python-app.yml              |   40 +-
 .gitignore                                    |   14 +-
 Dockerfile                                    |  143 +--
 README.ADFS.md                                |   41 +
 compose/README.md                             |  119 ++
 .../docker-entrypoint-initdb.d/create-db.sh   |    8 +
 compose/docker-compose.yml                    |   93 ++
 compose/nginx/Dockerfile                      |    6 +
 compose/nginx/certs/idp_local.key             |   28 +
 compose/nginx/certs/idp_local.pem             |   91 ++
 compose/nginx/nginx.conf_uwsgi_pass           |  100 ++
 compose/nginx/static/403.html                 |   30 +
 compose/nginx/static/404.html                 |   38 +
 compose/nginx/static/50x.html                 |   19 +
 .../add_opensearch_metadata.png               |  Bin 0 -> 143525 bytes
 compose/opensearch_saml2_demo/config.yml      |  273 ++++
 compose/opensearch_saml2_demo/idp.local.xml   |    1 +
 compose/opensearch_saml2_demo/rp.metadata.xml |    1 +
 .../opensearch_saml2_demo/sp.private.key      |    0
 compose/rm-docker-compose.sh                  |   14 +
 compose/rm-persistent-volumes.sh              |   51 +
 compose/run-docker-compose.sh                 |   49 +
 compose/stop-docker-compose.sh                |    8 +
 example/accounts/admin.py                     |    7 +-
 example/accounts/apps.py                      |    4 +-
 .../migrations/0002_user_attributes.py        |   18 +
 example/accounts/migrations/0003_user_uuid.py |   19 +
 example/accounts/models.py                    |   39 +-
 example/certificates/private.key              |   54 +-
 example/certificates/public.cert              |  108 +-
 .../{tests => custom_template}/__init__.py    |    0
 .../static/css/bootstrap-italia.min.css       |    0
 .../static/css/bootstrap-italia.min.css.map   |    0
 .../static/css/idp-login.css                  |  613 +++++----
 .../custom_template/static/css/idp_style.css  |   69 +
 .../static/css/italia-icon-font.css           |    0
 .../static/css/italia-web-toolkit.min.css     |    0
 .../custom_template/static/css/overrides.css  |  403 ++++++
 .../static/font/italia-icon-font.eot          |  Bin
 .../static/font/italia-icon-font.svg          |    0
 .../static/font/italia-icon-font.ttf          |  Bin
 .../static/font/italia-icon-font.woff         |  Bin
 .../static/font/italia-icon-font.woff2        |  Bin
 .../static/img/favicon/browserconfig.xml      |    0
 .../static/img/favicon/favicon-16x16.png      |  Bin
 .../static/img/favicon/favicon-32x32.png      |  Bin
 .../static/img/favicon/manifest.json          |    0
 .../static/img/icons/close.png                |  Bin
 .../static/img/icons/close.svg                |    0
 .../static/img/icons/error.png                |  Bin
 .../static/img/icons/error.svg                |    0
 .../static/img/icons/form-icon-error.svg      |    0
 .../static/img/icons/form-icon-ok.svg         |    0
 .../static/img/icons/google-logo.png          |  Bin 0 -> 484 bytes
 .../static/img/icons/info.png                 |  Bin
 .../static/img/icons/info.svg                 |    0
 .../static/img/icons/loading.png              |  Bin
 .../static/img/icons/loading.svg              |    0
 .../static/img/icons/microsoft-logo.png       |  Bin 0 -> 4754 bytes
 .../static/img/icons/microsoft.ico            |  Bin 0 -> 318 bytes
 .../static/img/icons/success.png              |  Bin
 .../static/img/icons/success.svg              |    0
 .../static/img/icons/warning.png              |  Bin
 .../static/img/icons/warning.svg              |    0
 .../static/js/bootstrap-italia.bundle.min.js  |    0
 .../js/bootstrap-italia.bundle.min.js.map     |    0
 .../static/js/jquery.min.js                   |    0
 .../static/js/rem.min.js                      |    0
 .../static/js/respond.min.js                  |    0
 .../static/js/selectivizr.min.js              |    0
 .../static/js/spid-login.js                   |    0
 example/custom_template/templates/404.html    |  257 ++++
 example/custom_template/templates/500.html    |  266 ++++
 .../custom_template/templates/base-setup.html |  237 ++++
 .../custom_template/templates/base_clean.html |   29 +
 .../templates/data_consent.html}              |    0
 .../templates/data_consent.html.example       |    0
 example/custom_template/templates/error.html  |   56 +
 .../custom_template/templates/idp_base.html   |   32 +
 .../custom_template/templates/saml_login.html |   88 ++
 .../custom_template/templates/saml_post.html  |   31 +
 .../templates/social_buttons.html             |   74 ++
 .../templates/user_agreement.html             |  159 +++
 .../__init__.py => data/media/README.md}      |    0
 example/data/metadata/shibsp-test.xml         |   88 --
 example/data/metadata/sp1.xml                 |   35 -
 example/django_idp/idp_pysaml2.py             |  243 ++--
 example/django_idp/idp_pysaml2.py.example     |  392 ------
 example/django_idp/settings.py                |  182 ++-
 example/django_idp/settingslocal.py           |  456 ++++---
 example/django_idp/settingslocal.py.example   |  290 -----
 example/django_idp/settingslocal_ldap.py      |   80 ++
 example/django_idp/settingslocal_logging.py   |   87 ++
 example/django_idp/urls.py                    |   19 +-
 example/docker-compose.run                    |    6 +
 example/logs/README.md                        |    0
 example/logs/django.log                       |  395 ++++++
 example/logs/django.log.1                     | 1116 +++++++++++++++++
 example/logs/django.log.2                     | 1009 +++++++++++++++
 example/logs/django.log.3                     |  661 ++++++++++
 example/logs/django.log.4                     |  862 +++++++++++++
 example/logs/django.log.5                     |  973 ++++++++++++++
 example/logs/uniauth.log                      |  573 +++++++++
 example/logs/uniauth.log.1                    | 1014 +++++++++++++++
 example/logs/uniauth.log.2                    |  970 ++++++++++++++
 example/logs/uniauth.log.3                    |  988 +++++++++++++++
 example/logs/uniauth.log.4                    | 1028 +++++++++++++++
 example/logs/uniauth.log.5                    | 1028 +++++++++++++++
 example/logs/uniauth.log.6                    |  971 ++++++++++++++
 example/logs/uniauth.log.7                    | 1003 +++++++++++++++
 example/logs/uniauth.log.8                    | 1006 +++++++++++++++
 example/password_reset/__init__.py            |    0
 example/password_reset/admin.py               |    3 +
 example/password_reset/apps.py                |    6 +
 example/password_reset/forms.py               |    5 +
 example/password_reset/migrations/__init__.py |    0
 example/password_reset/models.py              |    3 +
 .../templates/password_reset.html             |   70 ++
 example/password_reset/tests.py               |    3 +
 example/password_reset/urls.py                |   10 +
 example/password_reset/views.py               |  209 +++
 example/socialauth/__init__.py                |    0
 example/socialauth/account_adapter.py         |   29 +
 example/socialauth/admin.py                   |    3 +
 example/socialauth/apps.py                    |   22 +
 example/socialauth/migrations/__init__.py     |    0
 example/socialauth/models.py                  |    3 +
 example/socialauth/signals.py                 |   17 +
 example/socialauth/socialaccount_adapter.py   |   74 ++
 example/socialauth/templatetags/__init__.py   |    0
 .../templatetags/socialauth_buttons.py        |   33 +
 example/socialauth/tests.py                   |    3 +
 example/socialauth/views.py                   |    3 +
 example/static/README.md                      |    0
 example/static/css/unical-style.css           |  184 ---
 example/static/css/unical-style.css.map       |    9 -
 example/templates/account/signup_closed.html  |   19 +
 example/templates/mfa/auth_FIDO2.html         |   26 +
 example/templates/mfa/auth_TOTP.html          |   26 +
 example/templates/mfa/auth_base.html          |   17 +
 example/templates/mfa/auth_recovery.html      |   30 +
 example/templates/mfa/create_FIDO2.html       |   31 +
 example/templates/mfa/create_TOTP.html        |   35 +
 example/templates/mfa/create_recovery.html    |   39 +
 .../templates/mfa/login_failed_subject.txt    |    3 +
 .../templates/mfa/mfakey_confirm_delete.html  |   20 +
 example/templates/mfa/mfakey_list.html        |   35 +
 .../socialaccount/account_linking_failed.html |   19 +
 .../socialaccount/authentication_error.html   |   19 +
 example/tests/base.py                         |  162 ---
 example/tests/data/metadata/sp.xml            |   35 -
 example/tests/idp_pysaml2.py                  |  305 -----
 example/tests/settings.py                     |  176 ---
 example/tests/settingsldap.py                 |   60 -
 example/tests/settingslocal.py                |   89 --
 .../tests/sp/attribute-maps/shibboleth_uri.py |  190 ---
 example/tests/sp/metadata/idp.xml             |   39 -
 example/tests/test_01_undefined_sp.py         |   14 -
 example/tests/test_02_sp.py                   |   41 -
 example/tests/test_05_ldap_datastore.py       |  168 ---
 example/tests/test_06_sp_faulty.py            |   34 -
 example/tests/test_07_sp_httpredirect.py      |   54 -
 example/uniauth_saml2_idp                     |    1 -
 .../static/css/idp_style.css                  |   27 -
 .../static/img/logo.png                       |  Bin 855 -> 0 bytes
 .../static/img/logo.svg                       |   49 -
 .../static/img/logo_back.inkscape.svg         |   94 --
 .../static/img/logo_back.svg                  |   94 --
 .../static/img/logo_header_tracciato.svg      |   98 --
 .../templates/500.html                        |  633 ----------
 .../templates/data_consent.html               |    1 -
 .../templates/error.html                      |   39 -
 .../templates/idp_base.html                   |   34 -
 .../templates/saml_login.html                 |  151 ---
 .../templates/saml_post.html                  |   30 -
 .../templates/user_agreement.html             |  169 ---
 example/uwsgi.ini                             |   32 +
 example_sp/djangosaml2_sp/README.md           |   27 +
 .../djangosaml2_sp/certificates/private.key   |   28 +
 .../certificates/private_key.pem              |  117 ++
 .../djangosaml2_sp}/certificates/public.cert  |    0
 .../certificates/public_key.pem               |   21 +
 .../custom_accounts/__init__.py               |    1 +
 .../djangosaml2_sp/custom_accounts/admin.py   |   46 +
 .../djangosaml2_sp/custom_accounts/apps.py    |    7 +
 .../migrations/0001_initial.py                |   48 +
 .../migrations/0002_auto_20190402_0836.py     |   18 +
 .../migrations/0003_alter_user_options.py     |   17 +
 .../custom_accounts/migrations/__init__.py    |    0
 .../djangosaml2_sp/custom_accounts/models.py  |   41 +
 .../custom_accounts/templatetags/__init__.py  |    0
 .../custom_accounts/templatetags/has_group.py |    9 +
 .../djangosaml2_sp/custom_accounts/tests.py   |    3 +
 .../djangosaml2_sp/custom_accounts/urls.py    |   23 +
 .../djangosaml2_sp/custom_accounts/views.py   |   16 +
 .../djangosaml2_sp/djangosaml2_sp/__init__.py |    0
 .../djangosaml2_sp/djangosaml2_sp/settings.py |  126 ++
 .../djangosaml2_sp/settingslocal.py           |   63 +
 .../djangosaml2_sp/sp_pysaml2_satosa.py       |  122 +-
 .../djangosaml2_sp/djangosaml2_sp/sqlite3.db  |  Bin 0 -> 208896 bytes
 .../djangosaml2_sp/djangosaml2_sp/urls.py     |   32 +
 .../djangosaml2_sp/djangosaml2_sp/wsgi.py     |   16 +
 example_sp/djangosaml2_sp/manage.py           |   15 +
 example_sp/djangosaml2_sp/requirements.txt    |    7 +
 example_sp/djangosaml2_sp/run.sh              |    2 +
 .../djangosaml2_sp/saml2_sp/__init__.py       |    0
 .../saml2_config/attribute-maps/__init__.py   |    0
 .../attribute-maps/others}/adfs_v1x.py        |    0
 .../attribute-maps/others}/adfs_v20.py        |    0
 .../attribute-maps/others}/basic.py           |    0
 .../attribute-maps/others}/django_saml_uri.py |    0
 .../saml2_config}/attribute-maps/saml_uri.py  |  185 +--
 example_sp/djangosaml2_sp/saml2_sp/urls.py    |    9 +
 example_sp/djangosaml2_sp/saml2_sp/utils.py   |   24 +
 example_sp/djangosaml2_sp/saml2_sp/views.py   |   54 +
 .../djangosaml2_sp/tests/request_saml_auth.py |  175 +++
 linting.sh                                    |    7 +
 requirements-customizations.txt               |   23 +-
 requirements-dev.txt                          |   16 +-
 requirements.txt                              |    6 +-
 setup.py                                      |    4 +-
 uniauth_saml2_idp/admin.py                    |  208 +--
 uniauth_saml2_idp/auth/ldap_peoples.py        |   44 +-
 uniauth_saml2_idp/auth/multildap.py           |   35 +-
 uniauth_saml2_idp/decorators.py               |  103 +-
 uniauth_saml2_idp/error_views.py              |   21 +-
 uniauth_saml2_idp/forms.py                    |   24 +-
 .../management/commands/aacli.py              |   41 +-
 .../management/commands/mdquery.py            |   28 +-
 uniauth_saml2_idp/migrations/0001_initial.py  |  268 +++-
 .../migrations/0002_auto_20210408_1050.py     |   15 +-
 ...ter_serviceprovider_attribute_processor.py |   22 +
 ...alter_serviceprovider_attribute_mapping.py |   19 +
 ...alter_serviceprovider_attribute_mapping.py |   19 +
 uniauth_saml2_idp/models.py                   |  247 ++--
 uniauth_saml2_idp/processors/base.py          |  172 +--
 uniauth_saml2_idp/processors/ldap.py          |   61 +-
 .../processors/unical_attributes_generator.py |   67 +-
 uniauth_saml2_idp/tests/__init__.py           |    0
 uniauth_saml2_idp/tests/base.py               |  156 +++
 .../tests/data/certificates/private.pem       |    0
 .../tests/data/certificates/public.pem        |    0
 uniauth_saml2_idp/tests/idp_pysaml2.py        |  279 +++++
 {example => uniauth_saml2_idp}/tests/ldapd.py |   11 +-
 uniauth_saml2_idp/tests/settings.py           |  185 +++
 uniauth_saml2_idp/tests/settingsldap.py       |   58 +
 uniauth_saml2_idp/tests/settingslocal.py      |   91 ++
 .../tests/sp/attribute-maps/__init__.py       |    0
 .../tests/sp/attribute-maps/adfs_v1x.py       |   20 +
 .../tests/sp/attribute-maps/adfs_v20.py       |   47 +
 .../tests/sp/attribute-maps/basic.py          |  325 +++++
 .../sp/attribute-maps/django_saml_uri.py      |   19 +
 .../tests/sp/attribute-maps/saml_uri.py       |  354 ++++++
 .../tests/sp/attribute-maps/shibboleth_uri.py |  190 +++
 .../tests/sp/certificates/private.key         |   28 +
 .../tests/sp/certificates/public.cert         |   19 +
 uniauth_saml2_idp/tests/sp/sp_pysaml2.py      |  169 +++
 .../tests/test_01_undefined_sp.py             |   15 +
 uniauth_saml2_idp/tests/test_02_sp.py         |   46 +
 .../tests/test_03_sp_disabled.py              |   12 +-
 .../tests/test_04_sp_enabled.py               |   99 +-
 .../tests/test_05_ldap_datastore.py           |  171 +++
 uniauth_saml2_idp/tests/test_06_sp_faulty.py  |   27 +
 .../tests/test_07_sp_httpredirect.py          |   59 +
 uniauth_saml2_idp/urls.py                     |   43 +-
 uniauth_saml2_idp/utils.py                    |   37 +-
 uniauth_saml2_idp/views.py                    | 1023 ++++++++-------
 uwsgi_setup/django_init                       |    6 +-
 uwsgi_setup/uwsgi.ini                         |   26 +-
 271 files changed, 23466 insertions(+), 5974 deletions(-)
 create mode 100644 .github/workflows/docker-publish-iam-nginx.yml
 create mode 100644 .github/workflows/docker-publish-iam.yml
 create mode 100644 README.ADFS.md
 create mode 100644 compose/README.md
 create mode 100644 compose/db/docker-entrypoint-initdb.d/create-db.sh
 create mode 100644 compose/docker-compose.yml
 create mode 100644 compose/nginx/Dockerfile
 create mode 100644 compose/nginx/certs/idp_local.key
 create mode 100644 compose/nginx/certs/idp_local.pem
 create mode 100644 compose/nginx/nginx.conf_uwsgi_pass
 create mode 100644 compose/nginx/static/403.html
 create mode 100644 compose/nginx/static/404.html
 create mode 100644 compose/nginx/static/50x.html
 create mode 100644 compose/opensearch_saml2_demo/add_opensearch_metadata.png
 create mode 100644 compose/opensearch_saml2_demo/config.yml
 create mode 100644 compose/opensearch_saml2_demo/idp.local.xml
 create mode 100644 compose/opensearch_saml2_demo/rp.metadata.xml
 rename example/tests/sp/certificates/private.key => compose/opensearch_saml2_demo/sp.private.key (100%)
 create mode 100644 compose/rm-docker-compose.sh
 create mode 100755 compose/rm-persistent-volumes.sh
 create mode 100755 compose/run-docker-compose.sh
 create mode 100755 compose/stop-docker-compose.sh
 create mode 100644 example/accounts/migrations/0002_user_attributes.py
 create mode 100644 example/accounts/migrations/0003_user_uuid.py
 rename example/{tests => custom_template}/__init__.py (100%)
 rename example/{uniauth_unical_template => custom_template}/static/css/bootstrap-italia.min.css (100%)
 rename example/{uniauth_unical_template => custom_template}/static/css/bootstrap-italia.min.css.map (100%)
 rename example/{uniauth_unical_template => custom_template}/static/css/idp-login.css (62%)
 create mode 100644 example/custom_template/static/css/idp_style.css
 rename example/{uniauth_unical_template => custom_template}/static/css/italia-icon-font.css (100%)
 rename example/{uniauth_unical_template => custom_template}/static/css/italia-web-toolkit.min.css (100%)
 create mode 100644 example/custom_template/static/css/overrides.css
 rename example/{uniauth_unical_template => custom_template}/static/font/italia-icon-font.eot (100%)
 rename example/{uniauth_unical_template => custom_template}/static/font/italia-icon-font.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/font/italia-icon-font.ttf (100%)
 rename example/{uniauth_unical_template => custom_template}/static/font/italia-icon-font.woff (100%)
 rename example/{uniauth_unical_template => custom_template}/static/font/italia-icon-font.woff2 (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/favicon/browserconfig.xml (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/favicon/favicon-16x16.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/favicon/favicon-32x32.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/favicon/manifest.json (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/close.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/close.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/error.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/error.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/form-icon-error.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/form-icon-ok.svg (100%)
 create mode 100644 example/custom_template/static/img/icons/google-logo.png
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/info.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/info.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/loading.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/loading.svg (100%)
 create mode 100644 example/custom_template/static/img/icons/microsoft-logo.png
 create mode 100644 example/custom_template/static/img/icons/microsoft.ico
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/success.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/success.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/warning.png (100%)
 rename example/{uniauth_unical_template => custom_template}/static/img/icons/warning.svg (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/bootstrap-italia.bundle.min.js (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/bootstrap-italia.bundle.min.js.map (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/jquery.min.js (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/rem.min.js (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/respond.min.js (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/selectivizr.min.js (100%)
 rename example/{uniauth_unical_template => custom_template}/static/js/spid-login.js (100%)
 create mode 100644 example/custom_template/templates/404.html
 create mode 100644 example/custom_template/templates/500.html
 create mode 100644 example/custom_template/templates/base-setup.html
 create mode 100644 example/custom_template/templates/base_clean.html
 rename example/{tests/sp/attribute-maps/__init__.py => custom_template/templates/data_consent.html} (100%)
 rename example/{uniauth_unical_template => custom_template}/templates/data_consent.html.example (100%)
 create mode 100644 example/custom_template/templates/error.html
 create mode 100644 example/custom_template/templates/idp_base.html
 create mode 100644 example/custom_template/templates/saml_login.html
 create mode 100644 example/custom_template/templates/saml_post.html
 create mode 100644 example/custom_template/templates/social_buttons.html
 create mode 100644 example/custom_template/templates/user_agreement.html
 rename example/{uniauth_unical_template/__init__.py => data/media/README.md} (100%)
 delete mode 100644 example/data/metadata/shibsp-test.xml
 delete mode 100644 example/data/metadata/sp1.xml
 delete mode 100644 example/django_idp/idp_pysaml2.py.example
 delete mode 100644 example/django_idp/settingslocal.py.example
 create mode 100644 example/django_idp/settingslocal_ldap.py
 create mode 100644 example/django_idp/settingslocal_logging.py
 create mode 100644 example/docker-compose.run
 create mode 100644 example/logs/README.md
 create mode 100644 example/logs/django.log
 create mode 100644 example/logs/django.log.1
 create mode 100644 example/logs/django.log.2
 create mode 100644 example/logs/django.log.3
 create mode 100644 example/logs/django.log.4
 create mode 100644 example/logs/django.log.5
 create mode 100644 example/logs/uniauth.log
 create mode 100644 example/logs/uniauth.log.1
 create mode 100644 example/logs/uniauth.log.2
 create mode 100644 example/logs/uniauth.log.3
 create mode 100644 example/logs/uniauth.log.4
 create mode 100644 example/logs/uniauth.log.5
 create mode 100644 example/logs/uniauth.log.6
 create mode 100644 example/logs/uniauth.log.7
 create mode 100644 example/logs/uniauth.log.8
 create mode 100644 example/password_reset/__init__.py
 create mode 100644 example/password_reset/admin.py
 create mode 100644 example/password_reset/apps.py
 create mode 100644 example/password_reset/forms.py
 create mode 100644 example/password_reset/migrations/__init__.py
 create mode 100644 example/password_reset/models.py
 create mode 100644 example/password_reset/templates/password_reset.html
 create mode 100644 example/password_reset/tests.py
 create mode 100644 example/password_reset/urls.py
 create mode 100644 example/password_reset/views.py
 create mode 100644 example/socialauth/__init__.py
 create mode 100644 example/socialauth/account_adapter.py
 create mode 100644 example/socialauth/admin.py
 create mode 100644 example/socialauth/apps.py
 create mode 100644 example/socialauth/migrations/__init__.py
 create mode 100644 example/socialauth/models.py
 create mode 100644 example/socialauth/signals.py
 create mode 100644 example/socialauth/socialaccount_adapter.py
 create mode 100644 example/socialauth/templatetags/__init__.py
 create mode 100644 example/socialauth/templatetags/socialauth_buttons.py
 create mode 100644 example/socialauth/tests.py
 create mode 100644 example/socialauth/views.py
 create mode 100644 example/static/README.md
 delete mode 100644 example/static/css/unical-style.css
 delete mode 100644 example/static/css/unical-style.css.map
 create mode 100644 example/templates/account/signup_closed.html
 create mode 100644 example/templates/mfa/auth_FIDO2.html
 create mode 100644 example/templates/mfa/auth_TOTP.html
 create mode 100644 example/templates/mfa/auth_base.html
 create mode 100644 example/templates/mfa/auth_recovery.html
 create mode 100644 example/templates/mfa/create_FIDO2.html
 create mode 100644 example/templates/mfa/create_TOTP.html
 create mode 100644 example/templates/mfa/create_recovery.html
 create mode 100644 example/templates/mfa/login_failed_subject.txt
 create mode 100644 example/templates/mfa/mfakey_confirm_delete.html
 create mode 100644 example/templates/mfa/mfakey_list.html
 create mode 100644 example/templates/socialaccount/account_linking_failed.html
 create mode 100644 example/templates/socialaccount/authentication_error.html
 delete mode 100644 example/tests/base.py
 delete mode 100644 example/tests/data/metadata/sp.xml
 delete mode 100644 example/tests/idp_pysaml2.py
 delete mode 100644 example/tests/settings.py
 delete mode 100644 example/tests/settingsldap.py
 delete mode 100644 example/tests/settingslocal.py
 delete mode 100644 example/tests/sp/attribute-maps/shibboleth_uri.py
 delete mode 100644 example/tests/sp/metadata/idp.xml
 delete mode 100644 example/tests/test_01_undefined_sp.py
 delete mode 100644 example/tests/test_02_sp.py
 delete mode 100644 example/tests/test_05_ldap_datastore.py
 delete mode 100644 example/tests/test_06_sp_faulty.py
 delete mode 100644 example/tests/test_07_sp_httpredirect.py
 delete mode 120000 example/uniauth_saml2_idp
 delete mode 100644 example/uniauth_unical_template/static/css/idp_style.css
 delete mode 100644 example/uniauth_unical_template/static/img/logo.png
 delete mode 100644 example/uniauth_unical_template/static/img/logo.svg
 delete mode 100644 example/uniauth_unical_template/static/img/logo_back.inkscape.svg
 delete mode 100644 example/uniauth_unical_template/static/img/logo_back.svg
 delete mode 100644 example/uniauth_unical_template/static/img/logo_header_tracciato.svg
 delete mode 100644 example/uniauth_unical_template/templates/500.html
 delete mode 100644 example/uniauth_unical_template/templates/data_consent.html
 delete mode 100644 example/uniauth_unical_template/templates/error.html
 delete mode 100644 example/uniauth_unical_template/templates/idp_base.html
 delete mode 100644 example/uniauth_unical_template/templates/saml_login.html
 delete mode 100644 example/uniauth_unical_template/templates/saml_post.html
 delete mode 100644 example/uniauth_unical_template/templates/user_agreement.html
 create mode 100644 example/uwsgi.ini
 create mode 100644 example_sp/djangosaml2_sp/README.md
 create mode 100644 example_sp/djangosaml2_sp/certificates/private.key
 create mode 100644 example_sp/djangosaml2_sp/certificates/private_key.pem
 rename {example/tests/sp => example_sp/djangosaml2_sp}/certificates/public.cert (100%)
 create mode 100644 example_sp/djangosaml2_sp/certificates/public_key.pem
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/__init__.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/admin.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/apps.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/migrations/0001_initial.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/migrations/0002_auto_20190402_0836.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/migrations/0003_alter_user_options.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/migrations/__init__.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/models.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/templatetags/__init__.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/templatetags/has_group.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/tests.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/urls.py
 create mode 100644 example_sp/djangosaml2_sp/custom_accounts/views.py
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/__init__.py
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/settings.py
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/settingslocal.py
 rename example/tests/sp/sp_pysaml2.py => example_sp/djangosaml2_sp/djangosaml2_sp/sp_pysaml2_satosa.py (57%)
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/sqlite3.db
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/urls.py
 create mode 100644 example_sp/djangosaml2_sp/djangosaml2_sp/wsgi.py
 create mode 100755 example_sp/djangosaml2_sp/manage.py
 create mode 100644 example_sp/djangosaml2_sp/requirements.txt
 create mode 100755 example_sp/djangosaml2_sp/run.sh
 create mode 100644 example_sp/djangosaml2_sp/saml2_sp/__init__.py
 create mode 100644 example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/__init__.py
 rename {example/tests/sp/attribute-maps => example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others}/adfs_v1x.py (100%)
 rename {example/tests/sp/attribute-maps => example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others}/adfs_v20.py (100%)
 rename {example/tests/sp/attribute-maps => example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others}/basic.py (100%)
 rename {example/tests/sp/attribute-maps => example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others}/django_saml_uri.py (100%)
 rename {example/tests/sp => example_sp/djangosaml2_sp/saml2_sp/saml2_config}/attribute-maps/saml_uri.py (51%)
 create mode 100644 example_sp/djangosaml2_sp/saml2_sp/urls.py
 create mode 100644 example_sp/djangosaml2_sp/saml2_sp/utils.py
 create mode 100644 example_sp/djangosaml2_sp/saml2_sp/views.py
 create mode 100644 example_sp/djangosaml2_sp/tests/request_saml_auth.py
 create mode 100644 linting.sh
 create mode 100644 uniauth_saml2_idp/migrations/0003_alter_serviceprovider_attribute_processor.py
 create mode 100644 uniauth_saml2_idp/migrations/0004_alter_serviceprovider_attribute_mapping.py
 create mode 100644 uniauth_saml2_idp/migrations/0005_alter_serviceprovider_attribute_mapping.py
 create mode 100644 uniauth_saml2_idp/tests/__init__.py
 create mode 100644 uniauth_saml2_idp/tests/base.py
 rename {example => uniauth_saml2_idp}/tests/data/certificates/private.pem (100%)
 rename {example => uniauth_saml2_idp}/tests/data/certificates/public.pem (100%)
 create mode 100644 uniauth_saml2_idp/tests/idp_pysaml2.py
 rename {example => uniauth_saml2_idp}/tests/ldapd.py (96%)
 create mode 100644 uniauth_saml2_idp/tests/settings.py
 create mode 100644 uniauth_saml2_idp/tests/settingsldap.py
 create mode 100644 uniauth_saml2_idp/tests/settingslocal.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/__init__.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v1x.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v20.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/basic.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/django_saml_uri.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/saml_uri.py
 create mode 100644 uniauth_saml2_idp/tests/sp/attribute-maps/shibboleth_uri.py
 create mode 100644 uniauth_saml2_idp/tests/sp/certificates/private.key
 create mode 100644 uniauth_saml2_idp/tests/sp/certificates/public.cert
 create mode 100644 uniauth_saml2_idp/tests/sp/sp_pysaml2.py
 create mode 100644 uniauth_saml2_idp/tests/test_01_undefined_sp.py
 create mode 100644 uniauth_saml2_idp/tests/test_02_sp.py
 rename {example => uniauth_saml2_idp}/tests/test_03_sp_disabled.py (62%)
 rename {example => uniauth_saml2_idp}/tests/test_04_sp_enabled.py (52%)
 create mode 100644 uniauth_saml2_idp/tests/test_05_ldap_datastore.py
 create mode 100644 uniauth_saml2_idp/tests/test_06_sp_faulty.py
 create mode 100644 uniauth_saml2_idp/tests/test_07_sp_httpredirect.py

diff --git a/.github/workflows/docker-publish-iam-nginx.yml b/.github/workflows/docker-publish-iam-nginx.yml
new file mode 100644
index 0000000..ca17d01
--- /dev/null
+++ b/.github/workflows/docker-publish-iam-nginx.yml
@@ -0,0 +1,97 @@
+name: Docker-publish-iam-nginx
+
+on:
+  release:
+    types:
+      - published
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  REPO_NAME: ${{ github.repository }}
+  IMAGE_NAME: xdrplus-iam-nginx
+  FULL_IMAGE_NAME: 4securitas/xdrplus-iam-nginx
+  VENDOR_NAME: xdrplus
+  CONTEXT: .
+  DOCKERFILE: compose/nginx/Dockerfile
+
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Install the cosign tool except on PR
+      # https://github.com/sigstore/cosign-installer
+      - name: Install cosign
+        if: github.event_name != 'pull_request'
+        uses: sigstore/cosign-installer@v3.1.1
+        with:
+          cosign-release: 'v2.1.1'
+
+      # Workaround: https://github.com/docker/build-push-action/issues/461
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v2
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.FULL_IMAGE_NAME }}
+          labels: |
+            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
+            org.opencontainers.image.description=${{ env.IMAGE_NAME }}
+            org.opencontainers.image.vendor=${{ env.VENDOR_NAME }}
+            org.opencontainers.image.url=https://github.com/${{ env.FULL_IMAGE_NAME }}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v4
+        with:
+          context: ${{ env.CONTEXT }}
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          file: ${{ env.DOCKERFILE }}
+
+
+      # Sign the resulting Docker image digest except on PRs.
+      # This will only write to the public Rekor transparency log when the Docker
+      # repository is public to avoid leaking data.  If you would like to publish
+      # transparency data even for private images, pass --force to cosign below.
+      # https://github.com/sigstore/cosign
+      - name: Sign the published Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
+          TAGS: ${{ steps.meta.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+        # This step uses the identity token to provision an ephemeral certificate
+        # against the sigstore community Fulcio instance.
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
diff --git a/.github/workflows/docker-publish-iam.yml b/.github/workflows/docker-publish-iam.yml
new file mode 100644
index 0000000..1ad985f
--- /dev/null
+++ b/.github/workflows/docker-publish-iam.yml
@@ -0,0 +1,94 @@
+name: Docker-publish-iam
+
+on:
+  release:
+    types:
+      - published
+env:
+  # Use docker.io for Docker Hub if empty
+  REGISTRY: ghcr.io
+  # github.repository as <account>/<repo>
+  REPO_NAME: ${{ github.repository }}
+  IMAGE_NAME: xdrplus-iam
+  FULL_IMAGE_NAME: 4securitas/xdrplus-iam
+  VENDOR_NAME: xdrplus
+  CONTEXT: .
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      # This is used to complete the identity challenge
+      # with sigstore/fulcio when running outside of PRs.
+      id-token: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Install the cosign tool except on PR
+      # https://github.com/sigstore/cosign-installer
+      - name: Install cosign
+        if: github.event_name != 'pull_request'
+        uses: sigstore/cosign-installer@v3.1.1
+        with:
+          cosign-release: 'v2.1.1'
+
+      # Workaround: https://github.com/docker/build-push-action/issues/461
+      - name: Setup Docker buildx
+        uses: docker/setup-buildx-action@v2
+
+      # Login against a Docker registry except on PR
+      # https://github.com/docker/login-action
+      - name: Log into registry ${{ env.REGISTRY }}
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # Extract metadata (tags, labels) for Docker
+      # https://github.com/docker/metadata-action
+      - name: Extract Docker metadata
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.FULL_IMAGE_NAME }}
+          labels: |
+            org.opencontainers.image.title=${{ env.IMAGE_NAME }}
+            org.opencontainers.image.description=${{ env.IMAGE_NAME }}
+            org.opencontainers.image.vendor=${{ env.VENDOR_NAME }}
+            org.opencontainers.image.url=https://github.com/${{ env.FULL_IMAGE_NAME }}
+
+      # Build and push Docker image with Buildx (don't push on PR)
+      # https://github.com/docker/build-push-action
+      - name: Build and push Docker image
+        id: build-and-push
+        uses: docker/build-push-action@v4
+        with:
+          context: ${{ env.CONTEXT }}
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+
+      # Sign the resulting Docker image digest except on PRs.
+      # This will only write to the public Rekor transparency log when the Docker
+      # repository is public to avoid leaking data.  If you would like to publish
+      # transparency data even for private images, pass --force to cosign below.
+      # https://github.com/sigstore/cosign
+      - name: Sign the published Docker image
+        if: ${{ github.event_name != 'pull_request' }}
+        env:
+          # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
+          TAGS: ${{ steps.meta.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+        # This step uses the identity token to provision an ephemeral certificate
+        # against the sigstore community Fulcio instance.
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml
index af91401..c1bd2af 100644
--- a/.github/workflows/python-app.yml
+++ b/.github/workflows/python-app.yml
@@ -10,19 +10,33 @@ on:
     branches: [ master, dev ]
 
 jobs:
-  build:
 
+  pre_job:
     runs-on: ubuntu-latest
+    outputs:
+      should_skip: ${{ steps.skip_check.outputs.should_skip }}
+    steps:
+      - id: skip_check
+        uses: fkirc/skip-duplicate-actions@v3.4.0
+        with:
+          skip_after_successful_duplicate: 'true'
+          same_content_newer: 'true'
 
+  main_job:
+    
+    needs: pre_job
+    if: needs.pre_job.outputs.should_skip != 'true'
+    
+    runs-on: ubuntu-latest
+    
     strategy:
       fail-fast: false
       matrix:
         python-version:
-          - '3.7'
-          - '3.8'
-          - '3.9'
+          - '3.11'
+          - '3.10'
         django-version:
-          - '3.1'
+          - '4.2'
           - '3.2'
 
     steps:
@@ -41,17 +55,21 @@ jobs:
         if [ -f requirements-dev.txt ]; then pip install -r requirements-dev.txt; fi
         if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
         if [ -f requirements-customizations.txt ]; then pip install -r requirements-customizations.txt; fi
+    - name: List installed python dependencies
+      run: |
+        python -m pip list
     - name: Lint with flake8
       run: |
         # stop the build if there are Python syntax errors or undefined names
         flake8 uniauth_saml2_idp --count --select=E9,F63,F7,F82 --show-source --statistics
         # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
         flake8 uniauth_saml2_idp --count --exit-zero --statistics  --max-line-length 160 --exclude=*migrations*
+    - name: Bandit Security Scan
+      run: |
+        bandit -r -x uniauth_saml2_idp/test* uniauth_saml2_idp/*
     - name: Test with Django tests
-      working-directory: ./example
+      working-directory: ./xdrplus-iam
       run: |
-        # pytest --cov-config=.coveragerc --cov=../ -v --ignore=tests/test_05_ldap_datastore.py
-        pytest --cov-config=.coveragerc -v --cov=../
-    #- name: Bandit Security Scan
-      #run: |
-        #bandit -r -x test* uniauth/*
+        coverage erase
+        coverage run manage.py test
+        coverage report -m --skip-covered
diff --git a/.gitignore b/.gitignore
index 0079ea6..5dab1e5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,12 +14,18 @@ static/*
 certificates/*
 !certificates/README.md
 data/metadata/*
-!data/metadata/satosa.xml
-django_idp/idp_pysaml2.py
 documentation/_build/
-tests/data/metadata/*
-tests/sp/metadata/*
+uniauth_saml2_idp/tests/data/metadata/*
+uniauth_saml2_idp/tests/sp/metadata/*
 .coverage
 .pytest_cache
 *.sqlite3
 pcvalidate
+
+example-docker
+example_sp/djangosaml2_sp/sqlite3.db
+xdrplus-iam/logs/*.log
+xdrplus-iam/logs/*.log.*
+
+xdrplus-iam/data/media/*
+!xdrplus-iam/data/media/README.md
diff --git a/Dockerfile b/Dockerfile
index 83b2bef..f502e9e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,88 +1,55 @@
-ARG USER=that-user
- ARG PASS=that-password
- ARG HOST=%
- ARG DB=uniauth
-
- ARG COUNTRY=na
- ARG STATE=na
- ARG LOCATION=na
- ARG ORGANIZATION=na
- ARG ORGANIZATIONAL_UNIT=na
- ARG COMMON_NAME=na
-
- ARG VIRTUAL_ENV=/opt/venv
- ARG PATH="$VIRTUAL_ENV/bin:$PATH"
-
-
- FROM python:3.8-slim-buster as builder
-
- RUN apt update
- RUN apt install -y \
- 	git \
- 	xmlsec1 \
- 	mariadb-server \
- 	libmariadb-dev \
- 	libssl-dev \
- 	libmariadb-dev-compat \
- 	libsasl2-dev \
- 	libldap2-dev \
- 	gcc
-
-
- FROM builder as virtenv
-
- RUN mkdir /app
- WORKDIR /app
-
- RUN pip install \
-	virtualenv \
- 	django-sass-processor \
- 	multildap \
- 	ldap3 \
- 	python-ldap \
- 	design-django-theme \
- 	django-unical-bootstrap-italia \
- 	django-admin-rangefilter \
- 	pycountry
-
-
- ARG VIRTUAL_ENV
- ENV VIRTUAL_ENV=$VIRTUAL_ENV
- RUN python3 -m venv $VIRTUAL_ENV
- ARG PATH
- ENV PATH=$PATH
- COPY ./src/requirements-dev.txt .
- RUN pip install -r requirements-dev.txt
-
- COPY src .
-
- ARG USER
- ENV USER=$USER
- ARG PASS
- ENV PASS=$PASS
- ARG HOST
- ENV HOST=$HOST
- ARG DB
- ENV DB=$DB
- RUN service mysql restart \
- 	&& mysql -u root -e "\
- CREATE USER IF NOT EXISTS work@users-iMac.local IDENTIFIED BY ;\
- CREATE DATABASE IF NOT EXISTS ${DB} CHARACTER SET = utf8 COLLATE = utf8_general_ci;\
- GRANT ALL PRIVILEGES ON ${DB}.* TO work@users-iMac.local;"
-
-
- ARG COUNTRY
- ARG STATE
- ARG LOCATION
- ARG ORGANIZATION
- ARG ORGANIZATIONAL_UNIT
- ARG COMMON_NAME
- RUN openssl \
- 	req -nodes -new -x509 \
- 	-newkey rsa:2048 \
- 	-days 3650 \
- 	-keyout certificates/private.key \
- 	-out certificates/public.cert \
- 	-subj "/C=$COUNTRY/ST=$STATE/L=$LOCATION/O=$ORGANIZATION/OU=$ORGANIZATIONAL_UNIT/CN=$COMMON_NAME"
-
-
+FROM python:3.10-slim-bullseye as bullseye
+
+RUN apt update
+RUN apt install -y \
+git \
+xmlsec1 \
+libmariadb-dev \
+libssl-dev \
+libmariadb-dev-compat \
+libsasl2-dev \
+libldap2-dev \
+libpq-dev \
+postgresql-contrib \
+gcc
+
+RUN rm -rf /var/lib/apt/lists/*
+
+RUN mkdir /uniauth
+WORKDIR /uniauth
+
+COPY ./requirements.txt .
+COPY ./requirements-dev.txt .
+COPY ./requirements-customizations.txt .
+RUN pip3 install -r requirements.txt
+RUN pip3 install -r requirements-dev.txt
+RUN pip3 install -r requirements-customizations.txt
+
+COPY ./uniauth_saml2_idp ./uniauth_saml2_idp
+COPY ./setup.py .
+COPY ./README.md .
+
+COPY xdrplus-iam/ /opt/uniauth/
+
+RUN echo $PWD
+RUN ls
+
+RUN pip3 install -e .
+RUN pip3 install uwsgi
+RUN pip3 install psycopg2
+RUN pip3 list
+
+# DB setup - just as a note
+# ARG USER=that-user
+# ARG PASS=that-password
+# ARG HOST=%
+# ARG DB=uniauth
+# ENV USER=$USER
+# ENV PASS=$PASS
+# ENV HOST=$HOST
+# ENV DB=$DB
+# RUN service mysql restart \
+# && mysql -u root -e "\
+# CREATE USER IF NOT EXISTS ${USER}@${HOST} IDENTIFIED BY ;\
+# CREATE DATABASE IF NOT EXISTS ${DB} CHARACTER SET = utf8 COLLATE = utf8_general_ci;\
+# GRANT ALL PRIVILEGES ON ${DB}.* TO ${USER}@${HOST};"
diff --git a/README.ADFS.md b/README.ADFS.md
new file mode 100644
index 0000000..d5a0d2c
--- /dev/null
+++ b/README.ADFS.md
@@ -0,0 +1,41 @@
+
+## Setup
+
+````
+pip install multildap
+
+# avoid exception: ValueError: unsupported hash type MD4
+pip install "pycryptodome==3.18.0"
+````
+
+## Connection and searches
+
+````
+from ldap3 import Server, Connection, ALL, NTLM, SUBTREE
+
+server = Server('10.5.3.19', get_info=ALL)
+
+conn = Connection(
+    server, 
+    user="example.local\\xdrplus-user", 
+    password="that-pass", 
+    authentication=NTLM, 
+    auto_bind=True
+)
+
+
+conn.search('cn=*', '(objectclass=*)')
+````
+
+````
+conn.search('dc=example,dc=local', '(objectclass=person)')
+
+conn.entries
+
+conn.search('dc=example,dc=local', '(objectclass=*)') # ...
+
+conn.search('cn=example,cn=Users,dc=4securitas,dc=local', '(objectclass=person)', search_scope = SUBTREE, attributes = ['cn','sn','givenName','mail'])
+
+conn.search('uid=xdrplus-user,cn=Users,dc=example,dc=local', '(objectclass=person)', search_scope = SUBTREE, attributes = ['cn','sn','givenName','mail'])
+
+````
diff --git a/compose/README.md b/compose/README.md
new file mode 100644
index 0000000..844d464
--- /dev/null
+++ b/compose/README.md
@@ -0,0 +1,119 @@
+# Docker Compose
+
+## Table of Contents
+
+1. [What do you need?](#what-do-you-need?)
+2. [Run the composition](#run-the-composition)
+3. [Stop the composition](#stop-the-composition)
+4. [Remove/Delete volumes](#remove/delete-volumes)
+5. [Demo data](#demo-data)
+6. [Env file](#env-file)
+7. [docker compose.yml](#docker compose.yml)
+
+## What do you need?
+
+In order to execute the run script you need:
+
+* jq
+
+Installation example in Ubuntu:
+
+```
+sudo apt install jq
+```
+
+## Run the composition
+
+### Required at least on first run!
+
+Copy your project folder, customize appa and `django_idp/settingslocal.py`
+
+````
+cp -R example example-docker
+````
+
+Execute the run script for the first time:
+
+```
+cd compose
+sudo ./run-docker-compose.sh
+```
+
+The following docker volumes are created, if they do not exist:
+
+* uniauth_proj
+* uniauth_nginx_certs
+* uniauth_nginx_static
+
+The first four are populated with sample data, respectively:
+
+* uniauth_proj with data from ../example-docker
+* uniauth_nginx_static with data from ../example-docker/static/
+* uniauth_nginx_certs with data from ./nginx/certs/
+
+After these steps, the images of the containers are downloaded and then the containers of the composition are started.
+
+Finally you are warned you can run the following command to check composition start and status:
+
+```
+sudo docker compose -f docker-compose.yml logs -f
+```
+
+### Where is your data?
+
+Command:
+
+```
+sudo docker volume ls
+```
+
+In RedHat and Ubuntu based OS the Docker volumes directory is at:
+
+```
+sudo ls -1 /var/lib/docker/volumes/
+```
+
+### NOT at first run or after volumes deletion!
+
+After first run you can start the composition with the run script or by this commands:
+
+```
+sudo docker compose pull; docker compose down -v; docker compose up -d;docker compose logs -f
+```
+
+## Stop the composition
+
+```
+sudo ./stop-docker compose.sh
+```
+
+This script stops all containers of the composition and detaches the volumes, but keeps the data on the persistent volumes.
+
+## Remove/Delete volumes
+
+If you want to start from scratch, or just clear all persistent data, just run the following script:
+
+```
+sudo ./rm-persistent-volumes.sh
+```
+
+First, the containers of the composition are stopped and the volumes are detached.
+
+Then you are asked if you want to delete the volumes and if you answer yes, you have to confirm volume by volume whether it should be deleted or not.
+
+## Env file
+
+```
+# cat .env
+HOSTNAME=localhost
+```
+
+## docker-compose.yml
+In the [project readme](../README.md#configuration-by-environments) is present a detailed list of each environment and function
+```
+    environment:
+      - DJANGO_SUPERUSER_USERNAME=admin
+      - DJANGO_SUPERUSER_PASSWORD=that-pass
+      - DJANGO_SUPERUSER_EMAIL=that@email.local
+      - HOSTNAME=idp.local
+```
diff --git a/compose/db/docker-entrypoint-initdb.d/create-db.sh b/compose/db/docker-entrypoint-initdb.d/create-db.sh
new file mode 100644
index 0000000..70e7c6c
--- /dev/null
+++ b/compose/db/docker-entrypoint-initdb.d/create-db.sh
@@ -0,0 +1,8 @@
+# CREATE DATABASE uniauth;
+# CREATE USER uniauth WITH PASSWORD 'that-pass';
+# ALTER ROLE uniauth SET client_encoding TO 'utf8';
+# ALTER ROLE uniauth SET default_transaction_isolation TO 'read committed';
+# ALTER ROLE uniauth SET timezone TO 'UTC';
+# GRANT ALL PRIVILEGES ON DATABASE uniauth TO uniauth;
+
+
diff --git a/compose/docker-compose.yml b/compose/docker-compose.yml
new file mode 100644
index 0000000..c6f8f6e
--- /dev/null
+++ b/compose/docker-compose.yml
@@ -0,0 +1,93 @@
+version: '3.1'
+services:
+
+  uniauth-db:
+    image: postgres:9.6-bullseye
+    container_name: uniauth-db
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: that-pass
+      POSTGRES_USER: uniauth
+      POSTGRES_DB: uniauth
+      ON_ERROR_STOP: 1
+    volumes:
+      - ./compose/db/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
+      #- db-data:/var/lib/postgresql/data
+    expose:
+      - 5432
+    ports:
+      - "5432:5432"
+    networks:
+      - uniauth
+
+  uniauth:
+    #image: uniauth:latest
+    build: ../
+    container_name: uniauth
+    # depends_on:
+      # - uniauth_openldap
+      # - uniauth-db
+    environment:
+      - DJANGO_SUPERUSER_USERNAME=admin
+      - DJANGO_SUPERUSER_PASSWORD=that-pass
+      - DJANGO_SUPERUSER_EMAIL=that@email.local
+      - HOSTNAME=dev2.acsia.io
+      - HTTPS=1
+      - PORT=0
+      
+      - DB-NAME=uniauth
+      - DB-USER=uniauth
+      - DB-PASS=that-pass
+      - DB-HOST=uniauth-db
+      
+    networks:
+      - uniauth
+    expose:
+      - 3000
+    ports:
+      - "3000:3000"
+    volumes:
+       - uniauth_proj:/opt/uniauth
+    entrypoint: ["bash", "/opt/uniauth/docker-compose.run"]
+    
+  uniauth-nginx:
+    image: nginx:alpine
+    container_name: uniauth-nginx
+    depends_on:
+      - uniauth
+    networks:
+      - uniauth
+    ports:
+      # - "80:80"
+      - "443:443"
+    volumes:
+      - ./nginx/nginx.conf_uwsgi_pass:/etc/nginx/nginx.conf:ro
+      - ./nginx/static/50x.html:/usr/share/nginx/html/50x.html:ro
+      - ./nginx/static/404.html:/usr/share/nginx/html/404.html:ro
+      - ./nginx/static/403.html:/usr/share/nginx/html/403.html:ro
+      - uniauth_nginx_certs:/etc/nginx/certs:ro
+      - uniauth_nginx_static:/var/www/html
+
+networks:
+  uniauth:
+    driver: bridge
+
+volumes:
+
+  uniauth_nginx_certs:
+    external: true
+    name: uniauth_nginx_certs
+
+  uniauth_nginx_static:
+    external: true
+    name: uniauth_nginx_static
+
+  uniauth_proj:
+    external: true
+    name: uniauth_proj
+
+#  nginx_conf:
+#    driver_opts:
+#      type: none
+#      device: $PWD/nginx/
+#      o: bind
diff --git a/compose/nginx/Dockerfile b/compose/nginx/Dockerfile
new file mode 100644
index 0000000..1534b62
--- /dev/null
+++ b/compose/nginx/Dockerfile
@@ -0,0 +1,6 @@
+FROM nginx:alpine
+
+
+
+COPY xdrplus-iam/static/ /var/www/html
+COPY compose/nginx/static/ /usr/share/nginx/html/
\ No newline at end of file
diff --git a/compose/nginx/certs/idp_local.key b/compose/nginx/certs/idp_local.key
new file mode 100644
index 0000000..c484079
--- /dev/null
+++ b/compose/nginx/certs/idp_local.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5XS6fJsqSgwdX
+0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+
+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+J
+gqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO
+0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui
+8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8
+TFSDaUTZAgMBAAECggEAB4Q1S0PV7An/JrrxFaS8r9oVkeDbxO4Y/34olrs3fDMr
+9LbTQ1kuO6OJZHq4eHK7dCJKzsanQtpedgl+RAZo0wQAiEz8PRqMDs8VNHTZHLEU
+LgXdFabikPVJKH0t/eWg66fC7nmKwxrzKAbRsVw42j3AzE9cbIdPa7p1hTQm+JLi
+ahyPN+bpnTkeinAo4h9rgecyC2VDW8QkFuJJFaSLZ7eM3GVNLpwr/iyPp1W0G7CE
+CchR5QCPmPfFC+UflfFay588uzXkCHozYgquhYdS1AWSK9sjpjfkpOj6XQoexPYb
+7rQLF2+DHLGZlaEwqFy1i27GGwEgRdMeI8ukt8bAgQKBgQD2wxkDiqUGwFRnLrXk
+vux6MnjL5kVji2bk6QjOWi5vWr4ItdXL7X/tKrqIBtIE5NfWbHRM7oIZzwbvbkCs
+yt7cRyR3tYks445kdhYpujfv/1VdUxskk4O27GlbMULEJRYjvoxbSyqeZvAwiiun
+fO/RwvVuQSTRW7I07UZo4mkCOQKBgQDATalJ114tQz6+FU3B4R9ryNOkqEBKaoki
+aSQJIRF6UIbfaU9XhEEm+nIdCXBqWQitp1o7akAJnoOyrF8KZNEQUrDmW+QO/w92
+2EaZVifP9f3SlWCuK9kzR86Pcz5PWJXmPF5gsZyontrBOlECy9EEtynVLyzxm/hx
+GGybronXoQKBgFbou+SdbiYEkzWMJBAellcrc5QM1B+NN34j/TAAXx5lDU0wDc63
+JTk4tV23WTzUBJjGtedqkXPZkI2/fRPel8NpYxSuYVPoCXykgoXLymvCuCQYYxTs
+x5Ujiq/Nl8BRd4y7Td/Rh38mri3KXDmvLR/p1Fsyom8CJq+xaf0C0Q0xAoGBAIdy
+K9qmpt6ajoaz2qDEP61bNjazixTfFNf31jnX4MeWEGkrc4bg0EL0A4wQKe296C7n
+wNY4cAJWc8xVPFvFxrsIgzC9aFRnsiyzCIbX+BKx4KWCMSZ8G+/Sk9rWAP1CF9Ki
+kpbogr8BpHKU8JpXlFEN8ZkGMVG72bFO0rCUruIBAoGBAIO5IvzmM6Uwvmy084FM
+yE3qKb2n9oLixyMjpP2qyGZr8cm+4YEFpnEbQCWAK2nMeOTCC6xVU+XCCrpxCYe2
+RbO59kvnrk1qSfU2YhRqgbb9GIOqu4DWx5vydvBg25NCQOoRLrbLbkInr8lRoJSt
+WkmXvImLdjYfKzgrfOSXeMph
+-----END PRIVATE KEY-----
\ No newline at end of file
diff --git a/compose/nginx/certs/idp_local.pem b/compose/nginx/certs/idp_local.pem
new file mode 100644
index 0000000..d920f92
--- /dev/null
+++ b/compose/nginx/certs/idp_local.pem
@@ -0,0 +1,91 @@
+-----BEGIN CERTIFICATE-----
+MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUA
+MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+EwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMT
+DWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5
+XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2
+VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK
+2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253
+P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYe
+DRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxss
+wDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
+BBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
+QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
+Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
+MBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEw
+NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j
+cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6
+WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5l
+aA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRd
+t37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9
+J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCU
+nrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOC
+AQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/M
+CSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/
+GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8
+N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj
+5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ2
+9QVyEndxBSNciUxA26e1r/7LSQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
+R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
+sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
+NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
+Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
+/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
+FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
+PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
+ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
+CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
+lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
+avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
+yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
+yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
+hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
+MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
+nLRbwHOoq7hHwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
+ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
+wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
+LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
+4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
+bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
+sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
+Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
+FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
+SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
+PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
+TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
+c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
+ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
+b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
+U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
+MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
+5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
+9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
+WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
+he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
+Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/compose/nginx/nginx.conf_uwsgi_pass b/compose/nginx/nginx.conf_uwsgi_pass
new file mode 100644
index 0000000..2909090
--- /dev/null
+++ b/compose/nginx/nginx.conf_uwsgi_pass
@@ -0,0 +1,100 @@
+user nginx;
+worker_processes  auto;
+pid /run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    sendfile        on;
+    keepalive_timeout  240s;
+    send_timeout 240s;
+    client_max_body_size 3300m;
+
+    log_format main '$http_x_forwarded_for - $remote_user [$time_local] '
+                    '"$request" $status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent"' ;
+
+# the upstream component nginx needs to connect to
+upstream $IAM_UPSTREAM_SERVER {
+    server $IAM_UPSTREAM_SERVER:$IAM_UPSTREAM_SERVER_PORT;
+}
+
+server {
+    server_name $IAM_SERVER_NAME;
+    listen $IAM_SERVER_PORT ssl;
+
+    ssl_certificate /etc/nginx/certs/idp_local.pem;
+    ssl_certificate_key /etc/nginx/certs/idp_local.key;
+
+    access_log /var/log/nginx/access.log;
+    error_log  /var/log/nginx/error.log error;
+
+    # max upload size
+    client_max_body_size 10m;
+
+    # very long url for delega ticket
+    large_client_header_buffers 4 16k;
+
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
+    ssl_session_timeout  10m;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_tickets off; # Requires nginx >= 1.5.9
+    ssl_stapling on; # Requires nginx >= 1.3.7
+    ssl_stapling_verify on; # Requires nginx => 1.3.7
+
+    # Enable HTTP Strict Transport Security with a 2 year duration
+    add_header Strict-Transport-Security "max-age=63072000; ";
+
+    # deny iFrame
+    add_header X-Frame-Options "DENY";
+    add_header X-Frame-Options DENY;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Robots-Tag none;
+
+    location /static  {
+        alias /var/www/html;
+        autoindex off;
+    }
+
+    location / {
+      include /etc/nginx/uwsgi_params;
+
+      uwsgi_pass uniauth;
+      uwsgi_param Host $host;
+      uwsgi_param X-Real-IP $remote_addr;
+      uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+      uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+      uwsgi_param HTTP_X_FORWARDED_PROTOCOL https;
+
+      uwsgi_connect_timeout 75s;
+      uwsgi_read_timeout 40;
+      uwsgi_buffer_size          128k;
+      uwsgi_buffers              4 256k;
+      uwsgi_busy_buffers_size    256k;
+      uwsgi_param SERVER_ADDR $server_addr;
+    }
+
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    error_page  404              /404.html;
+    location = /404.html {
+        root   /usr/share/nginx/html;
+    }
+
+    error_page  403              /403.html;
+    location = /403.html {
+        root   /usr/share/nginx/html;
+    }
+
+}
+}
diff --git a/compose/nginx/static/403.html b/compose/nginx/static/403.html
new file mode 100644
index 0000000..fb9d504
--- /dev/null
+++ b/compose/nginx/static/403.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Forbidden</title>
+<style>
+html { color-scheme: light dark; }
+body {
+  width: 35em;
+  margin: 0 auto;
+  font-family: Tahoma, Verdana, Arial, sans-serif;
+}
+h1 {
+  display: block;
+  font-size: 4em;
+  margin-top: 0.67em;
+  margin-bottom: 0.67em;
+  margin-left: 0;
+  margin-right: 0;
+  font-weight: bold;
+}
+</style>
+</head>
+<body>
+<h1 style="text-align:center">403</h1>
+<h3 style="text-align:center">Forbidden</h3>
+<p>You don't have permission to access.</p>
+<br/>
+<p><em>Faithfully yours, nginx.</em></p>
+</body>
+</html>
diff --git a/compose/nginx/static/404.html b/compose/nginx/static/404.html
new file mode 100644
index 0000000..d149770
--- /dev/null
+++ b/compose/nginx/static/404.html
@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Page not found</title>
+<style>
+html { color-scheme: light dark; }
+body {
+  width: 35em;
+  margin: 0 auto;
+  font-family: Tahoma, Verdana, Arial, sans-serif;
+}
+h1 {
+  display: block;
+  font-size: 4em;
+  margin-top: 0.67em;
+  margin-bottom: 0.67em;
+  margin-left: 0;
+  margin-right: 0;
+  font-weight: bold;
+}
+</style>
+</head>
+<body>
+<h1 style="text-align:center">404</h1>
+<h3 style="text-align:center">Page not found</h3>
+<p>Sorry, the page you are looking doesn't exist,<br/>
+or other error occured.</p>
+<p>If you are the system administrator of this resource then you should check
+the error log for details.</p>
+<h3 style="text-align:center">Pagina non trovata</h3>
+<p>La pagina che stava cercando non esiste su questo server,<br/>
+oppure e' occorso un'altro tipo di errore.</p>
+<p>Se sei l'amministratore di questa risorsa magari puoi
+trovare dettagli interessanti nei log.</p>
+<br/>
+<p><em>Faithfully yours, nginx.</em></p>
+</body>
+</html>
diff --git a/compose/nginx/static/50x.html b/compose/nginx/static/50x.html
new file mode 100644
index 0000000..a57c2f9
--- /dev/null
+++ b/compose/nginx/static/50x.html
@@ -0,0 +1,19 @@
+<!DOCTYPE html>
+<html>
+<head>
+<title>Error</title>
+<style>
+html { color-scheme: light dark; }
+body { width: 35em; margin: 0 auto;
+font-family: Tahoma, Verdana, Arial, sans-serif; }
+</style>
+</head>
+<body>
+<h1>An error occurred.</h1>
+<p>Sorry, the page you are looking for is currently unavailable.<br/>
+Please try again later.</p>
+<p>If you are the system administrator of this resource then you should check
+the error log for details.</p>
+<p><em>Faithfully yours, nginx.</em></p>
+</body>
+</html>
diff --git a/compose/opensearch_saml2_demo/add_opensearch_metadata.png b/compose/opensearch_saml2_demo/add_opensearch_metadata.png
new file mode 100644
index 0000000000000000000000000000000000000000..4cdb416d4d8dcf43a559d2cecf3627081606ff7f
GIT binary patch
literal 143525
zcmdqJWl-Ep*XT=-5G(|D2n6@wt|7R)ySwW^@Zj$5?(Pl&g1ZjGAcMQx&AzwJd8?lN
z>|OW6`E;tfYNq<Xdb-zI)7{gne`~@N<it@B@e!e*pim?wz9~UL!5c$C!BBsI{!;_M
zT6g~Q0^=+qsq*2&hc%G=78KNHD9LZaDjs^r8}J^43vJ9>X)Bu@YF+N5^`>oih{Map
zX;7qz>n<WZW#o5z#p|&mV-vC>62Y+deZ{Ts*E>vCk|`?gnrE?X&s_He8#?0EW-ICO
zidKMpz5#5zzq!x2S;u^xZwY+B>b}u^(9oZu{<%01Abo0aT+2K7Hz6qKMyPM$hJ-($
zKKx_pJz<23+g<~}3Oxx!!3zCjAsb?T|Ibfhg|^&qen?!L2ten){Oge7jBsK8O~9c8
zNvQDNjpW_5?<c5t|5$!Ve2x6)r+*r@Zoqw3^67|yvJm`d<)J<Z72*#6i*=wrte--E
zqUqichiWAG7wf=&Rzf!ZN8A0?(9ZqcPfXzH7pPU#fA%WWpT0uA{)^k8pj$frxYYg*
z4eA8`-}Ju)`u~Vexqi0msyJ}jb?4=p2ZCVFY9yTc#%}HRkbEE1PPs`0p7I^a9t6+u
zl3OtOm6;-cgKDR@rJU2n03JIel8y<snScg6J9!<O#~kqx>`4CXTxvc{qnOp8rKg3^
zRnwQ((G7p`<VxEor;uxLdoz8M&2<D2^*{Oy%3l-VnTTx2!$Gz#LR1kc;v`)z>Oh}K
zg%Gj!M8NGwCf4+z99sVYcuUyF4y8XZg6<}w!}KiLVegZEw(&yoneU$w=}kY^^kvjw
zce4<pAcApoNMzJI)KqU@I;HL>M>|tOTQN37K>il;aQmyuSNi7EX#eOnJ4gSA7)%V7
zwPMUk5YIt<(Vi>IjouUC-pQ+IZP@MOw*36mgG!?KLqpdXH_7c3_ZH>aJ!%>KX>C}>
zHG-wQm+I4@GH2Dv!!?m^rn|JS;BVrHAq?3RDZvZWGK@^vf9}}X-*ZY?W*1A-nW(&g
z;n0~8I7~)z!~q|&H}(DVZ$Za)h`MN8$I=1L@3(=7m3gS!cmL#S|1~Xx?g1zIsp5Pg
z{R*Sczj+rJT1y6%w3uwtGTr>MIIg!hHeu{Bd&Zmj75LjZ1~U2wIvGI=w~Z+^(i7yv
z3EXb<Y_`8|3opuIQ-JFgFGs3keik-%EaR`cR8O$x72SdmVCSz|24EINxPh<Uh|rk+
z5!;C`^8VwZ8eTI_>lFnl+29F*TDNA3))8S$m~tEYi69-;+rG7?>`dc(`h{Oirw#gE
z9mh>Syr0Mh776X!e;|9nF7eF0I?0;h$^&}q{Z0nDwy%)77dYY^Q<++T%C@Vqpanz;
zmR}2Lg;e;;s4)%$xZgRQLun}7R)=h#u#ItP9<Q>|z2ezHUWb9Y53*Rm<2zr2Hbc>L
z{a~8zyOi~Dh>iz2o%^-F(~*d*P+#A(p59%p6L2AMyt?jjZULe>fct~W^9fb0vs7F`
zc@38UY}9nq9b8~N+odJ2cX!e5Iwp#euElFjmh)b>?zA!_+<a}6B5Bw=A}e_I6Y-8K
zYPo)uwB@B-8nIllY1C<Ty^1xo6SiSpxb@oHZ8H*)v-H$gw}-g(gr-$q62i6~=B6@!
zN|~f;iwEK4OKI;p?~!p6I2?6cH%uPsU13sTF5Q6Q&BP^woj~va%)mTW78BzhU_a?t
zAj<TP>}pIUCtP;<c-uMZpvDd9IicEJs<fV8#aJuhRQXfT25GsqG@vSQ+0$=iHhY$7
z9*Oc&uNFFD%<_|q9`O)<Q}_{&67cxb%4gPLTfke;aNvJk@OrDhFi*u9`L>%z2{pEa
z#z0#HZj5DHfs3yrlk*N(QzT83PvIlh+iw#E-5t6r6?`WlFyrkJ!D7HecYtdI`*K44
ze&nK5e3{l7zv_#iLcG3@dX>C{;dq>epnJ?$)fxc@J>%%uRm`>O^1L(J0ewNnPG@bu
zBx%<zsoM$x9a?u=EsN*J$=;aFNq#~0>9pktOnuwOJ@f<%iK|7=DsCAwlT>&0J0EqG
z^WX*+_xNclL9w@ullM2JW@itLcAODkt{G`L_?rv5_H-`XwI4t;jplb28bNn`CoiTj
z4?t@X%GM2TG#k?}hN)x11$-6wL#1O<JwYBMG@Y*IBP2KtQR%UWCD^@Bl<{84DFi)^
zJx8cdNT{p%Bk|jUJ<7LxiKz^r9%s=vY#B9cNe;HM$nDoRJ@b+8^JkgzM;D*S%Dhb<
zAnL@m#Qb{qB7P!n2FT#^4OC#&8ll>8&6Mv%#CT#f(ZT>wEx4zSsQ@Op*BFVoTyy1R
z!RXj2;dV(KPL3}z!P3`2b>wnB(_EfT+@97~sx7fZcHk`zjOkvgBeTaf^{}(i#e3iX
zMfTuH)&~_^kuFOc=SDCm?`1FVI$A+w4S}|*_Dz}2N0))d&j!?{(Kkjm07KBx=&|Cg
z3-<SwO60ig>WI{;xSY7M%(4q$x~QZ+dQwcU_r5gsztSaHU2M=E=G{oVO+d>IC7PV5
zJ=U73V`RGOi7C8}%ph+Fz4_1G`@Dv#myz~<*Q;{{x6eUj5G9A7!(k@cQ0K-^Aj#<L
zV#LfR?&A@G`AKwtKd{Qx4?GpJT;imYeVe43y^rdx#-~8dyXyH1@9lY*iQ&H7>z;SN
z%sYp^qMmD_ZlUmO-VuOQ_F6MVC;!}jRmqDe{F8W%L9oHy11iO5=iMlX|H~s}vXyz)
zdaYm3b6l~N&s!NWx-MASiR^|S!Y&$j+ujHM9$uy3YtbNuM@oYYIwJ8r2p<`Njkx-@
z=Ds7S@oOJF(OBrM!aXFTtJG!lg`{ST-|?nISLHQ1Sf8q0&~s3hGlAk^aQ}+GhV6CX
z2OT1dpkGV#PkAvB|5XfrCXPpuAjm+DwnxopNI2j+qV@H9EgIvvaX)8t!Z8#ES4<)9
z^szgKs6m@Lf3KSYSkZs{F24V~cHnk(t;>%!_9xOw<}NZ^zG_rzNDe@=CgZUztz*w$
zw!Ywu!ocpiy#1ATe_i@?qms{QhhN1n+G%`oD8d5-C3a481S&vb(34Se9uZ$3@!Lc@
zV$AnhTMQo;ztzZ354sG@=}c%jyAebgksoGUJvSBGaCY4cLtPKL9o@hixm`S>9xabr
zSjhLN6pqW1&h&oiSmLHDsj;~p`G}*oevu&tljGTBT=_QQ9nj=bIf-me2t?XXqStqn
ze-A=6B(!VY)j8=1`NW}?W2pIBP|;w*RsDNH3HQDCGp^+s;AA~Et7^5~)sbD0aB$hi
z9aurtE}kk7e--XTY<}ds#35iGN8JvNv%i${z3%<xu>+N&DscDEX)MU+fGJBo;8{ec
zmOlnd#)ada&E>X>xIvq5aRkUw)b2pT?L)-VdeySd4a5RlkarEt(K?q<EtX5%B_W+1
zTwLrGIAOs><mk{xz|wG_l5{&=MCs`h`e~g-4%9|)ygGg9n856(&KxN4V$@kKLHZtJ
z#L)T#qB@4}_VJC(w3J|u#OT?EA)&VQ0vi$V^DDN#gb|Io-#st<2p?o!+He#H&Io>t
z!wp49)_>H`p|8K;iu<D8+r+uhJ-<hmP#4K*a2#sc^=XZ{3F|mtwnv-yF-nj#YD2HQ
zyMFBX85GCN*!EV?F&lmMplZ+TMP6aHWOfqvC3K?_>&_mVM8Juj10z<biq3k|IWH-3
z{b@SCo8O#(s<;AOOuL!UR^XC$V_6c3vFdqqgw6itY_uXQkK8LoGSq=qU2w1ce&pRF
zV!FWAO8B!l=PsRyVdMY;D(CA(d{}oQq^{A(9RHL`6S{f-xUN0I4fA8-`rXckD)!5=
z?u^^v{Y^5|97V5(ZthBH_%o_4qr&%o%!retp4(Y0R&bTQ6s!H|l4leqI4<3&Lm|ge
z!0U)A>r#0*4i%gCjf*@+pB?N<{=8PP!bC*7Vjlq?M*zQL>)*VOef`E9qv~FN-6DEn
z(j?2HnU(dpKsm5MQw}5;1{bIdkr|()<=41h7{NfDs96vDwN2a~Ga5A(Y+b1jT}0S_
z^D_MTlm#E^mQtwO`F*4&4TrDQHF$Rr!DZ6}7Y%C}9r7#|Wx1ic0xD~YN%jw2Wcs?J
z$s*v+Wy&S66EqPRKAdy{)aB?b=6p-cscLEXO12$tU?}LmJekASgg;KlnlY8)TNlMC
zKp)IKAdh8yMnwP8<!h6DR@#~;Z?>{<YY_$BacqOn`e{V)+h(B9Ou=(O^l0e0<)fJn
zsvH98$Q`&8Szpikt{GE6n=TCAFlw8QzkGEeOCPu_`0O^*9p*BtB3Be`HTrgp^%cO=
z7%9P&aiM=qxRI3g2;RImF_Rtb#fez1Ic8cmkGeA`(erZjxDQ<m6{t>lp8Ce-rX*&6
zjx==2>b%m{jZA2r<AqfqT6US<=M7s=(v#&*{1O$(sQZ1ih;*~X4V7Q7@WJe8P{%&g
z+RrHNIM{tmE-H90<2^;PZI!%gnzPsJqcQl$3BV)k>p<qkuIQ@21`tA#(vf(?;VSSY
z?{WAjJXEdbbd4eI*-QV`+gQq$=ON5)j?*2|-5vhc)-cO8kCG0b@t?=VEq!T&^T*zr
zBM}G~M>^x?SZZ{)X9hGq{qukme)@M&Sa6ggNA=+-{*!YGSg{|{{3~g1I%TXa)EZ_6
z)uD1|H}eq#V$Qhh-057(M5-6KEu%3wuvRa&(l}*he&5O&Ofl<LR>OeL^*TnB2PCW=
z3iPL+30yN_c<NxBBbn6{%RtPbKJ?AA9uq&YkZn#85V{2%jHn?EYc_UWt`K#{oYV~)
z%_~o`9jHe?e?ct^d0jm}>0_3zeq9}jAYo(c<_XUy=zd{he>OZ$5afYPF-~>Ah8H~T
z4(LDj8BHLec}mQCeY##sF1rQG>hpyro+pY83BC!Ljl7}E<}h{@2>N7iazCJV&K|!h
zwcR_|9)IC=cjWGQg+=@jE#EoNB%Q2wo9)$|wP<E-oxPE{0We_p^v9)ZVy^Q0R54v2
zdLuJ4KN_l3jYKu6^Rs$@LM#Vp=Up%=ujm_+R0no=z0BXzR3D~w9O<aWvx;-UptA*u
z)<=_cTjs(*)~{puTU#Mb(z?bS%FUZS#K&TW9hbJ+Qb&`Wrco&Patq0(2NNTHY!aa#
zDd4OHS~efn9p~m3LB~a6%Si<ZZIT_z%AJXVPNc75#(dt2lt4&CFuVyC-PxDwH<KDH
z6mK1^>xYi=Yj6AmDBj&_eotC_bMi){B|oFGvxoLkU_tSEid<G2;m^$bk6hK%Z}&!1
zIh&nUB4TKl-XvOWT7KI)Z2g?ZX9|HR`+j&x5N9R9O9k1P3LIWVgv?0Q&e!bue)@dh
z*lJF2EN(n&B!+H-u2yyL8a?LZ6gByaM>Z@c*9_C{s?e2KJH(_`Sa;n1<MpgNj7a@e
z+^+RgOxE|C9#SM--eNtWqmpLmDv_3yXDaLW*&Td0c`yg4*wvctLhju(*mT9ad!~I&
zSgUbrPGY2YR%<e17#`%GI<VwO&VwHNI_lT%h&sLjqnE|BPwy2@y_s&s3Qa5A8fxAk
z3`n#%DVTl-)tA})6O{83z;oVE^nztvx-1YnMAlSeCAflQJ$a@6&Ek4-gl4tzAuJz*
z$z?+2>TZAy(0n$L5^{BtQD0`A<)nR#UfjChL7r(d?$p=V1B1yvo$2a8FGI*rF|$xL
zk0#vA2rjB)c68xC#Z}Nlf|G7a2*{0#YXrKF3=Gz7tn)0G+JD1Sdg=E4(`G}c9m^a=
zqj~X*$;bTR=wh3!6+e6=j1jd1FHHW{78U-g%b5vCjd^-deKcZJ*cy$Rbj9s&YEtZB
z_jHh;Az(G)1jEpX&4x?hAlrH63>SS?I2SCbxA8eAXM0js$*<dO=PIJ><)*C$FX5V!
zSX0q<%(dvb-R@7<71*O~IvD`+E#KU+QTbBpwYbaii$B8#^p=*o#t+fF-Uq@ZKW$p2
zoNC?r|D_MpdX@Z(-^=_qdIyW7Du!JDbHUnFzX#gatM9Ys^Unu5UMCu<T+KKKak}_L
z;d6YMK?M$(tvV?H9>e#Xvt83)!l?OzjW0}uhar?SXZ9&d+lJfAAk4etp~lA`L2CM4
zi0H#klJtr=WlzRe1IdRTI&{rA--@8N_FC-!JdeNX!rmLXO%p|nP2e8!tulKsa30A$
z6ry^+>Q(T|C*f;T#n$YsPEyH><Kiv!7%lMWjkT>zMNrq~PZDwH5aslE&QR)p2Funk
ziZ>ULwZ0Wj1gwgN;LE$cbyM}%u3f`u+Ms1Lwtayp`!3tPfVICcNKzV85KBF5?01N+
zSayz*{Gw6LXws$`Gn66XewoMJJ3Fb{$BHyGtJ(P|(>Hj5&{kV^!?Z*wGZa~4oWvOG
zqGw})hC?s$+{g$1di`Ce(bwAduCBN)?AHuTan<0^Lqxzv4f`W4Eji~}9>NL2A&_T7
z(AgVeRm;jD1%Hb&1Y=UYc~q6YU2oanD$(}Yz&4#noz0;vN=uWQ!#X{yoqNcoUt%U{
z<Y9d5r*g^x^H(iu^C?5?L#>-cv$)~nki5?Nd~(MWNS-n_UlHH9E>J8qY(``?W+^&0
zK%=hVG;7)-R6m~BwxE_dW=Yr2LZwcQpavEkYoH~0iwuiY?+ID&TyOl<<dwmb(4Dxl
zsx&qo4Smw!Pr;u>sn+h&OfTu>pNI9+rx7&Uw7#os$K;YB8nQGMcV{buBa;Wn=|R7A
z#jAFgzcHrZW<>@5lCZaBJAz!lo06iVXXelk14j36sB1lGNTjwD#sh9yh$z1!?H;ZG
zu`sE+L~xnjg(Ov8=dXi`>$LStpNx83g!d{>Eji)XL%;eCTrPMn1{WUh82Ioo$2Z>5
z9MSCWb)K_fZ?Y5FkCBkhjx;BHYtiF#eeW7%ePfI+%#~N|F%?Tr9Ftv&J+eK}Md=7k
zbfQTf8YjC4r9pd<?@RSi-^#{bTvC&agou&*IBD$~cQ`y%ev^uJ1?_NgS*pKXD{Kl|
z#|NT+3jI!AXCD+<H9+)zf!8*ErYz5r53}#9UC>2;Z(H@qB0*C~WDe(tlFj!cQ$ubH
zQ<2y1bi5^ky~trPt`|is(SsQqy+3p~n?C9wJ*q`~-i)zn0;DN;<k?%H=08jly?<AI
zZ3b+;`CWhj5Q86}33zZ&vyX8D3T=b^El4rZBDd(}$S>?ku;O)a(+M3$9C}is(A6Zs
z!j7~|8w{5cOfho&c)R-=l+<O{HsWd$Zk6sv{g)mKvi#-m$2#cgNX1#48w?o!GtBx-
zhiIa{%h$yE#)_Kw=7Ho{$|%qipOAf7mi3TR{I+WsCC;drIqr9z>I}kWA4B+B7nE6Y
z63<TS6<nw>YSl6<Py&Wt>2e>D`sG&{FZin2{nk0Dk=0~_&02w5_W>{ETN=@Dvtr+m
zgoy;%7l}|1banb=Oyn+GAzw9EohU&Nz=|Cc(3IRmh;Z^a*l&L(0gN4Jc8TE_UKKre
z7ihjOGPlz6GP{uHlrH{8iI8Vvi{?GetXOAp;GtDi{_8MoN(Q|==Yfoe@TJ1HoJ*3B
zlFex~yZyUZi?~wexYbz(;dL%@3R4S??epbE1n2(vP-~6)ek%H4>O8I7qgEX#U_*Ir
zL|d2nN#SdCxmKOi&TO8f-kkb24c0-mT9<k0Ql@HZT%oXJBDmtqV+jB0r8%*ND=>hK
zA*CJ?dGXWga=@WG^~_b4{6i66@lOTzo8wYDGHYo*O$iZ0kJ_4nOl`u7s@htK#SPQ`
z0(dYP`>9-NnoK%jq7+Y)&h^lPp;9^r12exUAj!yT{wrF((@m59Pub{f*RxOYou)d@
zOo)5A4sJBQO>>;{Mw0rm=vl)fT;#awMt#Cw?<wGolXlUnHXe_JU9m_237@0vrwfow
zIcmA|J9vgR2y@o|%yzS6@~+<La0|u4D@a{ju(lNChF-q54~+WeFb;nv>(kdvg%)zb
z`bM#~f(<}-Uc1Dtlwy2Ve#HQ`GAdDl3GR98Hwm6~jFvCnZ;FY<usGBRXOM3)G_#&n
z4V>*5jK5m%PH%EH!(OYrE0sb*aKIG3t?{v8lDuP2X!@nO<D=N}JvULdem!qlJ;xZ|
z3~cMx)>8Z!3?EssVzcncyLD`2?U&@dh{ZrIG7e(_YWeW*scCs^NfqT#2h(e_(|x(x
zr62=g2insh7a=qvL4bCr3}5@y4uuv8w7e7Ykbrtd$JXSlJ)l<?SjERl-Bpc~UgEoN
zXcZUM!^-ham!u3Y*>>nwN>+#t`AU=8K?(#r^pO=V{Ng+w3&#D*v?ue|k3NU*B0E!C
zwT}~#qnziY4WApQb4E*s^)*I>{L6#83DHV&VV!!?PhOYdYkVU?Hn>=O(fozRt9)P{
zXkEHUW8-IPG8Hw8&G>zK#rIg9%qh2hAFgeT9HiRruS>bU=L1FtrW3!T_v<`suvFsF
zCNZKKxS0xyI^tqsy6~3SI<cXpv!-O{fNW|J{<Z-+LW5VRJj(F&*UKT?7NS5<W;TFK
zjda$`$FuhSLTobUCTc0x#`^N49231nlrFq10{-9|wuRv@0W@uri%wUT`-O?{#R1Nn
zF3amMJ2eguJ|Cf<g4Z+KRV>M|jXrPtT_|&cH}VWo$5pmZ5)Bp)&=bSDNN)oI*EuzK
zkmKOOw_bfp^Bf`g**<-|EHg6nL#yLQS7okr8fd0XjfZ`#>yeiq6R#zlA&Rj-Kbm?>
z2tFMAUZI+ni)*HQs+NLtT*Vn8l(yj28;#xFfH@<^D8o)l^6?37eVR{u!H{$>Y5u05
z@%gZ-V8H7nFw>TMJNneb-av{EokGtefByQCI8oiz$WSA!*u>0xQZL$I2f}@ne?xOm
zH+R`9S2cYNEE76<z_2A$G&Fpj^v1quXMAn$^DU5Hl-#Bc3&wbMrFm^|otqM`EuAqA
z8DlsYlpc6qFr9x8)pHZJ$zMH&Uu-mTytqU;!kh^!x{w(|Fis@x#A4X`-W6!BUgaYd
z(H}*<3gU6U#~)+&kGQhxf9bh2R>>{VZLSTlwJ2mAVn#tIPD-4bo}wEC!(uzhJUycU
zp>9k*wkT7upiaxHIMCD3b2e-%^EQytD>{a|Pi2^wOw1Q&3{3wf@A?sus)fc*YFovG
zY6tL%V+7rzZ~O>Om*c4R$St<naXP-cd+Di+r}dn|VpC0R-^72`3BHFE5$F=i!1x|B
zvbOR3wmtw9|M3rC)B%CH>e~xzhc@u3ISiZGKF%n)zg}{p%|ny0zbr_c{+npaI-tZf
zkZczVX<#cY=lgSlR9NfI+nw6bjL-Nm--u|&wf@$pz%Sv(va184ooU&}6AId7wZ6J{
za}O%wC3^~07Sltw;t)t>d*vOkDRL;yRcJP2-XzhKz*pmLicHx{>SU@>l5L694@Q_d
z{7;*GaG4*l<GVaQ7o<6sD$x%_y+N_E!B@p!4ru&Hs$_4Seu%T}S_^(=txE4<LqOIe
z`zC)MO|K7p#dY=^UD_s(k&PoYS_N*>gev%a6ob=DVAYE}5v_X`Mm~vsW~+t!+hjq3
zg{HKQ;iAZ>ZJN^1d`arNg>T@{qSV{Nz^g;9R@;>hTp&GSD)ALg&8v*{-EnoFF%}E)
zK*J1Sd8r@XcSVCuS4%$rf_?Cz{!%eM^nTqub37>oW^PVbL9fSue&^Q(PsCFV(_&A6
z9`#+Kh0}3hzJAyU(HmxD0|I@(A!&l01cEN)GP4K5?KgTqO;sVFVDYF(B}xZT{oSWu
zer4j!CVw$O9~XDpw-EfG<nCJPj!((UstqE>Z}O&Buhyt$+x5N8MqkJ_(}y*tknuIG
zW9D&xKdG%&rkWs~Gxlx4pp3PZE_g$niibgR!(nE)%2RhFT4t2@D}W-8K`Srbs-*@P
zAV-miNiXBMVbG}<>wYLnQC23^Vc2_iU}b%1b+-AqHHKA1H94VyD0L0Ok(hRW0GCxe
z#)X`_$wv#;&dt-j#{g$C6H<xeyM*6pisTsObsX&r+h|rQB`!sV&9H4`dn^Y@#DUBn
zj}8;S<U#ZaCsHzMk|YzcB_5qci3?E`GwUYKK8I=KC9S_#RL%D{OWjNRj&S_4?ze@J
zmsGHK#`#HB(gLM$#+0rQxuS?L=VC2zOuj~9ARSn^NnvA}O3T_dZvKdC5@?XZwW}_8
zi0`kj^~g5TX}#!Pi2tBm85%|*$;8}j<nzi<)Z<k4(zi>%uvcbG!Tc;`yP2|R9TR1n
z%Lr}$zgPevEa9c&<$wm}aN^qron=dct0A(@cKHHPjeHw1MXimdI6PEy!t=s$(ZYg0
z+@57e&D-}$4=OcNQi$vjH;gl9HDOh~);8}SWj@2wxr(C>x;ic%8V~5u5tRKx;CQ;^
zkc~NeKm%+m$nFY@rZ_yJa-~w}G&-aMZ!)Zg>9W%fZOUVmmGIWSHhjm$r6k`ESB^HZ
zdZB0-{>)}=TIc+jVl;|al9`RM$!F^Tdhu0M%r7gmJoS=Q#)gu7PrjxZZWT!%(ji<L
zkBIS(uV0=;m1Ng;EAKZl<brC>`E!U?epw?LG(X)97hD%79-28VR@H#$L%G5-rG$sP
zP=B_E$4Pm22Y2{cPnxso?AzN<E<3Up7%|v>u1Qiw?6jbzZn+xVQ}JLV3ATa^8dIfj
zgF_G^ga5qF^!GD=r}KHT=y@cqA1@(Y>=BjZ$_J35WrZKX8=pP*7>R0w-I~#Ejz;}G
zI8N6*G=)D?J8(@t4@j-=&IJgAUYa@h=wO;hp5O2lP?S(DW-_?m!`SqF**z_LTy%#?
znJdE!S0E|mB(!GF*H~NXgkU)D6J_iL#oS&b{`>Xyti$rTQ)^-=z1-@)^`2V8RGH4J
zcWu`(Cr>iuli+d>2tey?S&o9C<R(I}Rug2$BS6Gz`saw!cc;fX&Bqln5jF{Pb5yl$
zikE*Y{3v!rIAIk06dowT%9#>c<8ybCy_`wqI~p>j`ZIcAf{?aYS%!XT;nhKFGt81M
zY@2pBsb$lf;dYTy=e1Wf$<)Spj_`{>Q1kYT&6Kli-PwG@G-rr;HOU4BC~mHr;m*Xh
z>rW5|N31PrcW)9VAp}WJug{Jf$9srO6sUN*iFCg@q7DY&Oee0_X?)qOu`UqkQt{mN
zxsGz%?&QS^;Vgh*$@@TND(t#x@Nz`0#>v10H;@KVO{`O;T2aY8JSs%`LVl!X!gJ?N
zd6bpLC?L|zIQ80Zy>IlZwe&iTw_c10CQ>xOk)r+7>%9nx4n=pjAb#Z~>YZbYO)ih`
zr=up5TCgMenD=AjMFqhXQ|BBjw@_LyOI~atPO5gC142Udz{vNW?g|Mjk+ZnWMvo^(
z68g1A4KH$hddes9^C+?YJNyHOkJ4$XpO{Z`u$Oa``tNH3`b931?tER+x{VZS5;q;;
z(=ka%e*YdJ$2$)>-Mlef2xw40uue)+*Hz?m*dfPmTg88!H+p!8xQ6wdU+R#0s9~d^
zNjX3_=wu}OqWf}$J^x|qn?2z8*|cr4I03muVDIX;=Lw%!_)4{Ga33f+Ajj3A1l7(~
z637~yJVv)2!oA70x1R2|{SMQx;n&CP6ul<*H=`swar1+>46*WU$(x}->C5$HgVPM<
zO^cCb>i!<UhC`G5Q<c^Mis)=%s32kZ4sGDzbmQ-S+@zw*x)<~;zgv*py6rx<gLqj8
zUv<U_N_-ufvKqS5kr%^^lYnGw)~-$xhGkD8an}dnTL3{8A>UL?yq&DH2Y=Z)8a(RM
ztyu%}K;uk=Gr*I@r!Xn!_-&-~O-lsfZ})R|7`a!N)-&+<I-hf^vv7aHAryFq7uCgZ
zC$4qhB`%~Zz|0zXl!@NxkA<nWo4F5%div#yvR_anmw3q1^9VgoWfA7}&<J)1ZFtLZ
ztDi;sekkhSkHIHd(Yg<I;QHCnN<2;?PmXeBSZF@gF*(wLQ-e~#G=koj2TEyIU=O>w
z+kd#dnV0opE?A9j>Z)ab)7Jkba#ohtnVn#N$1z=%St^q2zU5bq$@iiXg)D1y%eCoK
zb?1d!K>xVEY3BEscL@IgsWJdfj%W1<VMxy?1{o}2uoD=|e%`2g$pfEX_lk==;re1)
zbw5%huEgp|WPo`6rlZt$1o82nW$E}W=?wE+CW<3brQaI;R`=!UeNG@rjj~6A<A|Y-
z$*~0Gf}U}5jD|KIo+i5`B){%psXxXX3Mj7O_bp&?zcyol^`ma?TzK7aiuLRWhm0&y
zjDq2{85gth&$QeY!S02Zyf^?W^GcpX``Uvk2K3^jeiT}8-vuYVVsyhxKK#|PtnS=V
zWO%yUcjwNb=p!7|YR$_wU5y|8Z9dIad8hW&jDCT*qNNuaS+~(B`eg_Y(}fOaTRHON
zg*e~M!K3Q6M1H2PN)DB}eUC@4sP?r2yxfjW1-t!gbn3p2oTn&8I>}GJz16odDvU=d
z6qbW0iodV<0Z0YPoRvx_-h%6!p1UnajqmI~z(Kf=hv}L^0j*x#&S%V%fze5_g_ud&
z9Y8#o;!c3;;OcIFb^@{}nUS%EBn}24o1(VKk`YQtCyLvoTBMv3p{^Zl#Bf!SX$^QX
z^y<A|L_Ouy@AyKT_@-?c=+BmxzGVfUFK*F+5^(s@`ucbC`OCV-*M~z9+G+r9!5suJ
zbh7hX+~%@zhz8@<au$`*f$wg<fZoEgnbY+zZ+=Ux%*Q(;Ln9TAl?9Ux-6BIGcG-17
zbe8bkXIk-S?s#O6D}u8Fk{;{1F@sbQR6FDwzvw-NrWT#$7OUO;(;^?V%#mAN9<P<4
zSVgsPi|p;Xj(qU?Xvp_s=^rLqVTODBXCDQ-U!t2p2B`+{q1D~<H|{>+!S>H%Qy4tE
zlzx~yw=cdCe!z?(`(<3{=%D`dIrvD?5!#%yk}IX!xe&e1HP`2pdYT7n2mgm25~9m2
zo%_J-(YyESPlJIc74Xv8<ybRIaDS0A-bqbKK#MfOB+6%!)*9E)GKk=$6eTdHbm*ws
zPr3}?<!5!RRN`d4>ZeBgI<-`vp6~ZdqdZQ3-Mq^!cN=whG|7CW=N6>b*H&)d^5?b@
z=S9`Wx36Ut!rf_81zOpCy`plCX`{>oq0c#^Mx{nG_;d?u;e%d(4P>$F7Ui_jXX3gA
z9hITFVR57g&c(*^rhYi?F4=vj-G@<PlE6cVTC=u(DO3E+%e1c(_O@GeiS7Do@%3i$
zb$jV|<lW4u?cl&sOQVl)vFF~&^=X*Yw~7fzfRX#s7^q)9JMQsdl|>b~YDCoi%))Cn
z;jItD>2Z{3?cpG_Lp{Su5TL^CoXYMM9R`P!@wy*pxF2Sz8|g+0t$k|Yr&V@;n|&N|
zpMqLCi^U-LOUc*L-ivAMWsueHsjlx=TKSoaoNs5JBjB>HnzxcWrmG@c_vtWv63764
z-P&CbdMglG^3M{u4?Wq0@s_?_J*Y<8xqdtScsAocrk8%H#G8F$O>!)4P5&g)1?AZ=
zZ{ZR7F{jd_+WT2G>H^zxti!h}{`rW2;)ycGe~@xu>Oa>?C}=<NcOv)GUEvXD$OSsp
zwd;G(ts>otN0qGo3isw8VIjeO#jie@8DA&4MglI*!_h+xR9rdme`IvWx(yvDI(deP
zj&%Ya(ca!$li6`p*KcZ{rac#POC{}%^?SC5sld_8LnR>gbNcdAjvmxG1f?xf1O%Cf
zdlcr@pBa0i5t{lD&w;JQ1@ys3-SG{f+%kN!F-H2W#dxuJIeOdQxm75!`BWN=AadRJ
zRo@YaD6?PClRE*jzsD8;#q(3Le2A#kI!g~W++G7~ggDWDbC0L;rVbyoCM_~O#CHls
zN^@&R!c;L=8^er~iI!XK3^H&<ndph`(stVbJQIqcZ`HfSm4k=dc@*Q{)yPc_e`>JR
z+=0f`k!_OYycWlm(*+vlcOg=|>GV~X^hfVH{Qrg$tv5muShrgc1}tyM!fcAbD{=4!
zg}oiTAatF}p9S1$`g{Ho@JBkyU@cwL@|<<oRqAxs-A1jdt;D8%a{~{uo;8TQ<qpuq
z9HKVeo>d(@){*ZDr4#}O`rG{bZN|H>7`?6gKo_~(qt;&?h-vUW`+qF7f2|Q+O;Gt^
zVI$Fz%zGc4rE=<O+5w;N6A%$TVg0RtDPu53EyUD<mNgvLSvRJN(~O5r5U;O(K^fy~
ztZ?+?X!dJTOf2_Fs5vxH4|v0BI<|H)tH;@w@P`7zZz)1Ak=rA3`OO{_qr|xL@@?}b
ziJeGLPI?8%fQM*+p60FEW*I1Pz3sZ07&e~J5fnehSG0PM_wa0B7Vd0YR~7WB8$f=>
zG*BrCS|0pD1L_+eyU}(50<k?Rbn{Wg*`)4PS*)|AJKTF)wJ}AeNHZl-&G50%Km;Xo
z*fu1-cIF254V7!M4ny5Vro*Oair&o37f?U8GkH^TT+OHE?wZu~ma-SFbUmnfH@v2x
zGiEbiPa@*+<_KA{a2EgWpWi7$(`)59HTAiKe}S5RFxfp)rA##oni2Az?29g|Jpog2
zc%N*rzdM0v3nI6`yxO^D#jgLKYn;V2C58NePiq!&nLN6WZZQUYy9i_D(?0BXsux?;
zO&h#lC%wgK{dOhslPR(eNsf&LTjyIXJ%R9Ct#dS;n<=kRN9B59bt+)&aD`dNM7n`)
zrSBIX<{D5_i={)v>jj+@Sh<06HcUQ+bY~H2M}Ua$?p1iQpae9*9&e48h8CsCm3Vmb
zk{kmcl%Y1C?(2rYf;$y05<UCr^RGFf!1a_{o51#slt%xVf-*R1UcY*_M~vW55yAvn
zk1mQkPTR}Z-rw*>i`|(uuTgIvO%F3sl%#*raZK#kua&xkOdnNt5)h&1CQiPxoU#`C
zT9cgRQ4D8U(@SBWI)qod?D#fCdEKLV3yUDqjWPM&7-(9zfwH$j=H;T$nYGJ<t|<|>
z&64!aykO+qzsK5ywr;UB5_3GCI9^|xI`h;yo!=SoHcWNe1nZ^Z40B^SiC%Fhadclj
z@6dF&IS(j)W-jP0<Qrl=<*p&%UaaBYWa?<#BA9RyvC{ZQ3VX}#Q)&#~P)i_2<3$c>
zugE~c;3$C%yDtg5sC`bR8=LwG4H;Kga@ko;M)Q}-e}t?3wZ);xhFawGH?0_i4}M_%
zx%+5($uhe|_vbycc{5V{47zc}9lqV@n$K@6lfx|;iM3}put5FK@c;iN&Lfe2i)I^5
z!}@z-<tiy>mC?&2nEJ2<wt6Y?wA{^4bkmZz6y;p`-<(XDi|dc=4-By^t-=kXpo7Lk
zmApT{yEvvWl>Y~&*x%3Z4^{p4bO)+hgl1{+fLslcuG3XkFx>0j0hu(JtF4*t*GpZg
zyr@80%H=<hJw0_r%YgjlZHEDEw=Jus0k{8ql>hPOH$9YnW5x=6bHLwLxc`yttzv?5
zrm}w#2*LhWvEP5N?(F{`pB1;Q-4l}+{P#`ie`=T;{@~x{xBgZCQ}uUT+~MdihJNwP
z*n;#Qz4AwkKRU*3rvVJ;{!M88@h|@U<_TBp!@qIstbcm+Fe6z;{5PSN?!Vae|5N7b
z)vGfassc*=yOKYIoZh7>XRg0*{vW^n-KD)Jq<>{W6y)S3{hMK9b^gqZQCkC~f3+C#
zUl!wk#M46fH)D+c$xrydeON!Td@yYOzi3aZEu6+m8{RH@=Jg8GEtk%`56_m*!y$B9
zYVL2I4OIf}8q+Cr{yh5sGSgeDU^T2s9wAS*%#7>xZI1;JESxE(cC_Qm3b~Al29ymW
zl9NpaZoBcpG1fjQQU2T{JZ`jNdIvbzS5J>w)#Ow;p70{c7xTq3&71j16x`Xd8}90=
zO(WAj4gMHzR(%Z_^NWlXmh?PiqjUhbHjCUTLwR(jHpi-X6%I%C$pt<~cg5k-vT=8C
zmt(YrrYcA@;_8%Ex?<+f_82pXA*s|skb=Dt*yJ!2Po;XQW&ERmc?HfhhMsO&HLaUW
zbnvG2kzbN0Q$e7<A-~_!!cks;o3z_{yq`U8=DT=2jJYC>oY_nZCk`X|v1>uz;OxUe
zu>P7(YbLnU1hKn^QeGwCQxV{@T4&}LM92Y~z2iaG!P9E*MH=z6Vr(_GW(+HqvSJBv
zCBms6<9GB0q0GxVZ`$<M%WMfblTKT=c$;UV`TY3f&(q+BA?a~;mX<ZX2Q}8EhAB|u
zh3-XS<?+I$LXPoltvNNk`Dl_-nRlbxAl3M9y_5p##WAXvIfpLnDcQ{rU-}fqW4{zJ
zy`jDN=$a!({ZRd{Go=A1wT62rF|Xq)>K!KRAUE`A_*f-Xic(LzMg0T=^rsnA0>*DX
z&S5Pwwq+wcUjB%a4x4H2xjxbD**`uuf%Prh4z%(NAe=ZsdcHM1=5ipBO!bCB7lJ7#
z$Yrm>4~3GVGYv)B_GzbO!ZaK#O}SU&qT|Pq=B|%?4WI9_O&_YkL@DNIJ=rM@@{F+R
z=H>OP{4f{-$MN)SP$ST+S;$N}DlfS1Ti&k8Ca9QZJn4=EUhDN`WGyups9l^S*?Z;n
z**eAb&3A8Qn<RT-DXKfKBTCy#O%Rr6UX|23tlG<DjGy27Hx<a4`J7fIT4Zyl>Ej-c
z;B{PZv+|#v+v~`;6$+Vf5#FpfEbQAR1K<Ds7ub(pLbyE!c}K1-PHw>W5_NO7Zs&;|
zRcjpS3vRWLddLmVCh*&2?toJ}a97rM`;Tz~PRFy%UY^2KsRVCi?H}Nm5CLC(;zDdJ
z@H%-8*||5Wh`PjO)+sz$Hf1?KUkGJtXER*gpc3QVrf!^unCT+XFsRk-6&<%>i@-sD
z%y!DN+NSOG3>QoPIq`Ic+t=T~qAGRttDA8xcCLhkh=1AQ+M;nGzD+O0S@qd{<Bh{H
zEyXNkfV73=1<CshW^h2KKcvRr!Kl<-Pwx7RCpCBTzkCrKq(A&#%G{R3H7ptVX^ClJ
zRt%F+Vz#bZOp{nolT%VxbvCWwGR7=j+e+(aU99lwlH;z`#B_F3nSm;6upcX;<$=d{
z7BW^^`G|S}@vX5@Zq^WaTwC?pJif|*$e^a{pAA25!ZYHgGh)I2$R2qum;GEuP5tH*
z4d$c@omdU1Vd|H2QBoZmW3&4v$ae2lFeGIJ=G9;c?`~4zp7EtsaR;rw8tj=bg)tFZ
zcI@<Av@s`&<uRL!=aD5zr$-Hoq73k}PJZhG{SZbVBL*g0**5=lR+gp+S~FVpGp!wn
zLA$KH&~hX%uR>zME_>+w*;C^O$x<U2)9jO@^J(U}JnR7IT7;8K>Nc4fPFSpQd#(gp
zx*%VFxht*K?QC8O_Z<u_zeZ)8O(w^jRG^CwHwaSc?XS~#op#Vx&Pc-gMl=E;sd7ti
z*kBxA+(GzSvT`q1psSqTAfQVfdB4W%1w6cv=~am9o+K_<Bgn~-QA7(zo}g`jqx&Lw
z){QQPNXJ&#;02!1<?E<FlxzblX=o+%gJHXtw7pT0C*8Dou-w=(u#g%G&!Sh2ElCRx
z%5{307K_U8oed)rwQ<ZC)viADJb8J)84|gVG|v{f%y*vmoGG5YXo~}WCa9+Z%)805
zVmt|(=TKf!j%RLbVI#12Hqt0W0z1X__am{mHfr@_Z&pwaXsBnKYae-60(-csT58iq
zxb@@Ooej0xB1IoI7_wmCpU@4y(g(Chj3j+Z{Sr>#h^xnIjsjPBXPcu1TJO*7xZEw{
z8#DY$Volf{t)#N`?0SSle;LhVa@g5>{+7L<t=XSGwjPy6hJXbjz+GLkYM8KsrkP9`
zqg5KRVx&XAM!~1ol`Hh8o1INTd=4ZRRQ~;);5+gjwl=jEao#lb_=1Q_=sA~e)qtBb
zE{ecSGIHg3P*F+lP2rqb2gh+<!5x=&MmfDIVi4DXW5;SJQL)8)xBxo(Q3aFmWe+Z9
zqsGP+kq<wHFtAF-S-%l-VAX5c$i8PvZ<b5R9OY<th|1(&6`Y5dl~^T-A$F&VdFoUz
zqCIIaeh?{E!m*^x0aU^lH0_xbmPujp$&p*sh7OakGiPHiXy+@aSPeOS#J+xd6tC>c
zUOpdbBU{-<mP8~$^;l;RRa5qf=8;azr%^=^^B6R1V#ntbXiti)wP2SnQ_IaVC8XcF
zx<%H82apeAGtnd&-$Lor4pu!jgnSk!uNg}$=S~HJiN(G!+%nULnH!0kzk1e}*hys8
zMVj-jlGqY6mX|5OKDtiWty+6AP3f@M!2P!jwEGdH-)ouMgXLgqo#5au;qcfZKZ`Wl
z`K6cfFH3LpShQu6`ZV7a5y>hVA)E6K8@r1@9sIgdRZp3QnPsh${@9Bf)~cG@;0SCJ
zb);#$WvmFP)5O+~S+>ukqnnJvkD^#kr^seLyHZhS9=78V>Q$AM>s4h5l+_{E071{Y
zRn!B&rMtrb!<M$0bgqQ!ko|tuhv1l9(2csbuVZ;jS{0yGiy^HtHl<361ohLT!jxnN
zEPLB?cJVDRlK_HaaYmCYQ_d#cZfmONZ+>57jPm9^8o7^oJhsgY%0nM59#`-2Tfn}|
z(Bttqu{CC+4!xpn@Z1<hB&m3hRjY@KjKf6hS4mc+(EnYOeCq<4NAa4W4S|t*NlCrB
zx!b`}gGtiQ##p$`eJ5$Is^&WAlGZ6X99<jtE3RT8J+TX>#llc(!GaGMms~&N#iHof
z`pQH9O18A2qX0kgHj+9i*&}bZpv#FnQQx*$Fu_iOgol!;D`Je}EK9U<m#7=Psw(CY
zWu|%@Me|`LC7&MjWSp&jQpWD|%fq)h=@b9;U@-#IYM3)!fahn-**l*%19j0)$~)M6
zYQ1)4_MWd6M?k{-j$|{FS#_*9O(hpUEm)LG9LA{BA|;+rGEB%JHle5Lp<41Czq*Tu
z&$8Gxs6zk{$I1B3I(lW}1HX&q8^IQMCv41(Jh@KavOM2`&w?jmO%D*oaAfvWWV|Y3
z>t61*{?_7L$c2cTx9Iqkyi4}Y_^E!9G9gKkM|e2r^7?DPYD3_*ifW1t+A3<M<)dmA
zO{(I#fq>wJ$*77Z^h3SPS5x+!Bf>VbAr|LGF-VwV<*o>$9ecJFQ8|0CG7DSqwU<ue
zEWP4(JLyXrV?%bVig`F#d1)nI$Fa0Q-_LPcnp%ZI>2XJ-$SW=rA40;tVarilXko7M
zeiA)#zidaqTX*T))L0`ePKo;4^YbiU5|2gCI=4$RFp6d&3GsU8OM9({(wJ-2+Vnx+
z?kc9r)>iJTON(jHrzI1~pt`INhRGI(E5_pDZ#XF>g({MgE?dFxLNlgfrq<+~lrotr
zCO>%~hp-ZbsG*iHi{tfRfsWbW)+#ymAWf@W@lq&Ej56oSZLf<0FJf7t3gy^k2iAOe
z^emd?W_T`-%0wY<f;IHoj1lbb%;`Kp+3#Ld6Ul<V=*51)@~U*@5256(#zd>r#pTCH
z=k6e(;!8Nm=}bu=dUy1nX#W43nf!_eeMLe;*=oU4$gyE=@2Zfvbh&tN3wU9yU}9!7
zI7CKbQN#`Wq;7uke)UNXkMDcNiA#cE>OsdVTE**$+fnS?+>Ghr5Ui!k&oshg$i3`_
zLkBCwVZ}PM)2B@W5A}^1Bt|HHbd%+lV>hT^Pt{moCnRG7lvqAM;_>OrWph>5y4UHd
zwpW@BBgl&QR6~t<(|EfO{YWqORJN!X^IbI+x1|``i%Kz*CJmF)w0v*JH7{iEwOz5M
z&qzR!@Y86JOUDS#n0sCIZjsq|EvLm-f+GfxbdlIfq|py}h5N9|pbvO&@myFo7E*fm
zgO>e7QB^(mZceNXf}KT=6$FTjMGggVi#wDmwRN&fHlmWKk>;T=K}(k{ZW)sY2ge+4
zasAg8srHWnS6J@qqYPQ?iv%T4rdVbb9`850iAR18xOTag3Xs+~4jS<oe}E+e#l8CD
zodW+C3((iV;j3Cqec|)2WrR*S=_h!mPIAEjRJgK^AICIbkH$)>#E|%a@8WB8?BVET
z<vQ5fv%qtFi~8|nCh@MC*$2tQb}X@GNm^Xe8NaUKK48uXH|L?VN7n>EEkh_VI^-Rx
zUgiYBaV~tDKk?3YfKMzdo{<VQp)jjGO+0eG{T-F#uqGcI6N{0{A^&Tizd!%Ym#)0J
zShq%1v=q?p+(t@gzN<8CcP9XpfHYrro$1L2g-$CYp@#Xv^`xsLQXpf^wast~zgjDa
z*n3k5?<qv?Xyd*7&v=W)!bf>sf&+&~*@BRs8;?0w%<!PR)Ne@=GZG$h)(I<T2qE-l
z&K(I^1!#l)*M%bsVB}EAS;MBAN3H`W#^@_2Hok^FmaUJT&)s$fyq~eljIW+)^g}1V
z9wMz|O_KgebuIWPBA=__!EA6H(&?+e6x+t|_y<!`i5G6uLM9gfY}26Wy<W+Nhgu@?
z0`oZT74rr6!b67#l@TqPUpcRHW56zgX=eadlUl*L5!p+@e={2`6k$IXZ{=FVbFCzs
z-*9WIQwDC$tlot;P>zXbdN<P5E<Ryf=VK0Hx~{N1b17#k!JiB<nRrChBZk1!+&S=p
zYfu|BBUAV0($`~_rvSImt`+pS(P_fN!dl^!6Qe1M9NwT)6R(Jo5zs6u0)+Bg2ud@W
z{3lmRdD_L;>}0f-1)Rp^%B<UEceqr3jMYE0bA&&E|1>Qx#oYb<GSYv-MSq3#wn)A(
z>#tCqM_!iOr{sAcMCaT1hVCk4Rg(Z<xY3crS>4ntoCa+;q;z|SR~0%#2h<${zsyjh
zYEknny_-W18@&6hn2S+T(ri>nCsbKZ4PX<aHU>jvf=0MSb8&~HpzHE!SRyG0S%MK2
z^;S<JRJtdd6R25-3U}Y{_qPS8yyI;#yJ)fA4y|(}30E*gU?RWbJqCo&(?-3`S{z5*
z%1mUoM<Yk?zJ5c~8|1cRp~rJFzN{KY8sFh#8%Qt!`TM6q6(>hcXn1UIs#w&voZSHe
z5sUJRnE~K27E{}C0b{N<K}mSo0%>ZQ{9bdu*oYm;%qb0Vky<NB-#p{<maYa52JA5h
z(&35r3lk*jVxB5T3pgw`o&hDabm7QLnn(tdTyYYOgfcewG+E^ke0&i!^#O<bQTkvB
zb8PeSMz=X@;!1L2n(y3*L4;-33A}U0rf6Jf2+qYpT`;e;t<-nMD@qJ8y^fg?9Wz1^
zD3^xbJ|7BdFEs#m%+>i+Mw{?mWfwZ~V_(KAl%kqH7MwiRT3Tp{oaC-~RZe=vQ_+vf
zXsTzvIdVS*JHJ=%Pr%J&lG%lOvNgtvXni8`2t($#&z-aXCJMan|3eaK#CNnXcG2Db
zVO2k!=cY9zU*xB%aw`d(HoqS}6kF{QPR^tor0S`OMeKM+6G)jb!a)C+_j_zLnTQ`H
z7|rA7q?gEB<aaq6igr<h8P~*tJ+@IS>u@;A(5ankNaZzFKKiAGPhUA)y@qTYKb|2-
z<?~O3aA!8HcLYPJGqN-`L<GUqAW0YX%n9s<er!R+i8&-J2i>DQzuYJH!xcwKsYhA{
zBJ1MkXe0m{Dc$k;&~}we6PQ*d=%TQ2d<MLrhE-zP3bBgOP&~)Z$`U|nXBxteXS6x~
zC>CdYpg|qOBtgS1LXTIugcW|yR*nd#FETRg$U&T&Lp+ToA~x*XAI!(G=gvD4vZX=7
z;x&B48u}LLNy!Uq?wsnK_RyVEiL3En{|MvU{Z9Zv;;ZTL>7yUaJ9IIWe$r49F$YL+
z)tFDG)~avQi);ZfM)It!!Ne!vL?h9ZkzufnJt9Iqp?yit74lrj)^i-;>CByJs4q7Z
zurBrXD<UhqtU=4(gAo(6@L9duCEHmBcB*s6Cm#a|>mry&AZDVUl5FT2DUZ@f<hr|*
z{JJM0#-x<4i%PuC*)+Ma<;mTZQ5#pkw$cp#D*DWtA%jU~UmW>XC^mdqfml0Ypxp^n
z?el<^(BQNAyfUOJmcd=%*T!a*Av<0ma6R5=H_rksW?gcEfe;GQst^PXm_sK6;}*?n
z5?ZTbiR92HECFp@b3fwIy?epLTX<>i!yY%1aaZQz;_eN$Mv5RFy*#Pt*gXD_Q2)DR
zDQ5q(FimQS>TU=){B+L*%(p%_`<U=fQnI|0jq~k5X{ygzSDhccZ%~FQlDuS#m`g>z
zdHes+^_F3EZOPVfLPA1-KyZiP?(XjH4#Axr+#$HTZ`|G83GVK;ad)>3ALqWe`}EiM
z<llOh)vOw|rd5qv=`Yq;57!ze`b`(wngYzGf*iLT?U{WHQCZ6PN9~NwFBj(oD7f&<
zeGx_qd7P#Sq|#_XxY$@%*YHZFrUNsq2;wBZWMRPVo#0%MGH4?{*q<Cx&nCUKQ@@z`
zULHP%=E;AfYGl3;!Vuly3*{v;*OloBU#FzL8T%s2mrudGYtCYmZi=`i7h!1;+u592
z?{WYJ26RaN8-p?ukZzCmgaqCy1X9wnl+f%nckHR+hm0N$_Dm$cy~Mz{-b=Zw^-5gf
za>z?&$mav%o;j&AXpwO<S-hBd*1(&QHm*R3AFBVbY530D%kQ0?#;+7MJGOn+7I)(Y
z5DO}ai2Qed2?{%P8jR=bQu);0@bqx#2ayk{_Ug~W>ulbPyHQ4kA83YD_1Zq<2znwP
zbg`G-X}XvhpGM4dUbwcU;~(1j+R4A~VDFiQ5-aHkWW7SBzI=0ySK91C9F+LDcI2w7
zj}E+iJRwUCu;;=Ip3=`$&3Z6Fq9e|o(u&yAsF)TR=Ooc5$2V0##v%-=0?Z?wAqA9;
z-Jb)Gr-G$05fU?mY5?k2yO9=`Fir)J@UvfUq{Al|?cMArK8{)|5F<!&EhZtu<H9&>
zKHFmqZ`{g4?`|HKD%tcHp5Dnu#!ni>!VNn#INKPxqJS3Z7+4lrTvb9Te+54fc$J2N
zRlFwr(*rWUBF!3_6!}~G77ZfggYNqY^vS)7qCnW|`9b}*TQWWA0J`#hpI9~|h1mp!
zyq+z~V_bKz)KhY%rIE3~>5tS7XPblW2c$(Yf|txhf(ZlYW?}=Bd<Y(cUxC#$Jr+HP
zdjpm7doyOM2$AD`h-7Ns`wO?4t^7{Etk-+GN<&Cs6!j5+U6`6sO+k{M1PtKi`dYq>
zMiD=Ie+yxDBe0|oy!<3crV07D2Ok@Z6Xh(xG^w7Kum?p}Fg?p`*_wIvWd<>>aM8D&
zt<%6x@B*=Qzvx{v$Gtl-0(Sj<o4r$3a(%31$cu=-z$p}#v`>Up54(?#eK5hGG^7V5
zzKS>i$_Vd^OBWTrL^=W`O61Yz2x%`QqI$3o(zWx`*WG5^6v^+S*u$$Ma@4iZ9<e`4
zO{;!|`U~h#VNg+H+c(K2CAIf%hTSO)VL|C}jny)-jiiq#16MT=zt&z<@MmJ&)9*Fi
zTpo{obo+<hzjsj2I3Htrgm?F(;+D7I2WKp5a+4`~ABh)X8p$9(dPkpH2zswfwbp4w
zt7NI^#shyN_v;lxpwPJmXFty<<TcWfx;a%P34dedCdWi8c2XWp<rb92ulF10f8Eq|
zi%h!@*ds`D@Ms^I>S|%=HIJ@rEZncLn4U(&^09-Nx)(_sWpII`IAEENs8&_lqn1U;
z6B8o#e`u+$+{Lxvnk5&kAytXy>4-<9rIz0%%Y_++X)u?^j^ZIcxCTNkR=b-OD{1M(
z)tFOdQDKC9WbeYx<6}ugJ9_xqN9p;nI$T{mD-bTE78PqJ`e}`K^CxJ+ux}_5fNWaL
ztM=OhfO#C&v(vkR^{IhS+js7#NFNDx;_#;7cD`~}Lqa$;mBV2@cCZ8)8O@+NwQz92
zB-K=~KdIujT*T4bHiFoYm-e2Zi}Qns-P8T{hUt5_w5)hJkY=m~(N0O+A&vzaR}{Y}
zj(ijnTIiJ#7Xku*(?`RDB1y%b#iFGr)I2g9pRqWB=EFb;e`57`ebf{}HMvsp$nfyo
z00b{6MY3Eo0yxq^9;Ku-?WCF#rD&2(Gv*<!_hzDsbNyHnE)}<I#Qy#*FevH@-YP|E
z9dy*w0IP5wpQJ*%-QuI0ow(f!Ndz*X&0ZM0V)|kK4Zl?KNeJ=4rnxR{?brq-YB`DA
zVKh}9WpZh3A#o+~*j|(v3JPT|gv2tX63M)1{u)+PeG;K51!CQS9aDukm*)w(Azs0U
zPi6QnA^A!Xw|nMH<Q7*(Qx~YxVDBF1&1xy-{2=P>O9dh=6}m8j70;G#u^==<NoMy5
zIWn4Y*@_qhvd<x(w~Pv)Py{?(i}TeaOnQ@><zDbL)nbc>P;LCU_^q3vNBh&D>2H$u
z&*F4V;4NxHlyF@=yTqr(^v6Bqrcm-@6%c$<;>&5`?aYvh`1}Ih8D&>`A&HX_>wXa?
zl2gP{rOY1X#r%$0`{73$YaHwXU1Z4r$(0b#^_rz_>V1Jp95IdbM$R)CL^PEwW~dFL
zn+&%zTt|);2EGE(SfVX4#5TEVfB$o;s|(zoul7GKU3XR2^FNf;6bAqde^wB9i7FrH
z4}n%qxJ)K;ZRLRT=RZa7I9s1N6XF5TPa1)#B6UAhdga%yZhQ|9!$jxu-A?9e(nuUh
zXoM6=OyF9G$TbS(QLfaEr!FfJ`ffArspoZ>!cWqUwUFq=%yV<DP^k9CAoD2M<GQW6
zr+?59$!O&Hq^-IJ#47%Nq{I;to&yr^a5g3N?^u=sc#8|RlBNl`6eIInbDl8$S|~4h
zfwI8sfSNX;uYutL`7{*=ay8CQW`hO81SH+21=2taZYF(}v<6fwE#>?|3+G{uy4u{1
zz%(z;d27m1wFae<&CT}}Ep>HUZSC)h@oT)Me9&3H`MZ#7uw-f1{~TO!oML}2L29mY
zYNyBbhYa(rsNY%Dt@-(tvUFba^C}WKG=WTmWXe;pKZNzf^v|-V5h0#$&4s@_u1nLJ
zMyl%K92U6b`fA|WpJSbJA?6xrD^E3|Ud{ukR0cq+yg%h+Kbze628@N3iq4<k;+&NN
zj=0GOR;#O1&zlZgZszTbu0sd8kTJKPoFA51=Z+)pn?G^8Qg95!hL`-zY?@c7Av?<<
zScNgU2^))>uWg8E%OSYi>c!^TKRP&KKYv|pfxjmUxrJYEP_<25bE739BC;32Y!esd
z7k<zG5k<&yq4N2n4&TQIS-vO)S=cpN2MLPU@7)1@8)>3#)Ar%17tKw~ah}*OA+Ni~
z4dRv>#&P$CXp=o-My&8(s0GB}Y<u*L9gcokSw6}u7??Z1y_I>c!XLFC+LKcoeUDh`
zGhU&*HMEpkc?lF_@c_2x^wk#gNG|Vbx_zEW6^dI|T755embN+^ii-1y=NZ^u99ev^
z$>OyVq7yQ-)ZI*{ZJSmW2zvM<D-ujhP;!+bnP@1<8VBj`Y$_cHuToUS6|0AdNA-(9
z(!K1EPB>JpE7;(suu=ug6m=Dm$Nb_jaq8PT){`xxF=a}a-pvJD2H}cr>-x;ZH03B_
zMR^_1j-aEFt!OEyE&O9CGf#ddql2x(^?pUwIB{!Zu>nKeQN^Lr$n<KTE>3q!kTp%4
zsjz%-cIu?zBnG5g&Smvx3IvR<Tgz|vaB)Xt8%*|OdtFxyBclW@(D-UsltO5)FundL
ze!+(X!ZAt-R5jO@Wkm^f6+M@7{~*zHBPP%F-(-}hhUaeV3$P741C)7?3QMJrYKAwK
zYm4=?@(J-PjMayy`e$Q>AwA0a&9^RaM>^JSb!1=OL-D<pulx1x<M(&}d)S$Skjb;+
zbTe5yQ;5QV9GP#?w{%IRy#~$P=*;k<5lgjd0CmJWPc**bBA=wa`t1$d5=r<}sSxX}
z+;2FaMATg!yhg{xIK@R14a+-H=g*;;Z|lj>Uejrlw@ZV_;;PX)r^deXB`<TrBFCpm
zmzkz^AH!DRf5L%42F<Qc)-l{E=%k2f92E-R=}YV%S(#`>Ikfp12>@18^uGSx%zw8S
zUXt&wvp#T^peWJy{36X<&Yr2N*3W{jGO*55-Z=Xizdo?o;Y;DLT|)-7C6{b%^Cn*S
z<lL;#asp%C0r`<FmIoj`D?a@5=Y}$pIG=YPIb=Eq`t-u&#hoRRg`QxL;I(*#b=vog
zjHT#>;k8gG{?k_f+lb7ZkGPWgNrRH3VW%6{GvCk@FMDsFS3m%?I7d^=>>T?S@J*p|
z-c)}Sx;0#h3Pn$(>vy{=vdWJT-wKg_%q(KC3u|3=N!3Lp^1s+oil}%J@=LS}W-93M
zUGSRpB>ey2`AejC1d6j%jjX*TsT|fnSma;#bN%AeTwA+-H*28ye^CCn`M&L6Lku80
zJ!<>C!~d5H{C)9%mE|&gZy18dKvx|2e=hyYeI^bdqsULMTcF+x{Fg)h{fP6xn<!qx
zA4>55*X{oIuFPqe?}{r2P6!Zwe?RwMCO?mQ6XiM3S@@Q+@n4tzr2$_78ee|n^clfN
zs6UEY$A1&`9OW&~{YM*m%h3LkvMB%wLw)<Bs7^uDO!R;v00A#AXm0Knzai)l|NIQO
zu&|Jfj^f_w_G{alQ~mqv`up&{0p>i#>F2@Az%ESHn<tp6uZMqQjgTJ}u0;KVur#H2
zZ>Ue<_*VYI`~C$L!(UKgFk}9+)W7bU5dRCRT+UB={C|eZ@Gqzs%$Yv^(SDh+&~H$Q
zJHdASS=9N!$2X`9XH22~pwhQre55FEP{p32`$7Iu)Oz%nH>d^*C%^rZCI3frZyAa=
zs7P1op<w<fs*@0jFaJJTJ_rBL-$R<xFOZ&%eAjwqy6+HDdy95?aZ#KFgG-#I@^)Hm
zUYPOwdFN*_+O@L%9P_<~Ps^HeOVrcB@{`Mqh3l1TNTrx6V$++6Ac}??80T5>%jKpS
zqC8_H2}4GwxQ8;NFAd>Z3rB-98B9ykxGsBVh|(=wAFlM?M}V!aZ_I>^Rc^Cdgdq<f
z^U2+GUm<UadDDl7$|9l#^>Md2<#JI{nzthjf+s1g`F?;VVp@2K2a73DAn%*uoLK7D
zOJHE2WkG`x6{R|sTQ53Mli`wgGVv2Y3Nqgf!4}Ov;n!qQ3l;wb^m(U<1Z-{;EFE>w
zx1Dvg$_dd99y?h{TTiaoWNjp6LAFtdT~i1cn)WNnkXDh!2Cs~06q_R?f5m>6I|Ne)
zzwT%g5>J;Lq23MlMvlmvdi%M8Tq9!DGb1e;1r<>MyFsfeJZ|6yop~MsEA6YAly!6V
zQtn(VG}Q53YR=p=q=*Z6s0{4i$1!290YJSn5VX$q#`}{;d%JqW4I?XlLgkh=&B}`J
zU%l)JP@;mV(@3ql<ohI^qv7(@W*$?c728t!BIk+?hvT+27a?_W!rY`>o^|7#k^R+)
zm<XW$I;jq?+L85b+}Xae#bOPtYn>2(72fsel(HyT#ggC3u~%BuP>_?ZU^+QX#o547
zHj*_Aj~mIQ*3y<K+JU>p<}Y4%F*`qWb$Y-!S?CPfdBTwJE@<eV`95|Fqpr>@Z}(Ne
zZK+plXs}`o#lkBoB=v@B5EMW_#Mr*6qAuw?`oVfhY<1jzFhi8!mFPehCXw|?(M`6X
zV7}L2^O(Mc(}DbO?UZ4uYt6+xGx1U1T}asB4r6c<3HZ#cYlywluw3IA4-!qB)i6_;
zb}HBIP@MN^N*OOnSC;RUqBI>f@GKo@?tEb$-ntxHp>3v66&H{6a~G5?SwD5`er0YG
z6#Zud<Hqobj`HxUbE*S(jdfyxxAhwi&ZV|CO(VSyQR*!@C`(JXM$mA*@u(%}c~Z9Y
z<w5n#PUR&50PBNs<a9BE=d>_j!N}JW?LJNMh&A%b+?86MxB-S9c^7;NN}cS|IOVmb
z6xZ<TFV*E`aYYp4$P3|4NOhcZEQNL0Kd~sjA2@^C(@BzTiZ=WiiUgvQ(_NWV(YK8k
z3^R%hV=R(U9!VZW!UH^6YxywLWG_)fL`@1<WpY?WE!cN=cPy5i!v?JMkK_EIDNoPZ
zFZvGdneRdgY9!BMUI*Sb5-Uhx28(4d7<_y>4G?}HM(V2Hci4rp8f`PX<=#bp$hJH4
zy4Y#*&k#KY+!{rBX_2!0-$92<!W(YLMB$Me2a=q<m%hoC)`YQ)z71y@tvP#L3>s->
zdQL-hQ$dt5&cBF9QA1uX5k?Npq?9M#v*T8@Jf)_IL)M+LMQP{9!4jLQ#6fc8iCHRU
zEJ6WySW`1bd2m*lRE!R<%}4Ecovtd@63MUAQ!w<s`8+gj99rJf3Y{Dufz-PgY?#V<
zD5|ooSq~G*z43j<0RiDKmwqDNV<L!EN>lcap@+6{mAbShHKj9*z2TquYO?B(88si4
z*l_V|4T8$AkOm>oB3}wC3F=%14E1h`9f?B^X7E6s8{i=0K(DJqPUm2X&He|Zh8`B2
z0nqO<dnE_^zN}YGXDXX<v<&O<lg2m$QQ`RjSJOdn2Q=3H25LtUNAoNHSytpyRmj^u
zwIdVlfp!nKL<X}0LePTd!sA9aT|k?gC+~P~x$mhrkz9FOfB)HM*l%>0c*>g*CLJB<
zSN(y2jFN{g5pCIR@)X{5)}!$mQ7`klc?A;}4x?4gnnV$Ek5wT>rF7euJ=HZ=hil4E
zlM0^Xm3l%66C|}sBglOpLfW?ThjyTN|DjtJ4O`1r$pOr6q|Wsk))SH;{6tG}kg{*$
zb9B&$<M*&t<o`KzXds*N#MSq1a;RL6P=Wo8`e9~?V`B92Bz5&{;<Q93RZ#7~k9V)d
zUJm%pmam|Td5fd0tC(p3n@gk<(kpOT0%fV>fva3Xx@M2rnWXJF$xp1PIxJY#?XG@I
z%nV(-?+kbSP(HOCzkw%bNsh92>#%4>qhps5I$oo5Z;rHTM|iRS5?pXyDHdja{q)Uf
z`+NyG@GvAPX1nq1R17G^q_;l@wrc<e%rsPpoS4P9nv<{B1Le5VafOHLF3Bi}rLP)&
zfcxZIq#|F@yR#aR6{BptL{t5kH}rQmS%xZ|?`}k5y??S<no{?UsI-^k!NWI|DQK6i
z95gaBGs;wcl2J(u)@5va#hk1A3Nvfwmj23QH5YJ4f?gS?w6@B05IRjFO9Of+)$EQ%
zaX1Wc;$2apcRvY8{9LUgi+-?rMarPnAAU8F{w_7|rJgGL3UK^Z8R<d@@Wf(xuhcuK
z*>J}GlT&a6oy`Hp{kCZ@-xWi?I4m|0u}m~#-(af!vutx0;{=+5R&-XSf%)_-bOJB(
z`<puLL?H1Hc_cmmng2fTJ{-y+);U?ace_qbh+jHwJ3Hq?sP0{W=VhxP7Mwnuw*B1<
zLeVSChq{6wfZt?!Y_=eV@_c>k10;B8&E@^`3X-m6@Y(I5o8)R^FR>CQ-k~k7E*i(o
zmb|ix2RV<rSalw9?+(^N<3}miUH>MJQZ?F64j=OcC&RUhz>6#x8LCGj+x<N}UIW2k
zS}X8#$nPTn^$~6HfT9L(E-Ib~Ev`cvj)z-uL<V`J8YB2uck#~nef>_%bnSRJ4L_T5
z%H_Jrzvmg}w8*C8w5S{{;|`A16SM<j%63UZF$>WBI=8M3Q%j7erCGbXSIF~aimIuR
z2pw~vJQMMzF+O0~cQgHT+^3E(|M~=;!x$W+ZLn2*mCH31DWiOPBT0>g=^n#x3EN|L
zap4;1K?o6P%6qOdkUbeUkF0vppy)jDN2TC9hUq}|$l9g~?d}g_iYo%0mU`8+1~cZ6
z-6%1uI*CJjFpXNw+9?PoL|z#rSIAe-k2l!FiOjh4TAKLDPWssybi1y$=CLlM3lkba
z4>tHUE%q0AhSr+|<in==Q`8LNRRziuMUAtDhV<mS7Ob1zj}r2!VK4;%nPfDw(lSw0
zw?{SHK#SZK4H4J9XYX@<!amm^T&BCejl!#JM{K0~@B^!gmfuUv_Hz-+An*y(*%Kaw
zHe`&ONrPvryRT_)%$H9Xr0}ViFxYGPQdM(iqf6hrp{S*Vw>{E!n~lx&R$*Z{r84Wd
zXKV#q-%kf#lPc2<1*NIdG+w)TMd3H;$!$+xI+j%!u^H!YtNVF3*-SqqHLCcwKhq@b
zLa0-~{wo)t5|j*_*K)q=sdvBH`^<4TR8hB;YpV0~fqLU1QoAwi;(LXR@~*Kl@LG#&
z!q=U<zi!vt)Xm(}UE5SP?u{a0MCUvk;IHS3Eh3*_zjK!d@}hk{yjqm8;w~KEggv}l
z6+A?pH(x)ha8Xx}j+$9iXUEP+Mrvj5uN)RMKLg2A4<a{!Z{O0I75lg|G>nNaEuSVQ
z8;wsSzsbzj7w2IAy9e9vg20I;-^IAIMaDdGqb+%Y<P+9R%G-<oX$m=t5)Hz);6aw{
zQB<vjQ?SCyY^6I=^M2jNU3m<~(^!r`NL02t3AZeqS~;}o<$~FR^eD{PV^A<_kBm*u
zLU^4WtouSLVs?;2+FthkY?cvgdYWnLbk&U`KzMp*$~`(h<vnSMF@!;RdkH%!t*S`C
z-HgdcbeD?@wqgJG5f9iBQyOtrniY&c{DG*47h*a&&7mJt2@Fyf1Lb3H4u_7RJ)9)@
z8*53}M;xl@3du&TxX@}i@bi8ORkrCWT&9ueM(1BYUfb7?$h_nf4z?ndnsOMNmJV1g
zqoh?RNleBAGsFDn5MA^<ei2D?6+fkH_pgn`mgk+2^y0E9T29-&qqPN%9()ieX3UZ5
z?VX;#2D@<>&M*xr<)>-38G(vsY`LG>Yj#IdHf#ZlDZFXau_X#1%*6Adm-$b&c7$_Q
zFI#6qRb8F<mP60*{mz&Q*uvKLPDf7IlJS@=pYOIxENs7oQJr+&QZExs_k>kBo!8)X
zpyzWvA7uL$<=KucSFB}#FHC5g#d6>Q;8SONV4T4Y_j9;vI-UZnZX*e%k%(4;{KUvN
zfTC?O(hbhtGbOthiZ+PnB+`!Ews%%mr;XF#VJLbxzQ{xc!2Oe@F0A?-_i02jR1oKy
zt$K@6=S6sSo`I5rd%Y|N=J~4pSf~9-D=ew{gx+<KQucH5{A<^!19sCnGdEKEp5<sa
zVLlPP!~8+&$0`lOw`w|HGUUr4LPlyUHylHJA!9XF)cCR7n%n6n2mNywF_ed9{dfsN
zY`5JDa8DWgIM@#8@8E==vmDP8w}o?un-b<^Wv;%~Y%s*<kwy}wiN~m12<x<Qn}pTY
zZ`z={2;UF(7&sB5xPyO9oHF`I!;)Q^4{j2QD$*3F3_cKKc=OQ0vM}n49W@}9QW+lf
zKKep{zHavENG&+!<noO*+&Fq#`-GY}bafCgTXiQNv(fjjOgoGzp+z<qykmY+0;acv
zf4XXs8y#31Xe!r)l~IRq*;}BRJ9O2Vfq^Lyiom4mM<MHKKZ~O+4vUzYls=(o^yu0<
zbDQ!oi=9(Cht`&kBIBo!urO{flQn83`M&(DoEF|iZJ~I>a;*%Dg|w7}OgJDCTd$h?
z53kKUSpUwY;=rsBMaC<5>JB#=&$I9;0hIB%Zkr_`R^EEUb`tW^CRdeLahoPBi5j~>
z9Zk@BJzw1UBz36lUb7m)woh$^XLOhg>yKZ!qU1De&fA_s`Kb)_SPbP)Lb7ExJMNL>
zuX{uc#yTmqmT~096o`&ii}hQ^2{WAzJ=0epoYP`%Sp@3#x{CtPZSU@|@U3@_uG(Yn
zmcKGyd7C1Q(OkHj+ja;*cR$DSB=;vpQ>)WeGow?@_NP;izBcfbA5Wjg1HRFW2~54j
z=LZyFo#4bEE<xi~B(2u1c>~qU_=HuF_7>;9?=T8#(YWnLDZI36<oTnk5PKtOSGk-R
zy3%MuCmQuP_Vz`cZMt}p7>Zy^F^|1-_zWA}r_sBSu#ECV%EAVni1h2Z%iqxekD*q_
zpXnXHqKVU=9Cltxs`9XptbKLeTz17cJ&*S4N<yfAEfLC27qhuu?WR4QZYv#f`bnqW
z{dNY##1stcJ6VFQoa|NnJDXpF)X#XQ`x8poqn$LRE@XH;Ha-2bme-xuQaKf#5P!c(
zSi8K@oktuZryO5*xiXQpMa{*z-}mpS>R-c>;wTJRz1)T`j+}4fit3+2h+sGyIUVKI
z5gSm(c=#v{{xJpxxGejk;l5KLZ6UKZs*rLIpMG&M@`IE|5!LJdh+34eni5il2PwnL
zWs(nzM{;@__D4Km-#NC!#%0@Ud&&5e)9^URH={R~LTQS7T1BP(Zp-JJ?Wm#%O<F_0
z%i<8^sS@O{a=9^xdg?g8*>y0EeB3<+0l74y5m|Sj?rRFm8OB)h?B|LCB}{vmw2OyU
zei|+nlhN?+hn)dCfd<v&DV^SM%(7Q+DMFML;acFVVebZBE=?k%xd;#Dp9jTX$TK{E
z3`Wze_}d@#-zzb7@E7KEs5R0L&lA5owmz-kby(i3S`2Ghx`B!}*XKjwZnPeTKVs1Y
z$}Haf4lPoYX+_EgX{|}y94|LGx`5B-3&d{I5Hd7*ZsI`ov?R-WtSw$eOSUrPj45kE
zZ0w?m(vgR^F$b&K^EDLGZ5e5=yTd*o#>+TzJltZKn=)Kkn*+#gY06hBkItBiqOX2^
z+iFaS06ahVfaUAqZ1rEXs>fZXLrhw+Xg-a?d)5<9)Y-l^+$3fqR0NWg@#Z?fSU;HO
zTn+R>|9j5#&Rd4&Ts9Eh)IoB5X)2L?!IsSSz;o0KFHLNmuI`$25wDq{>etqp)mi>H
zu^q0nea)SGLSOvRh+aLvMEp-$#_pL?Y7l2dk#u^7SEvPJR!b2^Bw|olw|kktf1Wy1
zvgv$jV)*9Dq6ITOE%(nmEtKRipON34cc&Y3Wkg_8mf=<;W(S7q%^<4Z>pU`RBJNpo
zpz(35cZ$w+o;2Id)^SFLsTB;DmU@LoSR7iqLQb9bDmqQkp$1-z4DUaUPp#3<WK+=S
z-u<%9r=ZANnVjeDktn47#@5&vVJD|0U17=qAJAO7E>R?ozGxTj%jDpQWu@fKR^Mua
znua6oG;+LCm*Pq_aI%P>R#GZZ<l?GtwEwd5i<z*cLmo-X1DG@-=gxUVr>>@W{98bE
znVWv);PK!bSfsJPdH%sEH6PZtki9H9Bn9O8WMZ=)<EzP1j+eL6WNboYvTlNvKzogP
z>$dS^Q1KOc(rmdMWIt}Qfwx?bqqd!L{WR`YZ3dTC=LR01$2K`xsCC)n!c&eeZDui=
z8H?vl@GI5mI5{3lj-XFb(I&fbJq*nOz*kjbKCJeQ>)PiHRakqT5#2mjhwrg^T(qt~
z@3mMnxo&378%TY3*leKoS{*F=K5o+}6RYcKFqVXNSMJ3ww9j#O6%Goo%^WJHel-U0
zuWxqLTY|UZPrqoYl!lf)=zBNI=`%Ym_H|#m6(QZW))42Nm4Gr9uV*Pq5HhU4pjl}5
z+y@xvLzHI~1qZ=8$-LU=Mn6<~Qu4sMQ3ko$jJFNf**O#s-B|9?Lg~C1^JP@eP@@eG
zG|=`;R`IT8ii~}EdKvwdz8OcIXug}B1#>D{Dsug_3+^mR$a|te9cCK=OWKge-vT-~
z4QJh*wi+9`oseO3n(erD#r#KoSU-DQ`Q#i9t$N&v$5%@}8RST}CA9P2rzF>-Y}kl0
znr|v4%Awk!`M2Q^4RyEzBvVa?p7|}-4w(JM9(O(#Ww_5AJgguv3aYei9BIe7-bZLX
zVU7-jysV_)A1z*m-U*_9z8JQkSwFU_@-MFO<mk|1JII?*4h26;DmLhlsoErEWA*qk
z+8YlX-aYb~sk9o&x}qMaDE~g?UR06;0TKe*&_=@9k`NW`ZuAVHH7oMY;F2sW8g1Eb
zffG9?#CjRrR-?2PZT7>l3iZ8EB&{5#C!B4cCl{B;f|l7Cf3~GWn32U91v(Pvw>awF
zdM<qKzP3J=Y@OSeB!eK76l_nAE)w^^jZm8q4xF!e3}v<1lGTK3pJjF1TPh=8n%7y}
zNyB<!Nv}5;2K4jd7V$KBf^l*R)<BJVKE8VE*#@AtiNyIsaeh)<t%rlJ!-=nVR}UFH
zE)iajZFMGgz>$54(CKZD#Ihy#%cG(>RxhpE8vCiIqcQOH0rKw1T|d*LQs2wVZGz!z
z6DWPH{x&7*QW|8*L#t<c;a@SQ&5(NU<pt0IJJ9iVOtQL>#ZIuoQ^T=T<AS@#OF*|3
z<J<HxZ?!0&<ry~9@MtX6AG}33=Z_-tCd(YXhcWrOjY7xP+Kf+JN)DD;UR{rKCW{R~
zW$ntsmkUqxWlN&rIyIilMHT4{ks42H-oS>kVx+U(8yA<}gN)a^R66(3Xy+4?S^Ha%
z?(x7^Hz#nORSA#1tk%PHFzoFjV3E_->1=3ca1F0)$#x@<H4yn!r<qlLFzXEO;dC0S
zzQU{RU}Wfl$EM@?%n-LsW~KTi%Ce_`)N{EOj8RjA)d1G+t7KV~=y%X=IvA?8Frf)K
zaZg?RoW{seVQa}OQ6sUUbAPip>eaf9aCd~3L3;OSxwEUND_z%mal~>-l(w22y|VIh
z5nW8Wrs-r1o-zrSguw*+`rt7+jRGg<M1F@x0<@U2H!KyZ-&L=D7fTAu9r&?-cjWm%
zQo4}_ZMAN0c4py}o>vUL#h=A}S*|Tf82FJexG{Yj0egEyuf@x3>_}ydJUJpIh~hxU
zW<b-+>cvL-=gw)G2}8@cwf);digz}BB5dr@V>O>_kG-YAa=E1uPf@PV^St`RP<p`f
zGjFKxjKC2hliQ`ziRMqNauyDae*OO#FUF|P*9}5kR#Qg|)xQ`X1_R+0)!lO@@JHm4
z)8!mqbv6gz&6^RXjyNC2Y;GDvt7Awj#7H~T?vj%PmzCzymM5B`;eYAbs#4M6PO;9v
zGO63%j<20;TR{y+gPys(9ti`T#>d{BCoO0;#iQYt$!aoA71kF2FtLlZRMs`gBCl9h
zC}^g@SlkJv@9$ZnE<`#b!o6_7;B0Ilmep2MYdkY|G`{kD3tiK*w*|7ei|bgV>tBxB
z9~9Z$jWLg<Sd1!4O&z<W$mSKyfu})gs-4M@MvG>gH`@JQkD28&V#J3kM2Q1yIs(h<
zVRn-5ymp$xj<$F;GGY=Eb=uOACtJC4g2WNvj|}!)c$tef=Hc5;Y4S<>RuV~;W{(V4
zLl=`QJ3|~7a~TPaxRjb-phfMx@Ii&fGe1=h(twja%z$PKJ?O35n-uvXDglujUgveO
z-NJ|R)EO9)*bgMH<5ag!(#%pWGmCZsge>8<j2pI60g-r~Kf%3Ehnc4u(sK2&XkN^t
zb7Ns#zUMd-plt<X{A5zjL#=@R>jqz~f!Hq%zmZ&zn{yU@=B>IuFT)<=3<!W<1ltN7
zTzX;q1zKq2BllQn7#(W}kVY2ZkM?f6AGqj8C#7)ZuCk;8X`iPKk2i2Qc{No{*U{K4
z=VE0)s$1-xB*mnd&;Y|$7{)XiB^CffK9w+dT0xrIdy*PXSakN8;qMc3V0qoLDDKPD
z+w)zqrx9WUo*xfJH81%IfwD~_xx#y>F0Sn-C9)#Mi#ONUc2DL#-0Es{UjmLcjjSa!
zz5&C~O+6p=ZN`4K-KP-W^7DhK2OHi?1$<Ud<<U)L4dYVDrh3-;#CdqZ=K5YIpaq~D
ztr*+CHO1f}-!!x|<k;t~h#}iqG}M7iiq14YnQW+ijU)1CWEq}V$Q|Y;yFWj?&>04+
zS66e}ASO#KZ<ktv@3zQ}gsS1nD6)x*ybh2cQD%k4ImwaOQ8rO_;r7vTXSz_of13zP
zh-J6yS(Z}dtiu^y*#;#W|ELc%&|NNd!_<B+saf8-o239Wvj)z~E^R(sJ6+OEF>$c;
zTuwE09dEQYY8uJl^Z%}Qzw9aBgJSJqCZD&}&ZuV0;3|lWjt?5SwK%fav1KUW8!{z%
z+yLI5Ss077yX%s-$J4;39m$pH;T-08l_?<+Bp;;~#GoY(pwNg2=0n~pTrRmZl-QN9
z1A*Woso|#L%49rqV}ZjPyD!j@A%k-8*VZaBZtu07cRIQE_EbJMMX_eOMyBBYyiU|y
ztZ;3f!Kp#k?Tkf3GfEtIYK(X}Tz;tzINP34nqCsml3}-{;Wh0m=sp>Ef5_(8mzx7f
z<yE9}Pq=k^BD>1`4c5MP!S2uGKkYz!iu_tbJlO~jSGky=Q@Guz#p|Yy@Hp0*j!Ja4
z&uQFOdxeJ+QoP?SB%&U%z*PM>gG=WgHM*0E>ZZ}A;0bmo;yv~)vKHA+f^|R4Bi`%5
z&ab11DpP}qg2PeZ1jdZDyHeFH+eto}rXM%MdR-aKe$5g{!?L0KZMA!dzdGP;z2LPm
zqoe4k9g@Kij%}jjOUk_=1;^ye|5Be46EcwLy!ANX0>OPrL{L#VvPkW`Tiu2T*F;lw
z6Iw=CoV%4c+_funn8VK4n&D-W{#`m#3B+s5V$yjXDNqKbGrpL^m9G^{j=M$vZ35AT
z-!m^wbD;HvM;T%&zIa!9xT1F9f@Do<XUAzzYZ9BCE6d;GZnC1Cxj%eZ+_YWQUV8@u
zh&D@w;E2aK5YM$nhw%;lyHq7E(jotCx?ab(M34-Mn9}jsc!J1Uwht(EF)cMRwG)9~
zryo$ITHdBK`e{I~iT~$72P@fC6#j>jNJ1Iy@{ahe+~%TPw~iNG$EB=F6=imNKDCM4
z4|{g`jVU4-l0Pw+`+<^!DWDFvdf>SRSHX&P^@@<dpjE&bqpb`tCqp?wW<|wAll!GP
zbYwuI{faEuyd#HiPgHy064-9|%Xjw^I$M{?(dgV{okS(}b8`e=eFJI~aLKmLOjV2w
z_V4)dg!;#&hZaW3g+n*i>|(pmH+V+&hD!FMvc*GK4V%`LuT!1K#A{CiZk!?rHU}C)
zH6*tB2JJH%YQThZ7mb`z;GAG0-ZN)@yPpIF4=O&-T;tMZ?R{VT&mQusi~>{W6At92
z5_MRjFOGXl;fK%4H=^1ocC7fj*3-6!J~KN7n5f0WcAi{HPi~~@H#goh`B+TPBT?3#
z*d=xzFz;hQsZ+6vo>Imj73wiHhw4EJ2N{jS{95DRg`r-&T3WhF@=>=Z!N80|Zj|W6
z3eoCXLIY7GCl<qmiC3Jr;)p=qoq<k03qtr9^74mBDzg}pa`M|B+A76Lec*h!m515n
zdo*L)TivLLB+$5!hvs0Et}cd6v|57Ak-z$r#Zu;M>qbo9Rw`Lm=H^_VF0IgxDt%ma
zt{-j}U2Sfw)Q_D^FpkUUt=0$Y$u%oY8B(-CwzyIue9T@`ct>L5YoWs#170r&ZspSK
zB#Nr3{6#{da`o}(8kMkAa!MHvyX!kyUUBuyo6X6upj#6O2?=%;76)C0^~FWCf$UI9
z%<!Tzs&A^hAh7LzGLVO!X}+R1W`iliHkmw;ENoPmNICmK&K1?T_0pDom5wyrxT;f5
zRw*y8ct`(Bn)CBec1H;eBdo!(*k#5nmda~UGDRZQ-URFp3(>m&uo<bN?s74*!`aE@
z_ICtD0!n2SZ197?iBY)Ty(ctq^MHH^?kqf%T7dysQGUod%GH9h<b_v+yl6WaGnT7#
zx0|^E+qgX0n7;)o*~h!KP(u3IQk6zr!Om(`=d45t6N_1@L0%EqMx7v6M@i~cQPeSL
zjf{S9ph`|@DqIw2Vx)8T$m%^X#Fw>*=3d@RXV;(AB}IOaP%Km?i%7ME7vRhwP;%%(
zQOoO^t`jPfhr^2lw)tWN8rAE9GCApom4<%x#WUKu9IB3C)}7bczzDdEE(Y3{nbp-c
zHj3E*c8+S=OLV#?!e$E(FHY+q{eLs^I(xjf-{@kGWn&A9N@=qF4ml<$)6n1~-=E61
zRs4LkbRbA(K<OrL#{VT}u&&B|phS}0UB_y($aU_k?SK+$BAM07(OP(4U3G)u7)oNo
zB_&(JoTGHKI)#;*kdEeed3DEWE))X1p-#JFXW2_M<>9@$h<E5R+WBe<DkKaI#W=tr
zhkbAl(I^wbCSq3I2XO;cFCi5cV<Z3Y0<o#q!g#@Hpj~!3npO*GyR&B7!G1up=Fn(c
zw=oav$(K0;zdFJpv8tYh#n#)w*iN(cE21w&tui!dCZ0)X)%6^30lREZ3G(Sz39Xk$
zx}QNFCT%NAUR`l}duldnKo*n4iZf^F`NP*-*sgZ4+2r>VQr)lWN+;D;jYG^u&9|Zq
zb&weq$qOOwjY0`p`TGnkCh=MX@(XO5^=BEeL@sOCQG&z3)$a>A7AI_G)ymy#0G+h*
zVp!MkgSwkU3wA}za*z#-ONLbAh~uld7TyzkuO|||=G=JT7;)kn2|#zwfwycJS#oF?
zGQm;$EM>H%zde^*G&4fV=Bb?JSntPw#2xtxkWE3nC!9uT-;h7P96_Y3{4Nrn59)dg
zTW^m8^?FA|kz)1Xsf1%RvGqEleZRJIJT!3L)tU~#bNkJl0L{r2k&w7E)LUKwse;;v
zk~IR9)4fVUo-LPtla!K9*9{1h7ofHaYH=l7X{iw<bz;M*4-8_JFM?>N%jexL<HQyn
zH#Nv)<FDtJ@X`jPx*pnXT;#`r<ET%V@|%phvh4GPejF#;iT%kYy0}~2IYJ3*TP9;t
zO%D%6YQ6iOH@#$bc8oIO^vN83+DLS1s^3w8z-R=WuXqxM)&%w`&llwfxOE+wtY33Z
zO+xJ3v$go!t1}0u=|eUZ>Z(2uy0JVqdzVV7kTWoBLrcLrbBp>>?H74K8e{U>mXs&S
z$J#ebR)RRY*+Ql^Jz7q!5kAozkkjp^$Y?H@G$yMQ7EiUcoJj^;zhpLK1rc(;42M5S
z6Xc2I95P9>C~l1?i7SRQ$$SO5n39d!-M!crIgO4F<w~?sK#DIcna<}^a8I;S*UN#v
znj?N3j+6*)RnP?mQ8F<qktRgTkIfG1=aq_4e1Gy8lLXo4T6T`K)3QU6nT;*YHc7V_
zWts>T5fQn8oD+hI88F7XJv;%lA~bEDOvYOXZQ}*YRijEHhziprVmzXwlOr$XJJd`w
zNE$8eO`SQOLY2mp%Ar?NcHz<^*H5%s4coy1XA>56y-K^Nmk<SQ%z7k*qs`BwtRQMu
z%{B!_UF+3?*;pS7V=Dsk?^l-2=AYVPD~|Vuq#)`dV@S9yUI>kT7}1bXAeOKj5~z;a
zW3cyPU%e;U)iNl~P94b?F#c$L6v#lwx{(+c0~k}n<C3s(kLl@KUbp|B5BD%-2bh#R
z7|TouV&;q`AD0o^Yk5dkPZ~C0&KWJqKpzN&mI$LBh#Ov{?kgr6rmVqfw?7~%uO>R|
zJalSb-fK2*Mi37vo(*?ou@G&>&;%+W$Hz{$EEQ30sZ{CxDyi}hUd(;4;60p;`fX&m
z`2>Bpheqv|OgP?j^As~{@m1CRw$}41zo2@kVO4Wll_92`<USyxVS{2mJLXn`ri4+J
zj1D0oKDNNeDgz^|vg+OAG7(D$f2HXBl1*1Tinxm+Hp=Qf=MRn&#IH~%E&AgRywtJH
zfg{97S~Y7O_Ds2TNnjFznsA-@a;biBZ8=m^QWC{9%pg5z|D(y#cg-Nn&t9C7ou50F
zDj@@m{v&}fjgOBrYx+wUKh#@N+7qOhd6JZZRt=6gDrk&jhD%xs`Yjjw`0&G46Ku*R
zdYkzX_1%VG8)i9voI0rTJ$wILx-@lxc>eWR#quqPh+RZNmTWyPE^c7p7mu(ohKmJJ
zue=1znHG;%olsdmyH?6ew^qyx2T*9JSn^CqhCrP6GWu<8sT%{ErVxYSw(Fd&B^(kX
z6~vcGN=X?LlYt(bEAUoM-#nS^==O!Oh$4nyvU*DcSYq&^b+Z>f15I33EY{|EArTzk
zl7<^dIk6=HBWXwhG*|<e7T#a?U8%=2X(u>uCqk|5>%G){V6Z5eIzmHLbFjXPxL1J8
zK_yMU_q+=?j*U@8%Uf|>N+!+2X`@wTJj`C0VRXs=&24V{n19xfx=qPu9(=zri)e>O
z`MI6{>|M_G@E~i580!q=MUfi;F^BP_@+zmzQDCfpuLPWKp$XAMSjaZI24u5pI(vMq
zyl_5MLcg{QM|!@YsW4>nfwy20%H_!Y%5tw%UE*Az#Y8`dY{%SH0J58m0+8NVa{#Or
zkM6@V^+ar3xK=_*ZBrFC-SHQ;5uSYt_-hb$h^$iX*BzHAlA|1wd}$|Oxv00@KDs-y
zit!|7ZjOr@Frdxt1unwdXQC%7NW>Bbw02iqu7&%+0>fG@kV(Y5uN_K48Z{JTVy_#B
zNXm?X7WvmQ&mr1H!6<KkiJ_a@ixI^xbF6o{vq%V{f(;7^1)vqiRS$8p!d#ZP5&x_?
z$r<4OCa;mdS(s<EC%e+Idib^w4D6g7vsw0x6eA?{rMi30Sbh<kT{;W9?~%=*TEx;U
z-GvSxmHKG!&=o^CgH$-&(<=eAzRAtx>W8a;D;hmthsc~m##XaunteABU4PO%3iAa2
zC5z^@iL%KjzeHi|bWwK>V5^I?^()i!Vb7^Is!8tPayv!dkR)l2x9cSfTug(<6({Vf
ziEHP4g2ic_P`d;PWPZ05AXO!}PPXT_`uP;K<e+$k66DqLI1Y<4Pvb1m5C^)`8kT2}
zxH!>;TX95ZC_J@z<oKXWbgJ8WOe*c{?qO$ukfBn7ULK!TrlT?A@1C4Zu(jQ^+zZSJ
zC?n*mkmnakgnz4Ol$vYi1#W#FmW0Gk-z)sledYCnApf0IGM470{ZYTX_;L>T>QT4r
z>YYkR$H0tg))!&B0Gyk&(Qw~;T$LJaT73*OG1|+NXm-}5icMVOw!;T<H4rco)_TTU
zwCw^BIZ`3pe4i-Fu{pK*j02+bgnM&Y$9k&g$36|X`u+f=9wR4wsM}!E1BFaERkIET
zwWm`lt89zlGy*koipGkCxCK7P<AHFG=$ku8aF)~0YnK66(teh?4sQA#wYg<j|H=i(
zm{T69JK>xmHk;RFy^0TOUEh7kr5I%&T;oR#bHw(3OYzWX_@S+ua*JI>6|INx@7VmW
z&Mmagq|N>g_;2q&;%fcKJ;QpkrdBRwuBdNGYAq7?cjfw^u>M=KsKncX*;uI}gR!un
zYk<`jOJvlR`jbbqQ1#_JN^HGk6Ums~mWeF>2Yd3^C_V3v*XK#U<9WDN`u&?dgO2-y
zG}0Mk?tzhr)zMzWFQX1g?LVz=ADLy-a>A%r+y|5va&gM1YuOd`S<Bon*~Wi6O^A6#
zGBuGPneSt8EFLV6qf$$2*1NB5H^t5YG%J5r3{=g>wZG8NS1ZKK6-kE5_kG}b7OFG4
zYiC9E(*3@b{PsIkmz%UiuEEZ?Rbn89XRW*5V=2l}I+V_%^}|q^uJnS+AmbhORaZ->
zYt-+grHZfFVQ%B<H^&u}^KD>B3@b}KI)_~?=?rxqF1H3%(h?_}mKR6%9Do_mF-FJl
z-R-B-Tq2`Vn#Fc}a!CpGC+9I7O92tm<<B=sC1NWLH<yl(^E1DVpV@qu%qW3MQeOl~
z9#HV4A9j})C?wXmm#zBVePE!lUf=!|vNedMLaM3&@fomZ^7w^}yCm2^vOc5z<>iZa
zY@{Ho6S%aP1W=!Q?CaJl7hh@7-HTY)nbk5(xm61L_FJ&dm>+%#iUl0jyzW=N(_99U
zij)Qtv5SUQp$vv!;&VzoxmhU}e@iDSQaC%Va_e9gCm+wc@<l#W_wcf6uf1iMG%k$0
z%*`f?H8skdAwBiq1`$H|;(C-dYliG>qXUx66ZWA$%bbsLMx8%UL<}r+u2veqKu@W6
zV4wtdRCK6iZvr`%#*$2zBQ`3-?;yr|caqnfoUGdIg8=JC7C+R}>WDtfW_XT)D-5cJ
z$0#wPz0cl_9~eeiP%fI5PhSDrb()O!DBluqiRsR8uV>tDHJ;Lrn6_>ndQ-eSZ+rFG
zLD`}U!;;-hf`-~30`GXQo@!Zb+g~?&Rb)dFGqf&)-KQJQMn_eTT5hpho^PTfjsq!&
z5wvOszW>;Ds&RC$F}}#RjYuB;#eO!1Yb~L0<IAI#1YS%aHZc1@8EBngg;^k#eC>9z
zoJ~#Hu63Rkcf6a0*Ur8eJ6>mb((0K^{VU*S@Dvuzkk=vuxK}?u`f6QVa_s~lBrh_p
z<5i=71)v?(rA5-X!>vD0A-8@OA!U&C3V-Z4cQ{R$)umA*&kDzJ9d~t*co!*nlXkm%
zGt1k0wb>w2uGeNo&FpH4vvJ8L+X3E<kjA54Bi&7U43N=fUrjt7{$;WT{&AOZmM}K1
z2z}xaK$T=dU5S1>ncW3&^yD(PLK$ChSSWp%K5qJSYbjmhkctXgy1u$N#Vb|gE7vab
zAPcSZp9Z{w0_FpYq`*Gl)Z)NJ#r#s$rsfAv&61i)*K+C<#z2tU++Gfg`^|-q1A!tM
z0E<#bQ=!+j4fsCfdPUv(8wY_Qx12*<neNCDv)S$a8EXd<AabI8p6>Gz5D>CoDzVN;
zGI4p99mPNUR&t(w8C+6F!p!=vK1B@oC;;MQ8EF|@>q%KYZMWUtq&GcHTgK{myaSM9
z3`=YC9Zk{ay<d#rL+qF%Hnq;2qfWXppDrh?cln_P@gI95Up|sC+-P~AKRi6t*Vjwl
z)kq63f6;&AIP8x=0Q?%ot@0x21sEdk?N@*VX6CWz1E%^hBqWOHynPEVEz;95AF!-Z
zB4OQ%+>Tt*U(2U*PT6CfkB4X}GInCAG?Nu`+q{cH>dU2A(wNW5`ycr$Ps$*6{^FL@
z%JQLHZ26#klDr+e{e2#JJDA1vcenX2^xcd6ppTF6xBU<ZBDCkXIH!$^i9$#@Ssd_p
z?>36#TgDk&ihVX^_IG2bN@%$_CXU@Qi19o-?PCtIK-s;uS93{MI4io4I$^5+o5pMJ
z`bLZ31k(uo`eqvWZV-l$c?Fj)4h#=1w`SnW8g{ZCVRypK^8!V9$Ek)g``^5X&K%@7
z;()w)4mA|tIxk5lb9%MuxmW4<KF$BMpNr$Y=YWqc99Q%11mfQsb#`cG`nEehorwsX
z{d4y9UuU07-q;u~s%JX(aDOB&@L|2tD6BsqhWv|d^Dmyuf6z%(VdP-DXPoH%9}Pu!
zRrl?E@RGk$c@#7cx{Gmc{y@uF*Mt5cb<sT|y!szg;r}{p_Ibz9tF1?iFY<S+<!^ub
ze{F$Re3!f#SQOg)XBLq?<QoPpT{;3`|MmX=Fb;11n<#iiGzY;yQd9P!{~|2;xA~#}
zSrnJlUo4n>n!|v<E%aYhp$U|a_uBYkJy71|`0Kwf_A$K)B>tct6KZFYJ~qOiTm80{
zA3%PckNnj?`wFApQ6A|T{ru1f!PoMqNBG+K5{Hl(FG~VnlUgrlE)YMpRF=SCi|Isb
zxu!iY&T{(P|3SHP+Hd=rE+NV>l!<`jh_Pl``HO3550AI*ZhuXBW|9Y4HMatwN5ru1
zU_V+|aRp6hh6YC!#PsTXF)?wACoeS%u3%YlbhW;;4E*dtmfehZvB|$%HZS<(I3Ygm
zGKhfjxBvc!={mh+GYMmK!j6Zc4KjpP_cdE!k4)s^V-Y;LpM4qD`u3XD6~AV~c4yUk
zK8w!ytPzr0<2*#N^onRJ@oE3uj940FyEAlG76X89arxs0E*?m~eznA9l9oDmj^JMN
zh}rTlK-RwI6Il3XgHc1<^W`U@lAeY{)9re`veM=@M0LyGvDwmXx(kaJr_!`G-jz`n
zr+cD8ia+SY_BW;SwhA6U4h9l_y2=f#KT}W9YuOJcZ5DnJ9=bkfp_Lh?+)ajs`szm7
zGbfjDe=!s)k2;3`yg2}oS7gwjnhuL;S<X>+b%!#DN=u!}v|8N8-i?Y;c^M5Ar5>Cj
z%X%^A@(S!LaBgGmIq)a(9#DuaPrAO>{dqyUaR=jiQ(3lnQe4g0Piq-Lo)ALy`2k}^
zoX&mkW<6cYXzFITgeKRd_!{iWeszX&Kc3FjO?5P{-LR?yWLR$gxz#*9bur$yC0yNi
zIPB(R*?`_*)7V=k*uq-a@>wEAHdoRm!J1YYi)${RU#|p2do-r{xe$I0_9Wc!f{<Nf
z0_vaf%R%1%Rh3Yk>hr{8w7YRgyIr`gEUfUmGg@#h1Myp?>MBC>rK3VqUP(<w^r`2h
zaxz0raJSpnnMA(~o(^tpWkn@zf(^$r?t+XwE<(rI4L|o0nbMR>$<iVPagCr@BWl9P
z*7&2<@$SW(r-|b2X@6$Xcd?#3&+ul(6|Edsk&t@t<9q#U^Hqe6XH*M@AGz31Du`os
zm||BF>n?s~*`1;-hbJ{YfeUsucdeU~)Cct{I{XK!p#RV%YHMeH=tCafmH=kK3cDf)
z%5>PeZ?IPZ3(re+HQ2I9A7F@~(%5!h#g>w2*2*PAr?9?ZvW=#w8Y!UG?Y-1}ycn(r
zW^-wtE&4vEvcV0FcxX;DW|werey=K{{6yt-4}nS`Dm(qce3BctTKFIdMy#$EhmsOL
z9CYt5D1ahQUqkY^AO8RN`s$!Klx6RPkPsla1%kV~6Wrb1-66O`NN{)80E@e`Sa5e(
z+}+*f+q`@4`Odp1c~$(eMb+%g_Vl#=y88!gCXRJy{vgqYWYgOSY%7W^c61_lE}LQe
zg>i~A%)E>z6L-w$xv-~ukGu3xbIm|<%eJr35%-=E&wO+jSM|hs7Blw?Dwq=gt#1DP
z@Ukp_vAr5G>K6(TN=16?GHt%Tm%~9K8C@O?t&^YA7<E?%_Yi_!L?IOAaco%d62U_s
z$OEDil^M3R6*1*O?;+=<30|fjTf8TNg}v(bPW9~#kaHv@P*n3Rw$rlWk-ZHr<x-zN
z+Y_IbNC}7U;EiLm_5j`)-N#;g@8^#K`c^&$0Mrj`ZA;1jP_XG+Mm&a;YykBM!A3(s
z!lGuVvMo<L%U|A^oywOKNfg<el2Mg!a*9E4*+rB`p)xltdkD@CHDBVwVc0+;MteXm
zZmeeMgvk)@4J<I|6%7wgP70&LzS6;d_GZ}Q`Oh|4(*B3L;32qOVraKCy{vd@fE1iR
zTAnftyl5|jv>k<pbiKX=46WspHYA+>pA;M(^lo2KZ9Z+8|4rDk-QW*oo)=-x+|=ZZ
z8hpZ30C{VL_)=VU4o4(q-<-p#Mp418mdMp+6$>6XGj#vh^Fd!h3J}JKJG=C4l!C-^
zs<E;-lCqhKDFS`+KBLU*lB0eB<>P>}`D<a3b@lj-2igGi+EKL2PS0WQmUz<Z3*24H
zRwBmzs-1Rxul{7sIpZ+cz|N~nCzb~q6Vs4kY7Co!@J$cqUP<7K7Lh0uCm~Pq*iv+2
z<`+us;mWa}f)RWP_fDuie?vL^FU|W%1<8r8IFv2)rZ@6s=&<K__wWK#WuBcK3OuP9
zTSgf!5V9tcU^lyM?~D1gW>;zKT*kxN{Ow!QG-{^Nna!fqK%Nv-I4<*o|7f(iik-A{
z*hOsQHf5OhBZkyvUAD!F<4t+gOS#K><FRg#@!aqZX_<q($dZJz+lK=H%j4qWVE2*G
zdL#0Q`J2FI+Sb#J$hJ~M^?;^NGaqQs*{|-t_+0|Me2x|OAMQ0Z*)r0;31WW0n>*=g
z4Xthi4C5?$s82Q9Mmy2TjaXe(qjwAZK?6T>LH0ei!L9U;j*iyXmU<^Hg2hZF*-a}N
z0p8i;#fcjm@!RC0u1Hm#uqxQct-K5w*YKsB1sv@>62?^e?ou9l%9D&_yXDPP|2NHz
zaIneevo|x#2;SC@iYC&?J=TZ#mQSTt59~6TDgqrAe>g;q{44cYR)K6aGGy||mdoR{
z%?}(oWkWAijJ;i*{qckP5-2<`H0KtDA@btofxToJoY$;(rsf9lmQU#gFYn*}L6+gr
zj3I%`dL5+-5Flt^KLQ`%#X}yAoEnnQn;zhAjr>}otn~Id=Qj2MG{DxP^&~F$mODq;
zNS}Lbzn13&!w!u<9M{p<x0mNZNVP}s5S$@yKSW{2{+prow~tL_?YuZnb50&%eSa`I
zewlb#m0-(^o$zn#{_Eo-=$9c|j`w<(_qRIef25jGh~0<(!-y^aRg$gC3o+*NhaUxA
z+lRXG@xN@jznR0Qy5P$1+cs~=te4;062Ja?I}Ck(agj>bh5YAj5O3>YDvUy`t*u{5
zTZG&2PfsCFgSOV@ewh4rjc*{$*EurWI{N+pqeg!2SK;-c$NRHCNPMu(>pJ_Z@Y+g$
z>JK9K*G*Las*#_&L0td-HxuoDe>|-KZ{<DPQGoXct^>!oO@GzMSDz4cLH#e0^7rdm
z)&F%N75?&nzEa;2+V+#f*MvOagAKkP+X^;Czzz=@jHbT_)RlSb8<N3)L3B($MI!$l
zQ`{oJo+i*}s;qbwDp?pAUE<B~fe21V-{NlU3FaR?v?2JgQ=DNT>vd0#znMEK#iM@U
zh?(?=s)x?Yktz;Nj&WG=`jP|>>xiU)ZQPMzJSeN!@@5Inl2XYSSNEw?*t>6PPf;ZB
z^1Nm}j$+s=P5Q;olE$wSHACZUx&Fcau;ZR{ch8J3{(R@ftLEA-ccJ1{vFOcKu!s=N
zWfqYt1&o2rQ>_Q6jN9j!*M8lz>*zt45=E3uay;k2N%Z=i({HZvGzl_F!d2?j3>^Z8
zijN_Wt@A{M@vxS0tDaU=vJjqo<!+|+XSUbU{>4bqrX+@>J2#W56djv~CX{MsYbPlr
zmy20w_`S$^XS_>C&Vb`(5>X^Vo6gYMz8Fz8eIbgA&+YSx9c6+tg6;SlwgDwl9JN|c
z(=`4U^H3h0=cAC(l}z3`&FQUhU2FD4#g%v{o2|9iS-)dh&hYlm!41b0T0+G4k5G{0
zhIDirz_oGYnJx-NPa?v(pCHMp>t^!<lQ`i~J6U+=^5WQNbX2AJCJtE5l`2Dt(?zee
z$qph|v%3AHkcC9s1CIwaN2AC&Ecc<o-4Z6?sGTUCx0gmid2C*^uWxX?WjPXE^OFSc
znQ!{eoHedPpV@EPH~hVd{|F`P@Ld3Vo}Vt2fjHVEhbmDO(EpNYr=rA4mx(4$rC13Y
z_as`{YeWv<CD4SS-5677gNv$Y&-D2xD{<eNZU(st<%9yvk^4=h<&X@fD*}R3Ur>|w
zBfX2OgEO`7|9&t3BjKoEKUdYrsEP<2BJMsySoD<mB;B0Fs#XWcS~2c?-}e^E&E1)7
zfh#+)oI(&uaJZPNtOg-hNftGb!Y|!_NT=tS?dGFuETRtLya!blpShvMMYp)DCXor&
zP-Zb9c(pS6tQXyRHSR$@*RKn;rs%U%oX{<Hug!;PocqW&29K6JuC%Pu=^`+d6~;vG
zEV8@rPKEm&D&%D(8{V{!$M#-TPZk#|C?mT(?*<2PncpFktjzZ0>_i2}2D*OS8@Zae
ze-?Ddd*=RZ-fVf(Q$Cz?K}f{N4K-TV*E;JuN)dXT!Sm?S)e?s6pV3&Yd)m;S<DquG
zmvU<!;J6wHqH}P~m`rG4>IkVBQZm-&vb%g7&b6{5p<#Bp#$k6qpXFiID6JI}!UCyx
zerMKLp^(5wm5+&0VCk(pQ{)|}I#H~)5_*>#KiXfWzlRlQlw6+1?#)9<QZ7YH@37CK
zH`PUUKN}5Qz=8)L^js2EeM*!8@!s^FeYy#i67jh`6C$G(br?!xx8K+Blu6bw+M00~
z^Xu<yN?r{%-01wk`_ISL^eb4P?a)SG@tzr7?_&zXG1|Q43La9w?B|2hbat@Av9fxZ
zx<eHsWFbA(u0)Ef_GFklermccdsU03ven~{H+S<?bf~(VJkvs|J`}e+`}}m$*eW}s
zJ-@)OE1%@JwL5c!Okq7clySgmJa^x}UR|8f4e5Q>vpSy~n)<<1*(5^)xSh5<W{NIz
zQ;XDpZb<i7YdRenLsE_~P0WF5x4Dh>K>6-7%f-^23;@E|-2F0`o42f7<8egIR9lrI
z0R7hQ1LC9W-3V%C>pZlL@_l^qI<De<(ig_s?{ZsdOBFnej+-^Ylb?s&(B@o59vhvM
zmmN-8W@S-cP#Kd?dQ+$AJUKe+%lPk}1XpYuj4!$-VF4Z*pT6YYL9acylrR6h`y!K>
zvguMRL^FLV`^mbCZXapFWd*?de5!LQrAu|xGE#fU+OD7&*J3GkcZ5S#Pr?!IwOxy;
zgRUh$vvdLFQm&Qya=%_#=G5rH_`SD`1}2q%5}n6d-^?IK93>xHr<!BgsbkW1_zS~Y
z9AN2ltLer~_r;1=({+@&vytBG-$;FJu~&vao5n^23J}L=_=?RV`siwS(a><ICMiWG
zyw(^*d<ilj0sx=R0Rs=c&RUziXZIb!UfM%f{_oIjo=9ocKKI`aL<ow9><`EHlOc4?
z^VWWu(X-V=Awr?L@kY^2pG@uLL8>}#umI6_uX#kO`nNRe3E+`2MQ8L4HJ)s$>K<x3
zUYdoGY5=G?#OE#V2W8<dD;TFxb}=<vVAFZL_`353Z`8LF3JPN{1GgLfA=SGARwzLu
z?*~yj%Zu*=?mvAot8Maro9<(?gZZ5z)D+>OmIZwuQ>_WX)BWcKE;N+vfrUUiPNog(
zeK!Y@2YXToBt&$wV!2&)@4^y~?hRIpO0Y(0cB3X2TlR-H8D7>!UhCJRJlb~$<5YHy
zXx45-c#4?Swma4f=C(thj!yIlkulXh-f}<PTMD9*Ij0R2`J`oyP*o+@?KWn=#+8Yv
zBZY{dJi0xRr>#ck{<JRa9Fvh9ezU3$OO`5(+YmR(sp@z!q7VI>%ScxT$L&U%T@XJ(
z&QtSE0I=a#h>Wt%aE@-~8A#X&k&gtw;WVc0BiG^?8{D$EW!eei)b<{nTXpulWn?2<
zXDKvr5^<Eu)17@KSvrSzd;R8J!}&aRj0(R9winSfg;hoBb%m;Y{i+;WQ;naWaPr#`
z&xgkO=%(5QyKreZs;>2vW){sHiwS}<ZMlNMr_%%fD@=V6iC03t1WRIyDd2rM5BB5F
zmpdO)EUp3>ukltD!NZ3(x@|v4+J$07I8T%Q_#hSLme-v(U0N$Mr2$9XVsS$n*XP#P
zEX(V&BhE{Cx4BKX>~S-B;`8*NBBKn;gc>WvKmdb@VN~e#X3PQe%+IHPy4c*Q(Je!8
z3^6mHaz4dS<l|>8OX$GP+TF=f7B-&3AO16HoWa7su_zryUTd!$9EVjBlD_BT%YT&|
zoKUjC2^q+l0o_J`%U;6St;wxl4mwR_=8a-#aMGL<##CqA$v(bvfCQBxHn;-|BaP9=
zxsQzR+_q+xuv6p4xXmj@+KW^RE~+lV)6!}tYm6vHkAgwl)3$v|CQIxNoP?w#zy^WB
zJ@}lM$<~y{?;MB2DlS2c2N?5DV=G4P+v3xcOiae|NOr6QvFYL>n#wJ9SAo$cxjPsn
z<sLT@8%<{ZLwa(sZZgW^k9n~>wq1E!iT&bELP`{DI6B<yspg;LVOgeJTKaY8+n`6g
zXue?I*@`IhpC9!}n)<xlKW_DdyDWS`s~jKaz?}2E;g^w)d5&upW$QiHR7VR7EF>kA
z(ABkcXkzEi`Mhz@CMm-lp+ciN?~3$uo<r2}3VQH2UdG?LP>qrLrlgS@^DkSvY+g<;
z5^Uf!7`1*4DmH#CdsQ~FZjSH}r`mt_E}+(yZn7wYYyuRkYSEKJxd{^?*5($>+C9-6
zC6JAnQYZIG5x4pRsCxqBVKBZ%wS{6L5Wk<eBUABAUTiK3AerX=@xdeD>fX}S^?Y{E
z$lauARYNGnW7g^*WxNW`D?wTL>@!(2lMCOZc>+bom{>2nx$;bMEpOU7q_ms;8a11x
zAdkFKx0RQVtu>@IzD3@<x{;^v(pW`n`wOm6(wFeq$Uv9j9_c_W9=9Ig-sCHVr079Z
zLc#AQE9BXiaF-m)%8UV%#Cf_)UrQuN-@BUZReMX<lDG0KoA=gHRetz~;Xc+4&H@}8
zaD7-4$TEH%(hMrwX>D06G|aeGA`{Y5y-7bHv#1Mh^%YCk6ee{xvwth6DzW80jj7F@
zEf-5eTBuSdUpP!@W$i0RtkkzP-@h-SS)eF;)MCta6wASH#WA2liE-}-ziRs-GJSnX
zGRkdBB6_8ZXBeu%;$AUtGbJUJO)_e~AcLaK`80@lGaMnGIfW@F+p$=vbY`r1>)N_Q
zY$C^Si`I8}-oY<QqLI`aCF3-779*Z@dI4x|Q14z*A*VC#=?w!=pfnZ|z=8JS&c@Zw
zLr+S6`K~?Hob&f2)qgxXzI+rj%Zc2{w-H~#?xyqWVUMGv)U`9lz4RcnPG16@d51S3
ztB%?)&d4UD`7G&g)Z#N@e!4gkys@W<PH!>SSBZ#e3BRV@n&X^RGBRazKf}gcpo{>1
zp~#TB9~7%*k~{)>u*sZKqFGy|%Pw1*ikOhmCXxwjC8m%=9R3Fja03l%mZVirD>u+L
z-k*z4D^tRxzEmRV=xtJ$ksql@#1k)|&K4+oAXGX%Rw6#kx1aFIx*1wA{>%Bz_wjD(
z^a&>V)#5mb1Qz0GtDW^MDd~Rmdt6R+3;VL**lLD@>epp?u{k;-R?Ts>5(#B`f5Q^|
zWu$6LfyFd!T_++fqz2kpGiZc-`@B0eapO?nTl%bwy{}8(tCoT`x~;+*i=0rx=hmJ*
zj0tTq^m8run~64$y(VXic=Q!uqV`Q|wMyq0EuZ@3{z-z}ojt($ST!D}@?>m@k#Rd7
z84K$?!~wQuW+G4CCvYc9b%I6Ow5nF~Ne5^o9hq|pA;@x4WqG~U2<1Nu$mDb^mao%D
zMsc7D9jcRiT03u`G=B5mSkFu@J~3ZgC&T;xQX9;C(srMMG)mX-m^Dx=jxx21b-dE5
zXw!nMIVTy3!do!Qov%t#LmKQr<ln!J>BO(~mM5B-dc`O2$SgB``nWmciD>WSAh0s_
zI>03oPjUh`Y)A>P)Rfb*g4G@P_pVXTnJo{mLf7~2U-2*jsU=S)Lcb~rBUuF%%%XXK
zK8Cjj%NsJM2pLK-_n3tRvs^EO|IpCnse|x?zFsb?>rnu?E=H;f;<SZ?-ad`SlKCcc
z-DEtZ&Uv++3~hb*kKzm$=hHzhWay4mBY5R&0WonikIBpJMmhp8Or>;!)~Qjhy1pw>
zJe#Xc9eGQ#i5@Be+5Z!Rt(+%g(nQL~!~925sigjrgIH)>&cV%{FklA*hH>NDi0zys
zljbqiM3JzZHB{jaM|1hWaCqt{w@h64&F1=yG}~><15iA%f|ARvZfkL=ZGnwY8^2E`
zqQSv)DTGOYNHC-{MYEKSgG<c%CgQq(M;7wH<us~wP-a9V*$HpQ@YD!Yqz&qvgprW&
zSFgO0eSA2Hjw(5ipH@Oa5wz?2E^6-I(P6-<FNIluG|PN;c)j5ZJ@;+#a<*61xpWq}
z$O6!Vei(18rYm}Rj~m2>S2Hn1E_h-m7%ouvSi82Fo*%4!*YTrcv1Z2?qyD9OBY3=>
zz<Ll?SP92p$qADaAUu&hy-*$icrPIl>adQRq1AQ_v&Rj{hv0Em)2V*mXtKAp)o|#0
zaRXG;<l=LmUuV~T8Wr9St{hPt!3os<ht~D&A^pnP9exx-p!2?2=c`w_wrHSYp{MK|
z@NhGouV@zT-X`I!adL-MYdM8XeumX%rfD?H4yR;FX9^deMZ4EaG=tmT<Nyx}2HHt*
zVP-kgYkGa^1Yy(Z=H5%I`gpQ+lE-KN@P1J9yz4WLLoe%hlPhPY1TUyFoIvT!FZZX(
zG@%F>@>n8urJUiJ(>nHEON}v~Q^pcAA4=H)mo3g^`}!O>3khw5GBSLhLv<#1uynb7
z?pArp82xio_!TkAgLxh6Xv*vOESeCo5vw-Zf1C(6El*;=*KaWIolmn}uH}fTY7NI1
z>}s&r9&mf*-d#K`<iO0bG|!hz9t0I=T%PuPSINKx%^n=+QlIFy*`3S=<m@#HFo-IH
zx&V!!IJfk}8r=rvOsv8=`$L3Dn{*BrtLefT2mxWxRO?a2iAO_nA1+GYxS>mQ(Y2t-
zi=N%y<5l_~{8j}hxW%+d=ArC+W5}XA+Bw%xo!^AJu!>&w)0eA!&&$ih#KK~ol0(9P
z#HxA4!vlAJj?ey^1>l~QSa0RLeu&^=|1&rLpMcXT^m}ly30liY3h5uZ?=O824i1lj
z`o4ev2UGkN!{T`j&i(TGhK5o6AtL~evK7dG)!dN(zs_<7OH4*4DlAMwN@`+i3hOTr
zpuhZ*CLW`ttUNtE&BDY~U0ch-z~Gk25QVmrmXKg#X2yQv+Wrvs%8-9`12Jh$zuViB
zC!$dg{dXr_okVhdestsG;}Z}N5KOIVY;*%UA6Z#hEz9buDL#6qF~Iys<ox&Yu~kS~
zo#v0Is8g#Ql(0e4I@OxRDy8mM`&YPxLV#Ote8cy@y#O$Mvh<-*F);ABoJ(HQl9Y9H
zkyce#RRw&&?AW<jDa2nkyOD7l=lJ8kh;OlkQ`Fw|0;=cCR#*rbyH7MeKK(IG4=4GR
zhI9N>6-AZUFvr-?J3puowM`KWa`@|>{wsXUO#S*A%^9wa)ecU<YRGDnh1qpb5WI#2
zU*?YyRjgPr1^EnN>IF(pnC*>1KJ97yR{X}g{8xuaHgqu=85=DpGRl#t@U-xk@Et86
zN<*z>fXaW<_&?nC3KFY@Pf1D1dYjLj<zj!XpI<i^DbdJprD^@9xxLRYP8Jp}WV6uR
zUh>?};M+)p%k6EBRsbkB&n2=>nx#=lT%{|WiY>z=6#ARt^u+-IyrX`lUslliW>#_H
zF$sFLhlkfRfy2trKnMUej6(gADGK%v=abf0iiNZJ+1XoZDJh+W5_q^Min2FYGQWvf
z{R<<3mB(jbU_i63;&eDONq#(5*O^RMrgQL<$i3;1`+nBv1>NVHoF&UT>|~(kC{JSF
z{n~=#r%es_t#-gJghX%S=;_aNNMIRRWuw72nX46_ReoH-qPa_~$zCG!h1y(7LB;zB
z_yIQwc$t9LY>ImtUBZa9p=~PK%5VT$vNh~Kaoa11a5;P~u7@l6SS@4Ys@yEGE><*C
z?nZA0VnKOa)owtZ)4X=uE<~L#JK5n(jzQqINt%Qpy}#XfA!Sq3fHD*yEbT}VSKC!h
z@4!gmF0P11_erPt7A;e!Gx}arQHs*#6bwvvty{0;OJOi&lW@>ODE{#^O0v;dGM^&c
zd&!z3^4o~SP}>FL3<;HpuqfoaqYyGK*Shm@AEzvO*2hs%2*G@G-PEm<MqCt%7DmW^
zTgJ-3k(|&`++xkX6Ec2dKH1`!uTiiZ6LuU$oZ6a6;BsvFY)KU4SQ+kqDLUC3NiHU5
zE1qt4)6T0d)VXsT)@_}LqgynC*v&^5T0$|YTC;^F!;x6&=x*cmb4_*)_f*SWdlJk&
zOjUuH4u4}{D)Uoi%l&uF>_mqF8ytmcVCeVd$*j)8n#(9rl<>sZoQqK%cp!}@2cr4<
zltEF;z+lt3qxX40F|@ccM!G6&Qq;Q{0xF}y3*_Xg9H8aRxBLUbxWMaL2jwDqq;KTn
zLAM+H5lO2_YAH9BlT4}vuow2n0X+}KAp<`^pB6@Ek_G7@iICy}xqx(7nP4g!V8m92
zQD~h_jx^O&or%!R$!E@t?Ce+4tnRf*ydUjJ;2!@5Bm4hv1pgEo=DmNpf;~+B=z9TM
z9;+FjMbjDm?9mMF&<O8q${e*jVhKUjVtOhdwOzlBl(#c{uSTjg9eSHZ@3h?)dZgTU
zaTRwRA*K$)Y1XhE2qdB*kcMeAHY7dGyLsn`@jk`Mk1S4Er)n+6A>zu~7}6T*(ku7D
z_yR~;>K|hcZ`)+Ms;TdtWpph`UnqvP6Re3NwPSFuSI3wALUtst$XUL7Und`AZdSVu
zCZ=|HlgF!uvtw~{G1p3kFQ3!PwkzK_+FmC+?9J=(b8zNu8w{XO95k7c<;CU2Lu-6F
z_iXP!zlcv;N_#-YjNUqHIgB^lF<8;%K1kAaY!>V98F4rBFaU*j38_!TS%_lftZMd~
zPvbJtzwJNRB=*sLJ807L;vT1pqI30CH(mRVjC1ES`D>@uy(-86z~#0np|u$5$~;`!
z%N11*A&9U&-qf=#xG*na6Yzi$C!N{P>mi@gwtddRS!2UGA>P19UfuyG5x5A%J2$|_
zp?WB{4uPmn0%a*j-hC&eg6Q=A!*gs#B^PgUFtaQuENu}C_1@shyTxreWiH?UF;dkN
zZ{HUGnxgYM=Xqz~bc#hXBb~#YEPZ%XS&L(++Oci~?q<{!CMUzh=}VnLM6i)VKb}o-
z1<z&aH+;CE%Nhk_8#Ier3x$RFiCVl0Vof<K{W<Z6@Em1UW~<@cO!t&j5)+~BJGM-d
zi2%-Rx~8@LT^3VD+8)N?;i=;Mq3JN1`@Nk^xPFQfZ1R541wGo*d#Mkj7|@~q1hNLl
z(bDsu;#>w$p^@Xl?$ys$*k?4pOksba;ncI$j-O#oftEG2F-65lNFeR%PLr0mvCUK2
zN(m0VI3YnTFe@scYM2&R{{A{*fS+I7E`D-%dfXzS(cNQ?ng`#$^yB#N`x0l_!4wn~
zweoz4h=`AE1PDc;dcW*fE|KMgb2VWN%HE9MHQrgcH_<)UWGaEi6E?T{(NQPOT@Y-R
zs*Fdk*drK4m7Kf^>=jKl(K_J`TOZE{D{;b=OVX_=OMH~E4NBKlJ>B6%H)SgVP&V-h
zm9?beGssNe=Eu#ZSb{8M&beaR5^2SFFVf6U49v3d?I>QDua|r^D5Y$CnYDH6#H-d-
zwIf1lU*fA6LD9J;yb=Rwsk`bbBk?hx(|KsI7=E6~QqdaH9{5ctF;S01dNfL;(}oNZ
zgw^Wi2JCfw`l+sQjZSl*?OQ;xdXCw8&5Nz9c=cnpq{<#;B3z~q*}|;2P?;w>r(}6X
zi<=inulpQ}Y+RqPJs-@VT1~mMdOl_mqOS9B&d!5<Zuxfn_dvZYB-q{k{Z<}#k-27V
zJUS?8^MNQO6;(y#_|~C(We&}cSL`ztUSyU|tm6aI_NR_pyl{m|jJ`;Ix7^dmW6R%Y
z3gq+^t+%bPT=WkBG!xbrGZzd!GQ(54c$o6Vx0d6wSESR46DqbB_uSalE!zWbJ50nJ
zcO2^1?hym(zD`;c(j1LIIy<^g(IZ^m1drZsyp9%1i*J~K-YRoIMIF4+L3Ay6l7un)
z>U2oa>O7<i>MXgqUO&l04a_cHpDS<vGC^3$gOY|T3j5<%F@k4ZF)+|Z044CyN(H*u
zS(0S&orx3#`<d|fC2|pdErnCk060d9(D43X_a;K(wt?@EEL4FjrAC#KxGQj<;}jad
z3QNBR&G>D8aV6GP&?l%+6Pm=95J%@O90!V~>OhJ|OSyYqF6ZAV!`jA$=UD4c3(_2{
zK1p=*&B}hmu1PUS06lkqUdFMv&KvtZPIT1}m7a-7QcTQscxZQui_F&D=@VyVEV3|z
zKlBYP&rnpRA#u=;zCkjj7LTxu#ZbvO6W$B1<3uHrd{XhookYgvVyCfZAjj65SS)9m
z0O-h(R<R!mU4Gqe^|c@vH}bZg?qb)uTU``SZ3Gaw+dU)Oq_TKqWHe$JJy}V6O&-IE
zyj39~5KFLBC;wL1LEP8&%QdqLY$7&)IJXjKA0U|H^W6a;9`5Rpgu_GKUF2heL?qMX
zcD~6VBhW$wo#*~;$I}63GrUV|SAjOagXmRE?^clCgy&_bQ6)PeGeKFg+YRYBng@9D
zMmGy2HJ#Mm1GpwCE<0{+@Ohnfv&seNM>`tCbcaz^;S|ClV?)a=5kgh|k@h62lxuuN
zoa5G8Nh-bx1<brbcY*|iF28kbz<!FXU^}>t`$#%hd3rHB*W>)!siplq+PkM4Te-Za
zyuC=eLl3RILgMR*fLV-(5Ta3=5b6h#YlFMxtQS_L!@SG8M!3<fFcoWzPd>F?SJgQ@
zjNRDb34j4CN@rM_0Yl`;rg^(U4oGbY#YYSl&i65$J7O@Kv<jt5S`v)Nqj_w2yHeBZ
zSAJEv$%oB^18ObM$*Bqn_1n8CvUVh+I+2mtjn^jg7W<3kP*{m<XnS)PRd|V2C)1P1
zTR+fVHpL6R8IRXw(TA7Y=1C9_z<gAsOyCr<kg)3xnUWHpxyyG~)Jy^(8F?R>+%&1c
zyrGRB8~6;LnoFBX2rE-%nT7_~Bk9P6hzGb!)WaJ0>kmk&*5b3}+0&TxSMOjhaem|y
z7V%f2XyrfG0w-i*emoDBD7XmFrgS8IqC7vKg^2jQL%?kR8U+Q#!Qlc#M`aT=X+&hY
z;Uk(oEeJ?5&D!b9wdF<oq@3`XSUH^3?SMs95~z$HCPpSQj|qj5OB!cSlZv?zYJUTR
zx=nA%Ab3_i=I3g=fUaaigC&_7mz&3JZ?U}*<-;x@SCD(WW|ozP6fagiEnK6?O3~s?
za~fjB!B#l4w2++_t?=cu;f~cbHJOceOj;946@T(N^^4GkewoQ0f1w>ANves8by65N
zoh3nA5H%goGN`#R^0nd}v>?r!@_8w{_8(nJzU~f+H*vFkuS<>1=H=_jZ-dw0E=kF+
zI`Dhs18_SU+COXb&X$ym?=5M*Ro>SVJD)h&WWA|TfDR`wQiBj2TrA3WpIL+YHlXfU
zrp4UNz$Uj@w0n#5TZb3?q|HEO+C;;s)zNK0*z@aT0~sc!qxCLRt3Bwsp7+(bMoF$I
z=eE35A@Jc1QyundY)sY>#AH+lT6_kc(=Lz7$r}Eg-H`Gr9~*C<L+5df;pV81?&!TV
z6E(hzozpD^AI(kdr+N=a#Kbg!1#dP462BSNfhIKLNUM}4lfQ4JFwT$@b8J`XaC|NM
z@OBIJ%}>;ar4Kxb+IB+XLSkK*qF~fP=_PwiSXh{$ODv^wA#EUeD@NL4k>p*9v9m6C
zb1Ss%jzN%Mx#~!&YJsBESjUug;)a1vt~m?p+q9^RL{y+|ca<$L;Yqn~-Sg*Dd%?o_
zil8dbTYiB{n+RcD&^EVnp8)^y(nIv~^a4}f&(UgN6V{wiuTZN5+66Xs4KquD_*1yf
z7y97rpPzD+wtn21vkGl$tZ<tBe)7Yq9n9?PY>mY<C3%64ifbz`A*%`NxeFUEIG}-k
z2l$_W#t0Yg>2Z(XDB`W!TN78cO1#WSC+8&9927)uH8!_yYx5(gvcZ?<^o`QH^Ssm(
zJ<6D%mTHXj*k|*%y%t@Wp-{;KbO<l-A|i?Za4dZ}VGmc@+K@`AO%7zjFqr@&v8BVo
zwrzk0)|{+=jW=mleGR}Tp=1>3<AK@SgI@l@=UMvABxE9oh%jbOiXm}8MQ*)C1t<HT
zVdB*%=nt5To3oXM;e_f#fZ$(#Ivl!pi>3Z07){ii{&n{lk9(o1e(!d&mXc1bM7VxE
zibZg~3FzVJ!I)1=GJ%F5O?G(qqXp>kKzB{7M7^aQ8nr*0J9WZ#!g_4Y`Qm;Nj!Ito
zy4aR_gKlq^*2i+;q&)B{N@Tk(&1wDCg+{lvy(S{I%lw}|`-Y-@=VDH|$x1x%hQkb}
z$AHLa!zib;v(eTOW(Ktl2?Ohw;4t%qK<&;ZpL5_3$i@sHrch7``_`GgY^)s8BkCXY
z-;VuiEXwY5abjtyH8=?HMoVjmmc&F?|3=0VMYVak57o!sg_rb$?>qALF=l=O)4TJ5
zG3F=2T1^C1$=V&=diR7YBKHcb)v3<Cw3(I6S^5sS<(0TqiK#d2P5%uq^A#a&2N=xJ
zaBy%?Qc^N7FmQ2clB2440v9||5yWGPii(<=noLYgte)q)x;9(jhT;9B&K{<E)DT_S
zAl5HEpjd6V)^3>dqAc}R^xIzmkvH_~$X5P-;+?9z*%}Bq`6!+fymfrt%|}s~4sGXV
z3JHX{)p&Sw4SN+QvAF_et?9k16f54#b<lw_FSh&bZMacK09yOVMYmgL$BZiVz)IdH
z&Sm9$31+*Lm$K<p*~Q>K^0htn`s1s+OF9o$W%<QV9=XgvU3LPNOy3Yrgu1?i&*%gU
z-wsJf63#Xu5|JLsOr1U(<nEsPzN#E;GOX6FIyq7Yp4}dq?vV^gW4DONq%sUB?-+Ad
z6JK}e>RNN(5XUlFaGPz@t+@6NJ617}uBg52wB^5v?Yb}ZY_e1?Da99WtGC^#Q}ovF
ze~XQiTKA?kjbnT;x5P+5{4svGxGvM@V=Rq|xdEv4CD)eJbs!=Rr<AqEvD}d=g0t3j
zy^(6o?NOo*rYz|4!yN<tH>PTLy5?^7$lEIQS)U!ER4*U*VZG@jhvJt-PX^}ijMltU
zf=b!m@6u5m&5rIn*#u)@Ip)!6mvaEpn41Oi_0vDCv_qFy(rKA*lBX!HF3<Fipn(8@
zRI1%)(Zb%U1IZRQzuU7A0^MWTZD$QveSZWGl%UDuL(Tf9&GgeL!q(_&P=Wahyvume
z!WbRuneIOvExtF1dXrTr983$ZNVO^a-1|@!HB2Ty$I)tq1yfUj#LbgDmxPbD=L(cG
z^D#&E(?UAO{V~e@ml5|Pj!X|8_g~>$<A1Rw?Cq>JPMp}Sy{S4MJSWgXS;#zs0WFD<
zr1YQcpc`|R5}i!=@0y<EOPL7*9fP1C7+;f)`rLu4BfCT2mxW--CSiNpZIncH8FTp@
zm1xg=rGWd~Bnq0CR|1~iU8F8-Zx$Xce=eiQCwJ{+n{*aIMZs<jQP3ZVg*`A8L9<!B
zlXg%q{{fY{vy$&R5Z0jd@d)T0t$y%g(nL@2sqM*IwMK2J+4$2_+E|vR$2RZq>ap%-
zsbWc1J-RUH<<@<q(NUngAi30JpgPLIvQ3iE#TpZ&#QGuK#d^WyT67>x5bd+t)9}!n
z@jSnnB1+{bY)6x=Fvzo!;mp)T*-qOHgOJ`G@Myy`mmAv0-s9b>WzK1oxIBH$wik0*
zAqsv93R51=8cCrxsS21kAgR<wUXffYJwwYBG)!;ngS6QRX%7JK^xT#%ll8=iGS6^h
zUWDcDELJkL4FRKMfonl{ZLEr<$&Vd8=yB&WPb6)B^!#?w@%(usOWtY7ZcK=Q8Nmf&
zAkH#k4^Q>xTqUlHs@KiJI5G6k5zf8qYcGQU0;7vOLxjiEqoOQAv{>|G=WZn5*Do}1
zl6u!=xCVr_@f9UIpr=$BcAzo1qmgQ&;+`gOz)h-brK+DdO$-%9s}+WfZf&i9YjQ)v
z#p-^j=|0bODT@6!aZ$eS$ORrcYfh7Tj6?!H9Jur+x1BlWF+uI^nRA)4JdFgBZ<y{(
z>8b*aUKUqU@hJ|%mDuWbjk`+Iz7$kug5LUWAl~l2-JLc3Buf$`)~VBm2i*2Jn$mre
z7PlK{bPCMq=TWgjpK<IPFburG{oM5Iph+u_YJX`|kR-zeJmWKBFki1etT`D@-BCrT
z&6UW+<6c#jgBK~Pe>z^B{=`Q6IJpu;xEt5rPOO2v;lflGCwKj*zmrg#>OzCNWoBN6
ze!(t~TT%b`89c3o2|8jeix=T&!Qu2o-UOBCL(Ac(m-93DyyMUI<J(VADv>iyHAiMr
z6y{Sdd;JHkstDd7m2}hqY+f9VR??)+*|0g+we8^ps8+kRXvgR8z-&SejQZQ<XhZot
zNRazf(*>KY&hniT)ilNmc^-mnW+;YYiuU#qZ^gqZfDWfIjQsjMKHoq9+j&C;OM3rO
zv%#`+-kNLss<xJSONb|e2BSpZOrrjxnFwUN^tsKs0nPGZb2pf5J*6yY{o}xn0H#ZF
zr3L6`ivyRW4K`;YHGz^A=}A+EPPS8yb^L&-Kt9ysdo)G~T3y@O`;+_h7b$y7i?Y<S
zO>rG<o%x%NC<3Q>DUCXCtDf#BI5aY^y@JjIS+d~xlyDuNwI1n}*tRQreAw?dc;3V(
z8hwqQXMZydiLVo_Adsc|ij9MmBd0;#f$1P@b_eZ6ule~MpDg&UA(PTX5q=1LFrK#-
zaxt&<Bh|@ym`hv0PClil4?k97)s_Ga38l~~+wC74SF%xZ9;pjO&~NF8K?|O{&UvRM
zESpft=LSK?Ac+VQiy0l5QFNl)s8AAjyV&S=bH`IsAfnR81^YKrVrrl2_5NV_hI^#p
zQ+Ibt-O607<|@x`8;qr>x_mfVrza%9FXLN>1V&`>Q}>}X51~3}!euVzvuI9c-OdBX
z6apsp#z4i;fy62BX^ng&#DR>U{Gi(^^DiY@DVEivb<|pESADB-2K+kE>0dm1HmygE
zbTQ(}Mq^r5%>4X!#vyyNM-kbquW@Xgt+g-N-u82@I%$02(0jcQo6FA2CObW*miz%_
zd#9@MOBl^?TwlrJ!2t%F_}=>Q{n0T|)91aUAHa|R+6B7dj(U4GMN;xD);B;++@<@^
z+>C@&p*go9?BrqmGkE6nPZ#nT-~a-2>wmBShZxnjKbK9rKNL<`v?D?(*NMm%*F{i5
z{Wu?dH_gZf`T<d$fvZ&|FfrO$x)LI&Thw}_$g8kqIMiiBJ7FFgWAsz$g)RO0)H^JR
zfTe%)!t$k|Jz-1Cw465`1udGtzHAxW<G(T^zw%>dQV?)diqv9ZZMGIGqdX3RW<M87
zA}pm;UsVdMmO>_Z^7EuR=Q+YT8aE0^h^hwC;Nc@}!W4N2i8;ZsuvYe>qJz63+IN5W
z8P|268REslqpYQ*bwtd%GLX^v+!@v6wf%^zSmXHOwX)>%a7;?UGDxdSb88${O|PnN
z>*&1tto(v|4kwK!F#rVQwzMn`fXW%W@7`JoSp{JkcO!_g0L#7~4QK=#1urL>${EdZ
zSmi;AD8%)mC)16h#=a#CprxcX^4QtM+*Q{7IEeb0yV7JhgNh&ej<7D~yCc!yv!MD1
z-BZhs@|U#t+-=5tcQnMJ)#@vlZKIfGinZ{9{@J<#L=V1GV^ezBNgW*>o<9Pp3`)oY
zD4&pOD){=|^@2dE<*X?2@GG?GDL}J_QV%FqC~RV}Ry*M6_RF<0SKZ@<rqy&n;W9>S
z;^6igv<Bju2j%*-eo;e15`J89eJ}1m^f@^D6WtCqfEtVS<X(HAx=q|Kt#*)_M$2R<
zf$NuBb7-`e{L#4>iGon+y(j%^1x3kNgB8Yv#LgMqD3!}RhpMW%BIvjPm0FCn@j1*n
ztBlB;9+NQT>A7n1;nqP}y8RLj26s+wg)^f9(u|c7-Yd7ojfb0)C3dIHj!Da69~N^v
z*O-8B%e$9~)u!c*$^~=wvj{{BsR{^eqbnGc^%d-eKe9(uGLSIPQN;v}KvUZ!y{70W
z`vKBUXgz}J(z9MJ0(rZcmPLcebyg|L_b{z6n!YQ%)d?9Rn+tbCx0S`U`_(NMY%5fh
zyd%}SEH0*?@*m%hm)bmzZsk{km<GM;EgHSTI<kv#_0BH_&O3{WEK(#w%EhD^l#XK*
zKzfQ@{(1fatVlX_?TsBG7L78uJG-ZwWC+LHr(7PJj$=zlZ6!{em1D&dc_mner9O#y
z>vLM3(@e8M-k9ZkNi?D+wbUMHtApVx4akiabiZ?gecw@>sz{FQ^W?xdh4?gPr0Edg
z@$clP2a|GZe5~?uh=2oEOr*amT&k+2Nz6ql$8L?LCEYFI5~b~_xI&fE1Xf-753+KS
zFtaNQjm<ric`2HGV{~>LQ+Ba)F(`h5DYIR2Wcw~HoB&u^V7A@ca%@yzJpY(96kF}?
zd^GQMuU=$audhp&#5EhEjhmJbrS=0*z}A1UO6Jd8IORFExyIeHNHbNmg{wOv+g}*Z
z^hthX3AVo4Od!twED}0LBqF7i>QT6H3nU(glRt!wQ%f#@?Y)%fg@(<w)6md-jzV(w
zQ+8H}qZe?4Vd(BrYYm{$l%;+fvdmJbnONrK(^9+uxY@PE7(L9EW?0X4t&=!CVCCf4
zl$W3Y_FbQGfTQ6v?ISX>s%L2Ws6BGl_z|_$+?hra-^-Q_xYeR&yJF5ogxS0g7HUIp
zZkOiZ)1jmv_v%Me9H2RQ2^i`D#j4h?y1B?%oSay3s3V}^Fp$IOId|tmVfy0aE!mjh
zJw(%&8p!;#wTDp2bTk=krTJ>N4nnwkk$(4Biuk-rC=$ek;$SkRCHf~&wP<yzDM}yw
z_BQ((_$E!Bs3m6KIys%ZGZk2!M9fNozZ=+@LLfsP9l>-J4Ao6hm6MPYX~_?BTt%!>
z&T!n0_ZNIrEfRx#OTt{Z&1w*Z5=aOo^U3QvReLn!IQ7^;N-&&!i0%i+jL93IcWHTF
z_|(<zUeof){?jx{@1i3sb(rf%s%++YC#yUGOsd_|3%x)S&-0Aa>xnf%7fNHYJd6r;
z^P-xX8uy+g#>0#5EJ6O4?)1CLw(<alN<MPJTN%N3jbDNTLkMH4b?3Zh<$xEO9e8Ef
zypL&^(Wue*G>Q02<cfhN;9evnv2eN{c=8f5(_%(N_(SH@$cxLkQ;yWmR`=IOd(x{x
zLojed*%VLk88TXgS|f;PE(~+6p@Gi2r4l<k7?XZg7pt#n8c@L&sN7wMK>;g#;gVZ!
z<lIpwG|2lCw}nsa`fN}fGOLa`c!+|Ij>b-8z)2F%espLuJ1e=6(0Mv%9YaZeuO)VB
z-SNH0#$@KnUDXZ)4-IO<1YH?Mum05KbK*{#R70D$L3uh>QOvhTWD$<$yC_yesUqpu
zT)$H{N)T63>RGTCg#IZR@bjEnF~udzBRaAa++=Ik==I{~<$*>A%<|<LL^bmLglg}b
z$zCfgIE(<$6y1SI1##$c<exa4Usleg+Z;V=DKjl6O|?b=;7-1il}DUzcQHulhdUWc
zmf#T|+ipakt*+upgb7>Ci(3_+)vtJ2If`6!KDg5@R=9eqa>a+O0&fh>FRqEUpMkCw
z(0LVX8E32hKHhVA$?zm%Xa$YZN$Z9`36h%qAUQ(i#KY@WN_83XR2_)CgXMmhEDxCW
z?8ocQD%09!u{U6dy28gM(BYiu7wV*8rIs$a4HV35aYtz^^FDLu)K~k)&=aK|upch0
z9UA3H2F98V7;Neu_+ahn3ll>wLrZMUxqCf7G-WnfwAI<u<;`uRay(hZch|%?D~>|@
z&^|0CJk2Y33R?ta-w#dAkEk{3HKYdH^BV|cCy#>O91YOH7mj;h-*3fw)Q+M1y<H3?
zXEfv1+un~yNts??14sZ1L-XCiadlF2iTu0vU>-UVlO4dp)ntN?DZG_oUJfxOda-6L
z=HpUIUe3_|nvX;gtRBK|02?QYUyXEOuI!s@YM2EDJKcKUEHgutHQC5wFsXX+WKu{=
z$Z(*fC6K$%L4k&IltXiSf$KtBM0S@w*VRtm@l#nj-@Z9_#o&C_w%Yi1-BoQ{Yrs|(
zs~IYfRcL9GYm|_wQi~@sXr&>#oCiBTx=c#-1W*+Acu)Rs*b6H5BRz1>k2^M?9G*a9
zh`rf5jl<pzZ=2GyKwi>o$K_>BpmO_bJcjqtE#U5&6H=P&=)rz=pf{{@>Iq1uv0+pE
zhTu1F2TwKM6m-NH9!5L<YmS#ghjUp(-b)|3z4BfX^#>VaW!nRv1K*e8mi3CjNbl0A
z0t;S8opp`3f+{EfGO0YjK}h+Y=%TnW%?zKFoqM<4*G35)rnC6?Kx%5{E~B%8Y`^Y;
z70N%NKOh*rHIQZS*sn|%pCOta@weO^aR^rb2N^a1IX5Y5OM&~{o(m@>=Wl>2Sv+s|
z^Y4YcMEqLu$JpOu>0Jf)KnEB6cP#5)Ni?3XuVzqvUO9gF&0OYxLqW6n!J|+YvuL5d
z{Sgm>fBG5>6n=iS`w{t{Kjz=?8?bK)F8<@!hKGFfCqNG0>YHD9tk+`<#J^#&e^JTz
z9SL~q>h~t>_wW9=RXY?SxFYjSmZ8{hl*Yeh51a%T-uljo1Mx4U<v(u$0iTcY!-f6q
zzjzt}@oj(~AGp<4Z~mFC;LyM5_g|9Cvk3wWrrOi-7{dPJ>Ar%2wFZmO|Jd#?s_;1d
zf|Ffwy}J0#?f!e)uTl)he=Yd0Lx8RK%qDQ1QszC**Sp_mM}8Uje1MNPf1!Q<aT;G)
zZ7_jkpWxdcf6qC;HpN#A^Y|?tetrMf_I%o}QfK+zP<qe*`1-%j-hltL9SW%-y5T{5
z`)d1Mn=94pnIED(3-J~e(oaC&-rinEXE~o<eFzD{34Ls0f{}qiURk-+0f8L}0$fZ*
z!-Lw8_tyd2^C`w&F?CCcjMdtX8aKh=vM)r-dS?w1MgW=gP1Pzb%fG)F!pa(lQYakN
zmlb;IcE*VJz)N1gHxkxGEWmFE&}8s<S?KHQTUx??1f$p9`G$pkxb9rv-3>CbgOgxa
z`rh7q;}wb^443#R@Gq*ji&D!WsLP4(cT%L{c8@8L#H?Fb95mKiu#8VGMk%tf#pINf
z<dpsBSCqs2j=tD}f+mc4X=ZD4OB%fStt$v6+F#^)7??`l5)wATRdcjEgW73pa*0!L
zMY=R?ZO?uX{x)g$6Bz(<cj%=~QuH}BQwz1l=*h5p{7r8vc|*FzQXc#KOK9wn%OqD_
zSs;RRsi?5v`)2=Fz?39ulusW&HVfmiqd{c)eLXbn@HRSC+lp;iKGBQ8Tlq!3lT}v!
z|DQC-LV7=?IT1R+x_6XSES1>B9ogdjBvDha(sV5C$^uJoWuYzut1UWu6=8p!cw%sV
za?9J)Zf9@)AkuFJpl2}1v<(Oi5M)CkaqFbSMH1!7`bzv{5Y#0>w58x0ElL&7*7AjT
z#c@cFWt!ABmDJ=lJ79$O1F6-)?c>H97=v9|RWO9lw+58&amR4MhN^dAaCUZP>x!Hr
zn5DIv^Vr%Q2yw&qmuR?!e7jGhI5b|JF}A=TNSvhAGG}=lz#SfXZDT+t#o@WO+#h81
zT6C$u+gb#{5=Fl2vCa0~zNWkU-gC{yet8<q@vUuhDk2dvGn|x{yW>a8;*@<K_la(5
zkZ;b5+3;Y{do7Q<xttQ@vL^3`>mxuNnyseWn%3)7L-_O-V$+_XR<C{wK~(Pa>V4;e
z<Vkw(^W*|gkp<7iiV<8p46-y?G!&uLy(h!ThvQ>QYTNDg-N5=6F!GB^!E!oIcL@Gl
zsm|Nk`L3!TC}<u}BlV4kApSaDm2x3@Y!o-qNjLex5?ve7{CY=PU18c0p!;)A-D-(I
zs}332bd;$@b-v4&Y@z6zr{_kbM0^!H3-b{;X<HueRkfq8B`91?X)NYte8Y`4RhWnH
z4C_IYa1w9P>*I-|`f<&h@xt#1B=FW3IkY`!_Ln83a2NZNeu8}mD-;Yy{m}NuLlLD>
z)MX$bMEXA~Ab)W^Go-J(nx(oqRv0@A1y?A6m~jSHy36@#o^|%ycQP_wG=2H6*}QKC
z4IF9@No6EI7&tDK)W-ifrfEecqPJx6_!^o{Z!@a@a^PQnZwQl7&W(Kel_8b6z)&~6
z*)p-rCVYH%vNsPc6JJ@n_k-EifFipeIl*yoiZB9~w7ANl%nEyibaA<ch28ssBB#JY
zn%b@Hd*Z^MgCim$5;a_nDQ8txZ^4+|8ypSdk@9Rw4$<V8uc8#rHZ$8Z@Y*3i%8dGG
zp;26VU8GB{H_Le+Y(q?8^;JaFw_+#!+DTN;wV)8V?w`KW)m-FQrtam(=2V9@UGcJ;
z_9ePgXxfs#hrW9PA#%X~o;KjF1+aaZ>YDi+!5I(XYP)1y@k$fNpzaZNrbEx>Ak%3R
z9bONdVDU3B;KskZr+!>-;mZfD=i7mB?M3xlVn7`JEj9^`;o#oJa1Xk}rK{hr@hfEc
zO21OCA^AzhOYFl9Wqg%sm3lb_1`a&zp>bzR8-utrxe>&&3715NA<dDa6C?Zy*~sSY
zOe)0PIoG5DD{rkV%lVp|!bQS&QUXGrpNGxoYJ1b_EMh)xUo6Sa%~nk3e5GBP5*gH<
zS-WV4s>0Jb){j)d45bKaj5Fc%jAHCxyK>&5{V?!xt{OTK9nx=y*>Yh?GP0EL$3kiR
z9{gS=?Br<YhJ*DYPqngXF(y~z0;e`Ynf7L`uOcj-A{uS>#E6RNQqH4R@Zz&22vg%v
zl(U1G(gY+;upaH?4w_asVR6#JC(zV1uJ;Kz+u4cNyqJbQ8M6~B#tn)wbrZ{qU)wW+
zD}k%$6Ro^mck;=ev6Yu(w3|&*kQ?d9#c6<rPgN>9p^qLO>_3&A%;vTqTH|$wyEX@L
z1X3tWsPH8%=M_*BpAd$p47}(S@u{<+Gb(M=agzxTJQ|%gn)&xx_UlBx&-xf?w^DPS
zg&)Yg{Z8Ni6N#Ur5vkZ9SJe-F%Yo=y6SLh;+$NgcW$kUeB{~y?esDlSQPsCri&^Pb
zu+H!?_?VKg-~)%V`lm7SV6-n7W60qy-Fp=`L*d;RZ9zFtEN`&Zloi;>3Dgw`jh{+U
zpg<c+Y98{OHaQ;TvJ6t#h)la_`!c>#mK@m|if+JfQwO-Zq+8fS&s%A*^H9usL5IB%
zrqSUNG6+u;mY+zPQc?s2{YZmA5}YDfQQJsjSA%-Z`5;l@I%X;uh!sb2l#JXKi$N=#
z(7<u#q_o%fh#VkS>IyV3q`=rjuN-VgTbv{oo<P<ZpDstlBdLGklzNr_KMMYz)<f3#
z`{qvnYU~`7mf<)Fln&>`aCq12$FaEsO+v|8_t$9k-*(&mJw~3KIY>3sR4fzL&nXiS
zM<VAcUOE<Yd~d2G%tEwJ#VM#NUsDxQp-Ay}tPSeRGVAbmg|3OAwIT=R=HM=^V8&2I
zJNSwza!FD}+^&UddYl9vH6tnNpsLD99=hW}<eedbixO~XrW~i0b6?ENJUA_&ctVCr
znddq7g&-mCjYEZm=Tvb?w!|mfz|f~WXQk8U9e<J^KPsT)vyIuNio+GyrU9KDC`>}@
zhh3+GcIP&))h!ilUQP@LKE8oKl*7kws%`+aqw!Zs+`!B?FVa9ixTx*8ftIs8qlm4R
zPRlO5iqp<SzPHjA4D<>=hq_<u;;I4fn$<yOaDQ1o|FItmircw{P*LKpE9AM`tg=ah
z+}(F=9Af}iW83r16238jqo&7oV+o-}U1#Q1T0=(9AXB_j)kdQ-^MkkF(~tZ{K{zdy
zWEnf--4B+cxc%cNll}8Cs<-6q1Ue=EkFU3Yifc*!#}k4jxCfWu?(XgccL?qf+!+W2
zf(LhZcb6f!yL)hVADH>`cE9iK+x_kS&$*m)r@2yH)!nz`(^a>vqy~{iM(3=fDh=!$
z^IXc*?q)Ot)qUxHZVD2iaEu}Rsta6Y>9dt(%;RxP%*#fOOl34Dz+GZW@qlRK-g)dX
zT7I6%nuhAI=;lnZ<fdc(HCFGQU;(lDjSsoArgGs4qk4d&!pDon-@itb>_*gBi=7^&
z)z8oD6}BCs3|k$Z`sg{<hTV;KS6<ooVXN2vFO8f;Df?hL+8~cpg4&Op;hfwPME)CJ
z(qpVekL>*8-QSmpY$6!xLecjd|5U@hP6+iyHrL>*=YnKPPgp`OhURKIQ%4FLYw`?E
zO`(m1DkIOBD>hIY-^l87w!8of^MW5QW5jLo`0VBCy^0<|VB9agv7vz)h>z9)^CXG|
z@DWWJHaOMu_t$MKkB5t#v^3rANTBG>$(2Etka`kf#+<B(XG&O|=>leSdMy9#75X_|
zCcL__(d+NjMAp--Ek>*fk35l$h!lO*Rfm${tO0<fe)vD6{elhUa2t~|gQA4rd;%^@
zx*CR3wtifTVK7nH*mZtvN@h{4;ClPWg_1^d*05%N+&Sci1u?Ef4y;YtnlkM3^Yqk?
zzSkpG0Jk48zf1oc7J5<|`U29%9*gjunGPPl+y3P%FKuT~4E#(KEV+$Nnzjmb9O&d;
z;H|rJUqtf-`1At)wPIwds~iS~6Ubp!(|^3J!+s3w4k>Ptr0YX`uf86O>+5EWOno?c
z9T)oc&t4|+>N*c@Q_+SI9~axaflP_%;c*GZKl3-1_`TJXn3T=~3?a@GF=O9q7`#z*
zt3CVbMf3&uy&^IJWUb{C8Gha`5x>_21bA-=IJ}*OHMC!FD9<m!k6HJpCrd3GIN^$t
z*h6?v4(S4|?)!=c0#c*vcO?6L2fn~e(CH?lLEZQsM!|bcO<%V15X}KbK@5Np8fm;f
zhvU&0hdOKmAvK6A<E+Vz7C+Xas^&Uc95Z3#q~J11QyzbLrc5<SaC?vV16^9_^XK=J
z`@ip&KDD~vToAF^xJy48W-{kCBgnnx$+|k2wdmerV`0T`Ox@_$&hzs0bUWj-Uq6#-
zsa4@}@oMl)z-oBd8X%T(J7%|XAk)VKTq;=^8ocHM==k}NdnIo5T(E11a&>kv)pEXn
zjlw@PFi_vEZl@*`Ykjvi;L~q!(ry<oqq5ZBcG5J}LBMhJ0F;QdeuBsTH`DNe`VZ5Y
znsJ+o^L=DtR7U89p~fju{nL|g2Pe>l%{*!Gr%vL#itpY{#2=ea7F*f3Q+o8vkG<SS
zPJuD_GuoQ-<=1p{htJj~S3OaTVC%0<QG~;>-tKHx-_X)CfB#-LnvQi9ia437F=;{*
zdf5lKj?D(>^Yh+)ygn{jtlf3WjZZtah&<bU%{1iPTaE-iJlU8F%d$_K>{xlIFrsc>
z-aN<r-P2H)7{Up0gkWvNjd<<YW;Bd)HJ$W-ak{!0s1)?LTKx?(76^Gd{Y;=BoqIp_
za$9(KvzAmv^gINfnwF44&$m*R>3)HqDOq9C<KbR={<Uo9XG_~Oc)qd0XzAN<zg%&B
z94sA0ujO8poUN+F^n6KuUl+Mwm7%vxbGTvX78H6IZ-TH7!c*9A-tB*!>u_>sS~f87
zNgf(gI|p9P7MOJ;WZ6Fcp7@-Ug`(f#=wr1Xe|y~+EPc+$doAOWAY!OJb7+zH>}7CT
zr+`yQq`xdiQ$Y`rmnL%?*T-9S`UO~UNY~oIYjGRO`N-+xnNu4X-t&nkZ$7id%Q!&y
zWIhsybwt7VT6b&>@Hh-6KKYi!#5<VD6t;NVQ^kb{T=x2P|NJzyx-A6uVojmM953U}
zumv6r?jq$yZX+{lIZasi8#LCnF!YtwnsUaug3l>XPWA{}9FKRhGE361PvE^lKvlr*
zx2*NNHzj+lE>H4qX@Zj}O0hos0cJo2R&LH_{S|xQLoG1|uj589vfXmz5`mj@fP0!-
zU?G@$D8v_W3UvLQDmSbkXL<?6Z4A_IXb~N?7A*g=uhM?A1l_5>u`S_~B*p^sdjK2a
z;NMh4<?RUR)cS3-djA>-aJ@Maa9i*E5^xhPHEvSmj+)%o20EN6qH`Ms51;wKiRH-s
zwRFD;=qLZYpr>P!`pNiZ5n386@a;Qaw=rD6Q<1U_EYIRF7&A`IYOdrMSl6HN<hfe;
zp0M?3?uAKU_kJT8t7UAt)v72<zvi&hR-wR_@w*?L1rr~Z$)v-R3vpe&t}ejfP`5Kv
z`FUsFL?PPXG$PETl0K`2esI#;KSV}(=ezpKOZboJNrt+;v*tL58H@O6{mV5%XB;90
z<M4p5o<3M+L~u6ycu$ckK9HU7)0wJ}h00J?%^Anu8>3b(#m59QD(Q?wqVZHrk;CR_
zd}CtQWBXw0=h2~NPDA-K%lz`y{Iv&C<ljwD`EoNfJ@zIcyvMX<sorkYSOw%3Gtfhw
zQT60p6f|{O4NH?0aBhCv!+CL4=^mDBUe@ji>Y0rr2g-JAFZKhh%ldm~T6`6O0q6zh
z8*@GMTr4fN1uP<X9uF=J(>ru5O5=uuchAqxn)(!#is3996NJV^<gr2rayFDgn>yLQ
zvzg#ltZ2)0U5FNk@=pLO)H4Bq6CJ@{5@}*qZElVWGIG*JGu2L_37i^-%+@~mVuC=K
zkSN9U_+IuUU5zvsqV)yE@C>UY2$H*(-?gH()ndww%qiqPvZ;kubFOrvY5U}xqM@14
z+pxVp_tR~Ys-FEAnWjo9o~WnRw(odKBb8Or-jBShvNEBx<Fc~j*j6n*HCGp{j-0NL
zBd@~%V!WUJIxF@>c;a9I-~ffo-rCA<<KaR%O`Ah5ij36H%U&n(Q<bYf>HrLj_%u1&
z$YU8V=Lu>(_MhOIwt@(BxZU^JSOOdtU|l$li9W>nzD#KAPPZ`%dYwK2u5|@;1&=qn
z$i77hJX|w%N~*dWw0NFv7;U|C)?8y$dsr+v3mg%c85r1a+VH!+y-grA1AGCPxewb#
zWc<zFloj<xmfVkb0gvs)1%|rAo=uWQ39|jLvC;~-H`ZqnOTGmgSyB1!D>6zJ@J1^J
zulf+Bh$b;mZE;7u0>m$|dG=UdlK5>o-F`7mXJvty-pk7m(kk<~KDB7ofg<|q_{wk=
zO%e4D0H<zy)o9yXS-6nH4_vt^IHqQaoQ}+lkh7wQ2&9zb!zHG(4@=_Ib^`jMKhvnj
zr6&e~yugqFCNmIjYPI8-iTsi&oi<onScfUSa4DY_*b|{X<8Eun#o*3&{U;W{&VkHo
z&T%qHRfsK@ZJITl_*r1kS>kai0zAnd?4WkzasB+=-Q=1)U+X8Cy+MsuXFX{~T1Jss
zWfeJs#L%*LL___K#H~np6?hf!TfuFrAa<o(z0xx%r=}j=y)RNtdAO~^ad)Y!S2UP@
zY$)C(5qmEQ!+LjyI;>(-Nt4pZaLPJ+z(|2yJB5drvVT{iQ-;CBBw_SMK9zlYfuD(&
ziArf{P`u6h2X6<!K)c#?!7y&VsBF=l@bNaDR5Bs&mqVn!a79H^NPl1W+omj2^L1o2
zN847fmCrOM<<i?{7*x@2zi+mLuC=c==QBK%eh&?ZW`elF_Yr5AT<M4ek8e0O4rK1`
z9^C9s?)`6+IPEi<O9V_omN<lWeA%}_G#wM80vO!t$A>KzV^U1#mc5_euLQ8|hY}UX
zqfQSfX52C$#!HJnaoa6m+&QL}S$E*m>oxy8jeEH-R7f)ws<tv-8uubbApF}#UUsrq
zcP#!?-)r)q;<`6hvkvn+;oD%rW*;SI?F#j8Y8<mPypEQAt-CTU-NvMC)^+sTnvFx~
z0kX0uIM748vOvmVKl6<nDI5#aohg^Yf-ElsT8Gi0A!EoqP$t8qC-huhSl=)!DP=ej
zkw(`|u86V-jW=USQ>akm$2UbK854G0E5~|Q*BiKJm#zIfEQ1?Lg=LME<Ztnq_A5+~
zo5w_&h?eS;HXgtc@ym#^ly1fKtm=rjO}n+>(`MB<m-&msS`;v?6pdwNAR47)87Hl9
z9@})UIvh|CZgY52EM<kqU|ZH`4A^%EZCi6K`AL4=qfANa(U>aM%1B4k(*^e!-DWME
zo!WLMRi8UO3uf6dGR>N4I6YOhhmR{v#9Q)OIo=?;Tusl&!Bbi71rN!|&`evENhJvC
z8D6(j+v(dW%OmSLe^Yqhv3$^;k63ZWrWx^|oDRAfbYKG-+WB1JMBhITmo6w0A+5^_
zSLk!0jD;sXGo2|R(e7!vpAIKV#+rwXaH;4kX@+LQ@U$Fy;v%X#IV|}{jhGHlQ_AVU
z;*X4O3<E{dM|Vt3(fSMfcca6aB`FocUS?o;mON>no~&!np@(}-df#yB6lU)YDBg1A
zEY(>EdEePy?F`u__4oImRNXFcd42nrO>0>WRV+BARYkBB+?DqJ>u89NPz?{&kpYQr
zlvb-u=IN8?RDiJGx#9fjGEd&SHm?#5d_zsmjNJMTbGudLM!Ti<!+TQfLDSg}Rix}&
zZJ-+xCR;&N+U&#beJW0(i8J=exL26{VQ4v=Ce*ZS%5*-RZnWf*``MQ+=c6h89`|cX
z$c}O9cr<^L+uV}Jqq<AVO?Wt!FL2i=F<E7PdS+(|okdLB?bPbpa({WGMl=<>A7l^S
z2VS5%8rYM9$iKy47D_#2w&OA-N|)XYx}Hrb%s5Q=S@}PrNhOUwZ~I&wZ%W^~t*yq6
z6Eu&^|H_8RX@Z(5;NnqDPtqJkmi%$0D$1DNnMRXX-M0I^v>L!Wb`PvW^DOAj$6tvG
zTJiGyc$xlmW9Q^O(CD3FTu6R+6#Rn5@Z`>wXTZlaJX=<F8kYx`iOC#9e%zUL13aO8
z-H>B3{rt`dDz&V%qRarch#8N-G9RkcuFZAQ6kU<HRsVA)b)rHLqi&005fynNYkXo<
zV`V0z?#ANn2*-+{PfKO$W)R#{<V~q2a@s7*<R{kY;m(vrh1k^e%JQP3oU$VQbOv94
z^0kj5wx6YQtHqxdX)3O(_@W5-ygY6#)7(AaEG;c<*V|LZ(CY9(??5)Y#h3VhIh0=`
z7StEW5R^%!7!2oN;dj`ZI?+##s|BID-Et#fpo*jxiRs50lEcFe1kI}NwU0DzLl?(A
zn$`l@z`2$+us5gmo#O%%e4AU+!^ws^Cz^K=0Put8ZlZPK^e2a3$5x1K&azv77;ah8
z3%`dAa*o}KXZJ>3yX%tat09vrxt?+kHxWIgX*CZj+6dOIRzla62Ya7A0W~7dQ*?&8
z><`(@qF6$tV=)BG1n%y$Y7-f74>L5n?Y34e*4x)x$qV?*ht9iqZK&?S6+bLCC+)VP
z6NgLZ<A6ZW3J}AqYO?+sZ|BG!o%D;GVX@|kO3Ut!8C$_y`w4RwLT`mf?^3$xpG`ko
zx@F=;Hd+vj0lI>v(c=0Wr7fA6H#F2{lNL`mU44Lv1BQ9`v-O3J1V1->Mh31~Y98m<
zv#n$fhbxc617OcJ2f@>G^VfK+m8u?`5daO?`7znv%9vy1?i1wM_XkZ|Q(U{J`bk19
zLBnQ9{`c$PbaIZ=#g${r1c738Yo5mmE6B5e`{X=*O_<fO2*RFcB2MFHR5Uj($+w*9
zqm{IRNpxGwp58#8CE5(9y(|d=_pM(;RK}SdNg>}qab)-9a706N0oB!cDdbOy4(9hj
zE*`wCl?E1rYg(2#-V7gJd#$!hmwlKQ28kR{qu$n?-d3ft*?iAa*RPEG6$MvKh0a>1
zJKCX}KxgtQqN24VLB*N!C+-SCfyI-HfOl|5by7EfgGx>gzUDo(-@!rsEw+gS?SY&H
z;XWGP5ty2GZm#H`Nc-7*wK!M7C(qBzhaa*&t~f$pC9kZSHO#200qN6ix!h@Z*Y=+9
z_%5)}jlCfGtC61wsWQFq^~c6w#;&F_E(=v4k9rUJ<DD2F>(+Z0qQ05pp4QU1G8$&b
zHwyHqeRfx|*i21(H{$nO`|iolx9XhEU6$kUV(tprP<`2I>3;vz7vNWO45%fhy%{>&
z)V<HBD{&}zvx}mWV^S(J;4ts{TzK`sKY#`}!M}7e^dxZ-bxn19cnUY?uaa13AND(B
zhIFGH0xZBfCAt)Gj2o4QS9S%yC(pZMWui^C8jHCLtEU}%8iLWEoj+b3&yyxd6;DG0
zIlTgE)h@p~!_2Sir*%H-GRm%~2wg8vNu|&tzgW-{*o^!}HG$|zlt0~HRD5ddJHoC2
zy;Oy8M1K)~{kGq5z0n<%X&Pt;IDrko6%#@*1inQE8!y+9e7e8-y-s2cq2(ZWyBU=8
z^_NdRk0==&bK+M-d{%zYu*p#Wn$E&`s9!c#u4(Jy{*f(Xk$Ow=C#t0-)WZXNJ>54C
zB0-;ny*&*+xT%ajK|m=ZA8#2}Ch@!?Vuhe+0N3MS`_hfXuQDk=PvPAWUvIEQPhpsx
z1H*y9ar?Z5F3QB$UsPvf)cDrN?(Ww<i@1RD>!<3{kN?_N#culc89<Hnctpbar{#oK
z_eS+$XJ=0zE{e)219<vqE#YXAiEjMwab7{4w>&AvZdN-|eERbLOv<$bPpw`FAt{1!
zdv%PtqEkn;cs?l>I^Lh}A;w`t`eFawshIuy!{896jg1Z0s>f@21-w#WdwY8^BqYaw
zc-6Y#&`EBes+#A4SDWpMK>aqz3fu?yp1)~4e>itPQ~U2Se6afZ{}bM&B6|(*QaR<Y
zDE!&KKV6#t!ZUn$og5m{f$#oM$nhHd6B9KgB_;DRp}vK5d1HJLqCb(^>p%(#_>UXe
zh5t~wHYG%)|G4i+q^q}=Tu_i`Xv-^G9EZ5=4T#0)AGexhQSaSXLJJO4IeYkARodg+
zApFG%ylVe+u4Rr*OEkQHjEGqc;nzeeQ&TKFJShqRb9V&wfn8KIU4@T}C<vgKM{<j3
znT5bNpyc1LMz5_DEG+Epr2e}D(YuGB7d>`=E!4k_t1b`*32v|_kB*K`YEF)kjLZ-S
zpZJr=rU}~M*qE7+An}MTGs>SlSr-<j#;jG^ySlns-%N*HjraBGE(Bga<i9l}3;LJf
z)<a)`7(fgSmk)pSfaKy3zFJ0IS9e9pqBHq#RXw|;XkN1s5$~Gy<^Koc{^pi%4|s(D
zIQV}r{F^QGAE$z{Z`HCMsF`d&CC3{McUGU^E4F3`L=JF%`-(>PuW9rzmFQI%g4Tb4
z6OKk!{Hfe2-C*$b>o-YR`;Z=JN!kDG@xRd&pd^t^RI2pD<Sa_J)uOiqS{WDblgHgm
ztw3NS%)oTk2eQ3KMwn!7U|pcb;~Gun2#LJ%iJ{HJnOsSTw=#jZ!*r`ZiKBjZ7tenX
z|L0pQH=&Rm6j;PiP2Wk0d7LW?$9hu88<)hmanv^ZB7oD@@yItk!~q=YfnFYD-7Ibo
zl|n{ip3%+&pZ~`LJq)4FIaT#yvFffxs~uECLSs`i#IA?dY}2mbTbWN66S~-xc^>0a
z#jX=)T6J*4Ga-%hLedkfal_4WD-2nipFPgk=Rq<x5<$V8j#-s<lG<hSVx{N4DaHg6
zP_}l)+EbxnNPFv!aW6+E9A#b<VO!1nZ}E_U^<xGuT%36=Vi?+`TJ#qkKHe6VQJ=L3
zdPF$bRb2abILBy|)xLD$0fWTfZ{)Pl+*=jSBn#%%$KDgaZy;E3FZY|DAM5<y5j<XP
z?m!U=8R`MKc$HsHd-|L$n#-`=e@mu&FDkoW+}(vNfW#ft4knE40rQIa2{mLO#P)?T
zGT;4otO&bKfP0F60gT1ODo@<-_0g13>^mk}>MtpP!XWH)9zWlO87N<Gkip(g9UK_2
zK9u+(0^}BWWXapME-1i!xlr2R4zRk$_033qkAa-t?5?_K8Gz;i6JRVOf<)vL#Y%A>
zIFs5?%U)-_r%vF^5U2lj++O~<W94|efl`5>b02V;hGS-tIG0GR@WJ4W&T<LR1wQl@
zT%i3y6T?wyB)mk*OTjr%?R>7!=1X~0cy^(LPI~}pAk6u1nPC5rIbKy4pS~(R4LS?7
z3@x2atJ{r}wKn~h4KwcVBy<UWgau;nC2P5eFfK#j6FuoKg$%5n13sqo$?0IS4?SB;
zu>(F)v5h&8@hp^ivfQn*k(wW4fasIToK~e%I(Odke%U7>N#2Wj>eb2J4`qk_Vox-2
z1O_NL<HV%eJ?*zGF5s6RdiYJ_nXR(qIWq;{FVCRw_<1SGSgNc>l;^E|zJ2{_cjQ4=
z?sk*k8K_E(A(*t;R5QPR(@dg7)&yC0{h!H$EYqRRnN{Ugc;A8Q6<blAj&>fm^J4=%
z>#CmGboMdLS;S>dIzmUzhkB(8siR}e!(=EJ)3!~xI6(6=EAh4{tq_|<fv7OW0Y$<>
zTrNd@aeeKsv1}nwwC%=7E=F9MgYsr?K7Z(kaV+u5=(zdx>^_*);x9@s^XV!gEK-K5
zEly*`k|gxX3u@{blbT3vLpX#nCrXH7GftqYoOc9&Gp$~Q@aOdP7tX^e4v}XW($t^|
z^${^*6#Muyh#TlX1|#Plh7c>;;B|X0q^|uD{n;{OV}^q(vazMaGETfCWrW{B^^RUt
zG`yuWQB4O%TJooQw)J*veqJlJz~#fPcT&}QUBjV(*1m$F`TRlESdrjc-hHp)e8?a;
z@Mgq1pP2$|QDxw3uyvGOULh)l70((Z``!E7Yp|4Yl#Z4H9_F51CZ;~9QbOi~tUV;_
zY3_dkp#<&U!e}>erLY%;79<%xfP=ChLu%J<ek}f2#0*|2Y)N5^X@ZP4j06o8GjjIZ
zqJ8+bN#mG+SmB+_zY>Glx!*ac9}*fKG2wPloBy0(zMF^LD+u1UZnPSi?@3KGgQ8(X
zIY;%5qq}mfXHf7tqvOo9D=by@yL}{jt+V$H!->FldC`W@=VB39qO0rongk)tpT*=H
z-NxIwBG3rZ_c4Mq&zPt$Xe!860$z4ZJiG-zCf&+vbm&JbHWR4}CU?xy)syCA^V<_e
zxw41sg168?sDBCPZ*qDAy<Xs-lk>anpp%HT4_eB7=b}<};Txl1v;e-8^#S|g%*w4Z
z4o9q78hbmTBgM^)C-AlSW@Oz8Ig=Qp1R~LVLNmGtCG8e`g{if@z_3iX)Q(0nzSY(l
zPtyZ9Gh2#I^rNeO9_h=<&1~<tEqBLTA=9iLJDk0Ea?L7*XEI9V$!+c$b*i)vDDUel
z#^|dg*9IGKPu4Gw(^qsGUz$|3n>q?gZLMlzWx~(-5Ee3dJyk}V+-JE+!f6$v)efHl
zcV|!}VRlGwE=EtL*VZz=Wy8}Ne=&A%I$t(uJAVCZ`-PoQEg_C6@mcw2?AdYwm-*fp
zdTp0Vm}U@Qz3sl1&0_p<!rjg2KC8|`Z~6NwK){)aw5-sMLUUqzp|~*n2|%UMVF$@I
zM7nK!4=3^lTKK;mI%#iYW7RhXiYTd6w5hPe=a#+RzgXEp&02R;Ycx_zI5tD--;@B%
z7x9eL`G&p?a!_p%n%@!8Uz;p^gr47cLl*eUKi}@1<kye?{rSS#1s~!mR=&Io5R%Q_
zJU*W5+=$g8H;CQEO=m19tBfQiXEPs|yLU*@i`9JwE4W0or#8$+7lfh(+(MK^QR(6R
z-~9K3UE$3hCf68(Y!md`TJn|sCGUyic77GDfko@6vX}sP*O9hqrK-S*kbKGnvRZ2|
zjHiZkN=V?bE<z<RC$lGgD>!JA`@cWhUw8!T71TLGi2vhc0{vB~%;GRWW%wW0z5%`|
z7koPbhx+F2|2!;@p<ZpW<B2y1LjUV2f3&|MAT!^Qyn*_k$K*WBEA(|f>+K}qf4=LL
zj8`xwKiq$n_Ww0zS0GHT@V>br{zGOuRl<&rj@H(+aYMEp`azii!ffz^gM-CoW#QrB
zTw?m4Vg8fm=bG2<fK5V>q2ONo9N-00%<d>I9`ssD@m2fmfcZ@VU+)@FUQU11XKZc`
zJG9jZR`Ul3{#}m3E7+(%Y0Q~F+O0r)q5RR|3K9QQ1^I%|g!p(JF^g;zk_$SRVMEGU
zIatQBXIb-N{C^)_*#!vjgP3K-#q~GEq=KlHo=~{BxC~6xKZ+F)K8Gs`FPA9@z01B<
zK+BHp3k?lb;CVOv?e7G<o(tPx`136{G@^Y6|F1FjN4v1<A3RrMq5cP%|4TF#3a{F2
zg`Ieg(EqyPkM>Emw}Y5m>WIVt#*F_$m%O75zVZRee=`2>bh4|zzEJ@y@ams01Zrn5
zx`$r();WrA_jL83L?1Lh;kI2`JU_*zca3$xogx1QKPCEQ!;tL`yX^BcIS&$Z<0!uU
zf5z+s+iQ29Eu!$nk)XzCyCR$0jSD~viLX09=QBmkHek4k?<3RwSZdx6X&k93j^@=h
ziCvePp@bXQeyn})v&Uc!GX-zYy$odi=t^TJ5Wj1~-_PpfB49=X*dHAPX7MPLyd-I?
ze<4Y4YJ){uzHH24ze7R7HQW}jg_uQm)d$1iBPP>MTGsTd&2tX_Y?%P-S1(jOjTG6r
z5PH4;_nC1~^g3f6lyGT&U_kqc`;YpydjHDYS1);gHc$tsYR8+a$6Sl9N8GRf8W8Jl
z04{y^WX*XR{U(7%&`>~Cey`)=>C53BSqNumPjP%teIy+$-XtF2gL>>}E^D9CHeP$?
zua~21cz41tjI;5}0IOXjSkWeeI>&9T5m+*C4e7QGfs)^nPs&z*7{}t{yqZ5~&bQAH
zvc0l*;*lI+0XjA8Joj|Ns4S?b#5h3scTsi`QwT%ya=(B1=dzqC;y;RV<7LDCr4l`X
zni2uHz63dcv@mp5Haqr%=+<OMM=^^soKN2KS2XG9SlUVonr}9mZu=DNyqIWs6ed=$
z%b(wS{we^3(5g~lq$qWm5K{8W<e09neGfe6@kqz33Lq6fNeNZ`L?yI3*XJO!Q6{Sz
zk>?;3@kRC{idL<!Clg2c&Dc<Z1(KrSV-`!~AR>Ru^-qhhPBlMtLZ(I*6zh_Dgw6<S
z%D=YUdr{H44*NAO-!{+JywJX;eDO-t6t_PRy6Rz!hA6|9du*J}_&$^|1R4QuylB_X
ze-bglD4N0&EIpi`qAYcL>GRRW|BT(GKqn?%_k0%7qSO^_8i`jglceU?;|;C40@^Jp
zXL`G50EiOg20yle8{7`x2>f=sDIIPxf|FthJ=_^ax_SI5F>}Id(nsCv41obIipt~(
zB7n7*l+vPpjz$x;-Rt>1R!C15@0ZVwz~YB0Us4FJwq0gVEI`rB7`VAG8jH`3BDJ-f
zV>CXV4I_(^Z};p1?hTM4n1rz^U>WrIs?u~kMKc@*7vHAAKI_g_`QFu08R8nlcI-1b
zjy1QRA03-Ee%qZi)5UQq2*#T5@ipHMNIQ>haY}r*SEWDM@i0B=iPOm{`?K%m6D2VZ
z&s?>zuoyYp&hs8&(nfwZ9%0+@j^+-hO{B8-T?R!YCY`&D90dEE-2!A<He4<gW=u`P
z=~9{*!5_xF9Q*DD3tBi^0lv4NvfUFSH6cM)$)TWtqRrKrnR&9L2$2Bl&sl8A1Er9r
zIPbI-Ed9E$`ziW^cBgBxyp@Rbnk;|CaP=j)#ymPiF|2ri@JD&TJZp)5oGHiqSoX(z
z^x<TtXV-+`N@i{wPRC2v$2N9k?o5INDk|7Qnd<pM_q}5v!K6JpfwlUXkSV{*G4HaB
z-iX4C%Qf9Z%0iVI85G~z)|REv`56=Y**5Z(xiclAOkBFVi>?He=eTd7^(*)bPbK5P
zo1O3H0fG_XX%iZJ&m9`_W{ZMZdE2fOtqxZ$m+s!{9E$eSN%U{$uz@Ya#RAz)I@;JP
zHY;9+q3@}P_&XZb)T#4)tObZ%{dVt|PC4}e;BMzSyPF)l1@!n*&2eO&_8YCn<4kYA
ziAu&<k2>dQP4m8QNInVIqI3_57SH#6Axc$DT;YpC=UGe{oci8R58a3`5a0ccYE-fp
zaQ|-80Y(%^u&u4bX85=3es>Ezn!9UHV^b>vlaSw5XDuODNB)zzDl6o$a+hn;k;><V
zD2tHl<aPoLlIsNBNxFU7#kMWiX4`(ZGu4MH%LGYrr?!|}Z<`<{z!&v8yM`Y?dtOOM
zIDX;SGxT}BIiii5JWX>b#8c!u?r`>RKdSB!v?#<g`i4h_U~s1ET~K_U>8*55NWhR5
zr+w!w-1QNSBRJ2#=4x|g5vYuJ=POo{^zqX}e~m72@?3B#eVDJ4IcWI%HBRNK=cPJp
zxYM}D^Z7J@xQJ_Fi^ML1pcMg%<f0Aw`FVXdi?R@EWP&Nbb_hr(YKimb$2GeIin*w{
z#P~B2v`*w3?LkcE)V5nD2^M<Z!gkH#e5-So*sY_lNF{R-wb@aqR?+Pk8Rl;2MU<HP
z9XB^ggl=x-4Fntqr$wV@#|_hTrUu@+&^cC%Ja|7;!)1%zvY0nV=^;PSo7Oq3d-8mU
zzUpx;0BxbxzIOF?!cKoATWSd0JFI4>MR|E)LZLmbz0%{7u%jTwWH~&`_x$Z_{oa^@
zdQS%gtwtw7vHRR1ItE8yxaUA-Dl%Dznm}3<f+shFdT1ZmRw^W2VEv07)}e!0R7@^0
zwbbU=m}x&PKKRqq^Mpt0RM5*lMg1HFvv~JXAG$z#x(wN{+IOFXr0<`sXNt07>Y2$-
zw~Q&Cl&wsOeXV%Oc27(_HXUgL)1G>-JAN&ub=3E<^m?5nN1YWJ^i9Mf`Vg6Lnp-g0
zl{#&M?eC<zOI;DM8q%Df^UEts;e##R&#iqX>3EWai)($vG~A#H7fXP3jnITs$4hfN
zpA|z`^w~?y<umw7v!WGuH;Wh6f{>k&T{W;oP(y}#<U{!1598)h=*}f}1#`cjFv#g>
zRH#<YF8u6HFg<gzOm~DBU}8$wN9?X|Jof~PQVKn|y09M&l8boqPO1<e-o}uc5S-Lw
z(^~7di%86cdcJze%c5C5IL5ydG~pXxVI7L~x+OLB%Lf9=n<H)D6uhjSkBbbY>&_IP
z+BeFO>^x@YI6zQH7N;3Tpg4!QM`Oz`-_wGP(OuHz!{9-Q%Bp;SVgU-jELA*j<z%Cq
zfqp~_a#d2do}N%E*PWXxU#zIf;D1uhOxlbz4X)~t8_lpRF}ODUwVPI-lz_dhpUv8<
zRl1&Juy*+=64O%Ub9?t{`@^*Xsh>9eH%6=DP3E?|T2qPp&<m+14KuBblrN=&D`J%G
zH|u?eF4ZB%YjnIZhrg6Gfx`@0Fv3o<tlX_>iLS>tpOhH*Hw)Xc9-ABXuqv=HFDfk<
zb=WI1iOx0vjXInuw`1NL<IVwAdh*iq#)G+L7`Da7^Fq~VxK$3FaYW2rx$`qeaI}G{
ze`(U42+xDw(3|hxqFQ1>6_<a{t0;xOH3wQJQc>D`8AwvH#(D`-oJA$s^7Xy;F0cPx
zQ7pV?wo77-*G|*i9$8shsfU-Wt>s%tM_EK76~z1jK3~VL+BOGn$PZLjpbcZK=>whL
z`6C(?dPws%%aYF3<<4@X!&VCS@R-uJPV93CjD|)-okoM{Jlpv}lnIwilCPKf9t#>4
z#~dCpM45$juWTFCE*2Xu9iNdD>0Y)(ra&MEY;nJjn>Z|h*GU~iCp6IbwprCKY08c#
zSu``U{i_&O<{Nn}Ypq-$gmBu-L0j88dh07?Qkaamx_;w$d{8wv(SD8VO8B52vMjcl
z(=1;?#+Z;PN2+AW-N8**^a;OFDFZ(pTiNEJj%JZ7mfa`V#@Tocux6uw@ZdB*tXxZn
zY~(#m<i|YTUTg7XNg`|@59_^xry&bc6Ne3)_3ROM%8MY0O2@vrHx?S^)cI7;O{lxp
zlQ1EYs&|2onb80-MOUaFeyrR}6zC(Sfw7fb1*aJ6r<ZnO8rs&+DO<743xa}rzoXO&
zAB0XZ4H1DPs`BJgK^@GT4%Di8?$M#$n@v;Jg~5fhWg-`nlp%da*lTk~yo?X!{bvjc
z;T;*YoW%k1jsguY_5NM2-!IL|4h81}=YGjxgLJRE;p;&3Kn?A%OT^|wrM%B(tn*n$
ztP$=ZZ`9gUtL*YE*Q|_>2-M~}7qmgOiGy1fTxT1~HS{2-*K!6w^3ztL_K<meM-(Cr
zF#W8-!yU_KX>AEr$aD4nKW-Kl+Bw>8L*yN2R<qgvPc>vGzgStPWXJqS@P}3P7WDxO
zD*bDfl-4<6p&1aY%tHawD-@_>kYj6P$S=U5DlU@Ke?vgV#_%pKCZRlLgWm5LD|-rp
z*+B2OB$-zmuh(vckW{@vtnbBd(I4XsIg%l9w4hRAOf#1A^(G#;EZle#A?<e%x9*xL
zkdXCzj*N~eob~!6xk@5;<>KJ8MO)I^Pd(=YCoWgz=bm*VIfPQ=#24|3#%imItj9Ak
zBDW9Sw!j8o<iztz4bMntX#QT)T~mtIv6iMbCPS|b=?_V}y}Qabitq^XUYp7|8mAAd
z_nRdQ=F?i0``<|2N31J3O`(=cTM*(Bl2i%mhn*FQ!fq2r5WbcUzqf|RN=U*eP+6M2
zf_whN;1ThVRxVa<u4cDW<5ASoR;Y8`(Ng*%PWjOjQE|3`<GL~_?dOjOXXR64JLqx_
z*Ep=pJF(7OJMXFL>g;OKv?#5~nvC@l=vXiN$KR$a4obPr<WA1pjHV58qj%T19U7Iy
zxwzhTYwJl~Z1)q)a(CAk9uF)nZ{oPzaQR$+%1|J3-P~-&Il{WhYG;{zC}05Hd=B+F
z!BM3)6Lh(w$3enlTRpyVea)Dtr!!%6kRRhlVUXs|k747`6NxAz#@?!sQF*9|+k<Ah
zKyZ9hq`68QTu{@?Zns7mb^Kbg8?X{U@^WZ1pdHUdChl|H*2JN$QNazue^m}FS3=Pa
zu?&AIsb+Gwg5FR>(95^@oUeuJAv5N4yL_gatEQsL(|#Q4g!^fLFnZZFz{E5V|MjcN
z(6CiOcq(G|)6Ldnrn_fyeLH181y;#M)%U805tjnbHaLC@?DzV&c}VWKB#Caj>nk{(
z+)1d1lVu>=nOY$U@$ow8OQP*wW&72{HBxyb@;LLS=ugfKOf#a`Ltn6K)yor6IOi&S
z#vHeyiumcRsSIu?>V8z32uKQmz#*d%Drg~{9oX8^WOG~RTk*H%aR5oiqAw{wwxcpx
ze<AfpZ@wosAVwUeCV@|lUD^;+_~?hyi7>h_;#@@txwqiX^gQyYo(}R8%U_zP+PIm+
z7agl+e10%hOdmQFapFi#l#cL`=USUm3{DbC`b@kb;b|>R*3%s{jF{vT{$9Q2QTK7A
zgn19u;;8jg3c-z~bIJB)=GHn+hk-1$6Kk!Cc5Ef1<m$xl^IEyD6yfT5D=8Y!EF^V8
z9fC;?wT>Up%RXV@)159JE-ZG5KxPK-xj_$U+u6J5IjYC(^pJNTwkqA){OV-JPfQX>
zxU@!`)=OJTmi-lv7@w&0^iN4d$qmwLA|CIF3O<ET@9Dj)q((^*WK^rVtSni1d0fQ>
z>MFsSRx8sSUzTYio9pX0pDKF=U(`0#1Hgx>9wq}s6UoMmQoYv0g>&y*0l&;*vJTnP
zUv;;Cc!mJ+!WkH8;9>*e>emKW_#Z#QNctrD5@g_G)zu<YLD1$UN5xQXO^k0fij%TL
zA)UOtz!&9~O8X2p2Vx+kBDpKYNK;WD_nyeo@Q&dN|KaVnQj1<L_uaTQad1aCAqPqn
zC4I!Mg&B@>iMI3OTZ8j4*c)ol9bH4tR_bzXXq90vW;FuFJN_&Rc1nv;GuALvOp43g
zQEFftI8?0=SIW{_=O~>S!j)1`z>{_E0r;ZHPC`Z&v2VUxeaWlg)Mw&D9Dn0fSNiZA
zF3WpUFL!z6Ay%;=yaVvWRcTyi)*d!hQT?tQr1}&4ZWEklYp?A}ZMfU_D9@-4Wx*CJ
z%I_<b;MAg~X{}~Jq~Z(dcWJ%ngckrDIQp=NU{XD0tUABYA<TR|vwwI@9I&vS=ghoj
z^uIR*N78@U*;f0y8oTOHb<Q8Pv(?^MhNA5osX>sJ)^-<r#pg-J+z?OlA=elA^j<Ol
zNaVXjkepL30yj5lHK|dWf&QWre`dZ4&2H?2e|AtU6Fxjap5zY>vhhY8=!E!KOgk>K
z`<SrPgBUxLh~o^@MU4V*xnEqL;kqBainY?qhq<jFINwpKKHL6L7v*0Els$=&&V-z8
zS&Wf|a~A72<L#l@b6m9#x?1#_MGK>5*ZRAi0?l{qIm=Z%vDzfoTrM6`Ehi}VnR{AD
zgfkKexO*V7VAYGWqeD1cotGj-Vr!L;Umu@VYC)f!oV15KBvF|2D4qnOCW&7JVDV3m
zGvb;|c3YLwSqcT7elKGI5mh7yS~D5~pa43N^k{Pi{La07hvo%LfjyC4M26g6X=cA}
zH{}_JK6u<PjuqYyd458<#cTy#q(#|4v?a+-y>4_ZX(U-|jeF@iCy3mhn5ZJF@0C81
zb3OKeCseNYB6zsgerfzz_>?P|0#)F+-R6>{Ou*CMr+_vjH`2|ZA2p8aXPw`lWbu2-
z3^qMK8I__((d<zsws+JUsg-&CTN5HoDYK~>@C9&7-2dpYC3Y*vpeM7SEH=(`a+-{L
zlIhUuI)30RmLLQxPPNIg72RFYYVW8K!{xksT1q<m;{h%GkweaHdiFQfJ~Ce5_Z9#J
z?+uudWEd3_Fef~NdEye*jm|^P$3Tst5UDu+>2ffLA44o*Sz&*FuMTTRjaH~2bWm=D
z?Yge`7lrn@pxH-l>ona1V?$#T8!*StWIZ34&;90-h^#Yut9}(WOP}46`|{DvwvTII
z@OkmmL^!BT8~0)Y6J0rNR*B<5S!=Vc2_^r;TswY3ud=7wJbW%|Fw#q$jew=fd$du;
z8O(Et`!PDDnLF*Mt@)@E0FH@7En#{m+jdI}jMuN=Bzv5n&s%zjvfAtmx-mpwSjdWE
zPILR>>Y!ftzO4yy;kDSxP_3@p+0oqb0IWFykYLo^s9u>xg!C^*vESQdRm4|6wdEMp
zY->+ra8vuaAQ%3Ex>9Tg_R%A^<kWnH6Sn1PCB|rTwVI<UTSBWQV!1E+$zve&2Se|U
zDSYN*P%2_^`|**0C*;gvv$5!Bq2>Dixxn>FNj$S_oS3{M{cg8y)6aNx+%hA4&Rg|t
z!Bm75Bm(jd^BCRk+!6escCu5+s;bl~IR`GsOMmsY!Zsp|sk2#qsScJDrpro*?vwe<
zZyMiwS$sZ}ng-42;Ry=mz)oj#;8L}tw0mW{CllXT81A^*k!y9w{x7tit^2hUD&cg(
zy<73}4TGNZQ)Af|P5U1k_1^MAdMe5bDmk_=TJj|u&yS?KjZsG<>h%Y68|#uRNxw)?
z%{qsZBDGj~d<JTBG_8(KLAOU=@C;KYO4VEZ-&mh?-}KvoiahRfAh&C3WaXyI&dW}O
zXwWmbbw=95{c}BMxhlhyluoR3ObgR?R7}M6juW;`s=2Kh!7hi{gleN*2-~mAOOL{*
zZVd>?eRoRVo9bTCBD}Q0Ijuu9a=>`qqIx}6A+V@7tC?F&SnNmTOfDeUVVTpl%gE8w
z&IU;WkExC1YXm9}_%|wfe-obTCn$Se31+M`<Rc}bRpfc1DFc`>@WUWe)!O9Q(WA0a
z%Lfg~4;TF>6F$5@C5#+|k_P!wX-9sfmaO>_V5aWxkWncyTm*#;QV)&%$eHe@9!^kE
zLoM<xTar-ITaX8ho#No2Bz@JgjU6AYO8hBSfXK(YbVw(;>Yd@RvpBZS&hl%&@A@0r
zS<?hsANT(Di<}YsuU|arJM^)wYLYXDlOw+}M|`($zia;(InwMUp^CpEPnX%j5o$$O
zz_M^Yq&dvDZ4-&BC<_UsrB*c@%mzab+Jugz9Q{xR7O-O$gym_?=JLL7;TI|pN`Cp)
zG>n9RRoT8mRRtxl*pYVt$~!~j4lYWpF3=L!P{B5y{grr6r?)Juovf2kpn(gvF)My8
zK@@B_*dMLOs~xYOtLGM(hVjHQ)7vW6C$14+T0~Y7DJxBzpdjnY8Ye`U6uzQ*+^A`r
z96@lqlK5m0n)&T>A(4Zpp^At`Xog`B!Vg0bNIUWean8^(F1dd5^#$xVY%|9L-r4iP
z^RW*RSy_qZ=EW}Tyk(!sX+~z(Iap}wr3FdV`zu43DU}1G7Mzb#NjEeu{pl5bVslp=
zvY8dMs=^2JiiR2`m!EgV>(!~@)Fe}$T2a?hQ@=)p+R#o0$`&u3xL8Z%QLUd}pXf`K
z&Ocw%=U8y5KAuqmQatMr<BM$)+PU7ie&ifzB4&mulCY?XhQIWF9yA#$!5Fu>XE>Ri
zQ-@q#M;D~lsO3I591Sl?f!9@q;$TP}&}}8}RPx$)`H<am>;OsP$-YeF_Is9(PqRlb
zFw_EEox%;(xai9qQ2rtRR5M5>6JIS|8C^WP0~>ryVXRj9jImbF{gc9#mI8JwB<CV4
zXV{C*0__HN7T|{z$kP6_NdwPu@ZrKU$rS9Rj#<)6hmbas)_B{t?ryNGcEq}ipG(Dh
z?lh<Bo&1U#Lqg~<H)H3sEei)5{o}A<i9Yx>r|&vt;YsaH#K`n;*nIrUq(d|S7$%T>
z79S2)9VWV2-`!|CflF0{a9Dtna0-aVsaHaOq(!f}n%F*0s6z@5qgUMlrhVHwbBWOQ
zo+a}T@rE*zWT$;kDc%KXI)t>yWiPYYdut2z=U&5>wVMvELIBgHkae(K#qgm9g1t}`
zJ=sb7V~TU%J2j(4Wr)!(N<5*(sav^i_Ez&xx2yyUQ2Dcg_Yw+nnXm8geK9u^?_PWH
z)q$aNaYDXt;=)JP-;DT~E+y38hLHphgqpYBnlrzI0Ujs1bp&t-j~+X6uQGBqW|Ra=
zPqfB@hr^^-6qlS$WF=e&3$KWwqtI0BxUECgHQqw7$o)%h(|ICYZ|^d9akNBhc~3!+
z%4lS@-_G^GmTk6H=c#fw2&HfD8o1xGLc~6M(ERdh1Prkme5Dqk<{oKD+T`|>>9WS<
zBKtkn$4C6?aalX-Zf-G$tn?RbOUIJHi_aSOhD~9seM?Stq@&D$G<(I(%^MArRDGVj
z0Wqaci-Zkl#{PhJ#TYNNCI2N7-!Ff(uhCFQ4{oi6(l}WmM03&|;IlGDjArwjO%nNx
zS#X_5QMzoM^qWswyu-&Y<m~wznqn$<u%W27M9frXI*$G}M(4JJG^g{^6gOjO>+<EN
z(ZXIOY+pVfp|%mV1%v6qeYhq@jUEhC0Fs`vok9i9kRbd_b4DHp!_`v=d2sR5oA>#g
z;p`2ZJyMd`CF*_{LK;MDnmP(-6m>l&f>><mO6%Mb9g%c2{X&Hba~f4svV<r@qbLD5
za-(3!cpUZvahi}}itX}#AKc<7SiH70`Y<F!S`O!$>SLj~O2}YRT7Tvh(HV1&9Menq
zM5Z-mg3Bw~<YKHmk!oLEK?MTJ6sYo)dPjEHFErp(l)ijU-gB$V*VR;0Bh2&H_cZ|O
z+d2b0Jv`rQOb0CgR&BU=VRpAcuyUG#@@!q_b<gKgPzK*H(V$x<$YEcoE)Uf;5Bll+
z?qs9*+bvEv`#@H^HXsJ_P@Fuo%%=z}9W&JNd=bfW8e=!T<$5QTCgyL?Yj5#L__|G4
zY}cD!U@^~j;GP&&e!lyZ34seNIrmh)I8(%v>(A>K@+Jl6i8CzkfZgg_9(sclJ=@L`
z52WdQ+Ivx@skOH*SJWhems-_5le`w_`<yx@Bd>=!6z&6JBxm7m^-tO(U!vy}bwZfV
zUH6N!f6kqA5pc$+*@OoU7^!G1F5nn__+;T{xX~;dpn)5hlh9If6Q1oKLK=pwGQ<=(
z2(Am+%<AYMQ};qS&DMKCK!!rI3Oi+Y>Ih_QyZ?-B)V~pdO*|_SBMal)JllHZ;$~!p
zCW-S4Rl{wV3f4$AH%v!1UulagDi*DSTp+qh(XoP6jTbl1gu9JiWQd-&Zzm`SmH!hb
z$J>1d%@`cCG>g?=!k=@K>Aw_Kqe|rX0GW863a{8><NC;VOpjj#<NY5JtUgLsgv&Rm
z({aAN{8WxksfbZvVrsPq%10NC3QN_|0_wdfBLpBxsL79Mupfx#uDANR_@-J9Cw$c@
zdOJ(7o}20dufNipaQ(b0by_e>cp5g%55>B|;}$FS!QPklgvWf=M<5eE1>!oFl8l<z
zTG;igv@_0BocPKFDfLUqNXQTk?I2EUt_HoiWM{|cFO3CCcY+(zA&!N>yZKb=#Fwqj
z0It{&9M||F$7F3pJ$XH7k%DwDT!IZ>ZSxznBgU5Gpa`{JX&$gf3~6XsadKK@vkk{l
zsr&7jg{~(>IydXb6h=Tv1hH3%ugith4x0TW%N3>01cB|y!(Hr8`T`{<MbQ3lpjrn0
zfkg-mMAnD>Gi>zgY_g<$%X<8>qNO*!H1uos$NhLJYLo9pH)w4oew~m{7kbst`#3aa
zj^3Hd+wA_{VErla+8ePt>h7j(C#R5!X*`WzhV6tSSFSs9-(tKZwR9*O_i^;R38$Dz
zRBhgItDOHHf5IWtkE+mkYE45{STRB8G@mv&1`yd*C3wY)BdN)J#xI|!$hs{U6m+nJ
ze2}f@C)M_pnwOY&emYNaSP3bAmtR~g-?XmZhdR0_&$o7b##sxYbxx}>e8C}tk5ku}
zQSa6&AlGkN<KNzIQ(R4m!NxJUq{NX+oue0f-Kfn>+GyzEA9c#MSQ5B#3Ku5?Z*xF<
z_yb+y<Qq=bWo4i>{j@4BY0R<b*!34hmclu|hDhj?YpdggZkp?K`s2d@{|7X2sexyS
zE<*!FIIp>g3b*It^eOVRo!64^83`)&iAiEh^iVMmjMe3m&$Bu$9R2UGnmB&8rskPR
zN?DdJ&*#2(d1r7AT|JpV8FA*Z4m!LkqDOA4m#%pseckkZd|XFX!Ly8&kgLMGmLQfT
zUPHMsvl}KRZY!<zRoN;Xq)>Gwki2@~$T-Z@AuzYrsJ)lz7r)P+8=jzZSsmReC1hE-
zZ`K7^qnvk~8jk_pj}g^mh@raNj$dmc?&uf&baH7BS4H$bx~kNcb|VzJT7P=~Zeqmx
zKsxNo;8XJ5U;}`{A%*K1QzWT|sL8YPJL<P1*Ta5&K6k;Vb1)jfRjbWv=QA2dnOp0!
zDOy7@rVrot0ut#g;y>IHlSeS0!RP0url!TOkc=lmF*uP;P57>nea&Lg453dK;1_Q`
zzP7BAx8pDYoD^@EQaCwQCzlc#yT(1i-)$`NR2m5U%z9UwyGp>dAj%ZYb(IDRHyEXt
z=6*KHA}6=9pMC?rFZD+m*YwRe<a`VJ>vbz+$Z)Im#T-dCcH$@3ZEe!~c><WwdQ`>g
ztxN7F8-T=8=c!z)+u7A**4uRCkiUHRV3Suf=$SZB%=!QHoIl|<w;$l?T$(DHghvFW
zRUMj46x*_*(XbMUnSH7e(hMBk7pytZ4PV+hLp~r8FkI_S_X=(B6~Fx}a0c_?HJcm^
z@`oVke+Ma$2>Vy=yT~YYfi>C?uwqg9@p0K)ad*zH_&^L46w04Js|ngPXL4g=?H==d
z_!pTv@xq_Z45xCpzJK|P^uJF0n*77%ieT%y)Hs)>E|oHg!EG@)zW+DBAEIHtC|&{(
zk;ejFfhAo4a*|J<;t~=H@^5S$Ou)phu&HkY4C#eCw2G5Pne3rU{{i9Ap!o77TkHj>
z?)skh-T!sK&fpbb)$~~O=FKbYq+aE%tLtrVuQ)AaP8I~W1{GkAk!?UZ8~)vEh+Q}G
zGupr78{WV_2fRiSA5aL`;c@@q5gsWCBcr{!d17j+Y(W>EGC`QX@CsJ8Ifg0|_7TO5
z+xzVO|BwfXKgmy;V2ihZJh)!xE$y|LrRAb^8yw+l_~muM`j5j>@U50_?jwB;<$wO?
z?-%|Z-148V`*R$;wvSQ0rkdNU3rhWq<NxJka{?2!TJiFTPXu6YNMeopkO75|;R3L@
zp5**bUi<~yc@BCrN&|k+&;1(Ee+6DOzTslH=#IL@SLzrh)pg58U7L9Sv*1!m(N-UL
zC~L_QaWkRZz4V`iP6q!0ND77{Zbg1Y6b-{@840>O^D$}()zv{Q|EP>@nLx=vLGJu|
zpv^{=xFjQ@BxHsGB}#&RPTY#N<$iO+m*}4tx%6F1U%zgG>D=2d9{;!FAXV@FPbugo
zmLgR%>-o>F%S`XA#7)H|5ArtE2t<CER@tqz$HE-Oc!J>;T2u)sQqIo=MD&s>i5=(+
z1gCwf)gbey_ZH7zU{j=TmpaGjzCS$1Sc@0s!2dt2=yJe9t$ylth=jxYXPD#l%Tt^D
z3sYku)@C!7Bti5!QwkdcM?$u@x383JQ|KwsF{Zq?Nol*F?f+x!t)t>vmiFNYG2A^6
z+#$F#xVt;S9fHGP!QI{6T?Ur~cXu0tGq^ka$T=tHo_pVWzxAy(e++x?>D^RSS65d*
z{gfINbRZNO3QD)HkdP@r)#YH)nOXiRkcpIC`)(iG)y#*<S^Nz3(}VziYrSKYO2zgl
z6XiCWJ3FngNS}9$8y1a}*dr|~r$vp*9G9%@Ga`q#^BFZZ&&QVqZX;pVto4f<o1L}&
zTB#%_XQ6Au$M!G5kD0xJ+`L~fyMz71`n*^^eSZL6b*=kyjl^-6wlR_}tP|AJx%zF|
zBHFy3{ji=2GKs?5tH>>UPp?)tnb5QwzxmZKHuM5*GbD^2DfP(&P!v&5=i;ebDQXk*
zQlZBl5uUA*N>Dx^1vx{hc&xt+<#FW5PWWZfjQ+yY?M_f-^y~6QKsfDpdMucFF`@%M
z0b2a4n;rw5MKTt%@z0(6-}h9~yHLN%s-@^E1gHg;VDFJris78*)dZy?)YH29F*a(-
zx2-3dT9IbU;o)#eP<KxfMW2bLJwByOYsDy|Zn|$xgrF))OT5u1Dppz#5;Mh~M9nj?
za3S273hvEi=O$ulm2J^_I-JnC=a0s+Xp}}VLSRl1G@Iq!aBr}I2%C5nw)k`5QB64A
z*>@g&nw}gHTwAup%Vtctko(c_GhvozT#K<iL{Pf#LSjWH$wE`G;;QR|7PH?eQ41aT
z!w5BrFUVCgbtjud9*-oUx;5D}lXq)l>noG1Oxm21R$$EKZSq~r93gJ+RFhQdMBewk
z?`3q|el~X%pK4N(s)-Lz`qMs~%v;1+O&TG5MlB2UAM$hus+fWEdXDH?28IMj_bITs
ztaBY)k~0uk+T{y+#_VPDW8OryC0MnH8Ao+sYxPRmPGbz0dC_URRDX*ydtE`eL-@Y-
z)k{jL{hv0Y<KyKDWX*tb&S&N?#bf<mcyEIfd{#%q&%Z7FJ3i&J*8teBezN%Gf(mt>
z<8^1{3hTS-x3pN6zJ}b3NB#Edwc~tk*Mrlo#;we=u>6S8ihCgEAU{Dvbkw+N`?><k
zywmcfz9W$++$RBqzQ+(&%n$}2=?7P`DK}L9Y7_rXj1gIKH#>_-P$WT#O1OOA6=&sx
zsq<A4G{OiV4^FFTo}cjOVBQ@g-IQjRTbDMVio0zV+&NT<njulK*;}?$7-Y!9ZQpmd
zcYAU<(o&>1pyW<qiyTedJgQ|((;L*%bn%EIqK{$r;q6;pHuG-PBKxD|fCv4iaCDEa
zB&xbYw>Rk7STYDlw|!(@rj9oGc-T}#ONh||g;(j~x8@<gu>b%GpSzohEtE$s73$@}
zA0K#HZ){9t7z<L>nPdH3v_n{*%wtmE;~_OpPL#~kP0+a><`8ncvukDV8}AGESZHtV
zk+<FUkyNcNoF$Vj7YBI~?V9rrXK~ZncuMBqGS!!j;U){VTiF}$w#)}_(n8iIrry%x
zSyOA{y4~V~5yGEv+ML<!HgWcZ)(>|3wGBQLaT=T`Zgyb2tLM2}8XVJ(1>h<cKO~BY
zRjK$IQSVkLvzy~6+{1^c7zCemsS8ZfES`z`{wM|6F$G#XT{?3y>x@&>y!D6(&cCL#
z7<&c%Yf>V9X~seyM>;b(X(q<U%o2ZESwstqy|FN7mx=q^Dt=ADGQVJoWXG$DzwF|g
z2&!*w=h$8VgY%79&^wBn5tg~Q3N_!C-V`P#iqz&*nK*GG5_&wn26>u`C}MF0bH2H>
zF{pgqO3WK3ilj<XTGB#YqF&)&CMXB^b-VM_lA;=>$r&jq@2J6THT`M5<9_9oaYZH!
ztZNeDz#oliM@3D?@|w)`fr19+rN~|s$*O_N&5j#y_|}ck<L2T{(dW7qVZ#iH-o`0y
zs1<b^XxrlI(ND$B21myy&yl_SdFGg9PXec;3xy^>DI1N#ESKYvTT&<*haQLM0ydlB
z&Fv)}m_MgWxhW~7jF3-S%eP1@Zp2zVTVT#^_1pY@b2-tM5b|?=y#HN2PyzIHF3_3Q
z>-c_<MNwT_JMcClHLPqat%9PVrm=B8!4(4@z+V}yh&~*sUaOW^VI!#x7FB!yBUdrj
zPas5%Sf0J8f#N0dJQ8z&ziA{EmHwoTk1gN%yGQN}B0-Fpk|4S--I4iBFow@daF6;I
zpdDYI&J5O+YtEGN@|nHamUisQUqR9D&;7e!IA(;%tPg)^ru7xESoY49n`O+QrSO`j
z=A2vCDOMd?2-zp%&We#0StSJ;B|Oq7h*T7twCKE)DtAvqx>C^m&-zjS;?WFNWxx2X
z<~@tDyNNiJpoyJYY>F)oA7r;oM>td@f9CRug*@3^M-=7V0zp5|53O~Jvlc!4G`Qot
z%_dnj_6ODA*V(+HcxpcuOAb$1Lbe^FiS)~@o9Nh9DW`8EX5AIX#@z5}2y9FVd>=N=
zTCW{u;Y5DL5S6^s6`Sa|23lDU<3DDnDdzqGQ>IaVK?(z!%kujED}KpLf|9i%V(i}e
ze#Oqlk1o^-Pb4`Mi+#6<k2cGy91KK?9LUP=$#1)KNmHhB8pI%BCYZy#LB*8gC7dd5
zugF0i4keL`70&rNRopp6Y$Wh{e=_8YHZI8t9iH#jl(c$Gs<*d%a^>eRg8~u3?N~#3
zbF0GCHrksD1>}?jgW-`Zqg56M6xrALW|_m+h^dm(J^hjxh*&x}g$=owj5I#UheQ36
z;_Dz8^tTy{HU}xSNdiYm?qP}JA4t@DnkXvLd*dSCr=#4i3TaY+Z-}3xT8^X?w0j;g
z1sNY@b=mJo$VkHdYrcUEud+)AQLz&QvY2N{znB;>!8)ArxcB7>$ENK!AL)P%lsm5#
zxdi2`@TTeJo(0ne^A(VGcUSTB06Jgl4Nl-t!?d>`02%w;&E9$#6FTpQfoitX-Ww%&
zv{i2%c^-D7Oq~LDt!a<6&#so(&(JG4Pr1StCQn(jKkcp;bm?7pkDUfU6GHtRqk7#w
zN8~mSJYP}&i2A%<<nJ?>%FcAZ-fI<2&h@A;6|mnGRV2FeE4oPJqQ0A`g7ZkMY*3!9
zV!0T4mw%el^ibgF)ZSvgtmI2;e#lbQ3>_DZ&R9Es)z-2((151DoZsA}Gv7RtLQ5#L
ztTtM7>87E$l<x^fz;G;gr_Qs=E|=a$h3ShPJHHJFaoBk*I*O@bjZfg;2#{vJl^gt#
z)0WQBMj)%GtyLWxTfEiz@YPYN^57Dy&M++N^doSwrMcQ>SjrTQ1lv06z2d|I$Zl?P
zdC!{Yy;j~HCZ`&El?}=So%UQyJSvh(6%J34t+=BaNN}KLeQ}vFvGB(?tZ-Y*)=Az1
zy2Gc^lh|>3d3gZ|mk`^XIaT9kYk(B(&SIaJSz+SyVIC?392C!=8%CbAl*RK7=gx3q
zrRW|G@3e`WmwW_f1@p`7C(ZUZ{r&lU)<2DjL-lo3t_Dsx)@4t1=Txp%Ov%%Sfqj*R
zaB<PXHspNIy0_JNt8Hh0zCQPD%wDhsdCIV~&E&^Xhc(o$9cgK2FgBic!r$P3RJ60n
zY%(XZ<4S;Unb=IaauXN{*&I2WjOS|ltPX;E2>ukZp03q;h!NF|t^#sQVJP<@8~{4G
zB~|pCf?hMH^k>aemAZ2M{5#m?)j;PhIwJNw@)Q>K4-Ou9UL#nlLEXZ?0+3dYi6sDU
z?&li6qCdx<A;_!#sp@!o?InbCl77NlT#HVnUp62=h9hw|g@G2wN*Z-zc_(6t=zgz%
zJbSGv^vo?(I?hWa`L<k9r_*>WN4+-{@D<HT6jFmm^*Rj>sUKK>`UTwiAW#T(P%4+}
z_cmh()AMKocJUH}O(9~&Zc@zYRZbj^y5mI+<stcc7*{;~TUrDtW&q3d>{+jE^=J4?
zwV@E8Y2)$Qj#NaxV7-zehm-QN0C&Zb`^UI$<XIDd$$&2{G(Db%boU&cDx+$>u%7MH
zW6gRGToE2)|NU3Tb$|Uf{Ad_CQ#i&1cGn1L7BK+p#IEm*m&6{Bypo-;I2dg0q~6@l
zd=;sd&@&fj92~XrE@1i0l@8NT`Cui5dDLV=-^poIC?x+RgP#}-u3nbWU4pQuQ5~WU
zJlNW73f+d5txI}tKy+g|inK7F9L*=aFjKJBIiJhry&(kp7ZcL_LV>wh0#aw5Y5(A*
zFb5XW)(^56epcuhn4ItADjXCStaeoX4SHQ2MK|$hRj_AXNR~EPAiGzjrrRsE6iYD-
zgt}elX%y`psU;8>H9_=X469c+oF`yfeRK5^<zO~u28%$NizJ$|AcO*Q99=D&J?i?$
z*J?K%EoM*Iyis~SvlfK#f>(h8!f=^t41wG)p?u5`gi@Qw??e$X+=E14#!MiZl9X1k
z8xaajG>Ga!@1FUIK0U(mad5P-mT?Pfd-{6jwykQ`oiycy+A;)sz7F!P=4N`ce^j2x
z#sBv0s`k9$8`Qp%l`gWDHB<<o@I7P+-cFIPON@yEs~tnw==kG<wzOnQ-2i-$i;Si?
zah#;d*|4113f_p2t!)r1lAtUtLS%j*&8~MG8OB%K{t<##JSYT1*i>H1%y57|XG*4k
z7gPyMI7_XKr2fnzg0k;^nJr2t4v6vTnB!Was_dlTYMgLJ>w+lVJuiEsX9eIuBiLoy
zWw1O&#(I?6lvg*f^$>?aQLQC>IWB(OIs!(LEIHcG>R&uE;2cTZHd4QzD%t<ESF)`(
zD%yy*p5N!Y+-SGypMHXPFA<(Q94Itnvf6ky%ROxQRAByPSz1yhUyd<S?d4)Yndhv-
z_Pkaa^JifT(UwqbxF0zH5iv)#&)-G8p2Cx*l=Dq5wHjLbjUW0x2<pz!MDR{F#x<_t
z7v;E&5J*f;Vp7h8qbE<znkXu!6ij4Pyist#Wy})<9dgdHWCcZAd$nbJ<lx*1WP)JL
z_$FtO{|+2@B~VQKC2d}7@ynUR>|2sXeIn;pcc2YcH_cQ$Rgrr=eJ$=GgAY^M@;Sg6
zEll<bk6}tcslmVmS*$E1eh^W$ZX~S`ilrDOKZGb_y<h&rlrVmZBoTsd<mTRB5P4Sq
z)bgraZ5rh%MU^^be0gAUFyYa_fN4>}rsdv^BSG*Ss24~@RCQtyPrM+9fTQf25hx5r
zQf}^_oX+26E9>rH@x@q@>)Rc5MK-S-tr*Rr7z*DoQ)O1T=uZX0XmtQ8%O5EcFC*m4
z`i#bUZcnZ3XVez6!t(oNgMH<gtzuZn^Rb}kqXe4CQLUScgFkdBx_{8G9T@FY0ZzP$
zCOU|0Kd*lfNaGZ(uBxz>_Jl)-38w3U4S<E{(Us#}?I^v~!S~HYH7GQ|mEz|UQf6wq
ze-VX*Hk^qC=V%A{WLA`or&9W<RFW|c=Hi0uF}jn2q!D?DP%&@4uRpBzlWk769cptJ
z-ljo^1oR%}{HgTDR~za0UUHDc6gEe`1U`?JVf2Z~D1=5uy9-qui$g}U-o2`X<H+uH
zzq2Rs!9NFqCm$WA-we}1$9bcV&8IlNF)JlCfUNWu=$QF62+T42W_Hb1LU3wdq<pd6
zAyT@=<1o`yV~2Rz#?z3aLZZ86ZGfCD>FB5l40j(NFpy-A!)=qv9>=?F)Yj~BV>QP5
zmLSV&*>!&o54cAD<J#?MLh7lII=nF0v_1;uZK9Z4bJb7h{<(t~>O$GZtb&9k1@&sH
zN?=#s^lalu{1B_x6mQ`Id=gKiMA92;qMCI4B?q$L;h+W3eav2mP;uK}%T%EdS!}Un
z-^9lE6ugxq6qwxs<<{PaqrB0KRzs537RcepWI?H;nJPORz<^j9HX5H+VR7Y*+-|l?
zfQlA;MdAtna+k9C*n*OK<I9AIJcPM3fGa`uC&&pXWt67?4Td7w9*f5+GY?nT2=L%^
zM%MarB1#63Tb&ErB$LQKrwN^R$Z$MAxGv3WfG#2WBeyp(=)pc`w4xnV{d*4zYk6qe
z^(ZP1*U9FvIf4N4nVgz?0N=X5gDg^UFr3HV$5E~)-z1xEmIAR%<W&Lg+UO1Ga54O4
z29ZNtPzm1`m}?0&Jl_7iOUlfDL1u%L9h<u~ed|WLvhlv@NN!nbA{Pn5t*s90@qqI4
z#{XD~&~Aqu#G!d(lp7RO)gP<Z#Tx=$R*W9)6RTI4XEyJiScE@?gx<U&NdJ*JS^!2t
z>?*=ng*-|$Gk5|{R*^}VFzCeBiQI$wn`n1rd48dRA*!ERm(OU|!`1Z#8x&Hv<R;{h
z826tC;;s>(L|IadjI1e8Po|au$`koMFFUqkM@h(C1Jo~Pq6VmxA44a0&wFG>H{z)8
zL^S0jM6}}19=Gz0v4HEWhw7|Tk+;a|lPj<F2S(g2&bXC_*zb?2e4hMW6Ct@JAA*94
zY-HlqB6Y&0GhBRlc58Kx&n9DbW{sr**nDv$@)aW)4OBl&@0K$woe<)8MBa&PO*237
zO#v7B@4S9y_|QfWSW|<yQot=a-^A+inFpS;I^3BSpztFc&dU}02&nZSoU21Mc3H~n
z)ZRt6=plqAM-q9vj;+`4>K{irt{xlTeSqqKZnonQov<8U5#Ypl#;vBF-OJxFcPw}z
zCq;<`3n=d|G<zi4Zdhhi7N^8!i!WnXU|Ld^a(~$@M|%L7(QV40`)P3k0qvdpWp|FW
zkREs7ts@jTOf~3yJHgseb$G?`>y!V<0=QiJa*!DD*-q<y0u8or0>V$~h%`vmBnE5k
z9284#cZ7`Exm-K&ZIbFOpVH$5&^ku&JQFo}eBMQb=q-#cwK(;1-9;NaY0KBk5Zh^M
zvz_sI%t5%{IgT93ULSi~!?r$5eKdc!2ZIx_)Sw?+Cd*fNCui+{a6Wu@X_;!0XnzrC
ze2%cBTE{}a|F@1!2wq)mTc;3-dWQ}QF@?$DRNbz?mze2MzQ1`S!V4inPwpF)WalLr
zvqD$RsD8o;nVx^c6%ndS01>Xu5>E7gkA)hV;USS5-<l)hCufe9`#J1bDr+Wzcld^q
zfZae5KD)$A{^~lbKWhrvVjRnWyC$#b6pv@=;OIRBE-#QNE{K#dNtAojJYaB`tm6zx
z_f2WfY`Q6bVH4_+fB=Ogd3o7e*I!GwKR>Ggv`_E(yJ~$vCKL6FSc~wt_SsyXK}E?)
zeJJA|PC9;2EAGf6Q4I7oW3zEx`r3de<U11T^33##{J7qTB5a(2)p0s^AATLpg+{Z7
zn=hmxLc{Uo{ZiNG5CzJSlp0=xx8No>KxqA~dMD1X$ree5yN@4U*`ej)56hF?%>Cf2
zd~zvORY5^P)xePl`(>gDtDiHw@J)~=_{n;j+K?7UqEHFqmDbe?Cd<LoHY3P@SrazH
zg?lvb=EaZ$s-eO3N3w`oefJP)>j}<P|7Neui35>v2ARgalVCcPp&)4I&T9O*MbTv1
z(y0|tjOIoGCX4rk2_`3is`(pL7TD>qN2nZv$xpIpn%a?SL8>8Gvl!|?6@WSY@DeJ{
z8a$|`A}%V}KcMN860>|<sMI5a9?%MlcEm8JCXq^;Ki-%?gZ&uwloF4bCLRBLFaw>S
z8oe{#B6(g74`s=30D6xzxPZIenQ<Dpb`9@#W)&E^s#29)PK3+cZORWlBk(qHyTv0#
z^>RNK%l^Q;jGB@-&)Se!=ndaNY%Nx^?GITyH4e&RL;WJf#5e^S1W9xc=xgG62UP@j
z3J$G>2JmY5_2PGv>(3K`1yrbi8KD<IDD%)saCrJPvddEv;%?{#L+8<qLmr+$*%T5(
z1g!C=?)ls*j^d}J(A#mRm_$s-7sa?Z(mj({Y7*-=t2Z-=t<RKJxKdK2M;?UHgDX3M
zC3;gD-Ia<AUQ%1wga=bmnTf$co#ev81%zAZg+-Xrd0yfPh*39%LPVvqa#O?DanyuX
zButho@06TAyvy1m2vKgsP@&JVEV|#a^}v2C4;r*$B2*=R^^a|>F@u-7`ge}i)`W{r
zV|hgEXvQ#DaOv#T$JIxmNiV|UcpoG9`e>9{>{*)5^&def#XXeK7gBlT75sDdedj;k
z9Lmt9ZHeyM;{g`rB*fjvwqX#gQYAk#M4}PEB;M@r?~GlIpN~A08JLfnl`X?54p<yd
z==)%7i?|$Vx7be^%;dP%6vq)xC@_%N*HXnh@NR+}h#3?nKC}?C!%Z_zSP#8>FWoYF
zspQJ#vtINDUyvOa6b`tZX>+_*a?Q0A34g4-sJ^2jN;pkZoQac5#c}!ab1;~n*ho>;
zTa;ZgRRi+yU4K@~KQP|%iqEHMfT-~1*rn6WoeP0$gnx><86I;<qOC2TviE}kQuL?7
zShvpCy(Qs8qx#hfZgs;~W$z<1>*;bCs?j=qDV#DM0UdY!jb$n!#21_m@HTtoRFyDs
zvoD~WA_WVXCFVY~ZMVX3jwV^E9f%2SF+vNXqEcOb7^D(M-}wB&H~F$d!?c2nx>#i@
z4}QfBOV@GefpNQY68b|d`3T8*pBXrv7zXnuw<VgtyB9gRC7XKBPMad=J#%;tk1pHW
z-%1-Jgu*@(uK2;b=UE|Wo8)W#ibW}5E0xSS`?VB0C{}O|c53_;QeImSnYStxf!wZQ
z^TjMR+h?xko{tAm7&({Kr(zW^?t_TU$|5eNdP#NryqpA)yc12cJKj^21z!*pvPu=^
zljb8z7$o#ci-=G5vB3<<e;k$<z@iWo-sCLhNXc5U|BzLlX2Qb1;q!tpe^+I>yU65y
zZtZD`!{#39I#fp=5uhMO$Xjmj!#ntYCh3?`UMvG4ZR?w$q%g2e?tMXc4T2N(Q&9P$
ze$N8leOdo}xSB3!zWN;_0zQ@J{^#vVfg73I&L?)3mVJ>XIdD76`6iY1nDOBj&-4iE
zLUqN$dJot4+^~1$S`a7wiI7=#M&|3$?}}4#Av|PTk%5$PFNy6?kfGyBl|D;q@`b~S
z<r%%hVTz0-O<KXhSVmv|dhlR^@*)3@?T#_*L*cHWECmjwO3T4%+zW?SaycvZA);bI
zg%{clR)O$fH{)#b7=m$+F3kjbXWfnvn1G07`8f_b03g8#!ZK*Xrj~p;vflT>X?M6L
zmL9d>5PLZkhmwGT!r-&pLv%W`vI4EOPfCVT?wrfL_X=hL)`2Tz=L3Em+-oR@mqm#S
zR1H2;m~n!@bXQ?JEv_-yTHtkIXelZuWkgd+2oqh(;K(p-WbCGnW<)z1>%iIE!~IJb
zmB&2N;M|+TxyLeLL;327onB3|{;29rn&Tx4|H|4>^4y@56N=YLe<|U+HG1I@r+yf0
z*hc1*p8*AZZVRm`Jrqfl-lH3NklS6b=g&_-=vN6lLLg>22$j5^t%)(wkaU##BL?#{
ze-SG?-0V^x;v2Nd&v|A0B6~UC;?bk6I|Hx$0(}X^TetbTWzB_F&>Z#MOG5~XB?U|v
z3Ym|JIjwUpC)EU1(Tj}v&B=n@#0cbo0t(P3qQ>u%Yfx_(0-d{2QN>&Db{G;HQ9Jqx
z<S7}upUnsWOXfZCNlLTgBksS_Z_j%%w7gsGHUN)xLsbiTaks8PiNi-p5&<GezV&^I
zY_ptxC>USWj+C5$hG1tu+2=^AH?%r`67~+BDTocUEBQswNZsIjbHgd?ePLh&c@o|U
zg^v=mXO_hZ4YOR_Fy-bd7)*^qp}j{s0+4a1&SW8+HXn|?G47<oThib(JoF3XXoFR~
z`Xt}DhNMqj(~%uKIPf0JsaE&RiaT!1D9MSpwFm2=he4#^LI_Ip2$vK&p$TEMydFQ4
zR}As`L7rA`OU|i{q$t0-W+29A(u&eR&%1Myh~bf6T-eE;XxmLhg;(z>4X4M6*XIwu
zbrE`RYzT3+9O4L(SW>Z$ux9wU(!I-%i)NA&6GOuGLdpG3>jn^5m8)Kzya=)043ON-
zQQJGTO^i;<vFeC%#kXZ6PCz<5z$qW==c^Bw1ZXR&^2?9DX^D+G|2f?YONpnwrYV{j
zj`}&#!aKIsw%VYj<tjNik^J_uYwzRmO26Rytm=cQV(c)T*c@#}w)elC&@tzmWL;_c
zbP+d-e0GSwf>575DrkbY5q8a77o;6UeJV$6Y7rJZbw~|Yr7RNVwsu@oZRjnRYo`MA
zL>m&se3}bPHlLmC<4#HvE&8x9kB1^dpq8CjM%>X)T9kysV1{|IvOCDR#GO<x=^F`M
zH-%I)!Fx|>)%nBK93zR}R!MIB6=A4XrsDBEc%Y-waVt<=O*w&_@B!tybPG_2B$qs7
zgFKUV%HkF6=}#QF-hH#SIXOXzcY6i?5c5nk;@zt_>gz{tknkm9@IO7&H(rOA(Mca4
zAR9k?bYd`Zk>0#+erz5ovqk1hSEM2_V87a@n1Oiab5>BrGVHVLo+q&zwM4*eorUA~
zsofmeCwK-MNM6VastP6o$*8B@2SU$0>2w??Z(3Yjm<uhQlv1=GTa6>9s|ghq)%gbJ
zrBW$HH@e#pfP>P;1nB%N?~V%JVNrLb0wZy7a8Z4YzaldJBn`);H00JR6_^Tozv5EZ
z&|S#xW39zq|AQ(6RfXOTk4G3gZxA+>dE*uov)7WOsVlTjtI(qXt*=^Px_-u8ZgI<*
zAdoP5z~<p5Vj8+))0auNO<VealQ3gyU8<??Xoa#~9Q!r#UgakUM`Tu$PB?F>%rzX+
z;dF*x<w#^~sM&1uWg5iKuQ}b}Ag{xX9SptmN}e4?MD|@&3x>?f7HSr2J#~}X4COL#
zAlx(<?L<#}Ie(P;vZ2a+-leXxC2KPF=_2p2h3r})h;YV7I3VL{sqLAv$EcZBm=sz}
zNby!hd?35#V11BNB~NCaVbbb8)!SSJp}a|(KW2RQv+boU3gql#I_jzoyVL5e+Q+@*
zvU>sNugJfXINv?#zD2v0Y#IFlSt@NqnVMqr%^h1&R^=2@3?*h{=<n4PG?+Jh2v0K=
z_%q1{F=K+WIS_V=64q{8<@u8R0G!|;>Iy0lY(l0(8w~2c@>5#EmYz>!0lx|ZM(9Wr
z?>bBkm3$NkxXc65k%V)RO$>tfzwGS1WRegLn<fhkX%lQgq#SWNNL`JVWFai^zF^@C
zGn7L@?(ZXZ)=iLgF;n+c+ZYkxYPgrswzpTrPi9VGdyJKJD&3LB{P+=^l8+dI4^1{r
zv*U>sW&P@F#eVf8rHWMl_nN@vivGh^Q+T%{#(w#=eE~wPSoPIxGyNJ-exLuy22yI9
zbqGk)VxjW2jr<HlkwVg#c%v_LvQU<)yEIkhecCSmB`b#Z;`BxdB+&W~M1;N9!`)~&
z4r}i2_O#90s036E@?v7D;Ei6MIR@8vbrh?j*8LpNtdmxMrgE7T3}xYd%l>))jo1Cv
za12Fxg<t$vSRqb_d^q`H=)6zx;EOCm`Ujj>U1L>NOjK<{7u!ynR~ul&_e}GlzhH~P
zl7-N}mqVFqP|2(ck_Jm^48SxeO-Ce(BHd~8(*+tkTr|%MLeTT$@y4$d{}H%`A({A3
zlVMK|S<?zcM<HEr&J~k4boU*l#z+v-f!FX$R+MvYLc!Ef!~f*xsTF?-2{8?8cxji@
z6kY_oyv<s>do^ONxcLg^#Qjcg)n@LWyfkB}uPliaLO;2%8)(}#J!onXC#8<)_^kSM
zc$CAj{gcJ$nS^O)&%C>rY<Ji6Aq!FQSP|oKY?a^-^uV8>rR#O5N&v0i`~RTU%A|h<
z4_{ZI(;g8bVJ7)AUfCZy1v(wVF98F)_V?QMh1U$_nDR4#Yv#nq<KMlN)+<WN;AaE_
zG&FRce7QrMY1LiPeAln{t6TUYV*X1@wG7X6MfKG${SN=$GX3?1H||B8=|`qMG{JwZ
zO@Hk#^8JEf@ez_gBdJ6i`JH}a0saB3`j`Fuaj{JE7ip5)w=CEHxbbg)j%B`hCSN7?
z{ymNS*Y=)qP|u*Kfp?fq@BY7@gZqWj`?HJxwVB`DA`v@v#b9J$P<-~dE)mcDJ2r<}
z-8?hb%u@a%dHVO>-rrxmp7@{Pa!(ioV{iW@z<(3lAG^-A2ERnQG4Azi=kb4jR@)Ju
zS;suHU@iY|3;(*pD}nyZQYL}-F%a&5H}#A~hk1VG|DTQlCE(%p{sUcijrFpc>2cSO
z>T$P8AR(*<O~f;wlCAy^<l2DWI~!>Ct<jy*7fm29L|^K_2B$;yFANfzy$-kgc*#;p
z#pfyMt*NytDkH7|jI!*_<1oVN65qc=W2?^nsirZGH_4{~O%Bk!75^rT)!sJ^QF!K;
zcl4rd*nKT@qdL6_r;bs6^cD9+XEza#&I%6c{nF6DTZ)uI4(Y8Me9djVA3~yA&8{+t
zvw3^HDtSRS9VInAPa7}#kHPH=4^;JsJ)-{LM`paJY4PJIWUQ<RZ-tYlQR{FbP~&l7
z3C<;8H2-ZJ+Lj$_{kr!BW64Aps3)6U@7mCT>FzA%PgGkTq*0WZtMQS~VW}rgBR;%F
zWo=XQIm3&Q0bOJ~B_S|U%6?Oxh<d(ndHKzJGFpfr{R)PIZoW;wbARRS)HE6c`04vX
ziCp`&i!vwT+;5y^JKystXn*-J`JW-{^C3M!tLrmX8<G}U`Jl2FPoi5D!>BR8kZ_&V
z*9_f-sq5#Posv6Kz9WAj+ti}mem(@{d>0YV4d4MjNicR#eV^XS#)4Pls0ksA<EJ+I
z>^J>1y5jzg*#TtpqWy|A(pRcu#Wgtdla)|+tBA%`@kcXD%Y$QcOOTl*2sAk}V`iD=
zV7-T)y7~eNtGa$4?UTXs-SP`cy|3P-o_HC`M{L{N?RJsZTgTewog7d3KzmyCTARrV
z8ACabpvIimZyP2!kdt&XCt9%U#9C3Y49isMN<Kp3m*BGyhXY(#_S}50mzOB@I~O6V
ze=s~|p1hHD&pweF{|DJGZ!_|jE}MWEEwKS=Ba496izdsBTg%yy;Kn^xxg6XhT-cG3
zoG0x9_5+%jNeSsbO?v|&p>E&79d;CVAp^tHq_SpOa2&a47T9+_hx_7?WMYGzpt(LR
zkV-)wn4V+Qwq`CE*NwO6xGJoTR%SZsxlsFpN^DG~r2Mn6l92H0w`Q8$Nt%?47e1@g
ze(PLJiszE^(_!Y-0d70CXBmSoE*tqEv>dQYUd}h}97&$X!PaB{U~hOv#`w^hbwxjG
zb;t3|^{TwRr%+aw%~&)HWoTEaH107k84Uj;Fp#=QaKNMyK7)N6yg~8!z-x^60Mrj|
zlygxxikcw&BG}s@fq{HV#THJqlDxc_TG9tMUv<K(m=|9JYD=Wo^^xDuoUhycnyT14
zr{2ymeGS?~(PFz&M$GAZ#s)NdqS%oDwMa*Cta0m172qhQI|)hInyR@rdk?x&+-*I|
z@Yxj*>s<G$8sw9rjR7VLQ!C2JSIM~{Rv+hV$+JbJp>f|zWh@LvYa{`!ddnq}(4fOj
zBZ3$M=8PZjx-Y2}!sLst5Jxu{nQQu8+#T^JA*q!NC#%Wp=pkDvP!Bd7WvXrNW%hlk
zrpvw-Ml~A?b>Ik<(Knt3qxZ{5JQ<@0`JGGLZ9w-MUzs#-o{IVx<oPSL>Su@DbH`6;
zx}F~Pf))~}c6Zc?vkF+%u6Id-RjEwJSghu$#y3^H{fv3zB6SDt=|n`%@!UEoEVA3T
z+>*nlXYW!BxO`VNV~7pAex}T()}=O^RFb=l&Mu->(4>EwzigijeaFg5QJ^{KstRb`
z$*degPSUL}vg-w!aHF!Nc>p_qG!&nP9<eG*!cae&V?2dLybU?jB5ZcevpUv(3mVix
zYSiBi8z~_}c7>E_-&&3JEX>cQa#WiQqTl|2IHYf*UEVpQ!?jm8@D3f_LsG}_nsQH*
zROl4&+V(Oe*c-dHjy6$N>fj$w9V04?7nVb=UA9VoCUs%`Nm$JbgX$dY1f=<F<~w!!
z#+$KziIxrgqfkeuWVg(d3G;6j;RE$=MH|4Dvwqm+RDE!Hb7ZyNsdo{Y4jxPL9Z*N0
zx<2ZBF|4}(2(~J}6BBFJ@ciD3RB|LK!;{B;P(S|RqSKf;fJS3WDnEVBo`Y+&)mn-)
zdIWC4k)Qt9hpyE@y!`&8)9Y)!*wo6y&GO1kc8#{u`6aU}oonlC(ihbGa7G@yF9TM%
zheH%M9L&cLHiro9jbsj-GO6iNwOaZk*}7YxJ8gFO&clEL&-(lJFr*~?{UMZ`=&}dx
zaWcBk&~o)^lbq0$*48?$dzt|e&7@X<AFy{{ieTEA&PR{neO=pr+MBOmi71$RB4_Mz
z=$_c$1p@GS7>0en6hnP1XlK;md^$%ML?9l0wCJ}l+s`rgXpfv&SBf!rML>7ZXfXSh
z#02b3R%9vDLayHasy2G1@;0$={i;-~tcFz`RBG@{*92ocEbniv?!jWQ+VPFuuDDoC
zL{&i`bO1fTUX!gmBE_Xvdm{su7SKvJyuM8L7AM4d|DK9z96XRi3O5+5wFqLZA9R&)
z4K60E_h{a(?&S($<XqESxwZ(WPjlR9rZMJlTNC~q>azMSglpcSXri<l$a04{vxqq8
zfb(GV<rLwD2%~jNGiHty?!I6oL1nbtnN>~odVFjrxco6rZk*xh1b!*{>;mJPghi{V
z))#l(Vessrd0l2q_KI~YKon?l(JAs48FttP_io%o124_tzPY5MKO{j-&c)dCW>a-3
zx-BAx73R*#IC$}%ZYzaCKK#DLG-ES*_v&+iD%H9ZAoO_N#C$rLz`?yIqUq$J4aVp)
zt3FNprb~*~pV4+fZ_JyO2CcrH_Gz8}NQOt#h@!p9=4SW!<smozZOXT5tn019jfl=>
z>g35JalrW)JICJ8On|pj%9{2Ay~u&YFeGp2X!H@$oN!SlX9SX#N!3g-d6~{s5zt0`
zvAWRycy_;r_A?Gx;^e>OrPQov2BY(}G@#|m(RyV1`C^YbBSTDmBqIP*m!cg{lhq)f
zuw})KW<O$W3PFnU@wxaj?=yF(&M&-vx_}U*c-okD$MuP;B1FQq_>Jvn8#sv!Rojox
zceTBD@c*iF=!JonDVdfE#|CApM;U9R!m@;I_zAgKJ~*G}qhEr8Ef!rbeExR$5u57j
z=1)%7aQb!@lz!3ZHJInxagZu&c)w*M&wU}2+=E~W(Z2he68-&UTdXXlE+Yjoug16?
zzm;JHBdvQVPhVr$I6=}yd#nlxbd=a|(Y_u&vt|d|1@u&H%BHl$43PQ3$2uK#;k~&y
zWPk1z&GGf0^fLf{W8~O2KN5{oZ)El4UDXBlJ^9jbtdyiOgV>~?-FPjdL{miK*$H(~
zL*#*>4N3F%`F$(HXnnnW8AHGnN0H&4UN@Q8LYJb9Jb~_e_lxfrgcaFbTuX-UoDQ-%
zT^%tSzsnr8#WK*)c28KxBf0YSny>Xbiiho^(7Wu?w|ka}!%z|<_Y$%oNC#2V=<K}w
zmK$HtzUM_Xz9}6yE|2dBW<lbc(s*Gzym*lxw-30Stmxt4`hF{d`Uc8S&$2(iH7R>;
zrxf>OYnpYQGge8wCL4Oo=9Hoyg{DcG(Ri{7+p)Fjy=P#*ED$o|C~PbQ@Rm)ZFv3V~
z1N&yNDnGb%pM}YAtD(H%wCjmCN`@-ZwKBEnb7D639AsvmE|ZrUoot(W>uIfWGRbt>
z2Wgc)^(CAZHc1bQ;B>M!tI92WgiPadIW#)8_Uu(?*DZ;@UZzsm8^w?cJhb+(UM0o#
z|C2+ymevacXniv#i`8G0*4!RazzLgPS=VgUim;^dN!-Qg{)aC#<1D-vIs#9#^43!7
zortse1<%`O`a3Lahm#BUoB;N_8UttMm=`hFZeOhme?~jK2A*cHLkUN>K<YJ=V}wU5
zoyVD42yX^T1%~cmfR0uzbjike2v*<zBC&p^u;o(956v>Yd>|G0TJ{R#ag>amcI&e7
zLWB;^)iWOaAc>VyT82g0JvmK+Do&!yY4Fq4{V<{6i+DA*mp8-Z#pJ_7PhK&qc{{xY
zd}V`lig>b-NuFlWF8$AS_OwG4p)bJ|7S6%k-4Sr%8@7!OVC@<o5{gsPm9LC4>m|Xd
zt<s~ekSE;gHT~>PC-=LIyHuf0OLK5{(L&)t*woYvQS1%$LhjLGNWijZXJG@%+1yL6
zWwCTum8;i$1hbnA8C4b&pu^Yi%rU+bO%_YCRYLk*gO40W$>VCvkEUesryyVUJh({f
zI9?lHNitr=t6qEzt>)oR^T*7Sl(wB4CC5I=vWj^7l-M_&UR)0}M4**-_oCm2C{5|K
zPG~H)0oT&?@IkFb@H`AUaN0pAf7VC%wXQW0qswR7w69Ke??iH?qAxQiYc3cXtg==~
z-{RI?KVv{kI$88N<%BfBRgM*6yfXa4z9i76Aiky-Gn&q$G=%d60t?8zbjkWU7jV7e
zx&6cs2Z~6Eb0N!#b!>8y=@tWCzfX6ligX+7*9U<l({0&#!ejM!Z^l(SJ~Y3@3-Go3
zU8+G5CK4B3gf^jMWw*LL5A}2b->Cq`&UVw6B+Y?4yU#3>BFb^Uxf44Ej5pQ0BA<M$
zuZMTgdnl=FiC*V40r==x&@rs=34XDOws_q&M{~cLHdSVqVSulO{Qlh1=Npf|L#fgO
z1zK=HfA$Q5%-p<;^=2D+L{hOJeac{NccTkhXq@A28P12dmp-r`yL$qB=nS1OzwjC8
zaHkou7B=4yxqc416`AAihHGb=k!G2XlFNJ4IyV%$DK>tvDa9>gv|bsy+Os4c9i%8y
zaa)UuheTJuHg=d#y(5Y`qqMTnb}Bf#@7H?AZno{_LRywuRo35WXOU`o<tq|<?KoZ0
zRAarYHpyP2`ElSfBjSL0UZI}r(t>;(WWCH9;b3$YrHaQb>qN_xde80n02KdxO{4^`
zo_BZrYOJydQ0AVtcl3!g@Q)6H=)^ZRL@lA)=*Ox`WaEJZ4Go>V>mo!=p1%4=hYg$?
zkmZqw;n-aj>v%SVnytvSg^T{G(umLBTOF?u6r2rbu~r(K-uhdBF%DTuYKoUGLfY}*
zJiZnbkZ;O5UG@hkSA^2EL}h3c+oOr2RDhKiB+*Ux8Zhyn>u>?v`_lDBa?T8&_BGVB
zQ{iczr<7j`PL|EAV(6AMQtYtI`#vmAM8J6>S$Bn70;yNA?*`dncsASAf15ah^o4{D
zFvH+J<yaqLfVJK;Rv!p#YGo~Z0!xUlF2i(uP;w+<n@DHY{V!9$bn>98MB%9&WeV>X
zwI1mh0_{Q6VNy*BMY{`mi-HeR!x$428{Y8CK+l;`{tV)Q8a>w3z!vBF=y4XvWI^v@
znvnPDoQy{cuH`1ZSB5*2+z_U!Ov+fj$U=Y8(`Kdhd}sK6Vl=D8;ODa@MBJ!{T0Sca
z0)`?Yc0*%+N%gD_nE(Y3r_mtufVGeTHV(Xx?qHmqFa0Y-R2(*^kno)rH<HnjdAq}}
zN8t;;*~I$2{V8P8!4edftfS%92)1@J<jWvaaK2m4iu7qE)Q{3P0(S|*W!$(ft%;TP
z^qWhrtkg833(idY7XGTmS?gQ7+@6&soe$eqOh2)mU8HJ2LFU2IQwOIHnefb>xa;R9
zIdSC0^2p^7muEQj_08r6m$l4fvSL;C`M&3m6hauP>+BUgbvdV644R#lsAw|H_F5J;
z8Ucdi<GL;3ZHGj9U@+fSd|Lg!Ha=q~+tZbUF{QtZ`bJl|<Yr#$;v*9LQ)~O@`{VX@
zisk$6AhJnHHp1pvvU4o64uUDrQ4|&k@~P2TR|cOrL}w+MPv*CWq2Nt&b)jN?xMpNO
zTJ|zJ<hgBsIAJ!v3}D%J?d{SBlno8hVK_@UcWQ(Xy261Tjn_{l#OoG(_I8rOuT~6Y
zw;uB0=c*1C^IT2BJp!U8Im~dPV+yt`Zj5h`{R<2soE{tz&L&O;-}`%i&eg>&l6f-B
z-}RHAK>UsKX0viOZ60W?t{Aipbo;iZMQnrPwjPYm8MmQBjYFyCnmkMq^NI|YUFC^d
zkO(jCd!PNnedoa0?XCZQkC{SU6W{CyA{17SryDHGs1G_~s@xtkVx6wJAtH;n_SADH
z7s6Z11Qy;8S$*uUa=f^6>fG<TJ-k<wFVlAh9~H8;gs|;hEhT#Z0Ghjq{94?1(g&od
zUwcOfmYVibNSc{${PBqL&10@&s`hCRY@V5behAp<ZXXn<Q9>*nkLm(2UWhqV0Lmip
zfe$sB0Z0`HOI6Q_;s_g;rhQppWW?h6;DAhOVyj_i!ZzBzV{rOp0q}Ib7zyF?9?{f!
z530`cMMf#u^>Kus>S+w_E=QAe7GeG7@!sTEW>PwB9)G=~s0LWVDwzOY0I{$&R}NI}
zZLp>`pw73;snD4od!Jn}z3yWEOOIP<pOgSj_D69kDduKow_GpB-=xgqKdNliL6jc-
zrGBoB2(U&}t|CeDUGK8O=MBP@y=~gv>goYg8)?3qF$%7rVCQFKbaI`=f}hvf52Qk0
zfOXg;TM-X5+6Sb7!B>ZQjf;C9VL!LETs;gLx}h}x7)d@s`Y;{`rDMR|r4(sT#UoCb
z%<Xh8=rIv|@gpI&qb-f5FZMc9b2w_Uw_QK>yHPL^rX?M|h_P6YXH~ba`S*O@$L<i7
zrv{R`!zD}q40oBqh2di6X)=ZbSIdkoqs+nvH2d3{L81Is;m3KMvtz)!*#f)e)-=s|
z;ln_h*TT=l{vmADM>Q$(8cr%YRwMm|{KW!K!}{m&mRv0)39~<X$BP)&yVB&njN8Gz
zLDCN(YkksT*3Y{py3CG=&zX&<k4WYY$Bva41!<Dh3YacW_jQA1?N?7pWVq~olb44F
z0BdxtnuoX8^?9`$K~p+1`Q_FoUT}3OoLyFr0>)UT$19x)+`<o|QukN>gURb6QuMmu
zHAYhmgmxU=>mM73%TQ~XPts4ZMrXsW%gfdL;04F}#S$+@3-<n5IyaX(+bIqGd`x1`
zn}c=6Zq9h(#5V4#Sy_FxF)w`_Htss<%3+n+HW5f(QN%DR;3+{yfRGLTuM$<f8pyJ~
zme)J};Ck!2QgLPblQ@8f)X`JFpi12*9F6AH6q>H{ZXz=lcP1Ym1>2tmp!v>t?!tm&
zdp;)54YT!F(xa!xz~f=3*NQ2I8e6Yqah%NARh=#vNcaHmu1-4%F`78$bc*J3ys3X#
zSP!a6>QT;VXqVlaP&E}1Ydh_4rd?Z!*Ep|ffM(*Ideu~-K0y_*$(DRUQUf}i*O{r<
zy$$Os*0&sT)tOotb|04II$y6;W}P|=Y^4q~M9TjVB;&S~<w^g@Ry0pk3FcB^kdJy8
zXLhOJd)RK4mm4TW5a?DTvF964D~Zch;LQ+fg-yhzbWzyY+-a%5D{f(%SqTvVVh)C#
zB9CZMP*9<;UsfVoG$_&5x<!(<9Z||OokOZ6iUHBFZE>^rhdqKT!%q{N$&Ok)9}mq6
zYYWw#Ac~S^K&KqW@lD?`^Pj%ucm_#CPYWb@)Bvgzd)l(~dG}2dSDJ<C<I#tdBVu3W
z;9{T8p6-{G^tZW$2apKE&^p)I%^X~NR8kW25pCr(W#xf6GhNh(itR;X-T-OjM&1k5
zn7VW1Q<{$#4`#x#iol#L)~kq0<2|@|3K{k|^P2%oy#8_AiJ)d`!Y2?Psb&*3Q~BIH
zpfVzm28R%LRlkuvtu;bASc1;xJPnfDX%%>KY<J3re`9Z-TNN<-UgBi}qP+vdJ+r1}
zw&LRBB(s0X-}Pg7sgNTDEp8xS$%xslMlNS75i00*!vJyP^n2Z9lHr$j{s18<zj*H0
zc&v}g)`O`Sf`3+4EYr-CW9U9T4&2c6uci^3w@)TF81z-j&j>Gp{3M|%&&3i4E9Z(k
zM<W1oy{D#R9|Ca{ls+jl)LxGPG~lP@<w-Wz?nMxkMN3!#vn-vP)t1qk;l+k^*En}N
zmq9pwhH?8bFvuhLm@aK~G{d%HmP!rD6W>wufX>1fM6`Hk*|258F4*Wjz1ozkSBKl{
zgXpn+<>UtMO;6*Bs4AwGL>Z#jD8+(OGwmHh6{~jMz$3sKWC(q9YD*-L@&gtZc*r)z
z`=dr_sLB2)Tyc-lq>-AIX{C>*q!+*nI#=XOnqPBZrjhSBA$nkp5XPNzb*3xQ)!SpS
zwn#9h8N5s61NkaE8tKpJFh?!XahymOwBrPZ^@oQ>kkbY|(F<+z4t6hH2fjc7gx4x|
z&`-2qeLY@CNvakvDsP*42q<G3%TMmS!pJwXtbz$tUTjOov3dX3TKwgEE}s|mXDI-C
z5C1)#j=WbHyHtBTZ6VdzC%Xl7Sz!O>PjI)?n&Zd2Z%3cUXoRn@8l3j|@G3`u#_B6)
z;++}$%oPX;+$(gC>Etz$(!Yi!I>p%gBt7A17Y^wT<tovz)-<4XBrBmjbPF!*JjA?~
ztt63jsIbY979x8L3!;dgfXAJ7%B`aOSt82-<ZtbY6@d?~r8JAFh2x9%=dge%?T?i`
zHEXL|XzbT~W9RVaB5cgUDUK)+!?yEvjCsB641aoUX=6;=)xNfBT1@i={~G~lx7I!r
z1etdfSI^2i_(aYy^(Et0PEHhsG<L($nZK5QYEg4A(jZu3AkSAc1l_nMV&l^rLYnGQ
zX~f)k-Ux$%u43v-pEYD#8~>p%a}72}CzRGgnokrvmsi^~_dTlhW#ZitX~96U-E79F
zV0wk#hze~?D56&To#&c%MHTPB&s9(mYcg=B$~r_K=4S&E#QTg9II5HTuR*3HWkyYV
zy@ExS?T<>=j8K1%j(@AJv=Ghf0Dsu6-EDI+OYCbnD);2hzRh%JzDs4TDp!5}e7p*~
zEj^w?ay*^e*pt)FVYs^)wCK9$C~|u5{xS5!iQnomiVaqRm8OOrIZN1T340%xjVF!i
z+Rp`{6tNHORa6Yz=Z@$2cjZuVEcO@_tL9%tIq2_i!Ez*K8TXl+V>T^tD#>^tPO*_^
zxPo3D!C>G#ZZs~C%yhQu%#&1<nTh7sbq7(X3UCNB@4T@eOf>66B6htc{aT9Mu)czt
z-OchL-Hx*c>ox0k`2qrx-LPfzE=u0`tY;Hy^O3;@oXdq;{(0Arn2>s{r3}h)J;ggs
zW@bg4g2e-gcsx&O-T6sjjY1;XhY9ALO)Et7balZUM+eqW1h{5J;slA{5ntmXyd){v
z@WZ;dK~bF1l)1KILt$MzK$+ouduq6y#D*ca#%yxNL;K_f_KF_T={m60_RH7*URm?E
z<V`SM(WM3(bYT!4ii<8ES_y+(*(q8Ntq8-jSBJ{<e8RZ_2bLtoeO!3)o%B<3cVAhw
z67ayGXQwmd9Ihm%&Xfn6+goJ<#oX6j9|$he0O<>M4R27~8EucsUbTg6^A1965g^)4
z<sZrB%=&HReHf^wt(izJ-d@?T5Dbh$f%^$zNhNX5{S!RY^!CdmH>kM-PCmjieSmBK
z@fyPsU5T{&Fa$Y->pni*7S&b=h3qn8qiZm@$(>lu3S87192MRH<TFVeO<e^qW-?sg
zhv}0v(E_Inn9Ej@m+S&7&&Q(9%mu`UIUFBC-4|+``WAbt#H^_1MdqrWEWfawRvx4J
z`Gnb}3F+?`=qKQLwk1{`E;xBvj^AEr^gcM!dry?ltC#9d?|QyIw>ktfUM_Z~Kr@Bz
zCB>*eymmjBq#L>h-g(FPEp+tmPydoMZz>z?zsgqrnI!znHPn6LouPq_`XeG-DD0G9
zqKU-DF}3?ZO0u)saz>&}q^+@>XEpv!_y8^pgz>U2`Lmdk=a8Js-G1z+*6FjR23Z7n
z219!Mr|2d3$736d@yKnLBFm=_aLhjvMp1xWrhg{!|7|G!QZrNhcbFpz4~tI&Ejvn{
zcxtv>db3GqIyw~c(A2L|m1Jx>VP4S@%A(ty<PZhz$_uL{HPbO^jQ$viCrpgyq^k4x
zk0r+x>b@AXIU$tDNFH7oU5Qz^%xJ}0dig*8Q)QyDTG!yDVs8}V@}sc+;dmR#Axja2
zQ+)Gbk^F|~((rg}a-x2KEv3DVrY_QOjnkEjQ(+291kE{hPy=f93DBs?_j9d%GW$e(
zhNxw03|WM@`<+Y^f@^RFvG3WR;{4B7)2L*cGIrBAEd|293Zr@6oz@S@_J-dw{*49T
z{;$&UN+27nohH*>VH-pFAKvJf2)QbrH%dpT0`7hfo8OtVf7OJoMSHFWx;P-Ihx_0A
z_v>o9%D1}~)-|5@yqQApD=(rn1aaTL`g=P1YwiEXD^~N~CnhJe2mzjpHu+I5_<kQm
zG0ASn)?Rt>Kl;fFgUEXkg#P)%`<MT<!CxKat$}_<DwN*u;QsGNU=U>$++P{WXnb$^
z1odA<_J`o<WO$|W=cbs>HZLO5KaD9v+1iyY49I?l|F1vsawPi(K{>D*p#Sn;@Bh){
z1ym$OPxSv4>~FD*t^BGkeMI$Q{l9y%U%z}VKQ{A!?EiNIFT5^kpY6g`=OrfKf9sm|
z{T~X*EQ3~5RyHy=PKb}Mn|`UM`PU#OMSf;#sjsXYo0u@mz8t6iyCD;=SI_W@|Hs~2
zM#Y&mVSovN0Kq+Yg1fuBy9N*L5Zv8@I|O&P;4TTS!CitwBaORkGxp64nLTHJ>^Zw<
zmmf_--@Z~+x8%9?*6k4g{i0qhes5`%-kzTM*;zJrc4h%PlRx-8nht()dOByFb9i_t
zhF)J_+WX=C?^@zO>%|o5{Oy~LtM@N_>L@x6NsK1CdU|>+9lYOS{60+PF8Hi<=6=2W
zMT+T!gHOUA-vn`15(Si9k~a*s<^x*(C>xl?7<6thb`WyeZ;R(^M*Y|xp6#pHoazFL
z^*i%NJ)cgz??*gNBe>X3yAFJh;6>7I)Zt8*#YQ>*TGhYUF=}>!TA<ayXm8pzE{0_{
z%>oWjawtU=tpB*c66h!Y7p4EXIWv`En7*g$8ICM9dTr#6=IVRZuiTuN+y1cUKXhw1
z>?MZ|O{YnDZCY}W&sBZ&(RXoZifz>QH2ZT6(}tNmK_2(llyvfIuJEzV&D$SasbYnF
z35fHr)tByvbb$FevJB+)cC_eb_9rMVro6J%4cpxi3V!Qbfo~F8%ok!Ghr&TO$0)aN
zs!Q9Z=^kqiX3GSHYz(OdeYwQ=;H1)=oWaht_;)@1x4HYE6ODcbDYD7JwOlt1&j~9G
zQVM)tnS6q36F0fTU5h}My8v0cglMhSnC5dcwZqc`_WV3ZCsJ#u3b`*>5f>Ou$T29S
zu_~G++0Y!s6vpPCJPo=h!1<Ya#L|m%9POj4)(lYf3n+QeNWCH)1WwLLB5U#VPO?q)
z&{OqI@5Vl$)MGrz<=_tE2LA0X<iAaJ)D;}d+>NLxuUj4!J!6o;u8st{>E!N!LLjt+
zP<~Q@%<w&bQcC9lV{TlY-%dDEejU9y<0GZ9Y!Gg6a?Ey%;nyv=3*Vy?duUw)T{c7i
zO+>{IISD`6eCyAJWEdv5(D9cs9rmu1OXuIZ<%K2MvMxGavQ#uncwO`CI<u#U4e8Vr
z16l)QI*U%0NUI{cRMF^h+%P7tJHxrb{cAFv*T+(;F%^me^HU0T@4gX04!fb`m4=O|
zAkT}ykf`0-LeHyy-7>MU3Et=$X~18bH6r$Ubfnx=t{@(%I^C{v6jCt|7q`<`t;yPY
zDH6xUb1;S5{aWUAV54E975pP?5ni8Pbn^8cvp{myd1+y<@W3>QXU$^QEkC2#A?7;M
z?pSiSGP$tod03)TqPu4!(T{}&$Ib=;*NgTV>F9Vg_p)U?EO{p;bn34Fu`%eGiJ8}l
zMq~|m%QuTVA@Gcv1#jal=aS4XoAzMW2Ucc?Rbhc&`-0QpZ^oAkz5GYoFERY_BOav5
zPcSetq+)G^URTI|#WWK@0?c3b4QV(;eP|h-hwNYLm1Y?E?Y{A6s;Nf8M`S^9sCwdb
zv!6yNVGv3nS{X-E%(Z#fY-UR=sUdS?6Ju~d8n*Z5h*-Q)2bV04ExB!XcpWiU%ecg4
z`EEaIG9IJbR%4>k!@hsWHv@hnZ&YezIIMPNVDS7Lve|rVv(Jp7J0vXC5b{K?!Icpb
zn^QUX5?74({T3Xq*;*&581+(rjuhwdMganebrW^{ff@TmT8bm5-PE-$J2kgE-GLm-
zly%{-MtbU13MM7363^_}(A4f>A-@vpeG}=eb9U}fhsm+j_LLu-d$UHQUJ1Hf3y%+r
zKGp8$iT;v`kUXP6eRuGx$rkH6;~+_MqqKer3Y1WL_hGi<b5ZqAm+W=l>jrAiHZqCd
z^y||o*d@pZ1|~LNVX1R|1|t$SJ~0Q%G$-HKQ2@*8IS<p#50urCbXpk<Fr8G>q8+jJ
z+JJ&HYOlvPiVN(Gt73_bUZp<XcOAgVU-!Tm#)D_o-S-MbC?c9TfJwRB9j`ocV7Ttg
zP$yQ;wbvg1;uhY_B^V}^{4deA=dT++!RUt)8c5kIiPOl^j{3w*5$(lol6ID$g88wM
zei(kM$JrSimm4p1V(<FFBnq6ohH2llf2@xAeuMdzR^&?rz;gb_XC-v8akPOH8#LwI
zk9W?^E`k=zz=4Xn0r9<^R-SL3*OV$KP08(RJ;WQz{oPnrhfV03F_S-U9Y<>?-{Ia{
z@?`8B>GI~N-UMrsWz)$jd>@UsVDTq%aZk6#zs=ZU^BNDn{CJcr^3%D1xYeHB)P>h7
zJf()kYAWx9AepI_@n}*Xn2n<e%W0yV8WKl;BZ4ne<!R^NNvh>6Wiz%rnS91f4zOsq
z%I}2a37LotJ8QZkS4^<<qJMKO5^+<`+<q8&@qlz;!3~z*a-~#$NQVL6j|96br1iN_
z?m)hvL}0x*^`83XGg*4VNAF1O^L$GZ^77KIF@xe*5*@$2RnjwOK%V8kF2i>Pzk+@s
zper%4Pa@82!TPq^52=purQyH`!tz4d(aFXB#+QbRGPLcGqk1LIWKUSMXD&*nc4lR<
zEaDr?)q@JsFbZyrf)Y%^83#1SF|vn%ci<N7wk|&Yx~SchGpI8n{Ny2c#dnfe0C}|;
zySj8S%F^r-16V;MrZO@RMVQK9m4o@<g{Lj#rYEP~eTRAANsL!3j~kd1q7EuoP5H8s
z47DNpW7~?0fHHQ%qEgqF<gEmqXRhJaSn4ac^~)F>6pgW#N(A0@sn`|L(JWbS0`kVI
ztM1es<CsH+a^8#Sh95m*o5Hq%44X+M4AZ$ua<O_F0eZxp`7zKUv7$xrtV{}1%+5#;
zMy+!?%!rqvGA$Fk6M-gGgrNi>C2L+(D$?B2p^d^wFXugR42%33#<#gNC;iAvly(5-
zM_6VhtLwEelIQGT;&c|gAaY(kBzTBmKK90$dgVJ^pY71D`x_`PZe3g7ql-5W-<(G_
z;?~Mx<Qd9p#|jrnad;3dn{Qoe32}5~su4O3vDp{ZtdPAb4I)7i?R@6F`b@tYH32~y
z{IPZ4mv4l7Wesg88(uCqC8G(4Bzu@)X$s<rn*mzSi;IFN&Ihyy=~1HX)x!}5=>~p2
zDm;X&!{ZzrHP)WYj%;{XNF;5%H9;ck+=|2W6<uC9?%7xrd%O_{kY>GA*1Af<KyGV0
z@6%=rxT^4~j)--&mi>CZo#1(^dVyPq-$*6cgUvE>z@2`lB6K0kf4!11bB>*(s#x?P
zI)T|sRzAM^+&TviM=NZ5mpuESPh1Ka;}UrpCi<NV7J+mOP3#s0v_4I=22qaqfZX<~
zyWuNBOE}7`&2BNt5utJY{HAc$@@2dsG8$Y7j`+-@^PgB|^w1U&>6rk7Ix!DR85ihV
zABeHh<a{v^@#>OI@m)Fz%UkLn+ew6aA+%nPyMbcCg~08S71t~#`rDnJ+v{^<_*bk<
z?JpEn2&R#-RJ_Us-UtW!H^kkKK^lalco`x7l~45-%`@2{(r-l1GTst(j^Z5f(WYxs
zRWQ-P*5tiqNmDvq+krjoT9+8ONTqB*)o}&5-vE9}U?!p-k;C^B1sXr%5+g~@m9<Oh
zYInz{Kx7f`hr>#L;%wf9+6nOx1>!Y%UIIUfJE-YaNfaA+DasQxqQ!a<1eA&J6<2wI
z=XL6TIjQ0<fU%0Fq}+fdR5dV2NQ0+VnF{(Ss9P+9Bc<L#?cr5i8X|vyJ2jbkh>&hx
zz7kx}f*pN)yj<EoVpPVX6g3b<Vg%+9Gl?!oMBV&0&VxYKJTs9*P4nttWQaGCxT5hr
zF&r%994~C4XRd5bCxjWe!EV4dY7@65QviqN6s?vgt&`^mXH%qadw`KhgyBY|+&D=h
z<L`qK$}ryc_N;VbLrc*_i34c#tRdNZ2TTP_)No(Eu-UYw(hN{>rCszv!d?o#o2siI
z`9AF+mR@JQJMM=WHxXBn5P=v#g}<?4*~4qfB=2A|$M^V<0jZ2^e-XjHbPq|@DknTD
ztgDeQ^cHh8M>Iosf_DK)t%uG~ba`)e#_}XcG9LlJz4-$?k86E0nN{TCV9af2$S`AM
ze=e`LIcSbn(-aVFy&bW)lA{s%pueo?K-Ly>U(9pbUFa>ZlS*UqrNu$K&c_5ZPoO`m
zVG2Jv3Wp|0uJA#n8|Imw1BEHnqs~cs@r1iOh9*DWTekRHF$)Kn+mQcwh>*Mmz(`75
z=!_tgA;JRkjYW`}%JWey8mm%cGO6+(-<9yA3t5<qWWkn~U^d?>rqhy0b1t~gDhCY=
zEjaU+8j=*wwVCf(GcWk*#K%=rmktcYP-~Zxkts6Zlx4NTSuz{0M(6E@Er&(-EQ9S9
zWiFcgcL;~(c2|LwFKfh>1wrKnMdX&lMJGGd+?8gG_zf2%b65}AyH=yzrZ)MuCY}fm
zGB-KaYc1=D`enM`4TGM-#)R%hBF??!1LfJ7*;T<@1}V!;_uxxc?r65p`rJg<0h#kX
z&tez1VC%3uA5`y6ec@qf<=J*PXVk<3Wo{fn@)3%;S6&BWLA*C38h%U7?K@sdo}H;{
zc+>u}CFNGX#}m7~$Xj32dXKJXjCXXAhugAeMjl2+q9y==deoJ^(6Zf!O`}&=1i96;
zKT>rN)|E<~dqp*I^6X@<LovULM5#Z!Vwo&&&{{J%MjY5hM9$1{<!ZWtuTi;^s0aaH
zLG9k0p*>!NpLmC)eLBP_{5^h8BGF1~zjnfrMyqXGrAY0EydO^0cYSk-n2FuyMA{XU
zGR}?8JRl^X3-81E?$%pkanmCRcWIgR2dxQ?MGd34fwj+r(F&rhd&#t5KCvmv7qyf{
zF|PRKHA6p<(0&noNt5vL%w9_(Ha0fq=jVglRQERtb|RYKysTq$7*0PLSRhyQbq3Y3
zX^?{*Mh7n{Qj$-2Jf<aH+U5**TgER`oq0eZ_%U2t{BUBbR*}rnEzXp}W;`2yBG|TE
zr{^6-v{QOuEp^psa1xj|Il$_)X(kb{K21AwcN0#ne(GqQUY_VoOr>agI5D{N?sBER
z*8^ko{`i|UcuAlKrXIKPU_`wZyZueVT*ZTJLFer)i&Wh^C9f;?<;T$VmF9zF4ogLu
zAo2`qoCSHZVcLYfxrVu&_o9oM=4)HSDQ#_S2$wYNm9A$kf;Wt;4~#!@@^9c39nVvC
zf%q(`_2v`y*itHX(&#q<PyVw{0(s_Pis@h&s{CI*wT}oQpL!+|;#ij?I$5ar<Bpho
zQ=Ght%03MBjNNE;9#np=N%wSV6mqhBUxf}$7{>0+4tEie%`2M{kZ_oTgd=dY=3uVV
zC&dfU3>-nPGJHo?Et5tS+)NJ&m5eaqlGwj<0RjCe@@lYdv%Uo9!)I><E<BmtoIn1|
zb%?eI#%Q{zjLzkg%oNCz43RKZ=$$Ta3akOhdr#3uoaV}|z|@E>T<?}16OvNjoJ+Ok
zvpj^D>PiZA0&~*#Na=1_(v_&eFY=^jYY$7in>nXt1(O>BhS9!11@nK4_CRl2G+*Z0
zXqU6Pn!~=-a?5EGTHWRq3BM*kZ|Yk+eaT^ghNz(9RpaNrpfi@E+WU}PQhkJ`7__am
z1acC>I#SBu%5V3~+ca7YvR@Va9CBJoqsfGhh^>fhTf6us=w#pgS_*2%D9UzYlscf?
z$ryv?eRJL6IuM>DS^Cbbb7jxSt=L8Ao#8ts(4+mOLj=m*zPD)oC5QRS^O0%~z}-%b
zwzP>#z*a;&wt(4y3e!U0*l`Y6oM&%3E;Gv7xS1J>B(gpu)t%eyNye#PyeMY}(l78J
z^*rxnBDoSANM9>iu>Fx~`J6P-a8KtUqM3sFrKaWZ7g=rhA|?%U$(d)cuxwyK?4df%
zOxCw^wJR3~XXhVfS0e5N`IVbIT(5Ur$?wlE@u|m-PS5pX4`V`3C<5PwDp>2#MDWIT
zZJ_`U$lF+73>3?HMZ(p0PJ4YNYHl7$d(?~fr=XTCz|(F!LLBoLX_21>?<T=xzT(Pe
zbDml#A#CA&xc7Q#F$dG4?&}R8ca+G>c9o?Utd^}_x5ZO!XeRa#d;2fGJs~3|wm#cS
z4s#nmS+76<U?oHiN9%PzWu4O4HL#sKx?=NSZ-5x0t<@bOH&aoT*D_{(a!xcudduwG
z^VX}vaaxkQN_P)!yjw6sVQYJX_pX6)z-sNpu)@{cICaH|OMYQK_l6c(q2%^E5F@fq
zVx<;PjmD`+9Yl3^L#<P;pe`>jul8PXdXmFrpFXQ~8}Z#a+!+N-Xl}7a(sy4yfggMr
zYIob-UDSU$BY$F>pt9-Sr1P~!yImiX<ueU=#>)Ho-rBeZE)Ix@Ayr|U_Y5y6qBq=Z
z6hHWq>><GM2J!hJtjg!_f8o5$oe2RNC#~FFEM=gc)|JC{MF6)Edww5cbPEFO&S-v1
zG~%VeA484OJYiB=GMumBd@xW8n`)2mFKOn&@#pwm_KvbNzdP@AjND;ZpwzcBy^Ofe
z1$wc}x*n_8JGOM*dPxDonT{o^MMa;_ADt2e`-P@qfxq@ar^+;)aMEnw;f7?@jNbd;
z+FoU_diUbhB(2Fe6ct`3g<iv1O^geZ$MSR8)gRBgdI?n{`vmiDx9CqII@7<Dm~|Pb
z3Rl!FMOuXW8*cQ!x1)OCM?%f$jA&5c&kg+_&G;ChL9ndU(GL25Hwi@o!LkIbGsWHh
zL43cEtv_+P%zlVTgAi$H>68`?`xibeq){m;3tK(@FaM`29VxzAuRM5rdpmMC!(#t2
zq|XJ#6GH2-MQ`<w9m$v0QD?b8O-(IKkku5+_WG}t&6k1@aZ5)tdb)qK|EUHs%TyT~
zt5|QPm2objiSXAK)SI84xbt|8^iS*+gjF(|u0`Oss#Itzs;SMfg=eGv)g!3TA_(#&
zMhT$%3+epL1mvSOWRN^;COUZBUQB_2*n#CymcKNmiOmxb+d$6G_Yd}UNTL@ek~lg#
zdiKA}<ow?d`=HjWx2W%4{PnLVjSF(b0eQh?rBt9y_C#Ob?^|Ke9)f>uh(r*Md@M;S
z8uX75_(GAKnWS56*7N78jWIEU)uqDz#`P9hkl^S9GTi*hs^5E4&*T#{)hkj81nsbn
zYXPx8dt@pCkxP0YwC8E%Oex-NZJwZ?YKO>(KS)8X{c)x3UPeY{smY<t#UEEArNM}m
zK80kt-OEc}9_e<trW*n5ubuV6M+D^^W?<vW2P>=cq9W6r+VH@4qhI+xZ6z!~Y;(Rn
z-!o@!T`f_cz;wT^$)7XBudL$C($m+sw6F*Z4`1m0OfT^}eLAY4QPI(Zg#<3}E>iLn
z63}n4L4}Pp?0xSEQ%H<fmKvLzXK=jg9Br8Y$B;BIYFfo1F~JDDo12K$g$hV`W}+00
z`2I+?%fn-^mC789##5kZj#x9tDez0N4Cq2&!*0t%L=DqNAf!WK@LiDiLYY0(`FD~0
z2FoFRY;1^Igr)uc{qgZ}78V*<$lpbHbP{aeN)HAG22?|09`oQ&W{qZpW0C$)OUJ$Z
z(KtJZN!%?_9-K6l=}l9?zRP7iLDY=_<<H?xJ#xxNZf7-ePskOZvLvaX$^9z2BJ#(+
z_H_P_DXfLpLA{KVNIRz4QoW~AqWX)Sxv%k4vCSGbmb}yNjIAQ0i7IXm5~gy;7^$@F
zU!(P_8sX|K>x@>P+LiAc!{f2?{p^OA^;)UoRk~d}$b|TZr2Q@i^DTUYM6GXa)|@nG
zb)rq(96llZRQ4Apd91GfaD4NHbZcw22_rXIx)Y1XhmaMrEsD$VBYl^2UrwH>c+vKc
z4DkenN9IwXQ_on7RygMSVxaua@*b<xc|kgWOptD4;_^aCx~?KL?w^UquFGc8Vr`on
zmGkN(w8<n!DeE6xJ(&_dxsF8Q%+KWN*8C}r{{;5SWHON$x(DtS*`RZFrwzM5h*JBK
z*EBZWxQgp)L+EE|M58sY3T<>Z$A{I)XYg<@A5x8rL3uie#`wgx>RP#$YXG6IzwJ!~
zRBwkTn+OHrFWvXU8UD<zOtU)FjwN%~a)=_6dh@ucv^eZu6xb&I=-IlwUsxedHcn`L
zhn4zPD|?c;5|6cJ8ys7^6`VkHgU;?VD96f|9Etjdorr{my2!1+4oK^dId_qDQa*af
z+d9XO>1o*+A2+L@zR;)l;bSDZ%uuD*#hp6u7u5pvbmw~m-GZ^$Ho%Z{ql?SIb(~UT
zT_krqz|+Op&_!%?YFKv;Q=vT1ZvmT-<9hG2ljVFp`AT7ZEEg3&o%y$)R_v?osck6Q
zWSfAum9j%$W|owIYKrM)R)$3|U&^H2>1?E187~Lr!fbA?enX_8RnNH+ooMgwY;Ds)
zM?m2z|Cf_aXMa$GN;T*><?CJL3d>kbe{eAc)_M7NdI4!+dGCPM60BY}YyCBEBKi)`
zp*;eVKS4PhxEY9)afs1q&rU%0>p8@R>i-9K)idcY)RPyk_7to9_jDdGJcyeWdaHYr
z)jD~O#)!LuSFGD@31lZKLW9~fH@e0cQxwpqKG>@$<bN<&H8&a^UJ~-7c_Ue5p!67z
z2v(x)h;_-o`+cXvF(5z%a0%Q33~b=?*jqW#Xr;eBne$l~^Y0%mzc4Z+_j+)<77%`=
z*g<An74l{-ZIDa)03eCln1mEII`hptqP1niWDz%Fj?T+1G$ibxSq3<SWbb7`H;~#l
z)r*WA_qvr+%@iFye#$5$-iE&*L1&1J)dp*iFpfyr-QnG#)j7FHvJ<srXJ`MAX8PUW
z@@MR@sXcvHct$F2C%}GBE>_U%?^ex0#BYxEUl(jq5yHW>@2%~9Jot(JPMj-N$8RK8
z3+{$}>StMf!D0HsU`Z8Sd(-S^Dng5?q;VO2(*4^{lT@#4PW&_<^luDg$L9J2j9!U6
z-1axH3OTWA_Z1RN)<0gUeEKgdUj~X`E>L5^_MD927<ld0JHksO1qEw_S@d5!q^uPy
zBHL}75$~do8q3qZA_<aMMs;E5u#SKk6b|9I)L|Wu>CIP^JXn%lYK?WSA8I4W{xY`r
z5!gvcGZVs~MlW8;P!1e@3B!4uM>D^oMV&cFS+OEDKx{7xhv3{9I50z=Vn?wq5Yl2D
z1bJ<EVdXNOr<$l$Y#KO8_ZIJ`p0MFpuZ_1(cK~S}(kejL1x$CGNe`uuqEw%RhU-nc
zxG@0?iK8NlRDbJ7hP8<a(+H<_pNuPWO2sd`8hVEN<c5d+M|uGrtHaPsO{WHqYg#KL
zxtbUng;r}{+Iie&-+IK5htHK6gp%0RoJ+ff<Bk<*W*Lq`LEp?bs82omyGx3Cv?oW!
zN?1?cZ9U=9tz&eX<OR0WI+&e=?8$;0Hi^O;?JRx%l8FI5Xq>l@7f7a2{-3-fH@ECB
zcsR&uTD!*P=Zs(dnG4`l91E{8JlpxBf8Bj!VlJu&Pn(bmLQ`OLs{d%_lTEOK<*n?@
z+wxx=5IkvXzCBbEe<^y-Pvt&SxzH*VViH!}UBK2)ZoTEmyF+6hgA|y7GHhNSH?GyO
zK?!xkM(Wb(BEzyrv92twWdei~jI=$HF{awq2rzY?-Q42&xh)|iOkw9tb1|>nIf2BE
z7G{kWKo?@cP=x#HO}PUHCGmi`_p`aHei*+$O=28d-4uwsWYG%S5GLf10LuB}Mh!2b
zD9^-Hn29Nq<wxWa<VNZ@0A0(>{0;FERGlbZA$gPuLnUz_uWw$nq9vQ}J6%X_ym`!F
zfTFU}Hz=hvn_4AMZ5~kd&(#3lRLQHu3O3)8&8?-)PTihbjQZ-w>y&U^uPN9Y&#_=9
zj{Bt-uVQgA@#Qs<AN4~9q7y<JkC9%Ic;c8A`RnKY@M`deR8%3Knwrt$^>m(|x!0Q`
zy5)52A2(a@npUyl{>v@+mmd_{5o!!NX_f4KbgCW7dn`0;d)?NiWf6Bh5xE&i94rd>
zDz029SpNWYH7%0pq%e($cwa$x`W{cAxjCpm@N5WI70uSi(%Q|@{Hs}s)p;n>=&GWS
zjb~EW`>O%p8b6yn0!T<fOBU%8T()AMn7(qIN|wQykU9b>9CSpV=lnb6G`(}$7~09K
zzQvPfVpv@%iO|6}nB#JZvc=F_p7Y6*6I=5Bxeb~lhz?cJSYS_}w|e_|ab%F024h(!
z^RUolBL^<!fJDd{4tmR&GFd+ieA}JqY&@@JY2xjqq<wK@jTU}h=!g(Sj}$I%n``!*
zEnXsg8e9Ck^YfqBW@FHL7wbMvr!s$J%mGY4O2?v#Q|{iP%+pcl)!heH^#1Xb?lVxJ
z#?uFb){jq}T?4b9qCB0Wa)0)Gn3T4(=}QTb%f(ic5nj1gO;X$ub~C|*pta~@B~U_c
zH>Xi!9CW#ATJZp_B7kGg$<;)Z%yjo~r#!2{<#1oNKv3lYyJl6>ogrrvxc5=&Gc9;f
z#^=EX`}O%`!AjGioM9eEBQZ}^d=0^-qm?C49-hN)sD8g8j_yZM6q@7NkD3+-Y#}M%
zFzU4;uQ}QB>I`UlEk2RHDkri7IbxE>rUfH9nz*T?C5gqT1*I!CddF>F%>xvY_3FzM
zxWX}vz4l)$bcw6E-mwQ5%3@n)Mev<V&SWMw^M7zQL&{p1TB74&+E<9yq#@@(NmnkG
zcvSdzIvilF8$mlRBJU+GN@5bNDym^mnv5dLXQ5)t_HTnWU|`gm-sH_yR;$L%D0qr^
zT9}VOV_tAHO2$Z!YJiw)YegDhwVy%YhY0#t<DI|?(^YsVgy->@PcICUz(9=o{Ba3p
zYtO7LGNCmPUV3;d2?3ve2Uk^EV&!_hh&xDwZj6=ia+%_1vom~6DNXOuQ7ARv*kDNK
zA?TR)>!j-ys^P}*u6bIsS$t|M7Pc^UBpwReRLr=;?(r}it#x>IwJJem!ML`k)iOt9
zoqBtss~5}BPNQB!s2|s@iI`qfhuK=mtAY=OWOyjBy_0*ft27rULumy$hdXc8rY`!=
z_j#R7b+C2C0S|-pS!mz+mr956L^jnOwK=9I@)&k!Jicj6FuQ@Dc`ay#ccKtj*%gpB
zmf={iCf-}WB8&|RC?LbJNHrgbQ_?Z`zm_OR{YIh0E3?AmCIC~%TIW-hoJQdsUwg4~
z<{uIbs!Ed2wy&P<({nJ&dFiE{ll6&wu;Uu$wOYw_U5D62MOwH5H&@lFIhI+i&$?`7
zd%F*(&D&ovf&}Ru=GM3N89O_>r|>rypXrTH59-Gf=vXBOo|2P`IdXp2l5Gc@EIb^8
z0X?1v;>O#%)pgkPYejzm-BjJ9|I43)+t7S$OH^R?%SE-=B_aqEv*=UTUe)eO%#*;@
zFCka@DRr-nqXVb&m6A&r3V=<TTBoes9>-9UhBAGJmZWO~adGL}g_y76NgudS6W&kM
z?>zvTmlWD78Ush#8@(3B3JKV=HrYM_Hh88}IXM&Y;_OEUf`@-EE@8w=Sxl$5QkO%Y
z_XdLSEQ8I>pOV*e8)KnbidiC$C-&Ch9(U{XdeMqwXlcD<CQ<fkO?msZSuay44##i6
z=wFfc6FgAE`jR=NcOLs?&jJ8^K##`Lo`_y+fQ-`aGQen${llCBxT39b_w;BKGDJ>c
zgC{$Uw!v=BrMsz~faPtO4D?GuZ?sIHc5~Lzu^r&&UK9?NvbGap1;b|71$K6@j(hc8
z4zv}QVVa`7)o2|`h!4Jd<K5t;D=I$MmvP;JJ6-r2o{Co9@+Q1yK=+2utmD_3Ud}<4
z(ko}w$2*<g7-dl5DCBul0O?@6`fS<RWPlKa)|Z5=3G0V#9V!imv5lMPC;??sSbe;!
zZzqwWO%7*HBe0R>AHVn(nk3a{yaH87sk_2|W=S$#z>j24w`@c!XbCdSfy=D#&rb1a
zF~+#uE@?6l=v2`frt5JJ5UY+W(n^T@v+^dst8#E~0k_`)7QCWA+t7k1i}EGmxyDXh
zTQY{wp4ctB@nn~R?q!`vko&T>f%@I9G==8YSl`@^f8!nsQ(VD4OOaQW`+`zz*7BlP
z8$6>_r_r}a>T|!%n<KQ!b6xu-w;Q>I^%GN3Uj_$TmY;~Z!9{Y(TH<o$<>|hi&7N@i
z>>(|0f~}Puq-~<}3?2I4Qp<YHyi&~`Oryxj<5}MaC?%WXQJp<c{V~~of;dhgMk#`1
z--L;V<I$U)b$*Kl%UHgjKDY8mDza`z!V*D2bZ!JY$&E@0xbCVLq^Z_$G2Aq~W({?{
zz*t%_m$hw3ea*5QD|7%IQczOT)ad!sVwE7qgU@)lL<TA6cBUxid)1eFuK*1yXX6<1
z?L#l~hvG*m?!P~T3n(U>0it;Q@m%xYgTzd7h;*kJL&YBdy5H~$Pyn3kB#<4}>rrRh
z2&mQDTs$P6so1WP%`5SY4up4<(lmIT^2(?SB48YHDH_a;^gj11CmJk&V!(YhAmd2F
zw{w+jPOtNlmY_CuDIB?ckxB{KqH(=MzNV!4m~chrZQ}>c?y<=Yx~kM!e}PRxXhS$s
zugJyq0;1)%sYujc9<yzscBHRuO^U8O#X-pu-bG>X!Stut9>B^7O;IoW{s?n5Kar{Z
zmCad%q>b8Lpt8>1+nv)AfG2I{(5*D?SN(;0$;(lkdw9YEhe-l*Qv4wO1r@7|J9$3o
zmN@Z_Gx=)`&zm)}&M_OPRPLS#$*vjfH$|I_7GhnzC5friwV!Ig{v4nL<`n_8`f5)d
zr)1C^SOl{hiV|MVKi|+?wJ-V~ppNfDf7fprH`<y|puAMXjzk2NSK#T&e90}3w}jtW
zSKyrGkk{2xI?jI)-7&?yxIkq^CQAP8V8O>2F_TgD;p<_{mN$E6G>PYH7R_JC8pF$d
zaw`UPro|EPuLTWh(rke+|4=o5uzf!6MTlVC6G;5u@FZ8zQyQ&LpvHeUsUd&K><}`C
zpKYxu_<z<F-_J@gP-YY8G%T_ef)pfU%wSiah2h@7{{?jZW0Ez<FO@P(o*{|<Xv38B
z1i6WX2L6Gt{epm?ZVW;+`i0(0{Q|@JV^Pv1AhbDlEL-=#o0JKGsz#_V$U~t#H)MZI
zi7)mE6gH?a`Gu|fvk4{A&$<{kBogp<ncDAISyk_$ah?m#Zzm6-U?4(C(^G-+4g}CF
z1%7TqGmYuM(OSRQf&S$TKp0i#jS$QiaQ`PT^iSOLpKmkOp7L>3JnjE{2JV?($_MHO
zv<NVgm+$|h4^Yo0Dj<@k#N(&^iP$|K(d6Zmy7Lz2gZc$a{^&Vb8AMW}P0{WDZldlD
z;xF|_WJIuMmgCPA`WT^s@@Unr$Jqb72|6gt*yjITr14%TZOyR*q1vVpF)`x;0^d(h
zL-8iU)6->E+O%+SE%EK(Wd38{SU&Ckh11ZnS|^{(%&6XiV71JuDqEJ6#pOIY&tJ*L
zXd47bPk8*`6<L{v=vsT@_!$Oc#B+$x>+ZOM)F>9;j`P39digZgtJu%)`7)uwcfvY#
z+HUuzB=X1RjVKh$?=WIWl$phhaqa=JycMcU+I!*XBv`);(GL_rvf#*m@RkWYS&%Qr
zeY1VkzKDWTD#;;(&8{#AeGbPa6Ld4)pG^OoSo?^A%XzFJA>)870v`HD3S?Q!$IJbL
zX5{j|%HG)`eNIdpfM!--Yo*ursyR9Fo3^BxsD4GT{VO8=L?Qf@#zz57E3_X&=A*g&
ztrAYOOIS1s<P(Y1GRbv%O*`Xt=j@#`BlH|qdRk*U@pc@?&;m&{PIJIDXi6g&yAvzC
zd7B*xTYA%-`O8{ULhiF@g`Q&n=ez0!m^6hq_wR=Tqp!i^`g<RFsQ1pl)wh@4uZXoC
zQ8$+d@1cf+bo*T+;gro*6~3n?`yjd9<At4*sqYAT{c**o)i2#E_boTAZD(`5mn6<Z
zH%9#?kkW~&2_B5qv0L2e5z>hxu1??eN@iaToP8E+RK;LzquM>XNi(IHNbqQPJQiER
zPI1zv6pRmH`5Hy{t0x82Yo4~7t1BW7IB4hfuiD1P6GL<(M^vuFb!W()7ilp0G6Ak{
z*6M@UcI4tBsv}FRY&?;qw-;gizv9!i_{sSpf4IQmHT;UAQ_eFdsdjUX*;Ay@Z7(7e
z_q`;PQWnpPTnNBw8&!>`I?-_2VHM~^fMQ79@oQb<Q%40l-?DUZq-TL*3VdP6>V9|@
z+bi?%u(`qzZGQP)Kj_UKljKPQT0O!6w0K{Io>*f;+=VVwzNThYQN<7REV)*)9QgaN
z*+<3zKz7!UyGQtRV6O_)L=Gx0DTgVYayN0ju#=}NQ14(9c2ko^7Ygr<T;XXa{jbCf
zbmj#*bBZ8T_u)%H`<UAeVVlyS7Ak^V^?l*iYvC&KXLTf)wApE$l;Lc9J0x^|+htO{
zSgg$AeYYz#e-wu+N0k!&?LG&M8>V7XY+Pq$m8xOrR0|o34sWa->&Wf~Sqmwr2_jKW
z$si;C+48o&#W5p-S<9#YJ^1)H(Ps*N!9XwlJw)XFXdpPznA^-l4Q;lZ%qIv}j%4sM
z1AtOYl(JGEREz;?d_ez9c~=5OJQIJC!%4Lmhtrx&QcU#L(&Fht&rho4cT7x;{tdZG
zBGv5`rv$=j_e0sTno+k`b45JO<DZT%qqW)XIVz>Tk#+a;yTLC}$m=v^!@buh`<24Z
zOnTBGNu)291VOcGqF!_757R8#{7gZ3EY5y-DkLau;{b=VGN%<H2D(a0PF}7Umy+T_
zJBI|zO<YQk2}=VR<|5fd%0-dcai92N)=jnaqbRCU(^*~fDV%T~RULxCw?{6QY^lb}
z)RiU7js4AXn>nndTc%3aWAxaMDwlo;R%M#ZmM!z8*=`=Bkkva4ALO<3H%af;TV|y2
zaf?{0il%Q))2G67&8jpylW$dqZx8!Bk_1Z`@~Gnq)p|Y6YqTsmg#p^%`VMk*wLo>i
zI1EK=Obiaz=2{cUDP?zV2K}!P`ChyP|NBekR~RV0{5hX*-@Z*xPX}-luZd>zf!m*6
zs8tzgNl7hI@>5Y$-&`Er3{0@S{O4DH>nXGF&DR?td0e#<fp^NFbM6}jw5v^Y5|VCg
zro!tJJGPJ)U{LS8|M?<U0|6?XY7$91*9rvHc6A*00ycwP6aK5!)1NI8-t65K$ZKrR
zJNd1(+$2OHD#key3GY7^^}jX#R0dND(IM`#`H#;t3t{BQX#j*$p3i3a`*b==zzb2^
zB|fkJ$LD<V7?}#1lcHbl{!Z2ZP2h!(DzqHAXFOsr(!WXndn2E08os=S!brO7_rD;(
z6X`0DGZpSA-beh3Ku@0wYk5o9$m8pt2>u*~P-2~t(zL%Sx>}PM&e5_n0z!>%Oeehc
z((S+V0%aUTlvtOgU9GQ*$=}!wWDDvh%@5Ru7X)EQYuYKs?>4;kI4cl0w>C6m>Fw6r
zI2SB9Bn@GZAKZ)<^-AAANNnuJnQ0$`m;U-=`7}}+UB=8VITN?q*b-qf@SJO&6_617
ze33qPAOfX6_MCb1MPnf9yN~dcsn@3x80UvbX!Ux|_bK$b5LsWC5V#|xUC55kfBCrl
zvG2-CMxqRI#i(E__{TC#MJZ}~?q;I!ZOkB>|34+^iDDbge9Q52C)`RLd@p?J5yd>+
zZSMj1PI?Od$jnV}fGzZ9yTkE!%?i==he3HCSaI)!gCqj=uJWWy9Ir%*l(L1FwEZ|a
zFb8rmn^aluocH;~O2@PAqkN<-(l1NlFXvipx6cd2v!fM*d|CnO;s{9ecX!uu>K>AV
zhI)%-X_6{<(8xoBYJ;(cd4>$<X=SHQb77dfrdXaf_XBCH*)dbE(KIgi7G_mE9-}Us
z*7?QF;?q4A_&vBv^8#b=@zlAThW+|bL!0ms4ph1~T<Y~|Rz{RHMuLdU&IVb5GZm)n
zev^U#w`NZ@2O0u}>s#dRpH>X==Q~{?_|wbKGIV7VZnHsCQhGAf>5qj=HQH$DsUOx`
zS9oQJv6>yRW~=KAd)y3?J8<pLZxbuS;Gn|f7MKn`P~TmREo9le35v*ov(gkn@_Nif
z)%}<%p?ff9{;@ijo7cJt4}Y)Sq;~%_G7axQz42P$Lx{TKV%c6)q}dl3aRhkkTjLq6
z_@Z#>O13faH?py4b!p3EIvK*826Acsglglo_jjhLIC0$bxgG0!Etg9X@`J;R92bvY
zBjRrs@ng$fhA@?+$pi5}Tq!yyk}qXHV%Br_$e<UU;T#tYwuYBnEPhrQlwRUMxEozk
zC|3qjYfEeTK4ZVIDo8^JJ6ZI@`b-8OUQ}=yj_oZJP2{`FAAGw>V^zrYkQZms>Xl02
zt_=Tl^|O|!C>`@?v|%nWwl!Y{VCZ0VyL&VlPtb*0&5<FMO7G@A7`KEin|mO!)OCbX
za{2i{R5pp@V2{LRq3)_nT$CyD$IaVG$9hBqvq$cdABp>$%uY8Acq6X?Ly|Iu!2Jc(
zpB$6sfSSrO*pZCJ*toO4$0Gd->z0;$&jX}JOP!ly6pAdpf-yy7X>83gr{R$lg|C=P
zJ=YeCIO>m*y8!Fvw|Jg-QQzC{Kesth?W=pxcTK3fCKDILnei-|Pftct(c&~*>79q=
znm5-8xry=1Vydt{Y&1e9B}O8mgevbn9@MC<CldjeZ7T*w#Tkvl3vn-2<h>jQ4se%Q
zaUf+=IXrA1t9Z;WgPI)imzIY6iUtdLYNhq?!A$_L={wAZ1EeEP^|&sXV_fVlM(v}A
z&5ewt@P&ri64Kn9`x7Ba+0tVPp6Ye%*~+}L)%)JrowK`)`H^Q~3w3utQ7mCJ`h>#2
zuliXV!&(#IY1N8OnVr?_PKdY)S;hB|sWdM$YCQ=3O*{T!QHWk{p`J4EWkSJxM)I8T
zOYfpebK;j!NGqhleXs1eiGC4Zc4lCUVovFiaYZC=wY#BWvC#C0J4UAT-Uj+`Jh`1A
zsU=Pe0;N%kOsz!ay3CW`tk*uTi*x4C|8<$hC&e3u*i!m(MB)Kh{M1GxZKsCdcPNCw
z>%m2yPYDkcl*;8&m6S;)n|WGVG4<sd1x1@Gc@v-K^Cgl7%GS<tL%qZiH^yYwsF4-i
z(82~(zD_4XSA`r}-Ryx8Fk#vyO<h)82QI<ixlGIK=EfN$$@`0_Fl;Me_(rGcs|oUt
zeo#vx=@O^LDuB$?SuQ)N^DANPQFbbsH+N22OImp!n=&_x1%n)7X{x{QCSK95jzWv!
zSfYhvC*8X5)e7$xPBfN0F%g?kp`l?qG0_*c2DO9Phud9)fVY^K))|@N?(VFm3OVZN
z3JXS?7Q-6~9O}9mwI59q89ffh27Dizi^^}JC5wxN%K~LIE|wzB<MKVWXE#(fE#PuZ
zmz=BvRL!=GD1`Ooy^gMm8Cty^DsmEYxE=p(w7omri23raTCuERJXXMkYSs1EmYoD>
zdyNg1O<My>p|YvwoKAUpSO^2XEXtf)+#Y!6cpjy13fXqs!_0+hCCY&F`gf$v6X;%I
z3kp`LZH5{Zt<g%oaWW{V5&_f9!4MMwkM?SWrcJjc<E6`HEuQP9kpr~Ho*Hb{#j=K*
z@fhnLT-LyD9R_J}l@dcoOHpyj4<?oxgS85Dv@{r0+<`Lo9-lfdZ<6xtE?IGSTEqe1
z8>$ux<ya*o8D0y^TiuO6ESX+5C*ml<zh%t!^&C3Z+2)Bt#sCi>FbB~3P5I-DP~Y#5
z!P_MSe?M)>fD_?xqG5+psN}Yc#s2c8PsutfQL=Mi<lnOElTCR9uoWL0P8&ibI{`b1
ziO1PcjYvgM9qjVI6}`CP(h*q`2IxshNo5P@=)5Q4J#NM=m#O$_CIGzcH8B`3?!tIA
zsN#Mh@8BEVs$Zlb8o?Vg9U$gnZ#GlZTP(D~h(IyrBvFC`vvq;ig{_K5BIz*y<?B(d
zRGZ%Zb)MbK5~D-WOq1xsfPDQcz4dH;L)ROLB$Ataoq4qJIX(BEt)%@5rI$2U`EeCr
zIQUsD72}*r5$)Ha+L@$3gqZw5dhFVkE|@k}R8U}0j%Peieo&=9JF<px3{+P=H@TEQ
zWk9foFr*CJZg|%!t3i6ZQyp}doi}e0w(@ZANw0vfU|fu9Y6>lFAyvBA!S`M<;C9)$
zG-e2vg6+eVP8%+5S{foA9%Why+=Xz>vHG~|9;;{#7AT8tE<U#C-kg9ot;ukA&7_n{
zTNCL<2unp;>SHF;H;xGs)RGVV`-j~r<NG$!XWg6CiMK@YgUYgQfPLX-9JrJRnE>E=
zVeIKGVP*}GEjRuW5D@D`0Vjo{etwR~P%)OW_3rJI$;!p}iA(H7(k$EDESch(B21*f
zao1p|v6VY=iB4l@R3N&5NmEjb)alEm?<x;Gn_o3o3N_awOGq`B@c{E}dOfj1@|6d@
z%867d+`SF{NxFJly`dj9%al7yO4=^xsi<A`ml_hA8@2Q>wuuMxrKTxOb&6_gzeK5P
zqJ_l;)Ytx%3&6jC?#%sJPHh^<Jt;4X9=lv7m(34slU1S0;1Oq{t8xS`KX%6%xg-@&
zO-Z8PQ@M}n&?efTQSH?g)#(je&=#dze4NS3Nb#g0HCnR#P<xx%5x=)3qh4TbayVb<
zWn-FOt`%;kyKILZn)ABu=I7$L4oL=6jcuu1k62n1LA}*@$#E6hsS$Pp9kU9h0Xj%w
zh;mvu$Kvct!f+Q1Y=2hK9rcuB1S+4BR>YG_HaPCj45^pbn9TQVR6w9aVynf`PoP*Z
ziqg<dlv=|8l~-ivGUdN0?@m^z+t|HlZJqJ`N%YL&cBTafr=O@WfrNzA(9medaET=X
zbD=)+T;>7%lq4nG$7=l2{!onQ0w?SCD_`5?T}SE~7hf(k__D^!0Eh6Nmgci%c;4V=
zUNIjM^2f9_0;Vsy&%K4;J8l8p=&)9=w@&bEj=#I;nNT2?okqY<oZ?p#0sXH-<H@I|
zWT6rGw=n);&qAU=Bm9403S=t)iYFpyAwj{zPshuBe)WqG@!catX<6B64hlv0b(Ta5
zR12q%yDL*mGx!elFIw|Kf`9N3fPC$P_+J4P7#b+z%Dl6Wc;*cL&aNHr7x8+yZ@~qA
z9dNw_f1?Bnn0!tq*#9G{%zOn38XZ0&Lj5Y>ed0Ko+)IjXhymH{|Bw%FcqlpYX&?S~
z;Qu9Id{1#J8E@J%>HT9(9Pjw@KK%bg_`jbBd}^7kPlABT@G^d-ICyZ=&*;K&`sN6+
z^TLbwUj06akXt%HAVEzYo|WvPXRIUMIO8rQ-C${4i)-+rn%R+NfISxbnH;rby|4>e
zK@6KfBGUv*4qC|fIB!=x*3%9uYpOI_1GnZ?)~=UybD{op(Laqpa_Ov1l8~JEkX~nO
zuI(iJT>Z&?eiE0pZ-n;XZ{+yov#z~;s3|Dk(1AC3)_OCgI1h)5tN)0-kQ4<~av*&^
znIJHAFP}SZ`*()mA#L7oos5BiTF7#48My@eqpM6HBr|o!luLJ%$I6d3Z7+b>4`g2{
zl)IId#(J&-xXV!lt~T8Ryo@0FY#X)9k$cx^+MLT&@q>12@g4?Ly~P9WK~>->914||
zSwe&?r!Y#3_3C9}NhI!4F%wV}?Wg&k*w2B~)*14p?&(?6y|nA`vE`9!+w=~+XM4jL
z0itlVCCE=^09fFCvs`X?8-pGG@Q?_x;=pjOR(WVKbV^L_uTTq!gE?x%B0d=N*J?vm
zZ<Jw1nK~%*vIs5awz!amX>Ce8(W-tpQ?xYy@cCGkm1;TTgVXGOKy|yB5e{0B_<6j>
z<j!n~{%{PJ-kXalM;c4ZHHw5`ixAE{QG)p3Jiw>es{1_dT~Qbo0awvy3LY2fqfBK4
zEV%Bws1-0@fg+_|Ubs*xGUX=63~OBEcoAA2dzr5wIL@kBiNb19%wf~EP;sKT$2Z%e
zWOe1Ox*FCShE6l)eM1caLg6Hv2s&jaT5Xg?UQ?}pCD+sjCfj;$XX<mDR)vvT$xXH-
zT%a~zF%&}4iKH*ZjcNve9m&XU?B`Z%DR)$-(<Mm3$Y&ZTv-(MSIhsJh`m~@$sqP#J
zKR!A>T=v!&_7kUJ)!b*M3FpIuS7SLG)Tg!IOcGz)7TPh^uPLC-@qK2i@;q>P{EV6u
zg&Lm?BsWV^q$26<B1z#?r*mPm4x$9A$5MPB51N^xUUG0A&g+iLSLjqo`ZCw$0x2c=
z@0p+?fs~}M!8`F+KB`ck#iMn}H#Oj~Cd3nPJS|VHLm$amY&0cHwkJX$V$B>VEZIHI
z8Ym_k14^Q$NCNRS+GcwXL!-4L@+GG7h}T)n5BNt}na3hSgV79C)FZ2_`5<y@NpiD4
z-2}~xck7WS3>oU}n)rx_K3B<^f?z|hCbPc1Lj^xke7Abj1Ho(AgqlvEh|b77ooG6#
zRsaRlT{3Os-eB$ZSrQjRkQ|YooJNLP4F6LiGPdpBY*KT-ne_adt~u6LiNh%c8k`oy
z@|gY@Je_km8D2>=&%td+08gDSs)<6Kj_ajD<(0|L0k3k8co&xA(;Ns)0*_}(-rEX_
zuHXY}j}IAQpY_Wuf6?}DtIHZ&5%;9>R+@Dpmpsy?Rc(qyZyTo^s2x??BdYn$=uQ}<
zdCc5aZX?AZHxnYx7t;oL#Umug(DSl1F2AJ@s{XjQ3e5_RZ_P{MQsa<BarGQ59%Swf
zx713$%&94A&GD$~8NuiLA(f%nvN_T+)GBeCmjfh&Z{mL@;b|C%T~ZTo{QUgN%E}yg
zjKGBWFd!N{>}`}jlS{t?X~F1@_#eh7lA$tU)xqQ_r+{a6)@KMLgD%|fqF6z{PkW+O
zer3wv2zal+&_X%f`~na7t-Zatw?rjP`0L7Nq39n*65>4wIej;|i}DLM;%QZ*#2^W5
zV#4bBFGmp7ALOR_$`!~yQ$@coi7ycZ{_c&NAi_LTs=v=k4iU6K7=bjN=eXzZbJ7A~
zx22Lf{8azm9e=Eek00bI(ELA!2tU)_fRNZ}>Mwv=6QJNQ=Rx9#Hg%?}yY01RMUhtq
z6o!rmgYm!F5#{y7<sS(NAR_qqqK<+ergFO7zA9oVZELokSQ_vnjWpAuNepUx>vFc;
zzwBAe6`>l&b2E`!TR&OV6)H*c;6THpNUh{ye$a)FAZk_;Vdm>`k?xh7(0@W+%q4U3
zIHNf}rS&K>c|Wi>5l9?hLCrm*cuj?Of7#uFm-?u)s2ToGS5WQ@JWiOFnBh0~JPLfH
zj=CM^J!67dXTQAcdKr%8nXNI>5H>7k1x<qW3Nmbo*Iik4oBV}(;e|Jotowy_;dD)1
zI6+3v`0_pH5@io>_;@|Jak?bLV_J`Z@xM3;Y~*W;hgh~#9e=VFZ`AotuR1CQneKa4
zTOYRTQlKmOVIIQvZ%yqM&XNsmM}wJ{Z|~QYvMbFCe7Kj+W&Z$eBi3SLOVA(PxWDzy
zf8)50Fs<Kh4Z9rD!ZJ{$IGMixin^EY*S;gyPgk~9;!<P2923Wb(j1pq0<=u6oU@qS
zxj|}Hv1&t1$eu=Z+T+;B!6Ht_EG&1HW!Eu(C}57YI?${-5sUh$J))jYMM;e->*8*f
zcKOh3V^-TD73=v5yL<o2bmIK#!=rGCVTMDP&V`4%(n;aof~qCYC6SuZ$Az!P?JV)3
z5C?t4#Zj#=4-)&#S$6ETD`pkaMmjP(A5=U%HYW+=+iqJVK29GE8IH9rBv>Cq%PLS>
zV4WYX%&)pobEe3aT^&@<y!GTL53kkSY&IKzc!MI!#31vAZU4ZdkC$I5!5&Co7@AT9
z=-)m6C;p3fP;WPtaQZ$N>;7c;_S{@urf)!-&|)Fu7K}hqg;varvqAg_-@MwMzD1qC
z-G2xFpDN*JEAmII2{-0NqR<y$zzpxj^7B!dh;B{Zx2JQ}43$y|_LegVCXr)``7(dt
zspAR=rYTovXMtWBEN_|J5@xo~rH~m_n5Tt^=j?GAEibxQKrrV_48ur#qGN^Or*nlU
zk$e~DxgWVk(u1>*FOxa^NL{6qPJ&ODEJYPC+WMM`?k`JubgB|(7I)WO*{};06Vv4&
zZ+U4ZOluNn;;iQfE)Uvr9rt*enp2_`6XiY3QjCW9(e+0vwAO)l!82jIC^xg3+HJe)
z+4hDs@@h?N&`#E(A;q_<Kyy9!iU1R)NUIgvO@KulA=hwDj)up;Su&f$ywg&dRq9E&
zOB=d~6;IN*JmkK%=Xhyv{X~HqoI_)?)%Nhl&(4yILiO-;7LR$c$i6ZS_cc8a7AyF&
z$Gn+I(-lX0u9jmVXFV3jZ;gYa367v^j>2|zR@Tl*G>u6&&Ht@APo7TfT!_UvLED6H
z6={?fsN%BlZ3=t6xLNstxkbw6{SCkR5un4(r>+(<VLBFCV!;;uq@$+Q7Up(9#g(Bk
zxHi5`);)$yGDC@~zF2wU2q+mjADrkRZRVk^V5PTjRI7grEQm$ZGcaiJ@D(vi4-g7#
z*`~F-?U)my2uYw&&7VcvE&SdywRuyw*?t(`kAg=`P9f=Fa!-YkC$i~v5Fy>_X_&jo
zct*igtbd#X6m;m+%&D?*2xI@mS|>32s#&It;D;8B9mXLh+a-N$3hE$wdW&yt$tr-_
z9M(+L#+;?J;yQGbz3R3PPjdu4j^u9I@>`klJk<una8S5(45<zeqIOYIO3@j7sqp=`
z^^$=zu<5_>;rZY2;VN|%$403Ij^Vk9?Pnxh4hC5zr|(jvAQF1ZKtm<q36eJPG_1Pa
z4~;k8V#7aH8HqRx%wLRu&_QK|7*wwfxp!Fg6-k!AOA5$@o^9R8wC(tUgm$JM@yNm2
zdXZX2&Yz`ZV5J?#-aLKl89t^n&58jm&8X9I`%$FD6Dol!oRsiFM=0;BT`fZ6r!@tW
zqGC()zziLahZfHm#byOt>QzjYLk>^PBV67UN>22HnnUIb!bH7YY2!;wqYCP;+X@4E
z`4aRpA;)S4wy#i7k|fF!=4x@7$4}=LO^U(?)MkTND_zIR6LM=D26&!HjJWp{=?Qd#
z(UT2bLPHcpc&z(qT<D-2>4?uvdwQf2MM0<{%pP<SNs|gA-`~}c8MMlt5ZRXy^YQ;+
z?=7R+YPYu0U8R%)ZL#8QDNx+q3KVyDDDLhOQc8j1En2*|TX6}r#R={ZAjKgNf(H_k
zd_4R8p8Y&~fA9Hs#u?+B^ZrZLxRZ6STjrYgHLq(<tp@%2>8!D5vsLCYpB=5Nt+wvp
zf0)6#jO@2g)twv-ZEpkIJMK@78k*vz;IUkD1RK8U?=9M;+$FFId7lT2V}esf$mA<)
z*;ZimeLNqC0$`pos;VI#uwT=|HCv>Mkg>C-T#$-mH)uz7g_WYAY&|W+16UVc*(mNk
zcBFkhH*Vx*RI3fQGZQnQK&-|G%-IsrH+}J}FB|w7UBJ$`xwbL$V~d>Vg4H4qZwjhs
zIe`7zu-0ter)=lXwHilao4Fecw&y}BvF;eY*nJC=>F4!r9nWRJ;<we8-sjrfU1wzR
zdhqY2>>pvB6z|kMSF@&G-Z&-SHg12gT@jqsugZX@z8rpZAbRFKot~paV8mSw0fFIt
z1k49QthUZC2f>|Iq4k;t@^D@VV7W3&iO(u^tXfjI<t%-OnXsCMErmy$xyZ&|Q`ZIU
zIm-yP8|UG)wEOxMMW|R;1s&RGN5(~)j2^J2vogH8!Rw#;2~<P`jvKKjT)zh0VyQ3(
z(N$kMFTF^8=K!e#S_sJ+X<jt*0bF-?oftG~Zj!7sJ=6DPYm@4o<!q{@S=-ZdpMy=E
z<dt4C4{tI$`B2-O9*j=YNZuz`s&>vck?>uY*V)&OY24yTxqzeFYR_^77>y<xs#ZWi
zTfp=~fJs0tDs=dM{I4qI($LwMECLW((x^TJ^=k6R;1VbpD66u6aKKeS&JMFd{I_E$
zPVrb9n21~?r=f9ib<NoUOgz7hxJk`Dj^-XlNGDib_fRLQ<<N|L{Hg-pq5n=TP+_E$
zCKo__KbQ1BUA=eeJhlIvqA-fvnIF-3^R7lDd0(sCp(Pfw!@Zrt|LOY%Xx#m(bDjH$
z-*LO+1|>Mn`AYPkP5$scPt@LPG=hbUss4|U!~b3n5C1R|GQ64}qyOFc`4@{|GwY^7
zNMW(%f9|;deY<a;|L{Fu-I4qHA1=+GU*B}yz?@_MukXTpUZ`=&%^(C&+`eJCAPT5a
z|HpylW=JOpZ#g^fUqAS$>={}%#dI5?{ydM45W#sX=)VJbCvM%+&ztxkgztY~&i{L{
z-mqV<zu_B8^m;G!JL3{up|;yY4q66YiXwa+X6UvZZ68Lu^*6skB%f9UmKw&BAjHkb
z9s!8{+>d`*rH3sy+y0kC=-b5i>IAQ{ui%v#9dwR9qJuAKOo!Xr;8_|XY1!Q@!(g9G
z(aLz-I+?-K?>?_2&y7Utfl+pZ65@~xO5FI>C-&O#US}M7p=YDgRikM(y>IspiE+Rg
zZU7f=F3MuR<9{fQJfJSBBoa9u_?id_3gUN}bDT&y@2cPX=^&GU;VlTR>?f2k0rI12
z`PLk@95fVYL#|sUB}{^Y_?;%<rwF9v;AGp^qsyt>;)ZUR#1z`{!bKMeiV}3>ei!(r
z`Of-utjYjznW=ixl7LuJySUAXuKKD`8orY?a0xO3o%*LVG}pA>1VTUFoFoIMO1H6T
zEDRLrBKr(xj;TSmdowNAgV})1i|f!}1#|uV9_hG_w!rODGZX$3hh<pdmu?zB_Eu^N
z1n?zy#zcZ<MhFLk9Cm=TmU0E#3>|^O4j`eX(!%J@Rx6qA3pFZ1msQ83vr(Z9Zy&56
zaa5c`-)?e)=)5z`mmeO@(7&=E4p7{&Bcv8|gd!nilE!%zZJR@Ge>1+{Z_Md7W7rL4
zY~t<8a?5qpkaai8>vC5~s!I4E?-XxN==sD)^F{yPK>-PQfzWUG>KsnDKX{H>s$eP2
zL53y0y`OM)zy|4qV{n4C0uIxqHv+?tP3V)5%H8bn8QXp?$NAXmat)qd&DMXoxQ1lf
zlC@1W*C`D(mE%g+_db{tU*>i^kp}0hT+m51x_PPLESRqWa+y)=a@d};JLGvBP@oH9
z{Z=HTlwFjD!%0Jdq|tMDvnMSNa|%7~q3-f-<G0@~`7xqr!DBUlSrfjEqj*e1`Zxzv
zRYA1C?cS%x;h%JNKXzVJ4+%xmNVVGOUQP4uxDcqj>XOhs)vAE}GQ$<Si!liajC`5O
zI#5hm9mr^g%Uu}*{Cj$9v0ax;>ur9e4@JAt3-D(gLt8=kcrhjKo1<i}GxGW|PnK=w
zN_qzTaL4sO-D*X|Wb&XwZL1V}lI}<kP2B_j(52r&CBODx?woi`1i3q@Da0*HAt8jB
zhf)afAfNrte(7#?b3X<!!*4hp5#<9Odn~f2t2Bsm?^Q0^wsTV?`1Ff)2X0=i$!^Ns
z{;7qK)|l)cDAIquES`7V?5cy8A@Oe}pDG?hv0#LPjuUY<H(~&BLysW`p@AwI@|}Qt
z%+=Z<9Q$Vz1&sQQ4Nn+wm|^ch*tf>^xb4Fv$=q@s9f8D7sbiXEhpVD4SL(n3KkPNI
zblT$O5HXSq_1z@4Ki>G_+4;a;-C0|c7Dal(Rhe8*B!?7L!+|y``|W6QldOc41$|Pv
zas^RPwsz(CH=>KaE#*_z97rpZ<RitrY_?=ZG-qB%%ldn|)D+`-0qJ1>yMnX=g$mKK
z5KcQ?@u`<I+?I27t1F_7PMEb_MhflH(Q*I|Y1tsXF@SWL3>d8Vu~}Kkq;Bjj;asj`
z@{kh5bUzX%KrLJsU7c?Vt?(<gBYSz9?$xL7Mc{$)tQKr*M10tCT}YPsXl#y1C<kM@
z&rC5jAvIcQ`g`A|a%|=(ETt7F_S{=Qk=yZXr9WqtK%s>_3&dIzTIaY*1zH6-*^xH)
z9pzX<Le9W?sj6H4*Ny!R_V&RHELHOK{;&PFE+b}!#xjp4O7+QT*i}m0$(c~KW*1Y#
z*?D5K(mQ_ipd21KF)6VExHzezBy6^Gptj4g_8m{iDff83bDo3EamPRa(O2|%)eBk)
z391%qVSn7l8N?KlLk9HT*pzgo3gq7xJ=odU8z(Rtiwb8Fe%-aMARE-4s>vEhE9&Es
zj(1;?w%BzM5qq%b7%W^Qzu<j6qJ?SqcUq|cQ%KRO1=}-%dtUq=o6E4Kutx*#_zsqL
z_n$ez7s~?E$0-hoN4^`!Uqpq^1?yA`(DD?YtfpK4nHS(A`n_k5r~$A3Yt<Z+fRtb_
zw0X$3%PMT`^W6Jq!H39u=`dn9_f+iN$H|Y(g5zix8)DkD-E{LK?6<y(`STt%oE{7O
z4V|ndpTK&fDr+|$-GnJ0-L|^k0w`Fm;31u1@1FOWRC$5vMgiM-Aeyzw%b^N{{zv`h
z_%o1B`}{K3K9dD>3$!;FubHaUcYg)t>&;c15*<yP=x*3CuwxnLU^)l#?#}g{MFR~R
zccfju9{{0u8z}{v&5V2pBY+^BL?D+ox4+X=g9WnzpLE*U(I9L~EF`yVgvQC>^F#OY
zET#bHF9eqXy;!@R<7)2IBt-%Y7I9?cEvP2gbw2;8HgsjG=J0V=B`_`nF>kjTNpH5E
zID#H_?pj$2bUjbN2s`?kCf<VtiItcdi>^`oa*~*&>fvF8g&6dBP*V{dwy+S(WWmcJ
zp|o*`Ug#xMjUL!wm=%E<t1-iOEon7qd{oOH02%r!I;u8B@UlX)e*3_d#I+Ai-F@Y9
zGCoG#2~(M8j(l)V;g)SaIrBz1uduBbETZFJ|3%AEz=?YuNXW}M`SH>;WPRpaWc@dM
zg4i1h2YUuqCe_3+gL#!$LpQ)dMWM!JswKpjAoCJ0swGEv7QM^}_ScipAt-;EeHu?W
z+B14;z=C%@*XLmw8TQV+6x#ZfiRfX5C@*`(N7<n>zfDG!R8odtMc-SGr$5*A{>Isz
znW3LA)rEwc7s>;En~GaF^<}=Vo(6)PcV0>!5yz|ZdOFV6y6cF^N|!toX$f5{;Uj(;
zlUlp=$^blEV$0dTy4d2@^V2zT;~pP6QUV3gWDJ=;lS+(YWJZtS`nw??E#p;Q-OF8W
zwcClnt5>e9s79YTI=a6a<kzTmGiyFv$a!tM=cK2aY$LC&0}D2>!(xj@H^=w8vCHFe
z#~X>)q?#+D$hw^ngr~m7TmtT(bhbJxp}Kg=%f9Ksb?`4PB=z`W-GUkJ0_AAkFkS#8
zFX*&FW=Kh(U#=|$T393Ni5zQ@*+{wOMz3JuGTDs-d#p(P_s}Eko^0u;w_(e-!Zx41
z)2Q&1Rg1;28KgdN-?wpihOEIE3<#x`@I=X%N=b4e575c~wZ$ef6PC*k6#!Ex(&P{0
zZW7Oo3svIRjjRH)qGX-C>vuxYYayUx;Jj#{osluzh`VyG4cOG!tn;$QZPk0eYto}@
z(yo4+;7`l{k1(Mp-yBYvjI(3kSdvVL;|G+nT8LDuW;YM1v|QP(&5tUV=zr~9D6^uo
z7(=by<jF|9z%-qGw{1a?vu970F2iTp5)>O`b==%B)+V}e%LbtF?kp$;k$GNP=n9F?
zLmL5fPWvs!sG&7g;#Y^w(D}Q<7g_BdKU;EC$GFVA1&wuAR*sR|%wu;-IKN7Dsgz&F
z4Gnn3QqczchUf#>Tw)Lkox`w|`+}SX%Rf4u3NyEVN+-?^QD9fTOn5nTXOg2LZB5Sh
z9RS!e4Xfd;aORI`vZ%S&jt;u*Zu8`Assv-IX(t}&I60xL_`NLsw`yHYPOIt=u5Pzn
zt(eiUtPtOUTMc75G^8H_r`>$r4u#J`?srb*n**o;86)3hc2-9}PAk-us@>+VTC6Ed
zZp-hIQJK|sekc-@GW67~D)YPWc28|bDR~UPQ~57O;KisG=U}l!#x{$+nu3!m9Elzv
zq~?c9?xkSt^8zK=WS#f6t~k{u<`4!kn0|n!;B?EoHofyS!fB^6r})={dA1A`cQcF`
z<zDSB3LVZhgMaVg(AHx=9?nz5qxV$PSYo*Lk46(2-|o+2d`{xp8X{-o7MgwL0ja7t
z*!+~9P*t$%<yzDbh^?F<X&MH#TJCEC(mgSb%fL;4a5skK7}uYB#cV`P+ab#fESgs?
z11$sv)BDWKkdTXAQHv3j=V}>K#hq9oG^0|iWS();S(Rnw<SDs2ZpMr<LlSN1rc)bS
zJ2%#EEPpb}_dBMOL{lF&QCl5e-lbIB?>j7iPeT2(V@HFPJDup$#cw!fI@=h^l&TA9
z$h;w*JW0?c+DIW=;Zb!uN<C~2{ZfUzO_GMR`H+yNC`-Yp-3UsgPmyS@YSDvcB*r_B
zr^Vf$p*%C{nYw>p|NOp>cbDfu+?-x2uM~|}n^0cgSAm?FIJ#=g$j$3L!NQem)jt3a
zGJi$UqW^J+7%zkUa6L~dyHeu98+p*8w48ga1`~2Q9s0gN#2{5Q!vDE5_-gv;pRbpr
zRs5sGA*9=&(k14pqLTWPGs4E&W!4lAXUzs5&j?j-+*vfUx><Kck|=JnINtthXa`e}
zCBzAFx)h4kPn)ul`B&uIC|Wgyr6nOxy#nL7KU^{uUZh`%3hwUqV$M&&6+dg?q^(Fv
ziJ88L-(N&5r29pfv+OJtuX3Se(yMioRG~%dMY>NWdm|%y@8{7^`Z%M^wHRv8`I)3~
zj!AkP`}5eje0)i6=NT){iE)Pgk}(psHc-%E_nZa0+Y6AvlQO;6*yUyraZS;gJK7(%
zwz(jT10{-vx@4W37RxC$EI>47d9ABm#UU*Hk(;X0tjgqI?HJXrZriC#S3zr>P_F=-
zmaI+Y1&P2o`P9TGstlQ9cBso<k#CX5mDOnUc#=#=ng+`4z=F(x$a^}pTOwBZbQgLB
z)&+#ZnNo|b8+*CZ!S}Q<1wgG5U1ev32Y;aI<vF3DZC~<oB<p@}a_C{GY9*c;2L%mr
zf==AV?6fVxbuzKrV`zUfz;atFwD@_)w(LrEF`mp~5Mg%9vI@wQ+v9*YD9+Q7z;Q^o
zGE)!iCQ8Q2p_t^D+x852{xwmn&@*={Zj-k#lEWF>a_04Zm~&*OIk3lbN{qzI=$MMI
zGF6;9cj;@s8W}SEZeRWflEGG6ZRoEFMdZh3F}7_-8=q+2V(%-)@a+6pjdASRIZ`^O
z3s<jKKI89T?rEV&*g4iC?Pfk@>V52}T9WGF<;MZnii-T$PxEzV*xGB!a!=5|j0N!9
zth~xy$0k^K)62c2<+DIeBfu-m97qSxc)Hf&xV=y>rEADH$*|wJ-k8kmUMusd`*QwT
zr>UR4ngMen+pH4Xk^?NNW<{;8-m~t`F#j1G8mzMFIWz{I{}Z>mk<2iD){wI4(uZc>
z2u7|rp6f-Q_YK-O%5Q=XeMhGU%PwP8`a{}YNziH4mD4Z}t9|^$us@%ROjP`WucXC-
z%C$;^7Eq8d<n=2oUpsEr$FaW++*-I?_!_X0L_XE4A-F=SsaQ;>2di2%aQ*P5EwKI}
z2581N!Z=OUF~mGVSopHAh_%moBysv}_O<1V#uEwh5!^SKC6$*~Bbl@F;Tt8sj{IsU
z<wE7j%Vu}KprymbYF^1l8gZh{aF<kfec-$>sGy(=<Z_AgTiL%V2c&uE$k0VmaB00n
zFLf{KOy$a?HRvW@sM3R`exF(}3AU(@E4n!uX;WUjMSZN+)<$Q3`aEcrmgd;BMYA`U
zbVvQ5%cMe%Pr<q^Os|@FN!R!s+T;-rQ30Ns_yRU68eSxhojYZt2rkR-GY1Js@CEhM
z(%aqrR#(R#`+!Jqh*iaIYQ1;uLqu_#X<YkvfWq5&b2V_OUG>C#dRqCQIooh9FgK*y
z-pc72JxOUoeDrL?>x}xxgRyC;kyADsdX=0~s+iuckEKp3^Hs5~pC-R(4M}&{B`)NI
z#+PZ$#pn(6^+#*VC2H&EKGMn+c=_Oiaq)1Qp>hII<EjzNS=z4t$rM_M3*(kNnf5Gr
z3voju70f)J{>S{xRquC$Rf_MX^hAOg8`B@fiPExCxzoVf(2zkua(W$i%fa=^T=cm&
z#x3=9?Hgt_MRe#(0zV#Zd5rBop^09@=Y6AAzkS0Eq!brkg+#VFY9i>~hs(3y6&%Pr
zI`S=xX-oDn!+7`YY1g0Y&06-!6~1LU@-_T71;5*{?#Y}hdQB}MS7Q2Y(;j#KbyWN<
zK@nhdzAI7s0&q9x{rh)jtNMZ18laa%`Wbzczze)k^IZey>vXz|?<8?*aidfh8H@7*
z(}`(Q3L{(=2iC|wMJ@%MV%SuYXI4YtgZoTO_ic?6vzKQN<t8;Z==H^UMD<xML1%dD
zFW;Cb>O77cPUAZMJ@ZA3{;V-t9CZHfy(q+Ig(8r$wZ%1)d!t2<PDiT7jXc;Dd}6H+
zkaX8Bv@P6hbG`uXF3-vP;x04ZSLM;CE6K%mU83i`5luNAM;pWAC6q9slO<q38|IbT
z?+T5eJa{|2bc`{V;*mf;Ub9)%%yyO+V;;x)yQNO^gE+VWUR;V@QKcL0qJKwURBG>j
zWjd|CU^WZJ4~<DD4!<C+$_1GV<SXnXq8RFN8VwLg*QK3<W}z0mw7Yr{>gweTo&f9<
zGtOYzV;Y@W(tK=Ag!A<HI3-zmaLLBx(Je^YE}f~svOYHD-QfxgSJ87l`DGq41%E>e
zz}D0)KQFa~CI+M`Y_5rId#bg|>!iKf-#NsA0vNP17Bw5xMv;!sG9)xNE@kyjtU4>)
z!+jrREi)ROfUC_?wR9*`jf(}EpUw9UFz-=|Ta+;|$m|j3f4a2VieW2``Uvw>P2%qn
z@dg->wC=dO<3t(yiR#%nduedC>(MR@FG+<2=e&0h1(<xPt{T+h#BAA%^kZ$W8m3Ob
z7GyM|a&H`+?MeKOc4rltON-dDupRkHf!kgss{1*!-vXzf7S6l38I-1jt|yO4T6B3^
zOlve+w<JQRj-7Nuu~q#INII_$uH2T-=$<t`$H=1|9dwNkt?4NDJFrwo?i}4(u0G(#
z>GyG+ow7Nz01C3<95GWY{z!HRiy!6W3pn6wquLGjRervj;;5v6!bF>x?6{nATx^u}
z+wv15;oZg~<-RBxI9D{Q(2Y+Jl|Yc_H_~bj!0aT-e~e$|ThZaNnqQCu(vXE_PIP@R
z-z^91Y_K6~E^$GEov+>!{Uuu@1%w$~E1I0$8hjk~lH>U^J?AZ>gJqPj{cUUA%+1%h
z!YrgzWA$2^FK^zjn&ytlVmPEWia9p(^2c<RP%hEjCnZl$Cr9bqYRWEy)z<chOe*_N
z6!kyk=JJY&vYHn^Ij7m5Qxv^Ibcs!}YSDTljv|3vQe?xkRa)1mHS5Hr;$P+qvz5er
zOtlri+^?32#+xb(i}3Q_B$HVChr+eci`&PelD_Amg<`L2DW@uKN^6>sxVm_8y?($%
zXH6cWwcVRSoF(M8Xg?-G;xDA)SpAPgExvYU4$7JQ4ZQHsquGWLc#ztUZ8<hTcr81&
zN^Rq;S_w%HFvmWe5MOS98y82OTcjk|2D!!WGa?{<lD<mjZEYvp1-D!?Z)%BvTM=<j
z2+fTiB{^!WExs?SsWGiP$0q9#pqd9C)bIVaMe=_L+^^SJdW(_xR%{QJR<RaSrJe14
zJCU0(;ybv^qi$e#;j&uhIPV#y4CFza!rI0(L$3DUkc4^-RUvR74t%mo^j4hYeUr$h
zQ<qimE+8lx>ZhLL>hc@AwfwV0tov|xZ_%>1`##7Xup*3BF6KhKKx^3+XX^3q_#a#l
zs_0g(%htF-eT}*!I{>KnOwiM|$Jwtc3a<U&-L~c+W6B8I^UP+f0`a8^y>@wYSKzD^
z4<Kj#vQ=0OX8n={b$o8ULti%Q$d|Jf6m)V~R;n~b!KAk@dXIiN<XSpgUN!m*?T$G#
zIp$?ZH&)MQCccz&wz0a#RJIgFxE86QcDcI2$l_VHh1KXcC((|h`{KcZ{FfnsuV%<E
z807=%*)F32uCz##v{CqK+K1^N`#pmzn{E4TNR+=Dw5fI;zo}T7)4RWK5Y&xDm>%WC
z7m5XzKm&6*N@>1y*><`F5A{eJCmXuyvpZZ-&}KE!b-wI^ryRTTfjGXH6r%K`&}$H<
z7IGp7_+l0Mql8rxl`Su0Hn>L`0xFlF)w@b8(Qv%noe!&~3U0<(<#g^WPfmHiYI$eg
zB{hB1DEfmO1hMU-RgL)$vfr4y6H4I9<E_23;~wSM@gDG(d-9-D_03~GjAWpPM_p6X
zIaqz?*^Q3%<+qNO#O-ouE}==HIYFE@by|gCVPK1!8Y?-4?z}<hj_c9lSt4sO#;59G
zTdOa;yA<)Z=vhjYZZ~+q%*mM5${lWg2!e8%y6qW`uN<t($wAyvx<aa5E&DrAe+h19
zK0BGxlc6wXq3RW1$>+xW-~EmcRx5L2GsO4SCTGF^sD2n_dSi>01!1+|VaG*rI1Y`C
z`X`AHGi5O{-j}xWz=1B1817rKF_+iTHKx$Nc5Zyz>R0$imJqxnK#1R5e|f3it%JB@
zhRyo<^j(*nuHTW>9oN{cAI}2IooMmSoQ=&hovZ$dQl!PMeb9>b+B(M|7Kt(@!CId>
zI|CO{8~)a3)hkqbdZs502NE^TjB?B8@v&(%_#9B{slgJ)4FsKGizP1gTfooW664rJ
zNhdc8(+P3V1>(CebNEc8oh@r-q^TgR`FFC@E$UJX-IU)61)ZI{k#=x(qe%HD{9Xjz
z^c=+X>f|R`#<gZ|WSY-k(bpSFqOzxS*|fbD>BP#7rh0~{6sh)J`M87nct-iS;HU;l
zJXD(q4)!mfm`2|)^e+L=Y`y-XF9z7(R{arRKjZV?sFeRnn%gb=N1j7z;T>7Sf3Ah`
zdz*qF3VJx<gPRl9XSE+?D<2Bsntvx`hIKx9cOKp8Swwatiuf@9-vxT#tdZR``6cG}
z_Ww!`u^E2@UH|hx{(92CfBJUx@Fou2X|1sNw-x$#lHZ%vn?UgxwSw{AyY?@4=MUCf
z?H?hh|KD}tVat2ix`hSKSL@tQ>C>bFFthO@4b@aLcNcvifm1}ctxp%m-hiF~VD4Ps
z+O8(QlY&BxzWImD(@GVwKp<x4DkV;WMQDD^1R$|D8*k%N8ZC}GwQ=trsqcP8%X2Xn
zT_{vo{Hz#!6OJLh5g&Ak*7^I&>$mvNvSI$3pUtK}rkA`};xE7|9p54M@&NQ%rTEfz
z9<*T{-Bo&r1|~w;>DTfhF#N?vhX{)W;&!=q$o1~%>vGAevKill(s=fW`Hn-{+|+VE
zvrpg!#N)V{KUYcEFV3S(Tnfj5<5Q_W!GQPg`2pvvB^fy5xM#B?;%mzm<^wrQ2~Nf@
zu_Jj6?)=$P3QW@<EetyxcH$LyP@F4Kgk|<Dy-=xL&|$!zLUTw=m~*L%TA9^ZFBi9V
zqcd)C!p^n<XQHjz3RG-=^;)TVs=-~XEK$Kx?iz$)o6iZz{`QpJ3HfYUe;IjNvVUBU
zjnxNBBFrHCAjyh{l5kJ}cs77x-^-4tKo6!_F2m(w-n8NLHfCfnUk|#PJJ*t?A+{yz
z>5yZ!hDR|5g7~0H4<jw{$gx}%5Pz}@4e=riGwkpFjkv+lyhLB^-^aeIXt#l~Eju^b
z8`yh5IpgGVMihbZ-<WX<%wWRYZ?5BeoM*mxiCk)U5|l>9o-Bacn~(7{7>jIeZZcrH
zyyiP~nZ=jgCry{jyLQFqFeOWI2J$!)P(H9aEAKm{Z_1hjYmIzKc;;=rGdxQ1OM51B
z-OViOtgfrmX6TE;i%i>Y7!tjVJ-ap&w3ZJ_QyinKK3IoBZPi9kuEZ0w%cFUO{A-sz
zP)bQ<?vPf0oc={$(ru#PVEPk{$El1f!H;0;b`@hK#_DS=!~1Xg@GS)S$&<#gJZnyv
zz&kOnN5-@^)fB0^-X2_wFsWK<>H*2>1!wJXuNMEBB`?WWT7?!}f!(2M;5}#W4bH#f
zVXu2{kFap|hAZs;X)}Ig;lCd4(2wc#6_QqM4-`<O3mO%Y*IntxlzlKMp1EEA)n*+#
zRFuINDU3phohv4L1xFzX2Y!;2s^=|tSB)=W!l=r>UhC?VBZQ{y<16T!kh?kAv2R~V
zoB&}9`_x>u<rcwj-5~xtjPf}Uzc<~O7Hx(*+4MPQ(O&R>ktTCfqiwBb7UNAAV2PO$
z;QiD7;@+97N~_&TJ(EK5NR1pG>k#`MS=>P<v%g0ZK_}UBf!$yU)qsF={iJ6=q+d#*
zvq&3hKwKEQl<OrhvLLk1e({!ERQ<HQD*Ya1i|f@-W-8x0+y-xsd~l%JRY`RS^ibv4
zYJIla86g}hYJD;D#dTN;-BSO|_t@0sJgC{rh=&3>946U?U+`=vSY)BCIhj|1V6p#=
zi6{^8ZGPYT8fTfjTO>Ojkc7L&LYU2DCP95dJR)}!=`Wt3GzXo5%_bd{_AcM1yq+IQ
z)1?{*uD))gVc$~TuYff&&oBK@KDGIr{`2t8j3ilsod+fN8DeaW6LKZH3Uhk%StozT
zI_d<sG5zoS0=4DSU2v;_fQ{&*yRL5T7han#|1ui4R-O(@62EOJV4(WfwXjZ7&7}@K
zQ-4fo=UUSsl^F~Q+NQ8Z3;$SZYOr)-en>qq-2Xwfk<~T#@|8KQ&x+7y7=qqAK`}}f
zAD`&S)YLDpedSb@*ESzgo8+bnFSEZ;F16`(c3B^D;eQZEDRs(yc>PRFw_dUp9PDhU
zXMp^fm%>YGBT|tJ`yoc`vj6CHH8V*{^A`JN7%vaD8Ii24wxXh}r%RF^DX>}T{?X5I
zQ`-qq{cX2&zOTg0l+zqUQrn3svYL%iUOadCB4xrVO|tE;V|LC!LE^an{Z9qF>+Hn8
zvqPC3bC(IZD`&^XG#}g8f{ljqikOP=CH$p*=rviJJY057J5IKBx{hlKbYHt^8)@VZ
z&dK;iWbX~$CBYM_q=f*ba;hFPFl@j{iVA`+)Jz&jW4c3~w1{5#k2*EB%%<b>qSY-D
z6}8^db#t_y`*0^saZQITEW8Sw+QKaA36M1myZ~@;IXY(rrQT%`YG@Kr<9G(`-lp~w
zJK8Z4E8buk;w?NH&=Of`Z0zIwYj%Dy+~^;U;>f<d{FC#AbH9Zd<}CI%lj0<3u7oy3
zp7a7sYx<vw2&Fld8%bHJS3HSvO6{*0+JQE=1PV^-`%Vk#;Fi*AZshOg$L^{fo;@ou
zm0TQG7jZuA-(A33(Aif19^}$bs6UN6?)=+Qzj4yz6lL4(h#)yF(xNF>RGJ{zu%fxW
z^%-Zk7wfB^^*XK{N7fXH)Z*+LDCvHuC*zP2s<fHm1_mpqHJ$%tpi02Mebao+>(4nY
zE*iX8Hnzh!<xeF%>$&W6y)O5ncX3);BTgizAz}w)f6W*yn)!Z3g@_d|j#5inYWuR*
zo8CrBYGeOk(oPJ%RbFg+!cHi`pd+DX1xtvN_$MP(u(ZNQxdL1%)MRWo?>D139(OKd
zlZiI*Y6Z2Ejs3*}o3Q<Z&9yc8Lh#SQeV%ylE(5cDAs=p~zS^qPqS<)sGe99J$8@A&
zMu{&-cR}=~PLjkX1xKo(_4Ne;85<ZMV-@04rK(}UGW`~M7W|c6&raZ$81VAk!Rv}D
zH>X{QyDgacZKfI<nVlX>1w}Q>upTRJcX)P2!(S!gff`1ZyW+qq5WN}U(WDyJ;R~zi
zA1Y2Ut@H3x7VYFJ@FHWo6Xhf*gv=H2@>I@2WkQ%*e7sW3L^7yanNFt4P0~0M`jvQi
zSc2}OK0KrUy+dF4#P(#0$WLp&CQ_L%XLil<OL;Ot4{INyGF!>1R;vy@W1aPTxYULD
z($E3QRZaT}ia1!=QB^33j*m{Ie)ig?!UIa3s8?R>UOvK_PHJvi#j#|XJni*8!?pO~
z7X!`+MKvb8L+o+XN}`JJLS+bm?v)Z{1no^ACK56Qxx1*BD&I%QkgG@$jUPs=gU6h%
zrnOoxGZ8(*n8?VKC!uhi?A^ZQ#nSON;!^Al9g+a7_~c&_#?KVDKV-zlZsq>2xKPgM
zG!+=IN++u+ZW^cMu37?U{vP)AX0DzV;`fIybhkdfsQAa`R+f*a`FEFL8&J|ks<KHe
ze!a|<JbakLLLAd-%tY!B<DHOxkqntFBj1*=uNQ`qBqo(NY5r_<LlU*5V}(yYXJoYT
z_skj_pZ%zC#Es>%g`O<EV2y*D5FHx7IJc;_HKmEoOE>t!Bm!pBtNj+BJ=VuQZ|vk$
z7V{8}Cva*m06a0y`2Nv(Aat~fEC!V$UK2e2wRLu+#;crH#wy#vut_D6Iu@AaJJ<LY
z-}d{IW*VFBMckiU0H4#doRjk@icLig!}0v)tgzauw8p6jRlAJB2p3l4DJ{{K|3l1A
zGGgZR6?3se)A!r6W{+?)PM?!tc<$nqt0}vx5jMAvJ?So?*TavrrA8iD7g|&Sq>!nr
z4JEG#g3_8gkhN9rPI+c}oPtg|SfmuQ89%$FiS}oT@oK63x8bXRyedOUK$62d8~7@y
zJIpe|#jVY3IP}j=@{h1zFP|%RFCoR}e*b>w?7Ww^?egIHQUC2_Nq5!$n>?I<n5Er<
z_s={rm$Kl<+3KeGabF%AtG^K{pL5-iVY4Y>8pHl|w$Xfh_bx$8Ke^m1imAW0=$qe!
zcfYb7-#5(u?=p)0aU)WtKlFxPhDs0rel+>hg}u2JaOb9h`}@A~KV6o8-SWT8=bJC2
zH^TB)QK?0L`_bQea1#iAe3Oam|NC9gBp<3$d>DpQcrGk_iBU>Z{cDf@H8Oul`tOAO
z4_Wrl#r8ir0d7X(|JgwZ3wb;tZg{*`CtxrKxEeaa%M5YAtq4(e2gliW1FxaaDVq?r
z5}B&PU#}0X0ZNJW9rD2!MqWt5sQ@MGK!751--)1-+63%HZjWG8Y#`(SJ(0ORw3MHl
zS4%uOn3Sl2^B6l$K9$T4(rr1cL0Uc=eDddP-zXhJZmdOiVk>|AkKmWz{$!zECD%Oj
zJc_C%r%NcRIu-1a?~BDhnZZeP3m*=q)D*TTbUrD4=IsiR>bQQ&tMEMXCSc-=I=&S8
zq<reoQ`c-!MI2Q4w4CW+Inovn(cLe=k`BD~7>p5Oi*df4SYzyca$IQw%<8w0V~|H=
zO>~Xth1Rxvui6dro@16ox>#3dHfkkkGSMn{=hs)p!~6Uwoa9bZVNgzPBWTHDryb{v
zko=L^PA>d@$4>T{rTg8*=g&V8+#)k=b%x)RFq!Q#w%>Q#uc>TKP#0^|+plQSV_WZ)
z@Ob`Qmh$EE;973pLx2!F<*iBHm)EDDS`CEohQIpDYj3ZUU-O@IYO$RMD?DB1=3UmS
zX4uoz6x5eWVH@xQcB3U?o~}BZ3vuW)#Kv)Tmbixzhe-qlHyw&Gy^@uC{`>)17;EU~
zkhS~)!oO$c)HJ_!{l2!-Iy_DK8`<5WL?X_t^T{P(-dyZ2n<3`8P=4njY}6D}#W&@=
zWpUbU-O1iP3UPKdkUz@U^q9alnafa)%}m`+N|>H>*3OxbWfEkOUM-bzc5V9I7bUC3
zy0palD6J$-UQJtd%L4zwK2Ol+xtp|`_k6Ybo-iXPlst1@ywVxRD+!7}EL{2kaptt7
zx*RhRbFW(?!1T!4PAhp%B$t%H8erhV`=$ak0>928l+%k%owc;DwIiewBQ+6dY^JSs
zmEoxQrI)OJ>0sJL{i6O%w#%M}BK^JGWJ21lK}W4}+<8G-bA{ab>#uN*c0?a%L5y37
zfc?4Nnn@P%{kt@mC$8{)XM12^_0gh^Drv|`W(67Yq}$(lHNHHXD^|gTU&?|t>nDHK
zcl0(qb6^&L^VV$%ah1uNqb1Bw_^kAxiQi(E5^1H}O7(Afw;kMXMi;ueUPgQy&iTW}
zW~H56$G$C7_`=wOyl~MTX!L7zx+R&-n0Yz1cvS)*P*ddl&{?NzxJa0{wmQjFX4Z1^
zOewd2bgIQ1FN29he|*oH-)Z*OtxlNsP}Mh`M0CQ1ZfUp`F9O>&zDg@H2)19yBJf`w
zOsREYoF*DO3q&*!Hb67Dop$Sl$PbBFz72EM&<Sh}eER;GmPDbZ&Cp!$X@&>NCmQjZ
zf-@Cp)ioY>M{ob*&_D+>nq9&`UvKPyHrPOwa&2pm&u@<S=ZV~i&BYa5r3;jzf=)6L
z0vhu>_P%j%KauM|3>n0!^t8m&Hy_%~zSKSL8^7Px#wQBT(~uvN{QSDTF=&$-f-orQ
zBa1E-8hr-e*n>;Co<`WmhLsm&-ST&lzk*G++RU9J>=Nk@_5?ysVhZa8t_1a{f?Y5p
zo}rSf;R7QJ0kCL8ax?^8n3gjPzO-K(r0gCTdZsJAK+m>HyS2ZuA!IowWH9ACkCJ3F
zr8<Uxv^;GIVdM(^@mVOHmIz;@)2pIeXeAptm#1Dc++b_e5^8jI!A;Kv^=xQ1S1gBV
zIgU)GCPxJa646PaA^ReFI#uGA>3!51O!~t@_si32XnBv%n`8&LR+<k1?MU;U(i(yX
z9ZkW<S+aNmL^SAb+WGI5F{DzUI_t5!Qtq`cNTjeV!U|L0C0WTynDd~5JLi@+PjX#a
zbIE7?3hcs76R+sZTq`X8T(JjO#F+dd7P}Vzb2^<903HwS$M$CJM<r%;yX~C`4a7g=
zbwc(3C_;f9EFxP9Y^w_%B5+;1YTdWa$~cxt^mQ>#GoL_{F7BVc{kDx85k6V_)~45C
z^a<fYwTE1cc-r>y^)6pGOUJI6Jk_jBqCad1I##A`++dTEoUiGyDeN@~Q-bYW<SJK&
z9_K^pg(+dY);;{_4(8hV&4Hxg4hnbS+}DLMw<V7Q?PrDZ)F{{Bdwi&HR|<Mll;7B0
z3k?k@K0#=Q#iGcEAsamj)|dW3&rc!Vvo6F<q6lKWw}@=<%N6MQ?xIo&O$J=dZDaH$
zCFtp5@OC7Eyi3I9{m$?CZCnr^`@888o;wnFj{xXthWgoYOojCJS#C#AXW%&TT;~cX
z$9&w0nF9Oo$>baJ{}KAbUDlM8@K*8T=RPzC0mxd3$9f7hDZ4+LG;=|PZs*f^tQu|g
zxXN+K3?bkUMR%^o>tfbJTvrGt`mX1Jg>xDLzc`u3aT~-Srq5x{joYxL_P0=GuVq)v
z^hN$o+alQJH0;{?kyDka8qXRn)e<~?qOm=0(dsn-U27|1zo?zfqy0o$n!Wn{Aj;Y2
zx#G407QI2CLNQ`d7XVKT;~_Ml(kU3A*u70YVp4Yv1_)_WRXOQ<=u_4EAIIb+9zag^
zK8T#Axhw~>NwRwEEcJQsuwT0DPvYH6b!8+dxE*TRVuS6}kc9fZdSybllM2Op{wxU(
zLvOW=S~Oq1Q>;n3DH@y?9(z)YsdEAErPw?2WcY-PCRKOiF3y)y!Q>of-TT@}rf;au
z2a;?dp;vxe1E;_TB@`H??=lI8hD{#WPPxi%oKXAcBt~q5-EqxCg@@e5<?b+JcT{?8
zp$0bKw_Qo+f&9VQ2|`0kN@geZtgTbUWC!>}Govf1{MJ4NqWz}+^70K=qic}DczaZT
zesc5s-6i9Ywhx_krS^9k@DdK?a5<`C%}#q#y}j=0=91n1HIq%LD#(7lt?Vh6Vfd*8
zF8kr-7RSlpu)BLwm$L>u4_-C3zfl<G98wvR^fp&?oKkW)!OX0#0GBNPagzvg=08#H
z9+^gi#Tu@xL=2q)=c-y=gb|4Z2I@e*&Uesu=r7V5N;@jm1-i=(8-ky|o5FyAb<SEf
z6hA8j-VjbPc9>h_b&+*P0I3z2ey3nX9{m7cG>u@P71sD}c-;O2c9lOR*$CtweThZJ
z`fop4K_RwcqbR=K1-1!1pGRS!>HraCh{vzyA1l+YU*)7t(y(%!r>A@19bj-2^-&+O
zft((uLZ|imji*c({DuvDpVkO=<T0?!Re-9-@a<l&W{4WJAn;2D6w*B2T~$;vonGV+
zi(Z$T?Uwi|?2%#C@w!7V%&ZWzz<W8165y&=g+C)n)WT;ddE1?g^sU<FGo`q)AwoKc
zB?|9uFl`6Cx0p|CKxd$ZKBffBPK<M$Op7{X!#!-T+mWsIu531)$iZIUn4{#rL!&O1
zVc+vFDh3I)-mz%6jXb5G^Qb}|77);NtC0V4Q|(l%C$7T6dbr_J=zc;jRAlJuJI$+z
z_T+Anke5fbvl4VJMriv&vJ0+ZbYegVNU5MsPxrV9&PMb}-UTDH3%yDFu&ocWVtKbS
zlLwD~LVA!iI)j+*HW>kV1o@LI%`}P0ZM`s%-Q>b2mVMcTI%|0MIupJ%Nxa@Dfij+x
z3^ybPEq^@z!lQ>^`%JlW=P6$2wzXt{On2-1Z?KkI6&{sXHZ>)?cxVv&>m!ArGbuBV
zPhyzTA1XMvi(wR|gTz--Muuz!8@j?X>sV=jrdb{=7QQ14SlmyNg(OOi3ZIVFq)5l^
zoYh`$hOzUQC3C{oqeoX4y8++D%OK3b<M%L4Ba*PF9157*t+!<k`wtAo^P7zc(uC(L
zDS`i9#6896A2+oa6N#4Yhv`3gevS^Hlxp{DadI|h#T_;&^qT`7ReZ2kCOzIsWR492
zHd><7>4{VB!%;ggdH|?xvW<3cSEyk_U?z3Cs>td7&$pG1&dmrzsTI+!ygL+o5!p6D
z69_atrRw#;eyu^5H3yi)AWc5{kRE&WaIM7wEM$^SxVF6HFK%ju?q7;e4)##Pq=$+O
zn8bbwc10X=!}0T6G27rkkjmJh1g(V-U*U-x{A!QYd63zp+5Iw4<)R)s_G(sSWyXkC
z%52Jd307?Z6jkQ4f(i}9h}+jfyS7NUV5rIGK|m8;_%&B|)V}(q&wlf4^5{CzL5Fs#
z{g5`DEkxDm>fAsD6X1{QI_ez+?rjsJ9UTJ4ue{2E;S!IAV_E@{hF5*tgbgbvSd0XB
zJ@0&x@<ToG9hXZ~k7ULA0Pavc#YW6`w7D8QPzFU~CTPDHx%<a|MH6pn)w7Eng!Q(y
z0My>Gr91U<Hu!ue8|a(j;ngE0`yykf@OA=T6tlj5!k*(2KocA0-YqeagtjR8$S!yk
zXR}*IcV<5^wCT-Ex1essy(FJA%6F0>(Ewa3pH5`G@fZPU%IWhX_WmxuuMfJO&IVL2
zo_v1K7Q~?NRRGQP0OI?L-<|K426z#y#>RKP_|Pl}ROm5r0`1P4wn*$DT_C*R=TKCt
zY{B#5%ds&@%oP2l9A4=LUx74o3xHsfyqM*3oAF7^E{MBq9YTSij>G*HFd@v%y!zp}
zI;+xZB&g$eV1#aOdOyT-L^%_#s4`U1EuQilnTeU^0!L<?d=)?ax!Szmm{Kvj<@>PK
z<yrTR2auYuCT8fH^jJu^wEH7O%}+8zRDf}MX$jfq?+Uk=lY(x}R_|XVmO_yr{ENhz
zm9f-b)Al4NZY3jEo>iPSeO`Vr>f2$V(q~awrtaKwh<j0D+xtqpy&czq1}bcGdO52>
z&uVF+r@C_H#}`B*Pc#KLfjTRVZ6P|{<%NWYX4Rp!1?{{M02i4!M_#v{)!LG_2S%#-
zkmtnJBc;Akn&$6xigbU@zSkVk3U72yt2<e_R)9Djx3Q!Ck-r7oEBa}}-6US3UKiU<
zzRZ0OfWI1ar@T%t=_pp{(+j?mvzfI@stZbly;;VD;E=hP;J88=4S7Qspo!s7Udg6@
z9zoS9u_$`rWY~5vgyEJ)V4K<Hnl#CZi&HWqjdScDztGf4O-<F~{LVzO$B334=s12r
zmN<XyrIAy9I;Q6fSy%~?4}4bU5s}c9yAm)~$b3GvbLz7KSmx)`ae{vOc2eU4@mTek
zgRuz4TZmk8BDkniJNA>?ppvj|kKA;-S%-Ss$hgD&(XG96s)PK}xt*qH^(ApKYkGHP
zR*9xH%~{?x;=doY-oGh*;@~E2Si1L0^mbSc$MaOjfB;C2NHE*1eIpA4W-gu|y@qh^
zH~(CzS^Q*PMh}#B`E}AlrAYMMC&(hSC)p-J(6{%&$}PS$^ezl6OPH1G2lM}as+dIk
zByDLF2?Ra5yxY_04n$kypNKukg||k;&OB-oxho4DT|7gWES}-z=WP|9F*->wbNG|N
z2o~@5RM``Q_%yuOo(T#BuV{<Bn759@%mqF>dLZv_VSy$neaR~ytS=<Lw#dVD(m7CH
zTPc~>$L;0MgDxEmt!tpm8{+nFnit8+WMho}O-<>yv4fl_nHGs!liX%QNU)#4RR+YE
zFj41%CFoKA=6M3e&q76>nc8MT1It6^U9`;5Ux{vd@7|&U_yR%dn3YHO&XPoxHqU=Q
zOeBt6beO0uKa@r1pkdOTjV)18bAF<%e%_-GVn2&^+YVUIu<Pm%j#2H~r1~>7PgqDW
zy&P~g%)1;MT(<mGw4lq!94zqRdHeZ+k-ee$dg2M~t(j|o-B82q5%Aa!HKns2vtEd-
zwWWDbLR`LCi)nLnf}N77bohC#54no_**gIk1I8}gYN?dzwawGJEDZa-fp_yP$g$uU
zfuGS4yfVfqoN#Hab8E<UyMY<|&!Tza<P-FRz&icSj?U7M>#|?hGLd0gg`=O1Dn{Z8
zAzkf{GqlE@4|}s-)(TZ6Rk8+qIrQ|i@dQ5o@YGf*4z1T*;I>AX*=NPG=n}*VrdKr%
zFA!q^j}3DY8S~6|+iqFL*ci5v4L>}M{U{%Kp8L=j>~#BMnV8M_eu)spySl|$u*epv
zkDjiQzP{2nC@?(1z)a<fD)IxWqw6)yn#Ahk!_uRE4T#2y#uKfN!cq!?buSD_ifk_W
zbUXn})zvFB9id=nTt6wyfiLFaZZ+8>Qj1BeRg_Zwhp>|2Qv%kr6+)`(!RfofIdkIl
z`6pIszBtJPju)Ohy{_lCs0U69>@DzBnjVh&XU&9zpO^JF<owjpd-0a>C5kM6+vsg-
z%&;LV>xl?^yreH|a^t!UtFRTJBG=b`iw7~{=dg|^$RvR}(=E%5ysL#aec3SPg5_N}
z+>js{C96g2`DUC2AsHYiP{?leyA3a<pEk22Zm1#E&zlXz#;@tP|D!yXIUtNF^f=&L
zERyccKW@+7PSIu6@uuAk4Z)pXuGR9@+)HoQ@Oz?ISezoh#5&AHT6*6t+rJ&=6l2qo
zJ~Mvj0i6kH;Ck)v)&sAY&!iMd5-dRiuAcY`CJJ2;R}fy72AAM!x74-clN`=8vOynO
zO2Ro;ueSBe<PPN9()7=FjWQLCry?e`Ec94xq(j4AU5t<K(3QIp%1)QsO+UJ#dpep^
z-6@;<bu!pnpG*N4F{b(&)%<G;-9a(BXlC}>(&e;jq5`t3+Q8~vHBTJ@Tq|=vQi<Kd
zA8&{fk76B-y|Vk+1hXccE-8xRKA2VUcixr#;^*~oX3N!Cw5(=POy-4HvD1!C=qpi4
zi=*c&?YLmNY_U=XZ`CQ1bD9A?E~L)FH*$J*5Q)c%&1NlA>JX`pf<~qItJu}+La#M@
zIeFtQO^pueGqxe+ak2*ygxXA3LRE6@ahOI?6RXK>ZKEFkwk!Q;*-+DKox>6OP~4LC
zkAM?MFhXvymf27>Lv`+?x3!r_$>)d2cHQX3?Ec%Ph_{xKAcP{QC~4K<9Xtk{U;*$i
zOD8f23G6#^rxw&A??6tEeqrds_=3Xk^C2#;kC|C(%M1c~f=RD)SZ3y?XwiGe<LKEy
zs5E(bwNVoD_%a!;u=3eQE%!mvnc3fu^DByrt&R_oQFdZ8w0uJwOZ%i3UmmkQEsWs|
zZQA5&8t;ZkO?>4dfCyT8dWOR?pEK%=-M0%EKQHTE4Er#bY_yk=B0o-%wfr!U@_SU%
z7Mly%&(fB6`B0fMl96F|hYuJdle|Pt0LMUmcktxl#=xrstg|ZN)ha4#oMu?vi*7YJ
z)ccJkM+hFpey2Aw$(D1avR^rkhAPc{%Uz*cH6<$h(NxAcdc4q=)naIH#2PFqMJYJ_
zQ}&kCbd(Ltz`T3#0(u(6Kn-%%29W55>>zuTniH-`I>tcFi?~3<HNV*(!PLKlOF0T}
zj=8FHN`brhcb{vvO?+|QUr9v5XT|K^K4^i8n{YC;vwkj=I<D%k4+6}-?5@x($gEU1
zR!Ciyx}LU8Wg(FCpIu8jR?vqRNg>8{bqtbAD5jwS2B2@>VO_)Vthr~oEdlaEx3oeq
z9pmo&o9X>@(7^8wGat4Z;x6OPZs^2%HF7n9kA3Px=8viE&dZH#RrB&sv@6Eg#KE8S
zBjZNJH(MNuzIKMjSg&YYryEc#jl@6Hn9TPuFOSK1KlD1tFZXwO<!M|bhoMN938*R+
zwv`V&UX^QlRK72^vOl*<+5t-bS$@P9SDFS`)oZd^+{u;zw!H0IRl#z&;?AYX%!nU&
zK0B{>JD-x}L-B2+i4Qtw?1$cgenGkq@dfFcroW617Nm3cn~TuzAR`6HeBX`RUc5g)
zQ^&uXr~vdeQ@=?NRVHI&DxA6i3<65)#Xiu}@wPmvW;?D0*=Ey+Tw5i@nQvh_qZ;ep
zysgzPvMH!q=wPm4QW4lK%doYvV{h{k5U%v6*T0U|v9!7max>}D%o#}CvfYWXy|2c8
zRr7$bwTkZ~$|+c;y4IrB9ZCC;4%Dk-_|z93O78fYtF*C9Q+b|+ghD)C+#e;~=JQ#6
zg{f8C&B#r?{%wg8DFx}!F7i>4Z6H2zLQdkB;pIIx7zMU7VRC0NK{l$4>w0VF=QjNr
zUy8V7!w#u{+v;l*sPwN0g#^a4l5QLu92IZK(o^nc^iZ1Wkr4rG`<#lW>>!pN8C;XG
zSz+`v&;=oY8EUvcWrEKSQRuVM4Yafr2@mB{)Xt{!KezEnm@&s*DCVraV|$g_mnW$s
zXw&3P65jXC3t`rpv$tEG3b34q9{Z8ZPc&q)#<kJ)`R%*UZWin>jj?SD00fmtTVf#I
zpV9+P^9kG+61mfu%)4`R+kkO07wru>rO%{)Y95(Nn2|_H6$=40go5I0(_4<B=nvaC
z(56_s%wNV|OA1SgCB6rZ`c0Ef-~Y<3?GA?od~>*5(&|?Y8p3uPG<Js8&&`&Ht~y@@
zmXBkRb2N$AhpcYvpEr+x`a(-DT}`E0{fIvgvpJW~K4bLvcWblZ35HU^S9IpxyC;Hs
z>VooKI~2U5`S(JnqAhROHi>hnAArK&Fh6;h85Be*hrO~d`qE;bBN2e_yCdnBL4j+_
zWq-+{gzafiP#;K}65)vg+uh7p%-%S4tlZ0b@!90GZKmb6t2#|42Fi~$m03f{mC_o+
zyR~I(G0_3q=N$fLJEd|(Apkcyt)Ll!AW-(Tv8che$JgSBdt_(#@A7IXQOZRze?R$9
zYAN)KZ%+*$RwZvsb#~xN<G-C3Ou6++?+cmV$zbuOeb%NRuzASyf3^3OL2+))x`AMU
z;BFzf6Wk#{aF+oBK@!|uf=eJIXpq5Ohrxn71P|^IWU!z^fZ)N;WS{T*HtZ8_-KzWR
zRvrHE)~feitL0hUYjt-`8@V2C=8?D^m;g!>sT4E<Zv;s6&VWv#PY^;n2ng}x<+tsC
zPg_+}u}ETc#O2T^kPJRdI=L2}flHwh{53wFTJyq=qAjxWy`i{lH?CBA*ZQ78k&Pj5
zCX$L`(w`6<FT`61rd=P1BUgVW<;Wj$6Am<njPrh9-*FP^>5Fh<RFjvK4E44#fQqjp
zAa)*+>}WO)#ajyQheccmH<~>r<+p*Jbov&xrkcH)l+Gs*GVAf`K#tJE0`abed0cHx
zq>mhsZNKt;eZC1KM2#InSVw=dHdJJZH0KI!S6g|(^&W$y_1D|_^7578`f2+r@M%aG
zvdI;<ZD-;spMjS1A$vUjnp)7phZzc;kP_nOZ@+oX8BZu8PA0k4wtW{?Z%N^Qv)$ZH
z8q~))_U~E%y8bZMdVDM!0V~;^cDek8uWLm<F|D3+em^>+-15MhYqkTsxP;9GUZ%a)
z)C+ob^wnPWUcdt?&yRd_j=%W(KUIIv--)E0Uw9=LFMK|_8NFA`&*liVRgNS0N<y#z
z?_GKrV))GcBjjX(J)^D6&+Wa_mSv}rgV%uGP1aOzy|GMWMg{b}V#0z!-tG(R55>!$
zL|W}6AkL#xQQ>yQz8%wEUssjfC%ptl4fW2NL^<(7IgT$k1}mdxf3APnr|>!b@+GIB
zv@X-%ggpa2L=n4?pK2*E^hS0&zaT)Ynf>*?bxTXE8_n^x%OvUg(GNB>k<V{BGNMC!
zYQ<~u4@Ao}AHV-{`2Cqd**6iNiOuPJKk~uR5}OPvH}I|vA)~Y^Hx79BD$PSW-9XEw
zR}t5KZ<j3P+J|Wx!lxEC;x!XhbZ)+5$nUs0@`y{DLb<}rOP)e0@LI6n&))KM&#?NW
zwSq3ce)_@kv0oWrhr0}PAl<WhRT33KNK28ntzaLhakY7IemYvAYo+#8#V~y|<9c8A
zVZ?RidfofoZ*Cl?riS_?no$q$+@iiPGyk-CA=H4Dl$3;or1XRESKkR1dWhHs3d7d8
z%=zZhMk_#ZffEv}^l|s90gA<82~os^ql}nu^ro=x?q<X|+V2tfyLMd`w_?n)`>}Gm
zp3(wAbkTEkACA1Dq!r08$(W(OIJkZe-@#>)9N&DNWCCG@Ui2cTOXy5NsJ$W~!?b{4
zv-NrUM|4~*Z|CB_V&0e!M{h@k)gvhz3>AM4Y1m^SwjaciB8QY;$k&{8;-fX0)MD-l
z_-<I%f0>x<&;K!`v5mQbS#&+baV8s$s1^`%Q;(CT*@o@reCp?wT~NNcGR5=eiS={h
zTq$l*>-NxZjXys3$!ss=Rx*NrAvH(NI8Me;9`)&PvO0WUUtKmFgbv1<L7w~ml63G+
z4=ON**w5!W+BJ;LJ!eC&xOAz1o^}>PY~C_Y#OE-srxHLz`ExEUpf|aL(1$nQ%!eHo
zDTYkR&^0H1TxRT26iFD}QzADRij}_F-x6O40UnQGf`!-C7egNI(c-ItkuXHdT6gxI
zE>0&hHC;oXnRaN}k+H}|;h~MsSp{q>T)K!f@+I8fvn=oNESiO%8@WCA<S_F1WzUS^
zkZ+#|rCF?_^4<f#>x^^V6Pz}ydd6Pa8~3nMbSTl)A=*nrL8J(kdK}|=Z|7A`l%G(`
zwS4C+ICm7*|Dw3UaX7pW5(!)qUqfa~^X>P$A#AZKSxn|-y%ZR<-TEX_kmx3=@8*0Z
z6hiK|z#+b`g%tB@TgG1N>R>Ne#1MkXEl2H_D7@h?Tj`#HlD0n=#Rfgj@T5_0tTUcD
zf4WoOYL_z7ncsdS8~V&wa5cfM5o4gjR`7%U2AquR9T1Aq<BF-z_afmzw%Flll|qFE
za&R?SR6^ZXBX6v_nN#hmUHH>e@M^1`>LJ4+!lzL(YK@dk2>{~BfJ`n`cF?c~a+a1W
z*Y$h)$3j)sPH9oWRmu<s#M|dPEPpYee@roIhr@r)eF1FDnMS)4CW?w>^ey#{KPG(g
zUeKRSo}ox5R7>>SX>S}*gYzYMr6xwIUSH{fb*RwJ2lqUlt~58S(Lc4WOsDtH{pBIS
zj~NjE=qaOJ5^m`q8?a)jO2hpS%?i&6<o$D7+252}sKC*5?G#2dJiVKw`41OxC=59d
zVvJ15@T>mZrTF(TSIi3)Mu>{-1mdkWu6G~Bh!H>GF@FbTD&0}doyMxO8V}?gy{vNB
z{?xDYzv=5^@XvioEQ4tKXO>|dW1o(s!^?)wX^^_!&oxXkG+llCOcuEJcNjjwgJC9p
z7KC<J&9?~l=Y(;s)vYF;a=-AZ3LeC)oJ>gT-_LcN+V5a=B<d`}U5VYgKV*u)gjZX@
z3%#G~%y1ajKu5p`-TlJbVf4?f6M_AT(!E^6nc}@>HqQAyNoE&3%x1H;5D-e-qU7(#
zrUQ5+BqZBWWSTD9tWZwM5np)Qqp=ZRa<O|fEdSIWLLc`UYvfOTYX2ocawZssFV58N
z@B9o$izTLBjPTB%?iNJ<@wll9Q!ja6RNtLVc1OAl0WeV05+QKI-K$=)5SV&*Reb^X
zx7HSWga89|+tbWP_p4VB00VW%L5|b?dVxtM_vIrbIHlk4{qsH?$%3g@D2@Vne}isS
zco^66>?juhhtAp<_%KjsU4qE&<=P(y1qSLsaWUL`D1p)E0)l}WV@+o5ey-!hV4%i%
z44?dGc7Bg$zJP(+o#8oC$h}-=BK!vR|3c<}s^b4c$TYsN{*4$hW)xYPn3WZy^VSko
zg3v!hUR53rBP6G^RQaYhLN_G0F5<Ns3&O0NKgNf{g988nfB-Kpr1{b6f6C=IB4_n8
zv$F%01FEX4=NMSJcX4+_b3s_}B}`&vbos_cPok#5dD-lL-i~WHnTHgDh}o5yyjBD;
zE4+bH<yaQ<aGpvWMk{U=(ma1cJPgR2c%U8Lr&6%JWgPauR_7o4IpF`w>U;)fqW?Bs
zFhA0zrq(OuzP?x|9-mNaSV9iKjUApQVgGWO6E%^RDhPT6BDih8()6B|d_L0kUjLqI
z^fCO$s=m}I6CyuLKCrZ*wmP6Z--?SSk!Wyf34n&E%RjR+R)MLHQGdgqCqZTVrnk?T
zII6>~mNShTln_y#&RG?j$pEe)|LeMf)HlLX1qWZ2DkdZ1v*{Tu@dmAaGm+oBFRt_x
z_B3MFq0#i!1vWvgL(CHAZ8%lw`71v>Md+cXwyS?xP#+WdGyk~Kj)|qabCdgF$zyU$
z--=O={TK+nL05QPDQg;`ACIwKf5%E-U?6X(L-|Dz=YR)n-5nYjV0W!JI9L_jlXl+<
zVds$CUd4qL&XWfQ%Tn&8;dA*YA(3;XV{+UaMq)C*M*-{fq|M2{G^0LR;x?eU$QZyE
zOxla9&qH$=u;BZc#q0&Mnj)<G<6UPWYiXJK?u1m{Ex5p=>T6{tjoPmR64oSoZo<U4
zxI!0PR$AkVg-@B}WMDpTI8IFA>Bu^~zJs_U&@y4?ZHfvb;Fhf)sYd*qS;rjZ$Ca}<
zP*}?HzNNJaHVYV+g`w0)Ehh3QqwkhZDCzwU+64#Z&C*Psj-ub@`L3gX#tJ(K=WRJq
z-{&<S1SnI%4ivGEX&T_}xc}SpEak!cP%AgNUC=*p`}Y?kaxg#d9upwR_h*aqd$g$v
z<`fh1J0h?)QQ;L!FYrRHHjt!+kI?E@_tzSebtOsNUrqijV1PyOP>?iC&of%!4kusQ
z>QRRN+5f#}|Ac2u03%ch^|Rha{mzx-&ge62`-o<)jSHjgD2Q(&otVoU4UzI~ULL@g
zP>B%<H56~<bXWr08;mH^2tVa<d4wNg4b~WR<a)>EiwG(IZ1NUfs9l}VrmG4cEI6z8
z;jP%1zwU-4D<Ywg@||`KL6y?AMRlt{r4LBSep@^|G<J0K=Sgj?mop{ka7LjmG;D6=
zrDjWyD;JQTAco;D2Il<3Fec-?cCxi?M6Vv<Ucz3>UIFzmZluS>@wk>(JTc$WVR11h
z6Urb`x$dFE={`~3v&!}JqOU!A9zSupgRr=uE1PfDS!2sH$hRV3?jdo7EfVf&aricu
zpPG3?-DI|7>;`&~%Jk}n`;CQ_i9x&%pSA>clW)4R@|IdFE#RwPl5a4@u$d*XihFpY
zn+IUNY$g}X6n)bdp>oXdSxNtV_@vT(^1B-C*)pbtTbkEVF5U8y8%33Qe%G<#^)C)J
zEmwhl(Bg0<dZeA8V?K1NgY(*A^lgf@A4`L#9#@5MhTJ#-=QCvyA{h!QfQ_i3;QZ=r
zn*iaVff{8oqi=9VnS~(2td>}Z#_)?6FDeixUHo&<Dwka2vp8(<QAW~~v5lXQ5Ia-%
zv(=^x_2<58bHR#>Wyp}rhPeq=A3Nz^QVY;Z$8h=MMl~j@@7nblts58Y?HAv8o%sgA
z@JWzM+tXAEykm!vwHFv=Gu(&qIqgs|YMbAk-4viL?$7?YCdq`Z(SzCB=gSpE2P)5w
z4Slk+VSQefiEsDlr|^OjEO<4YUO5?K)Hz{h`nMQU?`y#5d8F6P-`BC)MoH!t6`yVN
z4voV~Fr%8aD7`zzJDZXgF@;JC2d4(O*?D$z`r|v)S3sa1^D!&GB)b#QJkc|ocuqtn
z&+r)JUfLPjJUN~0Y;7+14c()~Uk!47GdZzZH{4qZupg86;f<&U6!~&GhzK_%n8`K^
z4*-%$@N~M*MkKtnncpREU}hPKe$#TJrYUC<nA%+)$zfL+8E-q8O!+eD)1ADMk3`W!
zIWmce@=!yRnVLCo=-`cx`ueo>D%+)RO(QRAnJ-BLG=0LQ>FV^=4(|K+<b&}UW2C0*
z^~a+(ZXXBf1#EPTeb&@Fb+Emb`qH-{2U>%VTj<qNs=D_#o-th#nuLnj`n@Xfbz8gQ
zDOZfbB%kuJPhuAo)x-AUnq+Js>$z(S)^ML51v8l@sZij_Z%%ryq=s{0p1t!BCU~I;
zM)A=f^xWRBuL$jl!j0;}`)H-Bf)Z|qKGj5Vw26^cfO8q}(Cek>qs0_S65Yh8@=4xx
z+&skkjTf;JVcUqcHUTG})6I4T^}tn|C+~tXS>zz9VTB;U{LrbN1`y9}hup5SH&RSb
zB%$4n9_j?G1(lNyT$(Mp+?+}_Z)mPJywxjeMqlkt7;fNXpoE*Ft2cVk@hVD`C65wu
zO@!i;xMg=PJ$zmgM<nOY%<5A^Be2}N3~I+YZwfp(JZ5Dn0Oi@$#VQc09=`^+iX{!d
zPwaJft01z<&u@z}HP6jJ>6eY3!UI_fTl<%DB=l}>nBiPlXoq%(Q+noY#U)W5ULSvO
zrUf^9xsX~=spfR{s%R)nuB`*ga&4x!UVu=;`LmZgvxNmDElrLzuF@qaqoVctIIWyA
zliYUMjC1#ep5Tr9tdZ!jLMa8X;!@kKo!B(pK0*d(jpC|D{Hgn8l>`XV)6~jZ70GeO
z%P|@tfTX-&kA(J^U4lL$gr2d6Ia%f`(U5`uUP0V=5)JA70h@$ZAIk{9C%pI|d4(4g
zof(Q7XBV??QC^by6qwHTK3`ySaH?@s^!Y3#ZnU$`o18@4KfROJ55(WdXiRXZ{jj{W
z%$xmVluwPya|Qfr_8BMZH%E~if2;h~W9gvRMJG-*L^f1dU;B(#GRUHeDtR*s*Z0h=
zKLPtWN4C2QoVe6g=-7o*BglBZtpy91@6x^pjtnD7jE|TU$NIX%Rc6;Mb-(M}u2(+?
zflK#;(xrL9;g>&}en9ygKY(=_1k`-&C`2ez_PbGPL*8JP77F=-qO}BENppHL!dWy+
zupc%|Z*ls38ewODGS~4%S1fLIEfrlU606$po1z8D*7iDWs&Aa3WGw@|qv4W%hbX*H
zpm-5h;4U@G_{mK?|E5pRHTWYTepwqmt^@_`+qt)v!4!kBwT6R3Q_aG5n%--%i6dn5
z3U8^G0LhCMH@meIU6aC?+Y#v%H;C4uK%bxyQ52WN2O<5rG$uR4EUt5uVP1mn5}Wz{
z*>T}xOFowF0?;9?$vqIzFw(GwnVz#|bD;Eyp(XhpvA6}anJf8hFF(<*T|PFaqNY?K
zd_=8s#o@}F1bDUYu$`3M85Ed9iepbi9PXfgS>whv>6(babms(vU?A)79TPLm&P8Ed
zm_@yK9oHxCd0?(r9=CMtR_ny#bKX(dm}0+<YSV~0<#A#Sr<qJ>z~I37sX$9HApTt@
zgYb*?F`kr_uMsF1uSkC`RmnORhm}f03~63MUtH)AZP5HcL76#IU0Hdv+*dTN96X7w
zcbX2-r?G5J$Cz=Wk1A;^8<0owVJ>p?G!01DwQu@G6U_{|wpeu*8U$3Xu00W?I9MCh
zYXR!mH#mm&``L-RvRUY@SH=cKmkhowiOC_9m`d|X1zGYg$mj8HQ=*Og3gQy#Qnuid
zojcpCy~jXEc$Ik6vGo-V(S~08l_Bu*`EW=vnr93{)!S*cv<s>Ts}k$pl}qH{zyLcs
zksvZp5o%h-#|<e*nQ?7)cA33Faq#(BHAziHiVD;b6;(|DaDBa`A^i`t<49W9E6+_r
z^Y2ek2NtS|PFaO*SYvxjt$MSt4H1GU<To&OY$XUwO~n`6QCjdD*w~@PvfG0#((i$F
zEJ{jgsq~A83pWDkE<10&MX0$zCBE$|>PRb2B-B=*Zp&l}dImOaZYmW}4SnE#KQ~HT
zw<1${RpNy<H#9jFmEg5x^L3pxiG_K4`5b+!tm4=suYhgQkRmQI-&7Q$k41=6ehpa7
zb1I3hNj_RwWKsIg*j$B5A#IO}0=Y_rj!*Z!07iCJOM4RSXLS4eFxd<n7kXZ4R#y~v
z?(lJ;(Rlc!V~E7aPo1bxl0dXvS$*HJaq&D}+{yz|;MXq$IzLJrJMJR6rf-Id&n__l
zNl6dII!s$yABxOuCZJn7ZFc8GKLV;e_8~;Bl!>l&dV<`!h2dPPV?GbUHnID0Rv`G$
z3t$IS0v$Q?^rL$bX(m0Yd`$k{$yk|o6$#Soc>39*;)Ap))8y|s4G)>cV}v+4F+Fik
ze#Kx4;ZLiYsv@j@C_h^WdHFBnb0`vCSAhL^V}X5r%wFP}pVp2rDanw=0k7L|q`CmD
zI?NHWsT^nf<myWn{S_A=mAAR}G*_)Dku6}o7b0D9jxZO6OEe4r_Zb#;MCGPdjfww!
zs1^Tm(R<yYHVXNr=hoqBtF3Cx=1-8wDB=-LYiN7ZH=LT9Ol5U(P073uis8XfmjQE7
zUTo|IC{Uarf3NxSmvVGCRTt*C0ulJKftc-;%5X%QJ4b0<5Y6G(*o%H{GM8-vP^MsD
z&Q>lnhDTf)8(qJ`!Ja8#msR2Ck8n*5iUP^_uQV%TpI0Ti6dsehC$hBQrerYFN}VBo
z#MiU+Kq>%TcJuK%=c*;SmgXJAtoSvh#k1s#gyvMzCR+)2wZ7DZya=U=2@T7o>BaXX
zlG~FsqtX6UagfbCD!{@e(vNZWRhY5Ci5d!cQdSnyZ%&=M;5f!pddbwWj;tFKi#v!V
zXo>we{(Wo<H<KofwJ#g?<r4y^&b|t@yotJF?_iG<^nJTvYaou9nV?mYrM5FIr}_c6
z=$2%*Y`41OR(?Eof_JMbU96^XsB(nn<hD){R*ck)wnkr{NyR{TyB?e2x8hfCbkEbg
zKT7I8iPh=TT6>gCl)irPN@xW^`&*B!8=oMvl0-bA>7uOhHxiy-D;}I%mUizG@xl&r
z4mbJGDxToU<&9N@B$?{LsQ{lU4!TxXs1N4@!{l__oDQlbjt%I%Ya(mNsZZ7Q9Lp88
zKBeK$Jl)X}7QoNa6rCe+O=9Pro*q<g{6rc5wR68*$5MiIJD<wA%e8t)jg!x5@^qur
z+2(n=(D$;ao}nG{V*TTTFB2pyLyg|_C4n(PkjQbTS}sc_j=a#ac@-Y#n(Sv!5#rym
zps~#lm!gJ}d+88DB77w{QM0LbNrm1PRx78>)#C+IstVP@O~QiieGFozdGWFD!TEa9
zii6!ciW<$B3#$+a5NC1Pcban{z~gj%fsuKQ=n~6lS`U*!zRg@7B~VJW&2UlQF>C$1
zC?0K}TGLEI_b0-_()#=*vOCwi5l47{qk-1aPVqQPY0}4K6ik^)<meC$8l0Mjj1XXi
zU<!r-0PvyUakgEIR%-mkgm{l~-Y4Tuzf{$yH*1p8j~d-cjkBeDobkds;!Qa=Nv(Xh
zmJaK^@gppakH8Ib86NF<wUH$dj(8hA^4Jb7(+_BU+cygmpC|cE)RHbW&YoRmG6e48
zWqrO(V66fVn3Lz%9z30Ki(I!8^cJKvJFFXUsqb;7K!_^p27P5N+07`f%Kk(<k*Sd#
z`OQBtCSIn8MzRNs37Y%_17h}e->)?$Cfgy?T1YxxST<*YU90iSSVigAIeHb|!tQq$
zHda_<lo^&=D-Bb5V3a_H;kdm8J#;aYUq8lh&ZZa+kaY;~4W;dw#=>OQ6Q+I`P!)Y8
zbgue^?z#mJRhp4Ls&2*Z_v51@QlkBo+kVZP?058~uo8fTc|rux$EH*$nkUm4eV5B{
zP7VZfGI(fj#p76cM}n%d*AF|!F4fibgFA{|JNL<>k!TixCT5L8M~H&ZBXl*Cl@cDI
zi^_C$o;!aB<06Oy>BcDVEq>-&*HlaiG7hO+U%Wk7ym5+P-B~0SF$-DVic+T0P8591
zHHtly%AsX|uAnK!J-~2O3+Td@dUMp_b^S!NA<MjBhCff_lDD8jL$4BBBv`q)HVUKg
zk~G758SH_fMfK~!1I%bSNpZl5XBf`u6jZk;?p<!3CXpHnf?$r=Xh|x2`lJQLP*<hq
z4LeSL2P=UhOZvXZn{jOrcKS~l2jVLY#H==TOQ>O<JOQWFk)+j+*BvG%TD#gNrO)j-
zF9xPPqGE~PvDVGVO&T5*W%scZEaoQo=^MQ33DcbZX?IC}JM4r73%E;Em!(if|D>t&
zA1dwa?Nw2+wisj|UCNbvf6Sxlb!4%zQ-S)vFH>B3{g_lib2Vfmxn2iai5Sesxh9Z4
z(hg<KiFwFJjngMr6Mbwh0)?omQDPGo-1zQWg4+ke3P<Y%<*Bea>PTFMbn6rA&c)@z
zx`H@b?fT|3O%J}6t#<&ARe0)D-<+ZDfd(dZ)y>ixXGHXD&*joDeHot{O26c9RJNNT
zzySo;1!d9Z`lS?IGO^_|sc6te+n>+vV)DEgSDVfLvUzEQq^YInz#3<}W&a~HS~nXq
zFE(yzA}`-kRlEBDR%>geNC0^x_3omWFRm&#(3^<dbE&YMB^3v#p!thTu)AbF)ZZA?
z!ODz9sL9?~G~%3j;BG{q5=PIMPv7e|G`9K13<v%D+B&_PtqenXRUC@|Ii62tUeP>h
zID@7-o0{fw1#xztJ*|;-A*a*~PWel!b*IfuVeMsHnf+qbp!l-SIsnVyD*mnB>8xOK
zjxMWL!*0Z@e4l@wU}hoGFe-apF3nXUh0xD_%TP2vs(=L#P2R{(F7yT&WT-I<ho2VY
zGo&+{%9&G~H|-fQLGvkGZ<@S!IfzIiBb#HM-R!-T(7e%+ZmtdgT-)T)=wuzHy)`-^
zL|mp$F`@-aR45^QJvy@WVt!xhti!EqVO_FdA2>KQV}<D^(oAiZ`<yXnUdikXP5*+J
zZT`*9py@&K^_w83J^?bZh>HokrlQcK=7sqP4EvN%^<xMA%{s-?<Sm|tJyUv<woO-U
zV)TBjUF05FP&~qbyI~Yq21<3sNMd|=X2KwCkZv<CN7wE=^>W3DF}9>Hy3Ez2qF!3s
z6T=E2EpyTy#7&p?_1ml}Ju{!d6V6curkNx2E5<-96mHLyLdQf&NYu50vs2EDXNS$i
zWRgoo!4z!T^4-XyP;d^7RJ4E|rkBVIjM#$w$vKeIDH529u4JIIuT$=ek+Y_k+c@5Y
zJ%Nrvx(w=%@Lzfab0dJ^no;%f*?#<lG7D~9gZ0YBNBK-4270W7cvjnW+s-f1;p86m
z0yZj15k>$~ZC8qR6v+BMyzhE74=bjl^GxU&9(UvMRO3eh<6{INgIBB*+%rcl@AaI~
z$Z>T%+=z3|0`f`42-c<hT#%DLP>=PkIi_Z}`AjK;g$1i8+Nb7q(xg;~$*IRjA&9_6
zJ%9)(Zla0vMGl;<&3SQj-ddwwgDyZyvH~WO2{oV`dp++-H*a?82weh1U7h$v@bDUM
za@#OdVIgx_u7tiye|XO-*y@O*WY&I70QW-YMHk|m8SmjI=iPeeISqQ&DR%E%QuH+D
zL00DvfCt>QBVXQrej;L@I7?^tkXu1Qy}wJqgF|r#j_xQyk+Tk}I|UtNL$O9uQUe~y
zYdH6ZD_%W*OBT3f4aL~YDw>NS!Am$9lQB)o^EUL$;49`vWC<+F-`F;5AMEX4)%hg^
zghUSXva$`v-l*Ua?&s!)XxRH|;LEj3tROyVu_wt(4Fl`NtANmt*p)sg%a*WZabGxI
zinKr+4$V$!Ey2GqM6NRyk+(*sey1HXl@Lu%YlD4NZ5mCI<`f@huUamjk)PK7ARK)z
zn0s}+>5SZy_sX+bo2lXFt1;2^a@E)cbc5yE#nBrY*)kiHSIzUV;_meKERL&5L6}qK
zCgWv!1vv$1HrhjuqUCWqiJwk4W@R=G@Jku<lR>4s7gx4W|Mt7Vs2i525g1-yE4U7i
zU3@}@V?OrdWQYn7QB#?k5<am|c5ykM(1}k^2PW#jp;=_fUTEm37?|fTY~arWIX$8Q
z0zbJ(^&1_izNn~TV5w$MN@Ki1s!a~|ipyOB{M7IxEQ;C@2+9?{mOJPL+p8Bs{j0>p
zT>&~TzZqW{5Ku(^pkrkFP_p0{*ynrs%P?S)q16DlD|?g7QR*SQrMRl(@|;Mjc0(U0
zC#qA*8JP&J7NCV{G(JJci%<V8pdvVBt>;?O(bvF2S&k!$brFztA|Bd~+h5So=$m`(
zV6G04r^U`HhflB@mv;Fc8#58NdZnh>9!fG5-}5#5$fx#e)(OO1=nyf8r8RSDc4yV$
z{8S|Pp}u<;vnD~b`nqi*p-wdpV0lT46*;~(qc1e-d3y!X@)~cn5<dQ_KI*fg3!!2f
zzO~o6XWte|-+6?`1kNAUX3+I9bjSYcAPb9r2%)d|8aV$W$9-%}P8#=OJ4Pj@vR~LH
z0Zi-X9(E0>NkRr*(VQjQot{b)#h7+s9x%&#P@ScIyej7R?A+@qY)DigpHd2@>{T2_
zk@YMWQ8z&>MBe4<sTV9$rR-BceYYpvLY*D<45caIxFKbnQ%2__h^8!c^vLP6xvg4I
zccy!W#pS2<yj@KCZb2cR(muQdf)Hu?_0}&dYu#(j^Vm#>yGeO~R?8fE<w@-|S;<HH
zquV!+pShAj8fms(FH|B$3w*4V+NCDbv@aMhDrJo?HTYcBAffYZUnI;9C>ujz0CpfI
zcHeSavrALdZ^Ske*tll$(h6evu0`gR6f%?E*_n(kVpux3<3p(C{%~|)K=I+jcPDo6
z(05`5Seu{%O#L!d1{=y{P2>;)gPAk7Lyupd4_#43ZWmOD^`I7`Ki>X^RHeIv(3T78
zt4jI|ojFvZdZS>G6)yhFp>$ytXl_(Fkmc>JikqS<TuTnSyYJfe`L;o$Meupc4;3E=
zLps_bu`H}A&dSaUsguX)T+<Esih|b&@bIeCg2Ev5y8H-rkMA5K{>p#`C^LTfvCwf{
zvJ3AyY|xV5_JEp-QbDqy8%!6^H4o-BS3Rv5V;E#Ap8a&x^$0KFW@T*&<9BAnmKj!6
zF*`+=_lLrO%z1bddG(r{%1L@<;m9hM6GuHU@a6YQQym>_r1d?FT2*S3q%9RpX+oaz
z<ppP<g1XC%h4*N`<C;~Kuxy4K(mx8R{yRa!kl<g(K))odEOsTW78A2{G1^u#svf*n
zE8WKM5XPFAHR|irk5dzpI{!!t+zOZ)NWm__Wh<bp!TaCQ{ap@ZZI#V(e+H;58%CzK
z<HU&B{qL0gu6p6&Q6so>jkuModJv!uE5X?>;<vKkLNHMG@7-u!O)L9lt6%fI>{ngZ
z*)0nD*uK1>)Kop;uxdQv;W{5oh5gT5Rc09(2w!phmX`Bfehj-Q-#v0G$UrPp3SRdi
zQq^XIvb!2AK~_L2=YsOL;>GF_id`mwMdB7pLa5w-P1S>x4IZL~P32U}xkGjZ_?;!&
zB^!U#>@OCEF!1~wgjQOb*Qn^;BqdgNYbIDp&Rc9ad+T>*Q|HaHa&;&8xS2g^Pp<Mw
zB0i4BJ&tS*5<85w9m_P3uOK<4ZP4;UgCI6g-{b{NH6&D<4JOZ4NK!>7C+k|{M>stl
z$wLr?ZoQc9x8G045%%$6wYQhEvy<`^qy@U2!)0?B?F2mB;k8wFcY+?JNg>}h@*~&q
zQ13`!x@X}_-Ir{XjNmI$f08*v|HvJiW1jB%L{e)ouci>4v<4^twFEqCl8qoV(16zr
zk=Ar3n3glfJL>?rY$Qm%Yi!-((Egg#xH-PIpsA@Tf=VwCe5jtDlw|pOWK~Fl)t;?1
zNQ@Bg-<$eJ;L;}NpH#aU2#<(}Xp6UObo!BvKW)VHeux~y(tE}dcN1y1w2rk2h1H=n
zo<A15xy|rx2*JUsX1dA#+RArAF8`hrmZyMa5RZxdum7-5|22`Adbq&dIsg6j@6pU6
zG#DJ9To11PoG<*nwtp^>^WPO(x4-^9DyB^ctNxiZe{hcZM;iZHTaIJ>0fK=oto%Yl
zO>N)m6t3jY%UJ|GNP{2MQAK0(PEvs7Ps2%e1N;wAKt)9fKp-WHRywx0!ma)OpGUD*
zC?jW>e|`E2PdTC2F2@O0+VONm6#nQ!c6N5QtE=mXS?XfqgYJJmxs#TiHOyo}v})w(
zg4Ou>DXLK;=;~xbO|yY$QjWJZ_O~YV<sLMuxa5sW8{V%w1{_#TnJnTzGCH^M0!y~j
zbm?1GjcVT>y({6+-^F0+ZGS4+{1-1UTI3wHNo<es|272w(3d|IY@twq!ykOazmz7X
z4Wo7*C{5}Ud`B|3<&`N5E5D+`Cwq7A8zaEqDeeDvu>{;awCyb-a#(pO{s8tTC#5V|
JD)Bn-zW|EKk(dAg

literal 0
HcmV?d00001

diff --git a/compose/opensearch_saml2_demo/config.yml b/compose/opensearch_saml2_demo/config.yml
new file mode 100644
index 0000000..eb0aa7d
--- /dev/null
+++ b/compose/opensearch_saml2_demo/config.yml
@@ -0,0 +1,273 @@
+---
+
+# This is the main OpenSearch Security configuration file where authentication
+# and authorization is defined.
+#
+# You need to configure at least one authentication domain in the authc of this file.
+# An authentication domain is responsible for extracting the user credentials from
+# the request and for validating them against an authentication backend like Active Directory for example.
+#
+# If more than one authentication domain is configured the first one which succeeds wins.
+# If all authentication domains fail then the request is unauthenticated.
+# In this case an exception is thrown and/or the HTTP status is set to 401.
+#
+# After authentication authorization (authz) will be applied. There can be zero or more authorizers which collect
+# the roles from a given backend for the authenticated user.
+#
+# Both, authc and auth can be enabled/disabled separately for REST and TRANSPORT layer. Default is true for both.
+#        http_enabled: true
+#        transport_enabled: true
+#
+# For HTTP it is possible to allow anonymous authentication. If that is the case then the HTTP authenticators try to
+# find user credentials in the HTTP request. If credentials are found then the user gets regularly authenticated.
+# If none can be found the user will be authenticated as an "anonymous" user. This user has always the username "anonymous"
+# and one role named "anonymous_backendrole".
+# If you enable anonymous authentication all HTTP authenticators will not challenge.
+#
+#
+# Note: If you define more than one HTTP authenticators make sure to put non-challenging authenticators like "proxy" or "clientcert"
+# first and the challenging one last.
+# Because it's not possible to challenge a client with two different authentication methods (for example
+# Kerberos and Basic) only one can have the challenge flag set to true. You can cope with this situation
+# by using pre-authentication, e.g. sending a HTTP Basic authentication header in the request.
+#
+# Default value of the challenge flag is true.
+#
+#
+# HTTP
+#   basic (challenging)
+#   proxy (not challenging, needs xff)
+#   kerberos (challenging)
+#   clientcert (not challenging, needs https)
+#   jwt (not challenging)
+#   host (not challenging) #DEPRECATED, will be removed in a future version.
+#                          host based authentication is configurable in roles_mapping
+
+# Authc
+#   internal
+#   noop
+#   ldap
+
+# Authz
+#   ldap
+#   noop
+
+
+
+_meta:
+  type: "config"
+  config_version: 2
+
+config:
+  dynamic:
+    # Set filtered_alias_mode to 'disallow' to forbid more than 2 filtered aliases per index
+    # Set filtered_alias_mode to 'warn' to allow more than 2 filtered aliases per index but warns about it (default)
+    # Set filtered_alias_mode to 'nowarn' to allow more than 2 filtered aliases per index silently
+    #filtered_alias_mode: warn
+    #do_not_fail_on_forbidden: false
+    #kibana:
+    # Kibana multitenancy
+    #multitenancy_enabled: true
+    #server_username: kibanaserver
+    #index: '.kibana'
+    http:
+      anonymous_auth_enabled: false
+      xff:
+        enabled: false
+        internalProxies: '192\.168\.0\.10|192\.168\.0\.11' # regex pattern
+        #internalProxies: '.*' # trust all internal proxies, regex pattern
+        #remoteIpHeader:  'x-forwarded-for'
+        ###### see https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html for regex help
+        ###### more information about XFF https://en.wikipedia.org/wiki/X-Forwarded-For
+        ###### and here https://tools.ietf.org/html/rfc7239
+        ###### and https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Remote_IP_Valve
+    authc:
+      saml_auth:
+        order: 1
+        description: "SAML provider"
+        http_enabled: true
+        transport_enabled: false
+        http_authenticator:
+          type: saml
+          challenge: true
+          config:
+            idp:
+              metadata_file: /usr/share/opensearch/config/opensearch-security/idp.local.xml
+              #metadata_url: https://idp.unical.it/idp/metadata/
+              #entity_id: https://idp.unical.it/idp/metadata/
+              entity_id: https://idp.local/idp/metadata
+            sp:
+              entity_id: opensearch-dashboards
+              signature_private_key_filepath: /usr/share/opensearch/config/opensearch-security/sp.private.key
+              signature_algorithm: http://www.w3.org/2001/04/xmldsig-morersa-sha256;
+              forceAuthn: false
+              metadata_file: /usr/share/opensearch/config/opensearch-security/rp.metadata.xml
+            kibana_url: http://opensearch-dashboards:5601
+            subject_key: UserID
+            roles_key: Role
+            exchange_key: 1a2a3a4a5a6a7a8a9a0a1b2b3b4b5b6b
+        authentication_backend:
+          type: noop
+      kerberos_auth_domain:
+        http_enabled: false
+        transport_enabled: false
+        order: 6
+        http_authenticator:
+          type: kerberos
+          challenge: true
+          config:
+            # If true a lot of kerberos/security related debugging output will be logged to standard out
+            krb_debug: false
+            # If true then the realm will be stripped from the user name
+            strip_realm_from_principal: true
+        authentication_backend:
+          type: noop
+      basic_internal_auth_domain:
+        description: "Authenticate via HTTP Basic against internal users database"
+        http_enabled: true
+        transport_enabled: true
+        order: 4
+        http_authenticator:
+          type: basic
+          challenge: true
+        authentication_backend:
+          type: intern
+      proxy_auth_domain:
+        description: "Authenticate via proxy"
+        http_enabled: false
+        transport_enabled: false
+        order: 3
+        http_authenticator:
+          type: proxy
+          challenge: false
+          config:
+            user_header: "x-proxy-user"
+            roles_header: "x-proxy-roles"
+        authentication_backend:
+          type: noop
+      jwt_auth_domain:
+        description: "Authenticate via Json Web Token"
+        http_enabled: false
+        transport_enabled: false
+        order: 0
+        http_authenticator:
+          type: jwt
+          challenge: false
+          config:
+            signing_key: "base64 encoded HMAC key or public RSA/ECDSA pem key"
+            jwt_header: "Authorization"
+            jwt_url_parameter: null
+            roles_key: null
+            subject_key: null
+        authentication_backend:
+          type: noop
+      clientcert_auth_domain:
+        description: "Authenticate via SSL client certificates"
+        http_enabled: false
+        transport_enabled: false
+        order: 2
+        http_authenticator:
+          type: clientcert
+          config:
+            username_attribute: cn #optional, if omitted DN becomes username
+          challenge: false
+        authentication_backend:
+          type: noop
+      ldap:
+        description: "Authenticate via LDAP or Active Directory"
+        http_enabled: false
+        transport_enabled: false
+        order: 5
+        http_authenticator:
+          type: basic
+          challenge: false
+        authentication_backend:
+          # LDAP authentication backend (authenticate users against a LDAP or Active Directory)
+          type: ldap
+          config:
+            # enable ldaps
+            enable_ssl: false
+            # enable start tls, enable_ssl should be false
+            enable_start_tls: false
+            # send client certificate
+            enable_ssl_client_auth: false
+            # verify ldap hostname
+            verify_hostnames: true
+            hosts:
+            - localhost:8389
+            bind_dn: null
+            password: null
+            userbase: 'ou=people,dc=example,dc=com'
+            # Filter to search for users (currently in the whole subtree beneath userbase)
+            # {0} is substituted with the username
+            usersearch: '(sAMAccountName={0})'
+            # Use this attribute from the user as username (if not set then DN is used)
+            username_attribute: null
+    authz:
+      roles_from_myldap:
+        description: "Authorize via LDAP or Active Directory"
+        http_enabled: false
+        transport_enabled: false
+        authorization_backend:
+          # LDAP authorization backend (gather roles from a LDAP or Active Directory, you have to configure the above LDAP authentication backend settings too)
+          type: ldap
+          config:
+            # enable ldaps
+            enable_ssl: false
+            # enable start tls, enable_ssl should be false
+            enable_start_tls: false
+            # send client certificate
+            enable_ssl_client_auth: false
+            # verify ldap hostname
+            verify_hostnames: true
+            hosts:
+            - localhost:8389
+            bind_dn: null
+            password: null
+            rolebase: 'ou=groups,dc=example,dc=com'
+            # Filter to search for roles (currently in the whole subtree beneath rolebase)
+            # {0} is substituted with the DN of the user
+            # {1} is substituted with the username
+            # {2} is substituted with an attribute value from user's directory entry, of the authenticated user. Use userroleattribute to specify the name of the attribute
+            rolesearch: '(member={0})'
+            # Specify the name of the attribute which value should be substituted with {2} above
+            userroleattribute: null
+            # Roles as an attribute of the user entry
+            userrolename: disabled
+            #userrolename: memberOf
+            # The attribute in a role entry containing the name of that role, Default is "name".
+            # Can also be "dn" to use the full DN as rolename.
+            rolename: cn
+            # Resolve nested roles transitive (roles which are members of other roles and so on ...)
+            resolve_nested_roles: true
+            userbase: 'ou=people,dc=example,dc=com'
+            # Filter to search for users (currently in the whole subtree beneath userbase)
+            # {0} is substituted with the username
+            usersearch: '(uid={0})'
+            # Skip users matching a user name, a wildcard or a regex pattern
+            #skip_users:
+            #  - 'cn=Michael Jackson,ou*people,o=TEST'
+            #  - '/\S*/'
+      roles_from_another_ldap:
+        description: "Authorize via another Active Directory"
+        http_enabled: false
+        transport_enabled: false
+        authorization_backend:
+          type: ldap
+          #config goes here ...
+  #    auth_failure_listeners:
+  #      ip_rate_limiting:
+  #        type: ip
+  #        allowed_tries: 10
+  #        time_window_seconds: 3600
+  #        block_expiry_seconds: 600
+  #        max_blocked_clients: 100000
+  #        max_tracked_clients: 100000
+  #      internal_authentication_backend_limiting:
+  #        type: username
+  #        authentication_backend: intern
+  #        allowed_tries: 10
+  #        time_window_seconds: 3600
+  #        block_expiry_seconds: 600
+  #        max_blocked_clients: 100000
+  #        max_tracked_clients: 100000
diff --git a/compose/opensearch_saml2_demo/idp.local.xml b/compose/opensearch_saml2_demo/idp.local.xml
new file mode 100644
index 0000000..decf0c3
--- /dev/null
+++ b/compose/opensearch_saml2_demo/idp.local.xml
@@ -0,0 +1 @@
+<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns4="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns5="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ns6="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="https://idp.local/idp/metadata"><ns0:Extensions><ns1:EntityAttributes><ns2:Attribute Name="http://macedir.org/entity-category-support" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><ns2:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</ns2:AttributeValue><ns2:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema">http://refeds.org/category/research-and-scholarship</ns2:AttributeValue></ns2:Attribute></ns1:EntityAttributes><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><ns4:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><ns4:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><ns4:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /><ns4:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><ns4:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><ns4:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></ns0:Extensions><ns0:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" WantAuthnRequestsSigned="false"><ns0:Extensions><ns5:UIInfo><ns5:DisplayName xml:lang="en">ACSIA IdP</ns5:DisplayName><ns5:DisplayName xml:lang="it">ACSIA IdP</ns5:DisplayName><ns5:Description xml:lang="en">ACSIA Identity Provider</ns5:Description><ns5:Description xml:lang="it">ACSIA Identity Provider</ns5:Description><ns5:Logo height="60" width="80">https://idp.local/static/img/logo.svg</ns5:Logo><ns5:InformationURL xml:lang="it">https://www.4securitas.com</ns5:InformationURL><ns5:PrivacyStatementURL xml:lang="it">https://www.4securitas.com</ns5:PrivacyStatementURL></ns5:UIInfo></ns0:Extensions><ns0:KeyDescriptor use="signing"><ns6:KeyInfo><ns6:X509Data><ns6:X509Certificate>MIIDazCCAlOgAwIBAgIUaUtdBDCJj3bQ9rmtvGmG8ohLPJAwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDEwMTQxNDQ2MDNaFw0zMDEwMTIxNDQ2MDNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnSTxL6hb781orcYERZl1zQwD/8QL3j9NoTJtij+ZEtwS+B9fqVZpxULCwvNDqsMvNAnifehFW6o1lxftUfFSD9V+fVW26mAkrnOO7BnAD5bTX79Vi12kY/A2cJKF7q+Dtd+3BKKVD1jzZzujTCDev8WK8LAHkmJ3hgkR7+3KzcJHvRBnzdsh3/ZMlePQToXJdNQUQ5+11kVijvTL6i9PDGVjD8FZRVM9WWLdYQPwf2gnmToJR4HBIMuiknr//SvHEKhu0LOrB2HPeM85Mq8OI+zHscw/x0WeI5qXzqbEWoh3FZGIq3DYraCKZfK4zIxfzBvxEfOfiV8j9Xtz00vPtAgMBAAGjUzBRMB0GA1UdDgQWBBREHTrNpAVG+GFKza/Ia+bmk/izYDAfBgNVHSMEGDAWgBREHTrNpAVG+GFKza/Ia+bmk/izYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAKwlHv46Un0D0JMZj7ZseHPWzU4WAuouBA6FkDbYpO99vfsXSPn8oe1RTnpbjmUZeK9lm3a7mgkZWGKJH+3eqfPPmngDCKIzCEDbu5EgDO96PBkACezSKjDdTCiMoJd1RhoR7vMUwQj241DId5x/oKUc4YhJMPtPCeYtr/p05I8DDt6YH/mBS5YaZCcE7h8kfCj739536biGSossxOPKZv/YcI3GV3OIh2We6tNBCi6rtm8Z5+w+m7r8IAWrdfviWn9KBrspv+JclB5FQWzin+3ABB9+IqqR2/KMjhcwebSNOnFx23d+t6LxJWRcPuu2EssPhSxvfwndAiLrOVOxJt</ns6:X509Certificate></ns6:X509Data></ns6:KeyInfo></ns0:KeyDescriptor><ns0:KeyDescriptor use="encryption"><ns6:KeyInfo><ns6:X509Data><ns6:X509Certificate>MIIDazCCAlOgAwIBAgIUaUtdBDCJj3bQ9rmtvGmG8ohLPJAwDQYJKoZIhvcNAQELBQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDEwMTQxNDQ2MDNaFw0zMDEwMTIxNDQ2MDNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnSTxL6hb781orcYERZl1zQwD/8QL3j9NoTJtij+ZEtwS+B9fqVZpxULCwvNDqsMvNAnifehFW6o1lxftUfFSD9V+fVW26mAkrnOO7BnAD5bTX79Vi12kY/A2cJKF7q+Dtd+3BKKVD1jzZzujTCDev8WK8LAHkmJ3hgkR7+3KzcJHvRBnzdsh3/ZMlePQToXJdNQUQ5+11kVijvTL6i9PDGVjD8FZRVM9WWLdYQPwf2gnmToJR4HBIMuiknr//SvHEKhu0LOrB2HPeM85Mq8OI+zHscw/x0WeI5qXzqbEWoh3FZGIq3DYraCKZfK4zIxfzBvxEfOfiV8j9Xtz00vPtAgMBAAGjUzBRMB0GA1UdDgQWBBREHTrNpAVG+GFKza/Ia+bmk/izYDAfBgNVHSMEGDAWgBREHTrNpAVG+GFKza/Ia+bmk/izYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAKwlHv46Un0D0JMZj7ZseHPWzU4WAuouBA6FkDbYpO99vfsXSPn8oe1RTnpbjmUZeK9lm3a7mgkZWGKJH+3eqfPPmngDCKIzCEDbu5EgDO96PBkACezSKjDdTCiMoJd1RhoR7vMUwQj241DId5x/oKUc4YhJMPtPCeYtr/p05I8DDt6YH/mBS5YaZCcE7h8kfCj739536biGSossxOPKZv/YcI3GV3OIh2We6tNBCi6rtm8Z5+w+m7r8IAWrdfviWn9KBrspv+JclB5FQWzin+3ABB9+IqqR2/KMjhcwebSNOnFx23d+t6LxJWRcPuu2EssPhSxvfwndAiLrOVOxJt</ns6:X509Certificate></ns6:X509Data></ns6:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.local/idp/slo/post" /><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</ns0:NameIDFormat><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.local/idp/sso/post" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.local/idp/sso/redirect" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="it">4Securitas</ns0:OrganizationName><ns0:OrganizationName xml:lang="en">4Securitas</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="it">4Securitas</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">4Securitas</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="it">http://www.4securitas.com</ns0:OrganizationURL><ns0:OrganizationURL xml:lang="en">http://www.4securitas.com</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="administrative"><ns0:Company>4Securitas</ns0:Company><ns0:GivenName>Claudio</ns0:GivenName><ns0:SurName>...</ns0:SurName><ns0:EmailAddress>info@4securitas.com</ns0:EmailAddress></ns0:ContactPerson><ns0:ContactPerson contactType="technical"><ns0:Company>4Securitas</ns0:Company><ns0:GivenName>Giuseppe</ns0:GivenName><ns0:SurName>De Marco</ns0:SurName><ns0:EmailAddress>giuseppe@4securitas.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>
\ No newline at end of file
diff --git a/compose/opensearch_saml2_demo/rp.metadata.xml b/compose/opensearch_saml2_demo/rp.metadata.xml
new file mode 100644
index 0000000..42fe558
--- /dev/null
+++ b/compose/opensearch_saml2_demo/rp.metadata.xml
@@ -0,0 +1 @@
+<md:EntityDescriptor xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="opensearch-dashboards"><md:Extensions><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></md:Extensions><md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:KeyDescriptor use="encryption"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://opensearch-dashboards:5601/saml2/ls/post/" /><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://opensearch-dashboards:5601/saml2/ls/" /><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://opensearch-dashboards:5601/_plugins/_security/saml/acs" index="1" /><md:AttributeConsumingService index="1"><md:ServiceName xml:lang="en" /><md:RequestedAttribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName" isRequired="true" /><md:RequestedAttribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn" isRequired="true" /><md:RequestedAttribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail" isRequired="true" /></md:AttributeConsumingService></md:SPSSODescriptor><md:Organization><md:OrganizationName xml:lang="it">ACSIA</md:OrganizationName><md:OrganizationName xml:lang="en">ACSIA</md:OrganizationName><md:OrganizationDisplayName xml:lang="it">ACSIA</md:OrganizationDisplayName><md:OrganizationDisplayName xml:lang="en">ACSIA</md:OrganizationDisplayName><md:OrganizationURL xml:lang="it">http://www.ACSIA.com</md:OrganizationURL><md:OrganizationURL xml:lang="en">http://www.ACSIA.com</md:OrganizationURL></md:Organization><md:ContactPerson contactType="administrative"><md:Company>ACSIA</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>That</md:SurName><md:EmailAddress>giuseppe@that.it</md:EmailAddress></md:ContactPerson><md:ContactPerson contactType="technical"><md:Company>ACSIA</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>That</md:SurName><md:EmailAddress>giuseppe@that.it</md:EmailAddress></md:ContactPerson></md:EntityDescriptor>
diff --git a/example/tests/sp/certificates/private.key b/compose/opensearch_saml2_demo/sp.private.key
similarity index 100%
rename from example/tests/sp/certificates/private.key
rename to compose/opensearch_saml2_demo/sp.private.key
diff --git a/compose/rm-docker-compose.sh b/compose/rm-docker-compose.sh
new file mode 100644
index 0000000..c831751
--- /dev/null
+++ b/compose/rm-docker-compose.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+set x
+set e 
+
+echo -e "Eseguo il down e la distruzione della composizione. \n"
+
+docker compose -f docker-compose.yml down -v
+
+sudo docker container rm uniauth-nginx
+sudo docker container rm uniauth
+sudo docker container rm uniauth-db
+sudo docker image rm compose_uniauth
+
+exit 0
diff --git a/compose/rm-persistent-volumes.sh b/compose/rm-persistent-volumes.sh
new file mode 100755
index 0000000..24d99db
--- /dev/null
+++ b/compose/rm-persistent-volumes.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+function delete-volume {
+        if [ ! "$(docker volume ls -q -f name=$1)" ]
+        then
+            echo -e "Il volume $1 non esiste, quindi non faccio nulla! \n"
+        else
+            read -p "Il volume $1 esiste. Lo cancello?(y/n):" ELIMINA_VOLUME
+            ELIMINA_VOLUME=${ELIMINA_VOLUME:-"n"}
+            export ELIMINA_VOLUME
+            if [ $ELIMINA_VOLUME = "y" ]
+            then
+                docker volume rm $1
+                echo -e "Eliminato $1 !!! \n"
+            else
+                echo -e "Non ho eliminato $1 !!! \n"
+            fi
+        fi
+}
+
+set x
+set e
+
+echo -e "Inizio le procedure per fare il down della composizione e poi CANCELLARE i volumi persistenti! \n"
+
+echo -e "Fermo la composizione! \n"
+docker compose -f docker-compose.yml down -v;
+
+echo -e "\n"
+
+read -p "Volete veramente procedere con la cancellazione dei volumi persistenti? Tutti i dati andranno persi! Procedo ? (y/n) :" ELIMINA_DATI_PERSISTENTI
+ELIMINA_DATI_PERSISTENTI=${ELIMINA_DATI_PERSISTENTI:-"n"}
+export ELIMINA_DATI_PERSISTENTI
+if [ $ELIMINA_DATI_PERSISTENTI != "y" ] 
+then
+    echo -e "\n"
+    echo -e "Non elimino nulla ed esco!!! \n"
+    exit 0
+else
+
+echo -e "Procedo ... \n"                  
+
+echo -e "\n"
+
+delete-volume uniauth_proj
+delete-volume uniauth_nginx_certs
+delete-volume uniauth_nginx_static
+
+fi
+
+exit 0
diff --git a/compose/run-docker-compose.sh b/compose/run-docker-compose.sh
new file mode 100755
index 0000000..c717893
--- /dev/null
+++ b/compose/run-docker-compose.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+set x
+set e 
+
+function create-volume {
+	if [ ! "$(docker volume ls -q -f name=$1)" ]
+	then
+	    echo -e "Il volume $1 non esiste, lo creo! \n"
+	    docker volume create --name=$1
+	    echo -e "\n"
+	    if [[ ! -z "$2" ]]
+	    then 
+	       echo -e "Ho creato il volume e ci copio i dati da $2 \n"
+	       sudo cp -R $2* `docker volume inspect $1 | jq .[0].Mountpoint | sed 's/"//g'`
+	    fi   
+	else
+	    echo -e "Il volume $1 esiste, non faccio nulla! \n"  
+	fi
+}
+
+create-volume uniauth_proj         ../example-docker/
+create-volume uniauth_nginx_certs  ./nginx/certs/
+create-volume uniauth_nginx_static ../example-docker/static/
+
+echo -e "\n"
+
+echo -e "Provo a scaricare le nuove versioni. \n"
+
+docker compose -f docker-compose.yml pull
+
+echo -e "\n"
+
+echo -e "Provo a fare il down della composizione. \n"
+
+docker compose -f docker-compose.yml down -v
+
+echo -e "\n"
+
+echo -e "Tiro su la composizione, in caso, con le nuove versioni delle immagini. \n"
+
+docker compose -f docker-compose.yml up -d
+
+echo -e "\n"
+
+echo -e "Ho Completato! \n"
+echo -e "Se volete vedere il log live potete lanciare il comando: 'docker compose -f docker-compose.yml logs -f' \n"
+
+exit 0
diff --git a/compose/stop-docker-compose.sh b/compose/stop-docker-compose.sh
new file mode 100755
index 0000000..96c1da8
--- /dev/null
+++ b/compose/stop-docker-compose.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+echo -e "\n"
+
+echo -e "Eseguo il down della composizione. \n"
+
+docker compose -f docker-compose.yml down -v
+
+exit 0
diff --git a/example/accounts/admin.py b/example/accounts/admin.py
index 236343a..65da7c2 100644
--- a/example/accounts/admin.py
+++ b/example/accounts/admin.py
@@ -8,7 +8,7 @@
 
 @admin.register(User)
 class CustomUserAdmin(UserAdmin):
-    readonly_fields = ('date_joined', 'last_login',)
+    readonly_fields = ('date_joined', 'last_login', 'uuid')
     list_display = ('username', 'email', 'is_active',
                     'is_staff', 'is_superuser', )
     list_editable = ('is_active', 'is_staff', 'is_superuser',)
@@ -16,12 +16,13 @@ class CustomUserAdmin(UserAdmin):
     fieldsets = (
         (None, {'fields': (('username', 'is_active', 'is_staff', 'is_superuser', ),
                            ('password'),
-                           ('origin'),
+                           ('origin'), ('uuid')
                            )
                 }),
         (_('Anagrafica'), {'fields': (('first_name', 'last_name'),
                                           'email',
-                                         ('taxpayer_id',)
+                                         ('taxpayer_id',),
+                                         'attributes'
                                         )
                           }),
 
diff --git a/example/accounts/apps.py b/example/accounts/apps.py
index e4b019e..25346c6 100644
--- a/example/accounts/apps.py
+++ b/example/accounts/apps.py
@@ -1,6 +1,8 @@
 from django.apps import AppConfig
+from django.utils.translation import gettext_lazy as _
 
 
 class AccountsConfig(AppConfig):
     name = 'accounts'
-    verbose_name = "Autenticazione e Autorizzazione Utenti"
+    verbose_name = _("Autenticazione e Autorizzazione Utenti")
+        
diff --git a/example/accounts/migrations/0002_user_attributes.py b/example/accounts/migrations/0002_user_attributes.py
new file mode 100644
index 0000000..8054aa6
--- /dev/null
+++ b/example/accounts/migrations/0002_user_attributes.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.18 on 2023-04-16 15:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='attributes',
+            field=models.JSONField(blank=True, default=dict, null=True),
+        ),
+    ]
diff --git a/example/accounts/migrations/0003_user_uuid.py b/example/accounts/migrations/0003_user_uuid.py
new file mode 100644
index 0000000..01c8151
--- /dev/null
+++ b/example/accounts/migrations/0003_user_uuid.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.19 on 2023-09-05 16:35
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0002_user_attributes'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='uuid',
+            field=models.UUIDField(default=uuid.uuid4, editable=False),
+        ),
+    ]
diff --git a/example/accounts/models.py b/example/accounts/models.py
index c393601..017915c 100644
--- a/example/accounts/models.py
+++ b/example/accounts/models.py
@@ -1,4 +1,5 @@
 import pycountry
+import uuid
 
 from django.conf import settings
 from django.db import models
@@ -14,23 +15,39 @@ class User(AbstractUser):
              ( 'female', _('Femmina')),
              ( 'other', _('Altro')))
 
-    first_name = models.CharField(_('Name'), max_length=96,
-                                  blank=True, null=True)
-    last_name = models.CharField(_('Surname'), max_length=96,
-                                 blank=True, null=True)
+    first_name = models.CharField(
+        _('Name'), max_length=96, blank=True, null=True
+    )
+    last_name = models.CharField(
+        _('Surname'), max_length=96, blank=True, null=True
+    )
     is_active = models.BooleanField(_('active'), default=True)
     email = models.EmailField('email address', blank=True, null=True)
-    taxpayer_id = models.CharField(_('Taxpayer\'s identification number'),
-                                      max_length=32,
-                                      blank=True, null=True)
-    origin = models.CharField(_('from which connector this user come from'),
-                              max_length=254,
-                              blank=True, null=True)
-
+    taxpayer_id = models.CharField(
+        _('Taxpayer\'s identification number'), max_length=32,
+        blank=True, null=True
+    )
+    origin = models.CharField(
+        _('from which connector this user come from'),
+        max_length=254, blank=True, null=True
+    )
+    attributes = models.JSONField(default=dict, blank=True, null=True)
+    uuid = models.UUIDField(
+        default = uuid.uuid4,
+        editable = False
+    )
+    
     class Meta:
         ordering = ['username']
         verbose_name_plural = _("Users")
 
+    def __getattr__(self, attr):
+        res = super(User, self).__getattr__(attr)
+        if res:
+            return res
+        else:
+            return self.attributes.get(attr, None)
+
     @property
     def uid(self):
         return self.username.split('@')[0]
diff --git a/example/certificates/private.key b/example/certificates/private.key
index 7dc6a00..c484079 100644
--- a/example/certificates/private.key
+++ b/example/certificates/private.key
@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCnSTxL6hb781or
-cYERZl1zQwD/8QL3j9NoTJtij+ZEtwS+B9fqVZpxULCwvNDqsMvNAnifehFW6o1l
-xftUfFSD9V+fVW26mAkrnOO7BnAD5bTX79Vi12kY/A2cJKF7q+Dtd+3BKKVD1jzZ
-zujTCDev8WK8LAHkmJ3hgkR7+3KzcJHvRBnzdsh3/ZMlePQToXJdNQUQ5+11kVij
-vTL6i9PDGVjD8FZRVM9WWLdYQPwf2gnmToJR4HBIMuiknr//SvHEKhu0LOrB2HPe
-M85Mq8OI+zHscw/x0WeI5qXzqbEWoh3FZGIq3DYraCKZfK4zIxfzBvxEfOfiV8j9
-Xtz00vPtAgMBAAECggEBAJ8J7zs1CDjsONOIi25hZYLJNtAc7/cwU4qbGjbwG7lE
-Tkvj5RAx5izIy9KbD/uvrXHwYYEsagO55kfVm4XM1gTGaOxwKWv2UvGVrKQIEMKD
-xhRtPO9FX/OS3dWOtb9/vs3E8NJstAH0UdG49nx7GYY59OZ06C/OMHtOf5Fnkrqo
-R3NhUbmbh3rNiZLq0mT9QmqU1zDxLCN6y54048wIhjMrv6lyRp+WCrhqRIAgfDnU
-aIBgK7xXaVvzyT/r77AM/XePneoToWwDJVODE03PzT1dUFjjU5MTP0zqaTDy2AY6
-zrBYpTlMeh6nAPFZC161PQ1Tn/yvxv1SFbqr+7MDVIECgYEA0SwGBmDk4oht2pxF
-589PXXT9TLQArrUfMgJq0u5ttzdwejTVC8GOH1L9vK+aWSTlKTeP8OkTIkQxcOK4
-oeeAN036U/o58OlvEJ7Bx0RSIHKkSj1IfoNkK0UpJkI39to0XGKwplPtmRjz7VbP
-DruCRw2+G45kHcgRGjBDQvH93j0CgYEAzLyqUjX2MDqZeTW/viCb2C4tJSnhGior
-I4+YMwctdfpZhIgD4RlEysrGFzA4JIDbtMG9kr8py0T+SF5F728ZooWU8Jn8Id/S
-T8DR+MNs5QLzvMFR8cnHAH1jIWRD6S+8y7wgsxzhd8r3GSFn1CR9Ohog8YocB0s9
-ZIlW1xAj93ECgYAah3LcLD3bXWJRb7CODgUK3WOi7tGHVwF13kieKA9SRX3Gghzj
-ONFFt8jmvX7d/4fxClL/QxBiMDP1FUxFfI8OdJ1jOUFQBMtJWFlLZKbl5qRfphYj
-tZZmxobJi2x9qn8pmHq/HbXszPVjDLeGLtH/IQcTh6O7AzzoDWb6fqasIQKBgFt1
-PDCVYnCQ/NYkqI7qSjP8DLa5SpFBnRu5nafN4QT+3NZTXEhF3XEpu+vH4oyL85l/
-oovXUXg4Tc9OLbeTzcPIIIyKfRM0xOJTpHiX9CEpfHApe82i8X7KhGn6PEwCwzfP
-xlu83wuAY3mabqNZ2YcG/QhpRbQMbFRo9Z4E28xBAoGAEkpDuW8QOIKqka8TJhk3
-Ry52VGfNOm58m3wYP5660oFgMpxTI0TdS1grK+rol89oQSvjLNXGlKVYpKarinG3
-y2U6mumlX4uFE1sM7lhiYGv6eJ1KIbAXbbAAP5FDplwoBiQzmdethQ7yPx5BJF7M
-Pt56uJMnYWunaIx1wSwVoQ4=
------END PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC5XS6fJsqSgwdX
+0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+
+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+J
+gqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO
+0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui
+8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8
+TFSDaUTZAgMBAAECggEAB4Q1S0PV7An/JrrxFaS8r9oVkeDbxO4Y/34olrs3fDMr
+9LbTQ1kuO6OJZHq4eHK7dCJKzsanQtpedgl+RAZo0wQAiEz8PRqMDs8VNHTZHLEU
+LgXdFabikPVJKH0t/eWg66fC7nmKwxrzKAbRsVw42j3AzE9cbIdPa7p1hTQm+JLi
+ahyPN+bpnTkeinAo4h9rgecyC2VDW8QkFuJJFaSLZ7eM3GVNLpwr/iyPp1W0G7CE
+CchR5QCPmPfFC+UflfFay588uzXkCHozYgquhYdS1AWSK9sjpjfkpOj6XQoexPYb
+7rQLF2+DHLGZlaEwqFy1i27GGwEgRdMeI8ukt8bAgQKBgQD2wxkDiqUGwFRnLrXk
+vux6MnjL5kVji2bk6QjOWi5vWr4ItdXL7X/tKrqIBtIE5NfWbHRM7oIZzwbvbkCs
+yt7cRyR3tYks445kdhYpujfv/1VdUxskk4O27GlbMULEJRYjvoxbSyqeZvAwiiun
+fO/RwvVuQSTRW7I07UZo4mkCOQKBgQDATalJ114tQz6+FU3B4R9ryNOkqEBKaoki
+aSQJIRF6UIbfaU9XhEEm+nIdCXBqWQitp1o7akAJnoOyrF8KZNEQUrDmW+QO/w92
+2EaZVifP9f3SlWCuK9kzR86Pcz5PWJXmPF5gsZyontrBOlECy9EEtynVLyzxm/hx
+GGybronXoQKBgFbou+SdbiYEkzWMJBAellcrc5QM1B+NN34j/TAAXx5lDU0wDc63
+JTk4tV23WTzUBJjGtedqkXPZkI2/fRPel8NpYxSuYVPoCXykgoXLymvCuCQYYxTs
+x5Ujiq/Nl8BRd4y7Td/Rh38mri3KXDmvLR/p1Fsyom8CJq+xaf0C0Q0xAoGBAIdy
+K9qmpt6ajoaz2qDEP61bNjazixTfFNf31jnX4MeWEGkrc4bg0EL0A4wQKe296C7n
+wNY4cAJWc8xVPFvFxrsIgzC9aFRnsiyzCIbX+BKx4KWCMSZ8G+/Sk9rWAP1CF9Ki
+kpbogr8BpHKU8JpXlFEN8ZkGMVG72bFO0rCUruIBAoGBAIO5IvzmM6Uwvmy084FM
+yE3qKb2n9oLixyMjpP2qyGZr8cm+4YEFpnEbQCWAK2nMeOTCC6xVU+XCCrpxCYe2
+RbO59kvnrk1qSfU2YhRqgbb9GIOqu4DWx5vydvBg25NCQOoRLrbLbkInr8lRoJSt
+WkmXvImLdjYfKzgrfOSXeMph
+-----END PRIVATE KEY-----
\ No newline at end of file
diff --git a/example/certificates/public.cert b/example/certificates/public.cert
index 4e82ae9..d920f92 100644
--- a/example/certificates/public.cert
+++ b/example/certificates/public.cert
@@ -1,21 +1,91 @@
 -----BEGIN CERTIFICATE-----
-MIIDazCCAlOgAwIBAgIUaUtdBDCJj3bQ9rmtvGmG8ohLPJAwDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
-GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDEwMTQxNDQ2MDNaFw0zMDEw
-MTIxNDQ2MDNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw
-HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQCnSTxL6hb781orcYERZl1zQwD/8QL3j9NoTJtij+ZE
-twS+B9fqVZpxULCwvNDqsMvNAnifehFW6o1lxftUfFSD9V+fVW26mAkrnOO7BnAD
-5bTX79Vi12kY/A2cJKF7q+Dtd+3BKKVD1jzZzujTCDev8WK8LAHkmJ3hgkR7+3Kz
-cJHvRBnzdsh3/ZMlePQToXJdNQUQ5+11kVijvTL6i9PDGVjD8FZRVM9WWLdYQPwf
-2gnmToJR4HBIMuiknr//SvHEKhu0LOrB2HPeM85Mq8OI+zHscw/x0WeI5qXzqbEW
-oh3FZGIq3DYraCKZfK4zIxfzBvxEfOfiV8j9Xtz00vPtAgMBAAGjUzBRMB0GA1Ud
-DgQWBBREHTrNpAVG+GFKza/Ia+bmk/izYDAfBgNVHSMEGDAWgBREHTrNpAVG+GFK
-za/Ia+bmk/izYDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAK
-wlHv46Un0D0JMZj7ZseHPWzU4WAuouBA6FkDbYpO99vfsXSPn8oe1RTnpbjmUZeK
-9lm3a7mgkZWGKJH+3eqfPPmngDCKIzCEDbu5EgDO96PBkACezSKjDdTCiMoJd1Rh
-oR7vMUwQj241DId5x/oKUc4YhJMPtPCeYtr/p05I8DDt6YH/mBS5YaZCcE7h8kfC
-j739536biGSossxOPKZv/YcI3GV3OIh2We6tNBCi6rtm8Z5+w+m7r8IAWrdfviWn
-9KBrspv+JclB5FQWzin+3ABB9+IqqR2/KMjhcwebSNOnFx23d+t6LxJWRcPuu2Es
-sPhSxvfwndAiLrOVOxJt
+MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUA
+MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
+EwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMT
+DWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5
+XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2
+VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK
+2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253
+P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYe
+DRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxss
+wDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0O
+BBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJ
+QOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3Iz
+Lm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcv
+MBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEw
+NwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5j
+cnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6
+WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5l
+aA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRd
+t37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9
+J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCU
+nrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOC
+AQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/M
+CSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/
+GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8
+N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj
+5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ2
+9QVyEndxBSNciUxA26e1r/7LSQ==
 -----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
+R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
+sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
+NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
+Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
+/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
+FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
+PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
+ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
+CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
+lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
+avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
+yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
+yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
+hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
+MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
+nLRbwHOoq7hHwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCBEigAwIBAgIQQAF3ITfU6UK47naqPGQKtzANBgkqhkiG9w0BAQsFADA/
+MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
+DkRTVCBSb290IENBIFgzMB4XDTIxMDEyMDE5MTQwM1oXDTI0MDkzMDE4MTQwM1ow
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCt6CRz9BQ385ueK1coHIe+3LffOJCMbjzmV6B493XC
+ov71am72AE8o295ohmxEk7axY/0UEmu/H9LqMZshftEzPLpI9d1537O4/xLxIZpL
+wYqGcWlKZmZsj348cL+tKSIG8+TA5oCu4kuPt5l+lAOf00eXfJlII1PoOK5PCm+D
+LtFJV4yAdLbaL9A4jXsDcCEbdfIwPPqPrt3aY6vrFk/CjhFLfs8L6P+1dy70sntK
+4EwSJQxwjQMpoOFTJOwT2e4ZvxCzSow/iaNhUd6shweU9GNx7C7ib1uYgeGJXDR5
+bHbvO5BieebbpJovJsXQEOEO3tkQjhb7t/eo98flAgeYjzYIlefiN5YNNnWe+w5y
+sR2bvAP5SQXYgd0FtCrWQemsAXaVCg/Y39W9Eh81LygXbNKYwagJZHduRze6zqxZ
+Xmidf3LWicUGQSk+WT7dJvUkyRGnWqNMQB9GoZm1pzpRboY7nn1ypxIFeFntPlF4
+FQsDj43QLwWyPntKHEtzBRL8xurgUBN8Q5N0s8p0544fAQjQMNRbcTa0B7rBMDBc
+SLeCO5imfWCKoqMpgsy6vYMEG6KDA0Gh1gXxG8K28Kh8hjtGqEgqiNx2mna/H2ql
+PRmP6zjzZN7IKw0KKP/32+IVQtQi0Cdd4Xn+GOdwiK1O5tmLOsbdJ1Fu/7xk9TND
+TwIDAQABo4IBRjCCAUIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+SwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1
+c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx
++tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEB
+ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQu
+b3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9E
+U1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFHm0WeZ7tuXkAXOACIjIGlj26Ztu
+MA0GCSqGSIb3DQEBCwUAA4IBAQAKcwBslm7/DlLQrt2M51oGrS+o44+/yQoDFVDC
+5WxCu2+b9LRPwkSICHXM6webFGJueN7sJ7o5XPWioW5WlHAQU7G75K/QosMrAdSW
+9MUgNTP52GE24HGNtLi1qoJFlcDyqSMo59ahy2cI2qBDLKobkx/J3vWraV0T9VuG
+WCLKTVXkcGdtwlfFRjlBz4pYg1htmf5X6DYO8A4jqv2Il9DjXA6USbW1FzXSLr9O
+he8Y4IWS6wY7bCkjCWDcRQJMEhg76fsO3txE+FiYruq9RUWhiF1myv4Q6W+CyBFC
+Dfvp7OOGAN6dEOM4+qR9sdjoSYKEBpsr6GtPAQw4dy753ec5
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/example/tests/__init__.py b/example/custom_template/__init__.py
similarity index 100%
rename from example/tests/__init__.py
rename to example/custom_template/__init__.py
diff --git a/example/uniauth_unical_template/static/css/bootstrap-italia.min.css b/example/custom_template/static/css/bootstrap-italia.min.css
similarity index 100%
rename from example/uniauth_unical_template/static/css/bootstrap-italia.min.css
rename to example/custom_template/static/css/bootstrap-italia.min.css
diff --git a/example/uniauth_unical_template/static/css/bootstrap-italia.min.css.map b/example/custom_template/static/css/bootstrap-italia.min.css.map
similarity index 100%
rename from example/uniauth_unical_template/static/css/bootstrap-italia.min.css.map
rename to example/custom_template/static/css/bootstrap-italia.min.css.map
diff --git a/example/uniauth_unical_template/static/css/idp-login.css b/example/custom_template/static/css/idp-login.css
similarity index 62%
rename from example/uniauth_unical_template/static/css/idp-login.css
rename to example/custom_template/static/css/idp-login.css
index 045a9b0..e5d0cb2 100644
--- a/example/uniauth_unical_template/static/css/idp-login.css
+++ b/example/custom_template/static/css/idp-login.css
@@ -1,170 +1,209 @@
 @import url(https://fonts.googleapis.com/css?family=Titillium+Web:400,600,700);
+@import url('https://fonts.googleapis.com/css2?family=Wix+Madefor+Text:ital,wght@0,400;0,700;1,400;1,700&display=swap');
+
 
 html {
 
-  font-family: Titillium Web,HelveticaNeue-Light,Helvetica Neue Light,Helvetica Neue,Helvetica,Arial,Lucida Grande,sans-serif;
+  font-family: 'Wix Madefor Text', HelveticaNeue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif !important;
 
 }
+
 body {
-  background-image: url(../img/logo_back.svg);
   background-repeat: no-repeat;
   background-position: right bottom;
   height: 100vh;
 }
+
 body.index-html {
   background-image: none;
 }
+
 body.blockScroll {
   overflow: hidden;
 }
 
-h1,h2,h3 {
-    color: #00264d;
+h1,
+h2,
+h3 {
+  color: #00264d;
 }
+
 .main-header__spidlogo {
-    max-width: 100%;
-    width: 100px;
-    width: 10rem;
+  max-width: 100%;
+  width: 100px;
+  width: 10rem;
 }
+
 .main-header__spidlogo.v2 {
   width: 125px;
   width: 12.5rem;
 }
+
 .Form-input {
-    background-color: #fff;
-    background-color: transparent !important;
+  background-color: #fff;
+  background-color: transparent !important;
 }
+
 .icon-error {
   width: 60%;
 }
+
 .u-layout-extrasmall {
   max-width: 50rem !important;
 }
+
 .u-layout-medium {
   max-width: 80rem !important;
 }
+
 body.index-html #main-header {
   visibility: hidden;
 }
 
-body.index-html #main-header .u-size1of2:nth-child(1){
- -webkit-animation-delay: 0.2s;
- animation-delay: 0.2s;
- overflow: hidden;
+body.index-html #main-header .u-size1of2:nth-child(1) {
+  -webkit-animation-delay: 0.2s;
+  animation-delay: 0.2s;
+  overflow: hidden;
 }
+
 #providers {
   display: none;
 }
+
 #providers h1 {
   -webkit-animation-delay: 0.5s;
   animation-delay: 0.5s;
 }
 
-.Providersgrid > div {
+.Providersgrid>div {
   overflow: hidden;
   display: flex;
   flex-direction: column;
   justify-content: center;
 }
-.Providersgrid > div:nth-child(1) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(1) .Providersgrid-item {
   -webkit-animation-delay: 0.6s;
   animation-delay: 0.6s;
 }
-.Providersgrid > div:nth-child(2) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(2) .Providersgrid-item {
   -webkit-animation-delay: 0.7s;
   animation-delay: 0.7s;
 }
-.Providersgrid > div:nth-child(3) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(3) .Providersgrid-item {
   -webkit-animation-delay: 0.8s;
   animation-delay: 0.8s;
 }
-.Providersgrid > div:nth-child(4) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(4) .Providersgrid-item {
   -webkit-animation-delay: 0.9s;
   animation-delay: 0.9s;
 }
-.Providersgrid > div:nth-child(5) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(5) .Providersgrid-item {
   -webkit-animation-delay: 1.0s;
   animation-delay: 1.0s;
 }
-.Providersgrid > div:nth-child(6) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(6) .Providersgrid-item {
   -webkit-animation-delay: 1.1s;
   animation-delay: 1.1s;
 }
-.Providersgrid > div:nth-child(7) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(7) .Providersgrid-item {
   -webkit-animation-delay: 1.2s;
   animation-delay: 1.2s;
 }
-.Providersgrid > div:nth-child(8) .Providersgrid-item {
+
+.Providersgrid>div:nth-child(8) .Providersgrid-item {
   -webkit-animation-delay: 1.3s;
   animation-delay: 1.3s;
 }
-.Providersgrid > div:nth-child(1) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(1) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0s;
   animation-delay: 0s;
 }
-.Providersgrid > div:nth-child(2) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(2) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.1s;
   animation-delay: 0.1s;
 }
-.Providersgrid > div:nth-child(3) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(3) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.2s;
   animation-delay: 0.2s;
 }
-.Providersgrid > div:nth-child(4) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(4) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.3s;
   animation-delay: 0.3s;
 }
-.Providersgrid > div:nth-child(5) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(5) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.4s;
   animation-delay: 0.4s;
 }
-.Providersgrid > div:nth-child(6) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(6) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.5s;
   animation-delay: 0.5s;
 }
-.Providersgrid > div:nth-child(7) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(7) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.6s;
   animation-delay: 0.6s;
 }
-.Providersgrid > div:nth-child(8) .Providersgrid-item.fadeOut {
+
+.Providersgrid>div:nth-child(8) .Providersgrid-item.fadeOut {
   -webkit-animation-delay: 0.7s;
   animation-delay: 0.7s;
 }
+
 #non-hai-spid {
   -webkit-animation-delay: 1.4s;
   animation-delay: 1.4s;
 }
+
 .Form.fadeIn {
   -webkit-animation-delay: 1.4s;
   animation-delay: 1.4s;
 }
+
 #non-hai-spid {
   -webkit-animation-delay: 0.4s;
   animation-delay: 0.4s;
 }
+
 .Form.fadeOut {
   -webkit-animation-delay: 0.4s;
   animation-delay: 0.4s;
 }
+
 .Providersgrid-item {
   text-align: center;
 }
+
 .Providersgrid-item img {
   background-color: transparent;
   width: auto;
   max-width: 100%;
 }
-.Providersgrid-item > a {
+
+.Providersgrid-item>a {
   display: block;
   padding: 2rem 3rem;
 }
+
 .Providersgrid-wrapper {
   padding: 1rem 0;
   position: relative;
 }
 
 #spid-animation {
-  position:fixed;
+  position: fixed;
   opacity: 1;
   z-index: -1;
   top: 50%;
@@ -177,87 +216,96 @@ body.index-html #main-header .u-size1of2:nth-child(1){
 }
 
 .runAnimation {
-  -webkit-animation:ease;
+  -webkit-animation: ease;
   -webkit-animation-name: run;
   -webkit-animation-duration: 0.8s;
   -webkit-animation-fill-mode: forwards;
-  animation:ease;
+  animation: ease;
   animation-name: run;
   animation-duration: 0.8s;
   animation-fill-mode: forwards;
 
 }
+
 @-webkit-keyframes run {
-    from {
-      opacity: 1;
-    }
-    to {
-      opacity: 0;
-      top: 50%;
-      left: 50%;
-      height: 150vh;
-      width: 150vh;
-      -webkit-transform: translateX(-50%) translateY(-50%);
-      transform: translateX(-50%) translateY(-50%);
-    }
+  from {
+    opacity: 1;
+  }
+
+  to {
+    opacity: 0;
+    top: 50%;
+    left: 50%;
+    height: 150vh;
+    width: 150vh;
+    -webkit-transform: translateX(-50%) translateY(-50%);
+    transform: translateX(-50%) translateY(-50%);
+  }
 }
+
 @keyframes run {
-    from {
-      opacity: 1;
-    }
-    to {
-      opacity: 0;
-      top: 50%;
-      left: 50%;
-      height: 150vh;
-      width: 150vh;
-      -webkit-transform: translateX(-50%) translateY(-50%);
-      transform: translateX(-50%) translateY(-50%);
-    }
+  from {
+    opacity: 1;
+  }
+
+  to {
+    opacity: 0;
+    top: 50%;
+    left: 50%;
+    height: 150vh;
+    width: 150vh;
+    -webkit-transform: translateX(-50%) translateY(-50%);
+    transform: translateX(-50%) translateY(-50%);
+  }
 }
+
 .runBackAnimation {
-  -webkit-animation:ease;
+  -webkit-animation: ease;
   -webkit-animation-name: runBack;
   -webkit-animation-duration: 0.8s;
   -webkit-animation-fill-mode: forwards;
   -webkit-animation-delay: 0.5s;
   animation-delay: 0.5s;
-  animation:ease;
+  animation: ease;
   animation-name: runBack;
   animation-duration: 0.8s;
   animation-fill-mode: forwards;
 }
+
 @-webkit-keyframes runBack {
-    from {
-      opacity: 0;
-      opacity: 0;
-      top: 50%;
-      left: 50%;
-      height: 150vh;
-      width: 150vh;
-      -webkit-transform: translateX(-50%) translateY(-50%);
-      transform: translateX(-50%) translateY(-50%);
-    }
-    to {
-      opacity: 1;
-
-    }
+  from {
+    opacity: 0;
+    opacity: 0;
+    top: 50%;
+    left: 50%;
+    height: 150vh;
+    width: 150vh;
+    -webkit-transform: translateX(-50%) translateY(-50%);
+    transform: translateX(-50%) translateY(-50%);
+  }
+
+  to {
+    opacity: 1;
+
+  }
 }
+
 @keyframes runBack {
-    from {
-      opacity: 0;
-      opacity: 0;
-      top: 50%;
-      left: 50%;
-      height: 150vh;
-      width: 150vh;
-      -webkit-transform: translateX(-50%) translateY(-50%);
-      transform: translateX(-50%) translateY(-50%);
-    }
-    to {
-      opacity: 1;
-
-    }
+  from {
+    opacity: 0;
+    opacity: 0;
+    top: 50%;
+    left: 50%;
+    height: 150vh;
+    width: 150vh;
+    -webkit-transform: translateX(-50%) translateY(-50%);
+    transform: translateX(-50%) translateY(-50%);
+  }
+
+  to {
+    opacity: 1;
+
+  }
 }
 
 #welcome {
@@ -273,6 +321,7 @@ body.index-html #main-header .u-size1of2:nth-child(1){
 .Button--welcome {
   position: relative;
 }
+
 .Button--welcome img {
   bottom: -0.35em;
   height: 1.4em;
@@ -282,15 +331,20 @@ body.index-html #main-header .u-size1of2:nth-child(1){
 
 
 /* OVERRIDES IWT */
-h1, h2, h3 {
-  color:  #000;
+h1,
+h2,
+h3 {
+  color: #000;
 }
+
 .u-color-grey-40 {
   color: #5C6F82 !important;
 }
+
 input:focus {
   box-shadow: none !important;
 }
+
 input.error {
   background-image: url('../img/icons/form-icon-error.svg');
   background-repeat: no-repeat;
@@ -298,6 +352,7 @@ input.error {
   background-position-y: center;
   border-bottom-color: #F83E5A !important;
 }
+
 input:valid {
   background-image: url('../img/icons/form-icon-ok.svg');
   background-repeat: no-repeat;
@@ -305,26 +360,32 @@ input:valid {
   background-position-y: center;
   border-bottom-color: #00CF86 !important;
 }
+
 input.error:valid {
   border-bottom-color: inherit !important;
 }
+
 button:disabled {
   opacity: 0.5 !important;
 }
+
 input:optional:valid {
   background-image: none;
 }
-input[type="text"], input[type="password"] {
+
+input[type="text"],
+input[type="password"] {
   padding-right: 4rem !important;
 }
 
 /* Media query */
 @media screen and (max-width: 996px) {
-.Providersgrid-wrapper {
+  .Providersgrid-wrapper {
     margin: 0 -3.2rem;
     padding-top: 2rem;
     position: relative;
   }
+
   #providers.shown .Providersgrid-wrapper:after {
     position: absolute;
     height: 100%;
@@ -332,33 +393,38 @@ input[type="text"], input[type="password"] {
     content: ' ';
     z-index: 0;
     background-color: #F5F6F7;
-    top:0;
+    top: 0;
     z-index: -1;
     opacity: 0;
-    -webkit-animation:ease;
+    -webkit-animation: ease;
     -webkit-animation-name: fadeInWrapper;
     -webkit-animation-duration: 0.8s;
     -webkit-animation-fill-mode: forwards;
-    animation:ease;
+    animation: ease;
     animation-name: fadeInWrapper;
     animation-duration: 0.8s;
     animation-fill-mode: forwards;
     -webkit-animation-delay: 0.3s;
     animation-delay: 0.3s;
   }
+
   .Providersgrid {
     margin: 0 3.2rem !important;
   }
-  .Providersgrid > div {
+
+  .Providersgrid>div {
     margin-bottom: 1rem;
   }
-  .Providersgrid > div:nth-child(odd){
+
+  .Providersgrid>div:nth-child(odd) {
     border-right: 0.3em solid transparent;
   }
-  .Providersgrid > div:nth-child(even){
+
+  .Providersgrid>div:nth-child(even) {
     border-left: 0.3em solid transparent;
   }
-  .Providersgrid-item > a {
+
+  .Providersgrid-item>a {
     display: block;
     padding: 1.5rem 2rem;
   }
@@ -376,19 +442,22 @@ input[type="text"], input[type="password"] {
     align-self: stretch;
   }
 }
+
 @media screen and (max-width: 767px) {
   body {
     background-image: none;
     height: 100vh;
     margin-bottom: 120px;
   }
+
   body.extrabuttons .main-wrapper {
     margin-bottom: 200px;
   }
+
   .FixedSmall {
-    -webkit-box-shadow: 0px -2px 5px 0px rgba(238,238,238,0.7);
-    -moz-box-shadow: 0px -2px 5px 0px rgba(238,238,238,0.7);
-    box-shadow: 0px -2px 5px 0px rgba(238,238,238,0.7);
+    -webkit-box-shadow: 0px -2px 5px 0px rgba(238, 238, 238, 0.7);
+    -moz-box-shadow: 0px -2px 5px 0px rgba(238, 238, 238, 0.7);
+    box-shadow: 0px -2px 5px 0px rgba(238, 238, 238, 0.7);
     background-color: #fff;
     border-top: 1px solid #f5f5f0;
     bottom: 0;
@@ -402,6 +471,7 @@ input[type="text"], input[type="password"] {
     width: 100%;
     z-index: 500;
   }
+
   .FixedSmall.off {
     background-color: inherit;
     padding: inherit;
@@ -421,6 +491,7 @@ input[type="text"], input[type="password"] {
   padding-top: 2rem;
 
 }
+
 .form-animate-fields .Form-input {
   position: relative;
   z-index: 100;
@@ -430,18 +501,21 @@ input[type="text"], input[type="password"] {
   padding: 8px;
   -webkit-appearance: none;
   -moz-appearance: none;
-       appearance: none;
+  appearance: none;
 }
+
 .form-animate-fields .Form-input:focus {
   outline: none;
   border-width: .15rem !important;
 }
+
 .form-animate-fields .Form-label {
   width: 100%;
   position: absolute;
   top: 24px;
   padding: 10px 8px;
 }
+
 .form-animate-fields .Form-label:before,
 .form-animate-fields .Form-label:after {
   position: absolute;
@@ -449,48 +523,55 @@ input[type="text"], input[type="password"] {
   width: 100%;
   left: 0;
 }
+
 .form-animate-fields .Form-label:before {
   top: 0;
   height: 100%;
   -webkit-transform: translate3d(-101%, 0, 0);
-          transform: translate3d(-101%, 0, 0);
+  transform: translate3d(-101%, 0, 0);
   -webkit-transition: -webkit-transform 0.35s cubic-bezier(0.7, 0, 0.3, 1);
   transition: -webkit-transform 0.35s cubic-bezier(0.7, 0, 0.3, 1);
   transition: transform 0.35s cubic-bezier(0.7, 0, 0.3, 1);
   transition: transform 0.35s cubic-bezier(0.7, 0, 0.3, 1), -webkit-transform 0.35s cubic-bezier(0.7, 0, 0.3, 1);
 
 }
-.form-animate-fields .Form-input.is-filled + .Form-label:before {
+
+.form-animate-fields .Form-input.is-filled+.Form-label:before {
   -webkit-transform: translate(0, 0);
-          transform: translate(0, 0);
+  transform: translate(0, 0);
 }
+
 .form-animate-fields .Form-label:after {
   bottom: 0;
   height: 1px;
   -webkit-transition: opacity 0.5s cubic-bezier(0.7, 0, 0.3, 1);
   transition: opacity 0.5s cubic-bezier(0.7, 0, 0.3, 1);
 }
-.form-animate-fields .Form-input.is-filled + .Form-label:after {
+
+.form-animate-fields .Form-input.is-filled+.Form-label:after {
   opacity: 0;
 }
+
 .form-animate-fields .form-label-content {
   position: relative;
   display: block;
   width: 100%;
   -webkit-transform: scale(1);
-          transform: scale(1);
+  transform: scale(1);
   -webkit-transform-origin: 0 0;
-          transform-origin: 0 0;
+  transform-origin: 0 0;
   -webkit-transition: color 0.25s 0.25s cubic-bezier(0.7, 0, 0.3, 1), -webkit-transform 0.25s 0.05s cubic-bezier(0.7, 0, 0.3, 1);
   transition: color 0.25s 0.25s cubic-bezier(0.7, 0, 0.3, 1), -webkit-transform 0.25s 0.05s cubic-bezier(0.7, 0, 0.3, 1);
   transition: transform 0.25s 0.05s cubic-bezier(0.7, 0, 0.3, 1), color 0.25s 0.25s cubic-bezier(0.7, 0, 0.3, 1);
   transition: transform 0.25s 0.05s cubic-bezier(0.7, 0, 0.3, 1), color 0.25s 0.25s cubic-bezier(0.7, 0, 0.3, 1), -webkit-transform 0.25s 0.05s cubic-bezier(0.7, 0, 0.3, 1);
 }
-.form-animate-fields .Form-input.is-filled + .Form-label .form-label-content {
+
+.form-animate-fields .Form-input.is-filled+.Form-label .form-label-content {
   font-size: inherit;
   -webkit-transform: scale(.75) translate(-8px, -34px);
-          transform: scale(.75) translate(-8px, -34px);
+  transform: scale(.75) translate(-8px, -34px);
 }
+
 /* FINE ANIMAZIONE FORM ---*/
 
 /* ANIMAZIONI WELCOME */
@@ -498,10 +579,12 @@ input[type="text"], input[type="password"] {
   from {
     opacity: 0;
   }
+
   to {
     opacity: 1;
   }
 }
+
 .zoomIn {
   -webkit-animation-name: zoomIn;
   animation-name: zoomIn;
@@ -510,32 +593,38 @@ input[type="text"], input[type="password"] {
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
 }
+
 @-webkit-keyframes zoomIn {
   0% {
-  opacity: 0;
-  -webkit-transform: scale3d(.3, .3, .3);
-  transform: scale3d(.3, .3, .3);
+    opacity: 0;
+    -webkit-transform: scale3d(.3, .3, .3);
+    transform: scale3d(.3, .3, .3);
   }
+
   50% {
-  opacity: 1;
+    opacity: 1;
   }
 }
+
 @keyframes zoomIn {
   0% {
-  opacity: 0;
-  -webkit-transform: scale3d(.3, .3, .3);
-  transform: scale3d(.3, .3, .3);
+    opacity: 0;
+    -webkit-transform: scale3d(.3, .3, .3);
+    transform: scale3d(.3, .3, .3);
   }
+
   50% {
-  opacity: 0.5;
+    opacity: 0.5;
   }
+
   100% {
-  height: auto;
-  opacity: 1;
-  -webkit-transform: translate(100px, 0);
-  transform: translate(100px, 0);
+    height: auto;
+    opacity: 1;
+    -webkit-transform: translate(100px, 0);
+    transform: translate(100px, 0);
   }
 }
+
 .fadeOut {
   -webkit-animation-name: fadeOut;
   animation-name: fadeOut;
@@ -543,15 +632,28 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.3s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
+}
+
+@-webkit-keyframes fadeOut {
+  0% {
+    opacity: 1;
   }
-  @-webkit-keyframes fadeOut {
-  0% {opacity: 1;}
-  100% {opacity: 0;}
+
+  100% {
+    opacity: 0;
   }
-  @keyframes fadeOut {
-  0% {opacity: 1;}
-  100% {opacity: 0;}
 }
+
+@keyframes fadeOut {
+  0% {
+    opacity: 1;
+  }
+
+  100% {
+    opacity: 0;
+  }
+}
+
 .fadeInUp {
   -webkit-animation-name: fadeInUp;
   animation-name: fadeInUp;
@@ -559,31 +661,36 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.8s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeInUp {
+}
+
+@-webkit-keyframes fadeInUp {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(0, 100%, 0);
-  transform: translate3d(0, 100%, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(0, 100%, 0);
+    transform: translate3d(0, 100%, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
-  }
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
-  @keyframes fadeInUp {
+}
+
+@keyframes fadeInUp {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(0, 100%, 0);
-  transform: translate3d(0, 100%, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(0, 100%, 0);
+    transform: translate3d(0, 100%, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
-  }
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
+}
+
 .fadeIn {
   -webkit-animation-name: fadeIn;
   animation-name: fadeIn;
@@ -591,15 +698,28 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.8s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
+}
+
+@-webkit-keyframes fadeIn {
+  0% {
+    opacity: 0;
+  }
+
+  100% {
+    opacity: 1;
   }
-  @-webkit-keyframes fadeIn {
-  0% {opacity: 0;}
-  100% {opacity: 1;}
+}
+
+@keyframes fadeIn {
+  0% {
+    opacity: 0;
   }
-  @keyframes fadeIn {
-  0% {opacity: 0;}
-  100% {opacity: 1;}
+
+  100% {
+    opacity: 1;
   }
+}
+
 .fadeInLeft {
   -webkit-animation-name: fadeInLeft;
   animation-name: fadeInLeft;
@@ -607,31 +727,36 @@ input[type="text"], input[type="password"] {
   animation-duration: 1s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeInLeft {
+}
+
+@-webkit-keyframes fadeInLeft {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(-100%, 0, 0);
-  transform: translate3d(-100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(-100%, 0, 0);
+    transform: translate3d(-100%, 0, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
-  }
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
-  @keyframes fadeInLeft {
+}
+
+@keyframes fadeInLeft {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(-100%, 0, 0);
-  transform: translate3d(-100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(-100%, 0, 0);
+    transform: translate3d(-100%, 0, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
 }
+
 .fadeInRight {
   -webkit-animation-name: fadeInRight;
   animation-name: fadeInRight;
@@ -639,31 +764,36 @@ input[type="text"], input[type="password"] {
   animation-duration: 1s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeInRight {
+}
+
+@-webkit-keyframes fadeInRight {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(100%, 0, 0);
-  transform: translate3d(100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(100%, 0, 0);
+    transform: translate3d(100%, 0, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
-  }
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
-  @keyframes fadeInRight {
+}
+
+@keyframes fadeInRight {
   0% {
-  opacity: 0;
-  -webkit-transform: translate3d(100%, 0, 0);
-  transform: translate3d(100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(100%, 0, 0);
+    transform: translate3d(100%, 0, 0);
   }
+
   100% {
-  opacity: 1;
-  -webkit-transform: none;
-  transform: none;
+    opacity: 1;
+    -webkit-transform: none;
+    transform: none;
   }
 }
+
 .fadeOutLeft {
   -webkit-animation-name: fadeOutLeft;
   animation-name: fadeOutLeft;
@@ -671,27 +801,32 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.5s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeOutLeft {
+}
+
+@-webkit-keyframes fadeOutLeft {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(-100%, 0, 0);
-  transform: translate3d(-100%, 0, 0);
-  }
+    opacity: 0;
+    -webkit-transform: translate3d(-100%, 0, 0);
+    transform: translate3d(-100%, 0, 0);
   }
-  @keyframes fadeOutLeft {
+}
+
+@keyframes fadeOutLeft {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(-100%, 0, 0);
-  transform: translate3d(-100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(-100%, 0, 0);
+    transform: translate3d(-100%, 0, 0);
   }
 }
+
 .fadeOutRight {
   -webkit-animation-name: fadeOutRight;
   animation-name: fadeOutRight;
@@ -699,27 +834,32 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.5s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeOutRight {
+}
+
+@-webkit-keyframes fadeOutRight {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(100%, 0, 0);
-  transform: translate3d(100%, 0, 0);
-  }
+    opacity: 0;
+    -webkit-transform: translate3d(100%, 0, 0);
+    transform: translate3d(100%, 0, 0);
   }
-  @keyframes fadeOutRight {
+}
+
+@keyframes fadeOutRight {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(100%, 0, 0);
-  transform: translate3d(100%, 0, 0);
+    opacity: 0;
+    -webkit-transform: translate3d(100%, 0, 0);
+    transform: translate3d(100%, 0, 0);
   }
 }
+
 .fadeOutDown {
   -webkit-animation-name: fadeOutDown;
   animation-name: fadeOutDown;
@@ -727,43 +867,51 @@ input[type="text"], input[type="password"] {
   animation-duration: 0.5s;
   -webkit-animation-fill-mode: both;
   animation-fill-mode: both;
-  }
-  @-webkit-keyframes fadeOutDown {
+}
+
+@-webkit-keyframes fadeOutDown {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(0, 100%, 0);
-  transform: translate3d(0, 100%, 0);
-  }
+    opacity: 0;
+    -webkit-transform: translate3d(0, 100%, 0);
+    transform: translate3d(0, 100%, 0);
   }
-  @keyframes fadeOutDown {
+}
+
+@keyframes fadeOutDown {
   0% {
-  opacity: 1;
+    opacity: 1;
   }
+
   100% {
-  opacity: 0;
-  -webkit-transform: translate3d(0, 100%, 0);
-  transform: translate3d(0, 100%, 0);
-  }
+    opacity: 0;
+    -webkit-transform: translate3d(0, 100%, 0);
+    transform: translate3d(0, 100%, 0);
   }
+}
+
 .u-btn:not([disabled]) {
-    cursor: pointer;
+  cursor: pointer;
 }
+
 .u-btn-primary {
-    color: #fff;
-    background-color: #b61918;
+  color: #fff;
+  background-color: #b61918;
 }
+
 .u-btn-secondary {
-    color: #b61918;
-    background-color: #fff;
-    box-shadow: inset 0 0 0 1px #b61918;
+  color: #b61918;
+  background-color: #fff;
+  box-shadow: inset 0 0 0 1px #b61918;
 }
+
 .u-btn-quaternary {
-    background-color: #fcfdff;
-    color: #5c6f82;
-    box-shadow: inset 0 0 0 1px #e6e9f2;
+  background-color: #fcfdff;
+  color: #5c6f82;
+  box-shadow: inset 0 0 0 1px #e6e9f2;
 }
 
 #spid-errors {
@@ -771,7 +919,8 @@ input[type="text"], input[type="password"] {
   border-collapse: collapse;
 }
 
-#spid-errors td, #spid-errors th {
+#spid-errors td,
+#spid-errors th {
   padding: 8px;
   border: 1px solid grey;
 }
@@ -798,5 +947,5 @@ input[type="text"], input[type="password"] {
 }
 
 a {
-    color: #9e9e9d;
+  color: #9e9e9d;
 }
diff --git a/example/custom_template/static/css/idp_style.css b/example/custom_template/static/css/idp_style.css
new file mode 100644
index 0000000..dbb412d
--- /dev/null
+++ b/example/custom_template/static/css/idp_style.css
@@ -0,0 +1,69 @@
+@import url('https://fonts.googleapis.com/css2?family=Wix+Madefor+Text:ital,wght@0,400;0,700;1,400;1,700&display=swap');
+
+body {
+    background-repeat: no-repeat;
+    background-position: right bottom;
+    background-attachment: fixed;
+    height: 100vh;
+    font-family: 'Wix Madefor Text', HelveticaNeue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;
+}
+
+.grey-color {
+    color: #435a70;
+}
+
+.unical-background {
+    background: #FBBF24;
+}
+
+.password-icon {
+    padding: 0 15px;
+}
+
+.input-password.is-invalid,
+.was-validated .input-password:invalid {
+    background-image: none;
+}
+
+.form-check [type=checkbox]:checked+label::after {
+    border-color: #FBBF24;
+    background-color: #FBBF24;
+}
+
+/*
+SOCIAL AUTH STYLES 
+*/
+
+.hrdivider {
+  position: relative;
+  margin-bottom: 20px;
+  width: 100%;
+  text-align: center;
+  opacity: .5;
+}
+
+.acsia_text {
+  color: #A1A1AA;
+}
+
+.acsia_border {
+  border-color: #A1A1AA;
+}
+
+.hrdivider span {
+  position: absolute;
+  top: -11px;
+  background: #18181B;
+  padding: 0 5px;
+  left: 45%;
+}
+
+.btn-socialauth {
+    color: #545454;
+    background-color: #ffffff;
+    box-shadow: 0 1px 2px 1px #ddd;
+    padding: 3px 3px;
+    border-radius: 8px;
+    font-weight: 700; 
+    font-size: 13px;
+}
diff --git a/example/uniauth_unical_template/static/css/italia-icon-font.css b/example/custom_template/static/css/italia-icon-font.css
similarity index 100%
rename from example/uniauth_unical_template/static/css/italia-icon-font.css
rename to example/custom_template/static/css/italia-icon-font.css
diff --git a/example/uniauth_unical_template/static/css/italia-web-toolkit.min.css b/example/custom_template/static/css/italia-web-toolkit.min.css
similarity index 100%
rename from example/uniauth_unical_template/static/css/italia-web-toolkit.min.css
rename to example/custom_template/static/css/italia-web-toolkit.min.css
diff --git a/example/custom_template/static/css/overrides.css b/example/custom_template/static/css/overrides.css
new file mode 100644
index 0000000..40d99a4
--- /dev/null
+++ b/example/custom_template/static/css/overrides.css
@@ -0,0 +1,403 @@
+@import url('https://fonts.googleapis.com/css2?family=Wix+Madefor+Text:ital,wght@0,400;0,700;1,400;1,700&display=swap');
+
+body {
+   background-repeat: no-repeat;
+   background-position: right bottom;
+   background-attachment: fixed;
+   height: 100vh;
+   font-family: 'Wix Madefor Text', HelveticaNeue-Light, Helvetica Neue Light, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;
+   background-color: #09090B !important;
+}
+
+.grey-color {
+   color: #435a70;
+}
+
+.unical-background {
+   background: #FBBF24;
+}
+
+.password-icon {
+   padding: 0 15px;
+}
+
+.input-password.is-invalid,
+.was-validated .input-password:invalid {
+   background-image: none;
+}
+
+.form-check [type=checkbox]:checked+label::after {
+   border-color: #FBBF24;
+   background-color: #FBBF24;
+}
+
+/**
+ * Università della Calabria
+ * Style SCSS
+ */
+
+/**
+ * Università della Calabria COLORS
+ */
+
+:root {
+   --bordeaux_unical: #FBBF24;
+   --dark_grey_unical: #383838;
+   --light_grey_unical: #9d9d9c;
+   --white: #ffffff;
+}
+
+
+/**
+ * Generic elements
+ */
+a {
+   cursor: pointer;
+   color: var(--bordeaux_unical);
+}
+
+a:hover,
+a:active {
+   color: var(--dark_grey_unical);
+}
+
+a.read-more {
+   color: var(--light_grey_unical);
+}
+
+.badge-primary {
+   background: var(--bordeaux_unical);
+}
+
+.badge-secondary {
+   background: var(--dark_grey_unical);
+}
+
+.btn-primary {
+   background: var(--dark_grey_unical);
+}
+
+.btn-primary:hover {
+   background: var(--light_grey_unical);
+}
+
+.btn-outline-primary {
+   color: var(--dark_grey_unical);
+   -webkit-box-shadow: inset 0 0 0 1px var(--dark_grey_unical);
+   box-shadow: inset 0 0 0 1px var(--dark_grey_unical);
+}
+
+.btn-outline-primary:hover {
+   color: var(--light_grey_unical);
+   -webkit-box-shadow: inset 0 0 0 1px var(--light_grey_unical);
+   box-shadow: inset 0 0 0 1px var(--light_grey_unical);
+}
+
+.btn-outline-primary:active,
+.btn-outline-primary:focus {
+   color: var(--dark_grey_unical) !important;
+   box-shadow: inset 0 1px 0 var(--light_grey_unical), 0 1px 1px var(--light_grey_unical), 0 0 0 0.2rem rgba(101, 101, 102, 0.5) !important;
+}
+
+.btn-secondary {
+   background: var(--bordeaux_unical);
+}
+
+.btn-secondary:hover {
+   background: var(--dark_grey_unical);
+}
+
+.btn:not(.btn-outline-primary):not(.btn-outline-secondary):active,
+.btn:not(.btn-outline-primary):not(.btn-outline-secondary):focus {
+   box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 0 0.2rem rgba(101, 101, 102, 0.5) !important;
+   background-color: #475664 !important;
+}
+
+.text-primary {
+   color: var(--dark_grey_unical) !important;
+}
+
+.text-secondary {
+   color: var(--bordeaux_unical) !important;
+}
+
+/**
+ * Header Slim Wrapper
+ */
+.it-header-slim-wrapper {
+   background: var(--bordeaux_unical);
+}
+
+.it-header-slim-wrapper .it-header-slim-wrapper-content .header-slim-right-zone button {
+   background: var(--dark_grey_unical);
+}
+
+.it-header-slim-wrapper .it-header-slim-wrapper-content .header-slim-right-zone button:hover {
+   background: var(--light_grey_unical);
+   color: var(--dark_grey_unical);
+}
+
+/**
+ * Header Center Wrapper
+ */
+@media (min-width : 992px) {
+   .it-header-center-wrapper {
+      height: 130px;
+   }
+}
+
+.it-header-center-wrapper {
+   background: var(--white);
+}
+
+.it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a,
+.it-header-center-wrapper .it-header-center-content-wrapper .it-right-zone {
+   color: var(--dark_grey_unical);
+}
+
+.it-header-center-wrapper .it-header-center-content-wrapper .it-right-zone .it-socials ul .icon,
+.it-header-center-wrapper .it-header-center-content-wrapper .it-search-wrapper a.rounded-icon svg {
+   fill: var(--dark_grey_unical);
+}
+
+
+/**
+ * Logo
+ */
+.it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .img {
+   width: 100%;
+}
+
+/**
+ * Header Navbar Wrapper
+ */
+
+/* Desktops and laptops ----------- */
+@media (min-width : 992px) {
+   .it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .logo_icon image {
+      width: 100%;
+   }
+}
+
+/* Others than desktop ----------- */
+@media (max-width : 991px) {
+   .it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .logo_icon image {
+      height: 100%;
+   }
+}
+
+
+/**
+ * Header Navbar Wrapper
+ */
+
+/* Desktops and laptops ----------- */
+@media (min-width : 992px) {
+   .it-header-navbar-wrapper {
+      background: var(--dark_grey_unical);
+   }
+}
+
+/* Others than desktop ----------- */
+@media (max-width : 991px) {
+   .it-header-navbar-wrapper {
+      background: none;
+   }
+
+   .custom-navbar-toggler svg {
+      fill: var(--dark_grey_unical);
+   }
+}
+
+/**
+ * Main Body
+ */
+
+/**
+ * Footer Main
+ */
+.it-footer-main {
+   background: var(--dark_grey_unical);
+}
+
+/**
+ * Footer Small Prints
+ */
+.it-footer-small-prints {
+   background: var(--bordeaux_unical);
+}
+
+/**
+ * -------------------------------------------------------------
+ */
+
+
+/**
+ * Carousel
+ */
+.it-carousel-wrapper .owl-dots .owl-dot {
+   background: var(--dark_grey_unical);
+}
+
+/**
+ * Back to top
+ */
+.back-to-top {
+   background: var(--light_grey_unical);
+}
+
+.back-to-top:hover {
+   background: var(--dark_grey_unical);
+}
+
+/**
+ * Form Bootstrap Italia
+ */
+.toggles label input[type="checkbox"]:checked+.lever::after {
+   background-color: var(--bordeaux_unical);
+}
+
+.form-check [type=radio]:checked+label::after,
+.form-check [type=checkbox]:checked+label::after {
+   background-color: var(--bordeaux_unical);
+   border-color: var(--bordeaux_unical);
+}
+
+.form-check [type=radio]:checked+label::before {
+   border-color: var(--bordeaux_unical);
+}
+
+/**
+ * Section muted
+ */
+.section.section-muted {
+   background-color: #f7f7f7;
+}
+
+
+
+.row .form-check.override {
+   margin-top: 0;
+}
+
+.form-check.override [type="checkbox"]+label,
+.form-check.override [type="radio"]+label {
+   position: relative;
+   padding-left: 28px;
+   cursor: pointer;
+   display: inline-block;
+   height: 32px;
+   line-height: 32px;
+   font-size: 1rem;
+   font-weight: 300;
+   -webkit-user-select: none;
+   -moz-user-select: none;
+   -ms-user-select: none;
+   user-select: none;
+}
+
+.form-check.override [type="checkbox"]+label::before {
+   top: 0;
+   width: 14px;
+   height: 14px;
+   border: 1px solid #e6e9f2;
+   border-top-color: rgb(230, 233, 242);
+   border-right-color: rgb(230, 233, 242);
+   border-bottom-color: rgb(230, 233, 242);
+   border-left-color: rgb(230, 233, 242);
+   border-radius: 0px;
+   margin: 2px;
+   -webkit-transform: rotateZ(37deg);
+   transform: rotateZ(37deg);
+   -webkit-transform-origin: 100% 100%;
+   transform-origin: 100% 100%;
+}
+
+.form-check.override [type="checkbox"]+label::after,
+.form-check.override [type="checkbox"]+label::before {
+   content: '';
+   left: 0;
+   position: absolute;
+   -webkit-transition: .2s;
+   transition: .2s;
+   z-index: 1;
+   border-style: solid;
+   border-width: 2px;
+   border-radius: 0;
+   height: 17px;
+   width: 17px;
+   margin: 8px 3px;
+   top: 0;
+}
+
+.form-check.override [type="checkbox"]:checked+label::after {
+   border-color: #FBBF24;
+   background-color: transparent;
+}
+
+.form-check.override [type="checkbox"]:checked+label::before {
+   top: 1px;
+   left: 0px;
+   width: 8px;
+   height: 13px;
+   border-style: solid;
+   border-width: 2px;
+   border-color: transparent #FBBF24 #FBBF24 transparent;
+   -webkit-transform: rotate(40deg);
+   transform: rotate(40deg);
+   -webkit-backface-visibility: hidden;
+   backface-visibility: hidden;
+   -webkit-transform-origin: 100% 100%;
+   transform-origin: 100% 100%;
+   opacity: 1;
+}
+
+
+.form-control-plaintext+label.override,
+.form- group input.form-control-file+label.override,
+.form-group label.override.active,
+.input-group+label.override,
+.input-group:disabled .form-group label.override {
+   transform: translateY(0%);
+}
+
+.form-control.override,
+.form-control.override.inout-password {
+   border: 0;
+   background-color: #27272a;
+   border-radius: 6px;
+   height: 32px
+}
+
+.form-group.override {
+   padding: 7px 0;
+}
+
+.form-row.override {
+   margin-bottom: 16px;
+}
+
+.btn.btn-lg.btn-success.btn-block.unical-background.override {
+   box-shadow: none;
+   color: #000;
+   border-radius: 8px;
+   padding-top: 4px;
+   padding-bottom: 4px;
+   height: 32px;
+   font-weight: 700;
+   font-size: 13px;
+}
+
+.btn.btn-lg.btn-success.btn-block.unical-background.override:hover {
+   box-shadow: none;
+   background-color: #27272A;
+   color: #FBBF24;
+   border: 0;
+}
+
+.form-check.override [type="checkbox"]+label,
+.form-check.override [type="radio"]+label {
+   color: #a1a1aa;
+   font-size: 12px;
+   font-weight: 300;
+}
diff --git a/example/uniauth_unical_template/static/font/italia-icon-font.eot b/example/custom_template/static/font/italia-icon-font.eot
similarity index 100%
rename from example/uniauth_unical_template/static/font/italia-icon-font.eot
rename to example/custom_template/static/font/italia-icon-font.eot
diff --git a/example/uniauth_unical_template/static/font/italia-icon-font.svg b/example/custom_template/static/font/italia-icon-font.svg
similarity index 100%
rename from example/uniauth_unical_template/static/font/italia-icon-font.svg
rename to example/custom_template/static/font/italia-icon-font.svg
diff --git a/example/uniauth_unical_template/static/font/italia-icon-font.ttf b/example/custom_template/static/font/italia-icon-font.ttf
similarity index 100%
rename from example/uniauth_unical_template/static/font/italia-icon-font.ttf
rename to example/custom_template/static/font/italia-icon-font.ttf
diff --git a/example/uniauth_unical_template/static/font/italia-icon-font.woff b/example/custom_template/static/font/italia-icon-font.woff
similarity index 100%
rename from example/uniauth_unical_template/static/font/italia-icon-font.woff
rename to example/custom_template/static/font/italia-icon-font.woff
diff --git a/example/uniauth_unical_template/static/font/italia-icon-font.woff2 b/example/custom_template/static/font/italia-icon-font.woff2
similarity index 100%
rename from example/uniauth_unical_template/static/font/italia-icon-font.woff2
rename to example/custom_template/static/font/italia-icon-font.woff2
diff --git a/example/uniauth_unical_template/static/img/favicon/browserconfig.xml b/example/custom_template/static/img/favicon/browserconfig.xml
similarity index 100%
rename from example/uniauth_unical_template/static/img/favicon/browserconfig.xml
rename to example/custom_template/static/img/favicon/browserconfig.xml
diff --git a/example/uniauth_unical_template/static/img/favicon/favicon-16x16.png b/example/custom_template/static/img/favicon/favicon-16x16.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/favicon/favicon-16x16.png
rename to example/custom_template/static/img/favicon/favicon-16x16.png
diff --git a/example/uniauth_unical_template/static/img/favicon/favicon-32x32.png b/example/custom_template/static/img/favicon/favicon-32x32.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/favicon/favicon-32x32.png
rename to example/custom_template/static/img/favicon/favicon-32x32.png
diff --git a/example/uniauth_unical_template/static/img/favicon/manifest.json b/example/custom_template/static/img/favicon/manifest.json
similarity index 100%
rename from example/uniauth_unical_template/static/img/favicon/manifest.json
rename to example/custom_template/static/img/favicon/manifest.json
diff --git a/example/uniauth_unical_template/static/img/icons/close.png b/example/custom_template/static/img/icons/close.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/close.png
rename to example/custom_template/static/img/icons/close.png
diff --git a/example/uniauth_unical_template/static/img/icons/close.svg b/example/custom_template/static/img/icons/close.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/close.svg
rename to example/custom_template/static/img/icons/close.svg
diff --git a/example/uniauth_unical_template/static/img/icons/error.png b/example/custom_template/static/img/icons/error.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/error.png
rename to example/custom_template/static/img/icons/error.png
diff --git a/example/uniauth_unical_template/static/img/icons/error.svg b/example/custom_template/static/img/icons/error.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/error.svg
rename to example/custom_template/static/img/icons/error.svg
diff --git a/example/uniauth_unical_template/static/img/icons/form-icon-error.svg b/example/custom_template/static/img/icons/form-icon-error.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/form-icon-error.svg
rename to example/custom_template/static/img/icons/form-icon-error.svg
diff --git a/example/uniauth_unical_template/static/img/icons/form-icon-ok.svg b/example/custom_template/static/img/icons/form-icon-ok.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/form-icon-ok.svg
rename to example/custom_template/static/img/icons/form-icon-ok.svg
diff --git a/example/custom_template/static/img/icons/google-logo.png b/example/custom_template/static/img/icons/google-logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..8c7a26267a43821d5dd7eb44ce9fe758b52fad73
GIT binary patch
literal 484
zcmV<A0UQ2_P)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00009a7bBm000XU
z000XU0RWnu7ytkPmPtfGRCt_YV4wx~-^}dxKbL9S|750{{}Y&Q|IcFD@xOxEi?GH%
z2Fd@4O!xlVG5r5;i-tjB@r?KWS20Lq*IdOQ{XdBDJBCJN?85Nxe<@Qeb_0@`?!XoL
zG5-Evz}WM@m_h!3F{{r1LdHq|0~o*mFJ(=^uK5s~*8e4J|Ni?k{{QdG`1^kigDPo(
zc7Uzw|3UWu|97(g|KG_{j4W3&xxNn@Zk$;WiZI|H+dQxVAbf;@7uf*GvP=K5;fU^;
zHz_h8yld7i3@<#}FZh4)4&7>8UWn|Tc>`uZ`h?yc$OdR0-!1nqe1rG@#EtGhXKmF}
zLl38ph54GM^*ernG|QA<_}?<E*b_xT<5sKNKI;SigK*LY_urGY8um}xsi!z+yNUXw
z?M9RGmd1Wntv(L6J*;ciU5uDmyIn&vbCdHom?7A3?DFXUejW2a*U!q8!5W<#k1LAT
zZn3%Rx85H^v+sKU|23Oz?k?D)iajYKgH<~;Tzj^fZfV$TeWPZx&F$_jW?L6*)kXC)
awEzHW0V-aJh<{-K0000<MNUMnLSTYQ=J5>x

literal 0
HcmV?d00001

diff --git a/example/uniauth_unical_template/static/img/icons/info.png b/example/custom_template/static/img/icons/info.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/info.png
rename to example/custom_template/static/img/icons/info.png
diff --git a/example/uniauth_unical_template/static/img/icons/info.svg b/example/custom_template/static/img/icons/info.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/info.svg
rename to example/custom_template/static/img/icons/info.svg
diff --git a/example/uniauth_unical_template/static/img/icons/loading.png b/example/custom_template/static/img/icons/loading.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/loading.png
rename to example/custom_template/static/img/icons/loading.png
diff --git a/example/uniauth_unical_template/static/img/icons/loading.svg b/example/custom_template/static/img/icons/loading.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/loading.svg
rename to example/custom_template/static/img/icons/loading.svg
diff --git a/example/custom_template/static/img/icons/microsoft-logo.png b/example/custom_template/static/img/icons/microsoft-logo.png
new file mode 100644
index 0000000000000000000000000000000000000000..f09bfd501c042a9b7e05a3f917a419bcca12ceff
GIT binary patch
literal 4754
zcmeAS@N?(olHy`uVBq!ia0y~yU@l-_V4A|g1{87ixb+=Ku_bxCyD<C*!3BGlPX>x`
z7I;J!18EO1b~~AE2NEnRa7>5kXRzF8sLH?~IL*_=F{I+w+w1$irv}O#|G0R&!^(gH
zkB$dUEYl?ZIxKXQnfq>n^97+@JHPUa+;c6^S;1B~<+cJJmsQHH8)44Qr(^H>a_RB$
z#rOX|c=?-5ZS8}nCCfh-^z8|DQ32Zd>bxS5<gfq|EHVrX4Gqi;3=Rhv85k5EK!q5X
z_<$@%cBqg5(035^AR&Z$xDjCWR5b!@C1tKaH3IBvQays#2-L8{6&55Ifg1dX;3V4!
zv>1d3Ct6sbdIZ%KXhwj22~Pxw;3V4!urJ|Zhe%o^xB}IP(WD5>sqMi03JyW!q!UoQ
z{!v2eY^J|IKB(63zr8k0J9J|G?>`oHxxw=;N8CPf|NYAETtE#ve`^cXHT?JNsTTTt
zHf`08j`HHS^OGGbr`6lPdAi%`^<E}mY%}>CP<#L^J{lUF5e!ZXU~*A-AW#5|P!tBs
zoCe_nV9YoG)dFomVQ^Y7s$-Z0HCwm<Xb&UEw0599s0?)slN28S?O`5u94J;sLyk6S
zj%8v4GdKkUQzVq3{(waWnArphnD{`69+)W*3_Ph9lvdG9f*R>}0GKDxO@f*Y%1EH>
z1I!B`dr%pS>TRI72O0~Kg)%_7i;*3aBG7Xs$i=7zz>NfIf*Sy4teAOyV@3XaroB7&
zi{{Jsgz@h<fBE&tocW(}j$HBEw|eqDZJ<dpg>TEOXGZ?L{<36GB-nbUb3Tx4o1O->
z%NXLbIWwV!#Tl3aHAo>~jG+K*|BgAoKFw!yedRCy|B9Ag(jxswh0Q{?SuuA)--`mn
zJmabTYLS<<W<j<O+UB|NtPfh!|8rem^?IPs4+Pz^;pF;a`fo}6#WivT%*E;V*_uBc
z`F=2N-|Ed^XDa~xiV+gDh#j;rMT#awih-vgP$~e1>8Rs4KotaPY8(wYL?J_<M8Fer
zegc>kHmJS@wiAINj$Tg#Ygbs2g3bVH!ZZn5+K^uiCwZXN`0e1b59lsnih!5CaE3ah
z{6K1s;A%uP%!>4IFZ5{qcQo%`!{V#V?~eI=$&(9Ouw(1=_phda+dw=ihea|qUcWEf
zy|U}i?bqklyvVOTTg?je69WUNt&7&m1iA?#1T1f$9VD<2Ts^LaEii*)X{nK91lUSo
z5y$|nfyi_Pnh{`Eljsq=Mu2@uFf2$g0xkIAF+#o(s9}c)PSmhK^$40PP>le`I3f`+
zJ{JH+4&0$sh<AqrmMlOcsTofK1$@Bdh;SR+x#Wjy0S9uLq(QjC@*DY41M(#zf5MX~
zTI~Lae||-8_Ake6UX4H>sg}4#l%yn<q*^5xr2;7iBLhPdT>~>+L-P;=V=EIwD+5bi
z19K|_gTHg+-lJ&9%}>cptHiCL=istnpaw~h4Z-<oCFO}lsSJ)O`AMk?p1FzXsX?iU
WDV2pMQ*D5X7(8A5T-G@yGywqNgTCni

literal 0
HcmV?d00001

diff --git a/example/custom_template/static/img/icons/microsoft.ico b/example/custom_template/static/img/icons/microsoft.ico
new file mode 100644
index 0000000000000000000000000000000000000000..21b75e23b2cba5aa32295375921c0666b694865a
GIT binary patch
literal 318
zcmZQzU<5(|0RbS%!l1#(z#zuJz@P!d0zj+)#2|4HXaJKC0wf0qTK^gN_J3gbU(LWE
tx4{f9ObmnB*w~m!NlA%R8fG@5pr9a&i;D}nbVCEsUpVmp|G4E~dH{>yCjtNf

literal 0
HcmV?d00001

diff --git a/example/uniauth_unical_template/static/img/icons/success.png b/example/custom_template/static/img/icons/success.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/success.png
rename to example/custom_template/static/img/icons/success.png
diff --git a/example/uniauth_unical_template/static/img/icons/success.svg b/example/custom_template/static/img/icons/success.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/success.svg
rename to example/custom_template/static/img/icons/success.svg
diff --git a/example/uniauth_unical_template/static/img/icons/warning.png b/example/custom_template/static/img/icons/warning.png
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/warning.png
rename to example/custom_template/static/img/icons/warning.png
diff --git a/example/uniauth_unical_template/static/img/icons/warning.svg b/example/custom_template/static/img/icons/warning.svg
similarity index 100%
rename from example/uniauth_unical_template/static/img/icons/warning.svg
rename to example/custom_template/static/img/icons/warning.svg
diff --git a/example/uniauth_unical_template/static/js/bootstrap-italia.bundle.min.js b/example/custom_template/static/js/bootstrap-italia.bundle.min.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/bootstrap-italia.bundle.min.js
rename to example/custom_template/static/js/bootstrap-italia.bundle.min.js
diff --git a/example/uniauth_unical_template/static/js/bootstrap-italia.bundle.min.js.map b/example/custom_template/static/js/bootstrap-italia.bundle.min.js.map
similarity index 100%
rename from example/uniauth_unical_template/static/js/bootstrap-italia.bundle.min.js.map
rename to example/custom_template/static/js/bootstrap-italia.bundle.min.js.map
diff --git a/example/uniauth_unical_template/static/js/jquery.min.js b/example/custom_template/static/js/jquery.min.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/jquery.min.js
rename to example/custom_template/static/js/jquery.min.js
diff --git a/example/uniauth_unical_template/static/js/rem.min.js b/example/custom_template/static/js/rem.min.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/rem.min.js
rename to example/custom_template/static/js/rem.min.js
diff --git a/example/uniauth_unical_template/static/js/respond.min.js b/example/custom_template/static/js/respond.min.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/respond.min.js
rename to example/custom_template/static/js/respond.min.js
diff --git a/example/uniauth_unical_template/static/js/selectivizr.min.js b/example/custom_template/static/js/selectivizr.min.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/selectivizr.min.js
rename to example/custom_template/static/js/selectivizr.min.js
diff --git a/example/uniauth_unical_template/static/js/spid-login.js b/example/custom_template/static/js/spid-login.js
similarity index 100%
rename from example/uniauth_unical_template/static/js/spid-login.js
rename to example/custom_template/static/js/spid-login.js
diff --git a/example/custom_template/templates/404.html b/example/custom_template/templates/404.html
new file mode 100644
index 0000000..b77147d
--- /dev/null
+++ b/example/custom_template/templates/404.html
@@ -0,0 +1,257 @@
+<!-- Extends default Bootstrap Italia template -->
+<!DOCTYPE html>
+<html lang="it">
+
+	<head>
+		<meta
+		http-equiv="content-type" content="text/html; charset=UTF-8">
+		<!-- Required meta tags -->
+		<meta charset="utf-8">
+		<meta
+		name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+		<!-- Page details -->
+		<title>
+
+			ACSIA XDR Plus
+
+		</title>
+		<meta
+		name="description" content="ACSIA XDR Plus - IDP">
+		<!-- CSS -->
+		<link
+		rel="stylesheet" href="/static/css/bootstrap-italia.min.css">
+		<!-- Extra CSS/Javascript -->
+
+
+		<link rel="shortcut icon" href="/static/images/favicon/favicon-32x32.png">
+		<link rel="stylesheet" href="/static/css/unical-style.css" type="text/css">
+
+
+		<link type="text/css" rel="stylesheet" href="/static/css/unical.css">
+		<link type="text/css" rel="stylesheet" href="/static/css/overrides.css">
+
+
+		<style>
+			/* Wix+Made+For+Text:400,700 */
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Bold.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Bold.woff') format('woff');
+				font-weight: bold;
+				font-style: normal;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Italic.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Italic.woff') format('woff');
+				font-weight: normal;
+				font-style: italic;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-BoldItalic.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-BoldItalic.woff') format('woff');
+				font-weight: bold;
+				font-style: italic;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Regular.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Regular.woff') format('woff');
+				font-weight: normal;
+				font-style: normal;
+				font-display: swap;
+			}
+
+			/* Titillium+Web:300,400,600,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 300;
+				src: local('Titillium Web Light'), local('TitilliumWeb-Light'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 300;
+				src: local('Titillium Web Light'), local('TitilliumWeb-Light'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 600;
+				src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 600;
+				src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* Lora:400,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Lora Regular'), local('Lora-Regular'), url('/static/fonts/Lora/Lora-Regular.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Regular.woff') format('woff'), url('/static/fonts/Lora/Lora-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Lora Regular'), local('Lora-Regular'), url('/static/fonts/Lora/Lora-Regular.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Regular.woff') format('woff'), url('/static/fonts/Lora/Lora-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Lora Bold'), local('Lora-Bold'), url('/static/fonts/Lora/Lora-Bold.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Bold.woff') format('woff'), url('/static/fonts/Lora/Lora-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Lora Bold'), local('Lora-Bold'), url('/static/fonts/Lora/Lora-Bold.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Bold.woff') format('woff'), url('/static/fonts/Lora/Lora-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* Roboto+Mono:400,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Roboto Mono'), local('RobotoMono-Regular'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Roboto Mono'), local('RobotoMono-Regular'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Roboto Mono Bold'), local('RobotoMono-Bold'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Roboto Mono Bold'), local('RobotoMono-Bold'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+		</style>
+	</head>
+	<body>
+		<!-- Container - Body of page-->
+		<div class="main-body">
+
+			<div class="container">
+				<div class="col-12 py-md-5 bd-content">
+
+					<h4 class="">Pagina o risorsa non trovata</h4>
+
+
+					<p class="mb-lg-5 mb-2 paragraph"></p>
+
+					Ci dispiace, la risorsa che stai cercando non esiste.
+				</p>
+
+				<!--
+				
+																								-->
+
+
+				<div class="card-wrapper card-space"><!-- Pagina di Errore -->
+					<!--
+																													        <div class="my-3 p-3 bg-white rounded shadow-sm">
+																													                <div class="media pt-3 pb-3 border-bottom border-gray ">
+																													                </div>
+																													        </div>
+																													-->
+					<!-- end if sessioni_adesioni -->
+
+
+					<!-- end if things -->
+				</div>
+
+
+			</div>
+		</div>
+	</body>
+</html></div><script>
+window.__PUBLIC_PATH__ = "/static/fonts"</script><script src="/static/js/bootstrap-italia.min.js"></script></body></html>
diff --git a/example/custom_template/templates/500.html b/example/custom_template/templates/500.html
new file mode 100644
index 0000000..c03a8a7
--- /dev/null
+++ b/example/custom_template/templates/500.html
@@ -0,0 +1,266 @@
+<!-- Extends default Bootstrap Italia template -->
+<!DOCTYPE html>
+<html lang="it">
+
+	<head>
+		<meta
+		http-equiv="content-type" content="text/html; charset=UTF-8">
+		<!-- Required meta tags -->
+		<meta charset="utf-8">
+		<meta
+		name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+		<!-- Page details -->
+		<title>
+
+			ACSIA XDR Plus
+
+		</title>
+		<meta
+		name="description" content="ACSIA XDR Plus - IDP">
+		<!-- CSS -->
+		<link
+		rel="stylesheet" href="/static/css/bootstrap-italia.min.css">
+		<!-- Extra CSS/Javascript -->
+
+
+		<link rel="shortcut icon" href="/static/images/favicon/favicon-32x32.png">
+		<link rel="stylesheet" href="/static/css/unical-style.css" type="text/css">
+
+
+		<link type="text/css" rel="stylesheet" href="/static/css/unical.css">
+		<link type="text/css" rel="stylesheet" href="/static/css/overrides.css">
+
+
+		<style>
+			/* Wix+Made+For+Text:400,700 */
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Bold.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Bold.woff') format('woff');
+				font-weight: bold;
+				font-style: normal;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Italic.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Italic.woff') format('woff');
+				font-weight: normal;
+				font-style: italic;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-BoldItalic.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-BoldItalic.woff') format('woff');
+				font-weight: bold;
+				font-style: italic;
+				font-display: swap;
+			}
+
+			@font-face {
+				font-family: 'Wix Madefor Text';
+				src: url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Regular.woff2') format('woff2'), url('/static/fonts/Wix_Madefor_Text/WixMadeforText-Regular.woff') format('woff');
+				font-weight: normal;
+				font-style: normal;
+				font-display: swap;
+			}
+
+			/* Titillium+Web:300,400,600,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 300;
+				src: local('Titillium Web Light'), local('TitilliumWeb-Light'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 300;
+				src: local('Titillium Web Light'), local('TitilliumWeb-Light'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 600;
+				src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 600;
+				src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Titillium Web';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2') format('woff2'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff') format('woff'), url('/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* Lora:400,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Lora Regular'), local('Lora-Regular'), url('/static/fonts/Lora/Lora-Regular.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Regular.woff') format('woff'), url('/static/fonts/Lora/Lora-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Lora Regular'), local('Lora-Regular'), url('/static/fonts/Lora/Lora-Regular.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Regular.woff') format('woff'), url('/static/fonts/Lora/Lora-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Lora Bold'), local('Lora-Bold'), url('/static/fonts/Lora/Lora-Bold.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Bold.woff') format('woff'), url('/static/fonts/Lora/Lora-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Lora';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Lora Bold'), local('Lora-Bold'), url('/static/fonts/Lora/Lora-Bold.woff2') format('woff2'), url('/static/fonts/Lora/Lora-Bold.woff') format('woff'), url('/static/fonts/Lora/Lora-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* Roboto+Mono:400,700 */
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Roboto Mono'), local('RobotoMono-Regular'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 400;
+				src: local('Roboto Mono'), local('RobotoMono-Regular'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+
+			/* latin-ext */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Roboto Mono Bold'), local('RobotoMono-Bold'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf') format('truetype');
+				unicode-range: U + 100-024F, U + 259, U + 1E00-1EFF, U + 2020, U + 20A0-20AB, U + 20AD-20CF, U + 2113, U + 2C60-2C7F, U+A720-A7FF;
+			}
+
+			/* latin */
+			@font-face {
+				font-family: 'Roboto Mono';
+				font-style: normal;
+				font-weight: 700;
+				src: local('Roboto Mono Bold'), local('RobotoMono-Bold'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2') format('woff2'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.woff') format('woff'), url('/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf') format('truetype');
+				unicode-range: U + 0-00FF, U + 131, U + 152-0153, U + 2BB-02BC, U + 2C6, U + 2 DA, U + 2 DC, U + 2000-206F, U + 2074, U + 20 AC, U + 2122, U + 2191, U + 2193, U + 2212, U + 2215, U+FEFF, U+FFFD;
+			}
+		</style>
+	</head>
+	<body>
+		<!-- Container - Body of page-->
+		<div class="main-body">
+
+			<div class="container">
+				<div class="col-12 py-md-5 bd-content">
+
+					<h4 class="h4">Sei incorso in un errore interno</h4>
+
+
+					<p class="mb-lg-5 mb-2 paragraph">
+						Ci dispiace, dovrai riprovare o contattare l'assistenza.
+					</p>
+
+					<!--
+					
+																																			-->
+
+
+					<div class="card-wrapper card-space"><!-- Pagina di Errore -->
+						<!--
+																																										        <div class="my-3 p-3 bg-white rounded shadow-sm">
+																																										                <div class="media pt-3 pb-3 border-bottom border-gray ">
+																																										                </div>
+																																										        </div>
+																																										-->
+						<!-- end if sessioni_adesioni -->
+
+
+						<!-- end if things -->
+					</div>
+
+
+				</div>
+			</div>
+
+		</div>
+
+
+		<script>
+			window.__PUBLIC_PATH__ = "/static/fonts"
+		</script>
+		<script src="/static/js/bootstrap-italia.min.js"></script>
+
+
+	</body>
+
+</html>
diff --git a/example/custom_template/templates/base-setup.html b/example/custom_template/templates/base-setup.html
new file mode 100644
index 0000000..be1963d
--- /dev/null
+++ b/example/custom_template/templates/base-setup.html
@@ -0,0 +1,237 @@
+<!-- Extends default Bootstrap Italia template -->
+{% extends 'bootstrap-italia-base.html' %}
+
+{% load static %}
+
+<!-- Page Title -->
+{% block page_title %}
+Università della Calabria
+{% endblock page_title %}
+
+<!-- My custom scss sheet -->
+{% block extra_head %}
+<link rel="shortcut icon" href="{% static 'images/favicon/favicon-32x32.png' %}">
+<link rel="stylesheet" href="{% static 'css/unical-style.css' %}" type="text/css" />
+{% endblock extra_head %}
+
+<!-- URL link top left -->
+{% block header_slim_org_url %}
+https://www.example.com
+{% endblock header_slim_org_url %}
+
+<!-- Name top left -->
+{% block header_slim_org_name %}
+4Securitas
+{% endblock header_slim_org_name %}
+
+<!-- Mobile slim_org_name -->
+{% block header_slim_mobile_org_name %}
+4Securitas
+{% endblock header_slim_mobile_org_name %}
+
+{% block header_center_social %}
+<div class="it-socials d-none d-md-flex">
+    
+</div>
+{% endblock header_center_social %}
+
+<!-- Make empty areas -->
+{% block header_mobile_arrow %}{% endblock header_mobile_arrow %}
+{% block header_mobile_slim_menu %}{% endblock header_mobile_slim_menu %}
+
+{% block header_center_url %}/{% endblock header_center_url %}
+
+<!-- Logo in Header -->
+{% block header_center_logo %}
+<div class="col-10 col-md-9 col-lg-12 offset-1 offset-md-0">
+    <image src="{% static 'images/unical_logo.svg' %}" style="width: 100%;"/>
+</div>
+{% endblock header_center_logo %}
+
+<!-- Organization name in Header -->
+{% block header_center_org_name %}
+{% comment %}
+Università della Calabria
+{% endcomment %}
+{% endblock header_center_org_name %}
+
+<!-- Organization description in Header -->
+{% block header_center_org_subname %}
+{% comment %}
+Il Campus per eccellenza
+{% endcomment %}
+{% endblock header_center_org_subname %}
+
+<!-- Logo in Footer -->
+{% block footer_logo %}
+<img class="icon" src="{% static 'images/logo_white.png' %}" />
+{% endblock footer_logo %}
+
+<!-- Organization name in Footer -->
+{% block footer_org_name %}
+Università della Calabria
+{% endblock footer_org_name %}
+
+<!-- Organization name in Footer -->
+{% block footer_org_subname %}
+Il Campus per eccellenza
+{% endblock footer_org_subname %}
+
+{% block footer_contacts_section %}
+<section class="py-4 border-white border-top">
+    <div class="row">
+        <div class="col-lg-4 col-md-4 pb-2">
+            <h4><a href="#" title="Vai alla pagina: Contatti">Contatti</a></h4>
+            <p>
+                <strong>Università della Calabria</strong>
+                <br>
+                via Pietro Bucci 87036 Arcavacata di Rende, CS
+                <br>
+                Codice Fiscale 80003950781 - Tel. (+39) 0984 4911
+            </p>
+            <div class="link-list-wrapper">
+                <ul class="footer-list link-list clearfix">
+                    <li>
+                        <a class="list-item"
+                           href="https://www.unical.it/portale/servizi/contacts/"
+                           title="Vai alla pagina: Posta Elettronica Certificata">
+                           Posta Elettronica Certificata
+                        </a>
+                    </li>
+                    <li>
+                        <a class="list-item"
+                           href="https://www.unical.it/portale/servizi/contacts/index-fe.cfm"
+                           title="Vai alla pagina: Fatturazione elettronica">
+                           Fatturazione Elettronica
+                        </a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+        <div class="col-lg-4 col-md-4 pb-2">
+            <h4><a href="#" title="Vai alla pagina: Lorem Ipsum">Link Utili</a></h4>
+            <div class="link-list-wrapper">
+                <ul class="footer-list link-list clearfix">
+                    <li>
+                        <a class="list-item"
+                           href="https://www.unical.it/portale/portaltemplates/view/search_phone.cfm"
+                           title="Vai alla pagina: Contatti/cerca persone">
+                           Contatti/cerca persone
+                        </a>
+                    </li>
+                    <li>
+                        <a class="list-item"
+                           href="https://www.unical.it/portale/ateneo/amministrazione/"
+                           title="Vai alla pagina: Contatti amministrazione">
+                           Contatti amministrazione
+                        </a>
+                    </li>
+                    <li>
+                        <a class="list-item"
+                           href="https://www.unical.it/portale/ateneo/amministrazione/aree/uocsdfpl/sdfpl/"
+                           title="Vai alla pagina: Contatti servizi didattici">
+                           Contatti servizi didattici
+                        </a>
+                    </li>
+                    <li>
+                        <a class="list-item"
+                           href="https://unical.portaleamministrazionetrasparente.it/"
+                           title="Vai alla pagina: PAT - Portale amministrazione trasparente">
+                           PAT - Portale amministrazione trasparente
+                        </a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+        <div class="col-lg-4 col-md-4 pb-2">
+            <div class="pb-2">
+                <h4><a href="#" title="Vai alla pagina: Seguici su">Seguici su</a></h4>
+                <ul class="list-inline social text-start">
+                    <li class="list-inline-item">
+                        <a class="p-2 text-white"
+                           href="https://it-it.facebook.com/pages/Universit%C3%A0-della-Calabria/166678814380"
+                           target="_blank">
+                            <svg class="icon icon-sm icon-white align-top">
+                                <use xlink:href="{% static 'svg/sprites.svg' %}#it-facebook"></use>
+                            </svg><span class="sr-only">Facebook</span>
+                        </a>
+                    </li>
+                    <li class="list-inline-item">
+                        <a class="p-2 text-white"
+                           href="https://twitter.com/UnicalPortale"
+                           target="_blank">
+                            <svg class="icon icon-sm icon-white align-top">
+                                <use xlink:href="{% static 'svg/sprites.svg' %}#it-twitter"></use>
+                            </svg><span class="sr-only">Twitter</span>
+                        </a>
+                    </li>
+                    <li class="list-inline-item">
+                        <a class="p-2 text-white"
+                           href="https://www.instagram.com/unical_official/"
+                           target="_blank">
+                            <svg class="icon icon-sm icon-white align-top">
+                                <use xlink:href="{% static 'svg/sprites.svg' %}#it-instagram"></use>
+                            </svg><span class="sr-only">Instagram</span>
+                        </a>
+                    </li>
+                    <li class="list-inline-item">
+                        <a class="p-2 text-white"
+                           href="https://www.youtube.com/channel/UCnd5Oen95TMO9aLfVRUAABQ"
+                           target="_blank">
+                            <svg class="icon icon-sm icon-white align-top">
+                                <use xlink:href="{% static 'svg/sprites.svg' %}#it-youtube"></use>
+                            </svg><span class="sr-only">YouTube</span>
+                        </a>
+                    </li>
+                    <li class="list-inline-item">
+                        <a class="p-2 text-white"
+                           href="https://github.com/UniversitaDellaCalabria"
+                           target="_blank">
+                            <svg class="icon icon-sm icon-white align-top">
+                                <use xlink:href="{% static 'svg/sprites.svg' %}#it-github"></use>
+                            </svg> <span class="sr-only">GitHub</span>
+                        </a>
+                    </li>
+                </ul>
+            </div>
+            {% comment %}
+            <div class="pb-2">
+                <h4><a href="#" title="Vai alla pagina: Newsletter">Newsletter</a></h4>
+                <p>Form Newsletter</p>
+                  <form action="#" method="post">
+                    <label for="input-newsletter" class="active">Iscriviti per riceverla</label>
+                    <div class="input-group">
+                      <div class="input-group-prepend">
+                        <div class="input-group-text">@</div>
+                      </div>
+                      <input type="text" class="form-control" id="input-newsletter" name="input-newsletter" placeholder="Scrivi il tuo indirizzo email" >
+                      <div class="input-group-append">
+                        <button class="btn btn-outline-secondary" type="button" id="button-addon2">Button</button>
+                      </div>
+                    </div>
+                    <button class="btn btn-default pull-right" type="submit">Iscriviti</button>
+                  </form>
+            </div>
+            {% endcomment %}
+        </div>
+    </div>
+</section>
+{% endblock footer_contacts_section %}
+
+{% block footer_bottom_content %}
+<h3 class="sr-only">Sezione Link Utili</h3>
+<ul class="it-footer-small-prints-list list-inline mb-0 d-flex flex-column flex-md-row">
+    <li class="list-inline-item">
+        <a href="https://www.unical.it/portale/ateneo/amministrazione/aree/arrisumane/trasparenza/ammtrasparente/notelegali/"
+           title="Note Legali">
+           Note legali
+        </a>
+    </li>
+    <li class="list-inline-item">
+        <a href="https://www.unical.it/portale/ateneo/privacy/"
+           title="Protezione dei dati">
+           Protezione dei dati
+        </a>
+    </li>
+</ul>
+{% endblock footer_bottom_content %}
diff --git a/example/custom_template/templates/base_clean.html b/example/custom_template/templates/base_clean.html
new file mode 100644
index 0000000..0a42d13
--- /dev/null
+++ b/example/custom_template/templates/base_clean.html
@@ -0,0 +1,29 @@
+{% extends 'idp_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block page_title %}
+{% endblock page_title %}
+
+{% block header_slim_wrapper %}{% endblock %}
+
+{% block header_center_search %}{% endblock header_center_search %}
+{% block header_slim_right_zone %}{% endblock header_slim_right_zone %}
+{% block main_menu %}{% endblock main_menu %}
+
+{% block header_center_logo %}
+
+{% endblock %}
+
+{% block header_center_social %}
+{% endblock header_center_social %}
+
+{% block centered_container %}
+{% endblock centered_container %}
+
+{% block bootstrap_italia_validation %}
+{% endblock bootstrap_italia_validation %}
+
+{% block footer %}
+{% endblock %}
diff --git a/example/tests/sp/attribute-maps/__init__.py b/example/custom_template/templates/data_consent.html
similarity index 100%
rename from example/tests/sp/attribute-maps/__init__.py
rename to example/custom_template/templates/data_consent.html
diff --git a/example/uniauth_unical_template/templates/data_consent.html.example b/example/custom_template/templates/data_consent.html.example
similarity index 100%
rename from example/uniauth_unical_template/templates/data_consent.html.example
rename to example/custom_template/templates/data_consent.html.example
diff --git a/example/custom_template/templates/error.html b/example/custom_template/templates/error.html
new file mode 100644
index 0000000..a0bffc1
--- /dev/null
+++ b/example/custom_template/templates/error.html
@@ -0,0 +1,56 @@
+<!-- Extends default Bootstrap Italia template -->
+{% extends 'idp_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block page_title %}
+	{% trans "Error" %}
+{% endblock page_title %}
+
+{% block header_slim_wrapper %}{% endblock %}
+
+{% block header_center_search %}{% endblock header_center_search %}
+{% block header_slim_right_zone %}{% endblock header_slim_right_zone %}
+{% block main_menu %}{% endblock main_menu %}
+
+{% block header_center_logo %}
+
+{% endblock %}
+
+{% block header_center_social %}
+{% endblock header_center_social %}
+
+{% block centered_container %}
+
+	<div class="">
+		<div class="callout-title">
+<!--
+			<svg class="icon">
+				<use xlink:href="{% static 'img/icons/error.svg' %}"></use>
+			</svg>
+-->
+			{% trans "Error during SAML2 authentication" %}
+        </div>
+		<p>
+			{% if exception_type %}
+				<p class="mb-2">
+					<strong>{{exception_type}}</strong>
+					<br>
+				</p>
+				{% if exception_msg %}
+					<p>{{exception_msg}}</p>
+				{% endif %}
+			{% endif %}
+			{% if extra_message %}
+				<p>{{extra_message}}</p>
+			{% endif %}
+		</p>
+	</div>
+{% endblock centered_container %}
+
+{% block bootstrap_italia_validation %}
+{% endblock bootstrap_italia_validation %}
+
+{% block footer %}
+{% endblock %}
diff --git a/example/custom_template/templates/idp_base.html b/example/custom_template/templates/idp_base.html
new file mode 100644
index 0000000..013a268
--- /dev/null
+++ b/example/custom_template/templates/idp_base.html
@@ -0,0 +1,32 @@
+<!-- Extends default Bootstrap Italia template -->
+{% extends 'base-setup.html' %}
+{% load static %}
+
+<link type="text/css" rel="stylesheet" href="{% static '/css/overrides.css' %}">
+
+{% block extra_head %}
+	{{ block.super }}
+	<link rel="stylesheet" href="{% static 'css/idp_style.css' %}">
+{% endblock extra_head %}
+
+{% block extra_scripts %}
+	{% block bootstrap_italia_validation %}
+		<script>
+			(function () {
+'use strict';
+window.addEventListener('load', function () {
+var forms = document.getElementsByClassName('needs-validation');
+var validation = Array.prototype.filter.call(forms, function (form) {
+form.addEventListener('submit', function (event) {
+if (form.checkValidity() === false) {
+event.preventDefault();
+event.stopPropagation();
+}
+}, false);
+form.classList.add('was-validated');
+});
+}, false);
+})();
+		</script>
+	{% endblock bootstrap_italia_validation %}
+{% endblock extra_scripts %}
diff --git a/example/custom_template/templates/saml_login.html b/example/custom_template/templates/saml_login.html
new file mode 100644
index 0000000..0f1e560
--- /dev/null
+++ b/example/custom_template/templates/saml_login.html
@@ -0,0 +1,88 @@
+<!-- Extends default Bootstrap Italia template -->
+<link type="text/css" rel="stylesheet" href="/static/css/overrides.css">
+{% extends 'idp_base.html' %}
+
+
+{% load i18n %}
+{% load static %}
+
+{% block page_title %}{% endblock page_title %}
+
+{% block header_wrapper %}{% endblock header_wrapper %}
+{% block footer %}{% endblock footer %}
+
+{% block container %}
+	<div class="container">
+		<div class="row">
+			<div class="mx-auto" style="width:400px">
+				<div style="margin-top: 80px; border-radius: 16px; padding: 24px; padding-bottom: 10px;  background-color: #18181B; font-size: 14px">
+
+					<form class="needs-validation" name="login" method="post" action="{{ acs_url }}">
+						{% csrf_token %}
+						{% for form_field in form %}
+
+							{% if form_field.field.widget.input_type == "checkbox" %}
+								<div class="mb-0" style="display:block">
+
+									<div class="form-check override">
+
+										<input name="{{ form_field.name }}" type="checkbox" id="id_{{ form_field.html_name }}" {% if form_field.field.required %} class="form-check-input" required {% endif %}>
+										<label class="form-check-label override" for="id_{{ form_field.html_name }}">
+
+											{{ form_field.label }}
+										</label>
+									</div>
+								</div>
+							{% elif form_field.field.widget.input_type == "password" %}
+								<div class="form-row override" style="display:block">
+									<div class="col-12 form-group override my-0">
+										<label class="override" for="id_{{ form_field.html_name }}" style="line-height: 14px; font-size: 11px; font-weight: 300; color: #A1A1AA; position:relative; margin: 0; margin-bottom: 5px; padding: 0; top:0;">
+
+											<span class="form-label-content">
+												{{ form_field.label }}
+											</span>
+										</label>
+										<input type="{{ form_field.field.widget.input_type }}" class="form-control input-password" id="id_{{ form_field.html_name }}" name="{{ form_field.name }}" aria-labelledby="infoPassword" minlength="{{ form_field.field.min_length }}" {% comment %} {% if forloop.first %} autofocus {% endif %} {% endcomment %} {% if form_field.field.required %} required {% endif %} style="border:0; background-color: #27272a; border-radius: 6px; height: 32px; color: #e4e4e7; font-size:14px; font-weight: 300; ">
+
+										<span class="password-icon" aria-hidden="true">
+											<svg class="password-icon-visible icon icon-sm">
+												<use xlink:href="{% static 'svg/sprite.svg' %}#it-password-visible"></use>
+											</svg>
+											<svg class="password-icon-invisible icon icon-sm d-none">
+												<use xlink:href="{% static 'svg/sprite.svg' %}#it-password-invisible"></use>
+											</svg>
+										</span>
+										{% comment %}
+											<div class="valid-feedback">{% trans "Validated" %}!</div>
+										{% endcomment %}
+									</div>
+								</div>
+							{% else %}
+								<div class="form-row override">
+									<div class="col-12 form-group override my-0">
+										<label class="override" for="id_{{ form_field.html_name }}" style="line-height: 14px; font-size: 11px; font-weight: 300; color: #A1A1AA; position:relative; margin: 0; margin-bottom: 5px; padding: 0; top:0;">
+
+											<span class="form-label-content">
+												{{ form_field.label }}
+											</span>
+										</label>
+										<input type="{{ form_field.field.widget.input_type }}" class="form-control" id="id_{{ form_field.html_name }}" name="{{ form_field.name }}" minlength="{{ form_field.field.min_length }}" {% comment %} {% if forloop.first %} autofocus {% endif %} {% endcomment %} {% if form_field.field.required %} required {% endif %} style="border:0; background-color: #27272a; border-radius: 6px; height: 32px; color: #e4e4e7; font-size:14px; font-weight: 300; ">
+										{% comment %}
+											<div class="valid-feedback">{% trans "Validated" %}!</div>
+										{% endcomment %}
+									</div>
+								</div>
+							{% endif %}
+						{% endfor %}
+						<div class="mt-2">
+							<input type="submit" name="confirm" class="btn btn-lg btn-success btn-block unical-background override" value="{% trans 'Login' %}" style="background:#FBBF24;"/>
+						</div>
+					</form>
+
+					{% include "social_buttons.html" %}
+
+				</div>
+			</div>
+		</div>
+	</div>
+{% endblock container %}
diff --git a/example/custom_template/templates/saml_post.html b/example/custom_template/templates/saml_post.html
new file mode 100644
index 0000000..89c7a48
--- /dev/null
+++ b/example/custom_template/templates/saml_post.html
@@ -0,0 +1,31 @@
+{% extends 'idp_base.html' %}
+<link type="text/css" rel="stylesheet" href="/static/css/overrides.css">
+
+{% load i18n %}
+{% load static %}
+
+{% block page_title %}
+	SAML POST
+{% endblock page_title %}
+
+{% block header_wrapper %}{% endblock header_wrapper %}
+{% block footer %}{% endblock footer %}
+
+{% block centered_container %}
+	<form method="post" action="{{ acs_url }}">
+		{% csrf_token %}
+		<div>
+			<input type="hidden" name="RelayState" value="{{ relay_state }}"/>
+			<input type="hidden" name="SAMLResponse" value="{{ saml_response }}"/>
+		</div>
+	</form>
+	{% if saml_response %}
+		<script type="text/javascript">
+			window.onload = function () {
+document.forms[0].submit();
+}
+		</script>
+	{% endif %}
+{% endblock centered_container %}
+
+{% block bootstrap_italia_validation %}{% endblock bootstrap_italia_validation %}
diff --git a/example/custom_template/templates/social_buttons.html b/example/custom_template/templates/social_buttons.html
new file mode 100644
index 0000000..8af419d
--- /dev/null
+++ b/example/custom_template/templates/social_buttons.html
@@ -0,0 +1,74 @@
+{% load i18n %}
+{% load static %}
+{% load socialauth_buttons %}
+
+{% is_social_auth_enabled as sae %}
+{% if sae %}
+	<div class="container  p-0" style="overflow: hidden;">
+		<div class="row p-0">
+
+			<div class="col-12 p-0  mt-4 mb-4">
+
+
+				<div class="hrdivider container border-25 acsia_border position-relative">
+
+					<hr class="container border-25 acsia_border" data-content="OR" style="background: #FBBF24"/>
+
+					<span class="acsia_text" style="position: absolute; left: 50%; transform: translateX(-50%); background:#18181B; padding:2px 8px; top: -12px; color: #fafafa;">{% trans "OR" %}</span>
+
+
+				</div>
+
+			</div>
+
+		</div>
+
+		{% is_google_enabled as google %}
+		{% if google %}
+			<div class="row mt-3">
+				<form name="gauth" class="col-md-12" method="post" action="/accounts/google/login/">
+					{% csrf_token %}
+					<div class="col-md-12">
+						<span class="btn btn-lg btn-socialauth btn-block" onclick="gauth.submit()" style="background-color:#fafafa">
+							<img src="{% static '/img/icons/google-logo.png' %}">
+							{% trans "Signup Using Google" %}
+						</span>
+					</div>
+				</form>
+			</div>
+		{% endif %}
+
+		{% is_azure_enabled as azure %}
+		{% if azure %}
+			<div class="row">
+				<form name="azauth" class="col-md-12" method="post" action="/accounts/azure/login/">
+					{% csrf_token %}
+					<div class="col-md-12">
+						<span class="btn btn-lg btn-socialauth btn-block" onclick="azauth.submit()" style="background-color:#fafafa">
+							<img src="{% static '/img/icons/azure.png' %}">
+							{% trans "Signup Using Azure" %}
+						</span>
+					</div>
+				</form>
+			</div>
+		{% endif %}
+
+		{% is_microsoft_enabled as microsoft %}
+		{% if microsoft %}
+			<div class="row">
+				<form name="microsoft_auth" class="col-md-12" method="post" action="/accounts/microsoft/login/">
+					{% csrf_token %}
+					<div class="col-md-12">
+						<span class="btn btn-lg btn-socialauth btn-block" onclick="microsoft_auth.submit()" style="background-color:#fafafa">
+
+							<img src="{% static '/img/icons/microsoft.ico' %}">
+							{% trans "Signup Using Microsoft" %}
+						</span>
+					</div>
+				</form>
+			</div>
+		{% endif %}
+
+	</div>
+	<!-- end container -->
+{% endif %}
diff --git a/example/custom_template/templates/user_agreement.html b/example/custom_template/templates/user_agreement.html
new file mode 100644
index 0000000..3db9d6b
--- /dev/null
+++ b/example/custom_template/templates/user_agreement.html
@@ -0,0 +1,159 @@
+{% extends 'idp_base.html' %}
+<link type="text/css" rel="stylesheet" href="/static/css/overrides.css">
+
+{% load i18n %}
+{% load static %}
+
+{% block header_slim_wrapper %}{% endblock %}
+
+{% block page_title %}
+	{% trans "User Agreement" %}
+{% endblock page_title %}
+
+{% block header_center_logo %}{% endblock %}
+
+
+{% block header_center_search %}{% endblock header_center_search %}
+{% block header_slim_right_zone %}{% endblock header_slim_right_zone %}
+{% block main_menu %}{% endblock main_menu %}
+
+{% block centered_container %}
+	<div class="mb-2">
+		<p>
+			<b>{% trans "Welcome" %}
+				{{ request.user.username }}
+			</b>,
+		</p>
+		<p class="text-justify">
+			<b>{{sp_display_name}}</b>,
+			{% trans "the web service you are coming from, has requested the following informations. We therefore ask you to read these informations and give your consent if you agree." %}
+		</p>
+
+		<!--
+				{% if sp_display_description %}
+					<p class="text-justify pt-3">
+						<b>{% trans "Display description" %}:</b>
+						{{sp_display_description}}
+					</p>
+				{% endif %}
+		-->
+	</div>
+
+	<div
+		class="mb-4">
+		<!--
+		            <h3>
+		                {% trans "Data consent" %}
+		            </h3>
+		        -->
+		<p class="text-justify text-justify pt-3">
+			{% if sp_display_agreement_message %}
+				{{ sp_display_agreement_message }}
+			{% else %}
+				{% include "data_consent.html" %}
+			{% endif %}
+		</p>
+	</div>
+
+	<div
+		class="mb-4">
+		<!--
+		            <p>
+		                {{sp_display_name}} {% trans "requested the following informations" %}:
+		            </p>
+		        -->
+		<div style="overflow-x:auto;">
+			<table class="table table-hover">
+				<thead>
+					<tr>
+						<th scope="col">{% trans "attribute name" %}</th>
+						<th scope="col">{% trans "value" %}</th>
+					</tr>
+				</thead>
+				<tbody>
+					{% for attr, value in attrs_passed_to_sp.items %}
+						<tr>
+							<td>{{ attr }}</td>
+							<td>
+								{% if value.capitalize %}
+									{{ value }}
+								{% else %}
+									<ul class="list-unstyled">
+										{% for ele in value %}
+											<li>{{ ele }}</li>
+										{% endfor %}
+									</ul>
+								{% endif %}
+							</td>
+						</tr>
+					{% endfor %}
+				</tbody>
+			</table>
+		</div>
+
+		{% if sp_display_agreement_consent_form  %}
+			<div class="pt-4 ">
+				<p>{% trans "Do you agree to transmit to " %}
+					<b>{{ sp_display_name }}</b>
+					{% trans "the previous personal attributes" %}?
+				</p>
+			</div>
+		{% endif %}
+
+		<form class="pt-4 needs-validation" method="post" action="" class="pb-4">
+			{% csrf_token %}
+			{% for form_field in form %}
+				{% if form_field.field.widget.input_type == "checkbox"%}
+					<div class="form-check">
+						<input name="{{ form_field.name }}" type="checkbox" id="id_{{ form_field.html_name }}" {% if form_field.field.required %} class="form-check-input" required {% endif %}>
+						<label class="form-check-label" for="id_{{ form_field.html_name }}">
+							{{ form_field.label }}
+						</label>
+					</div>
+
+				{% elif form_field.field.widget.input_type == 'radio' %}
+					<div>
+						<!--
+						                            <p class="pt-3">
+						                                {{form_field.name|title}}
+						                            </p>
+						                        -->
+						{% if sp_display_agreement_consent_form %}
+							{% for k,v in form_field.field.widget.choices %}
+								<div class="form-check">
+									<input type="radio" name="{{ form_field.name}}" value="{{k}}" {% if form_field.field.required %} required {% endif %} id="id_{{ form_field.html_name }}_{{ forloop.counter0}}" {% if forloop.first %} checked {% endif %}>
+									{% if sp_display_agreement_consent_form  %}
+										<label for="id_{{ form_field.html_name }}_{{ forloop.counter0}}">
+											<p style="">{{ v }}</p>
+										</label>
+									{% endif %}
+								</div>
+							{% endfor %}
+						{% else %}
+							<input type="hidden" name="confirm" value="1">
+						{% endif %}
+					</div>
+
+				{% else %}
+					<div class="form-row">
+						<div class="col-12 form-group my-3">
+							<input type="{{ form_field.field.widget.input_type }}" class="form-control" id="id_{{ form_field.html_name }}" name="{{ form_field.name }}" minlength="{{ form_field.field.min_length }}" {% comment %} {% if forloop.first %} autofocus {% endif %} {% endcomment %} {% if form_field.field.required %} required {% endif %}>
+							<label for="id_{{ form_field.html_name }}">
+								<span class="form-label-content">
+									{{ form_field.label }}
+								</span>
+							</label>
+							{% comment %}
+								<div class="valid-feedback">{% trans "Validated" %}!</div>
+							{% endcomment %}
+						</div>
+					</div>
+				{% endif %}
+			{% endfor %}
+
+			<input type="submit" name="submit" class="mt-5 btn btn-lg btn-success btn-block unical-background" value="{% trans 'Submit' %}"/>
+		</form>
+	</div>
+{% endblock centered_container %}
+
+{% block footer %}{% endblock %}
diff --git a/example/uniauth_unical_template/__init__.py b/example/data/media/README.md
similarity index 100%
rename from example/uniauth_unical_template/__init__.py
rename to example/data/media/README.md
diff --git a/example/data/metadata/shibsp-test.xml b/example/data/metadata/shibsp-test.xml
deleted file mode 100644
index cba73eb..0000000
--- a/example/data/metadata/shibsp-test.xml
+++ /dev/null
@@ -1,88 +0,0 @@
-<!--
-This is example metadata only. Do *NOT* supply it as is without review,
-and do *NOT* provide it in real time to your partners.
- -->
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_3239a4840960d71ec594510daed4899d3d144231" entityID="https://sp.testunical.it/shibboleth">
-
-  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
-    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
-  </md:Extensions>
-
-  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
-    <md:Extensions>
-      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.testunical.it/Shibboleth.sso/Login"/>
-    </md:Extensions>
-    <md:KeyDescriptor>
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:KeyName>https://sp.testunical.it/shibboleth</ds:KeyName>
-        <ds:KeyName>sp.testunical.it</ds:KeyName>
-        <ds:X509Data>
-          <ds:X509SubjectName>CN=sp.testunical.it</ds:X509SubjectName>
-          <ds:X509Certificate>MIIEJzCCAo+gAwIBAgIUaoCRB+1HO/ohrrDKw++3orgFtEkwDQYJKoZIhvcNAQEL
-BQAwGzEZMBcGA1UEAxMQc3AudGVzdHVuaWNhbC5pdDAeFw0yMDEwMTQxNTA3NDBa
-Fw0zMDEwMTIxNTA3NDBaMBsxGTAXBgNVBAMTEHNwLnRlc3R1bmljYWwuaXQwggGi
-MA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC2mQ2Mm5Yl6MW9j1DMIE6SueXC
-UQfV4+ZMlND7K9QjYDcMkRtKNKbzKZjJxo6dgwQruLPoHoL+2VdNjC9ayeBZHAYA
-GqIcgLj1lVfCmO2KaajxmiqDILC1iu5p0ZJ7fAqca8sGhq8DlbzLRrRfFGbUfZ72
-EuKIZMVVtwVKnZAt6cLxHe9fTcpigQeKXAWXN7c5hlFOa231KNwKS2BNRifJnqaM
-yeCoXnDvFwNsvqzOkcOJF65GYJpRBqBaJuTyXIlxDG1xLNbOdaapOP+35ZXnlZTx
-Xxlmg+hVBkksES7Sc4aLSAUTk1nWtolGubog7CM0ZeUwN600jurqPtUuIPHjPbG5
-VKlymKlwWHNyx/Ur0B+HyG+/HRSWOW6oASCBAybj9MlPmmzaEH2gBCW/Puu/PWei
-Myg0N/X/zxDhbHL2CQn9Z2lP42T7+8E6kx5F1Ze0VVXwE7rRh+MP3GMl2wQvhHu2
-wQkIN8zF3DqEw9HZPbaYzrfm7Z7XopOaxj4zCfUCAwEAAaNjMGEwQAYDVR0RBDkw
-N4IQc3AudGVzdHVuaWNhbC5pdIYjaHR0cHM6Ly9zcC50ZXN0dW5pY2FsLml0L3No
-aWJib2xldGgwHQYDVR0OBBYEFBXo0an9ZfL9bef0vE68XrAq5Or5MA0GCSqGSIb3
-DQEBCwUAA4IBgQAdswwxLY+fx7VMeuZW4t1T/jXHtb10aX74h8k9jV/Nnd+C7DDs
-I+SALSMBVTXOBuuQN7aeJyDQeJcjerpRPcuU90MV2S7m6BrWtUFEZHie5Tdh7t0n
-9D7RId3iAWWnZ8b8tuJbIFqePuyMhrpENbub4Y1eruulS21Qm4jEskTBU9CEaLRX
-U/XJTRN93+SCqwZwpro9FIUEhY97y4j7vvjGAQ3v6zv177z2PYbtWMkFW3pBYuYx
-j/esSCys8RhL3A8LlAPzvJIQWeE+r55hxAm/HnORMpFVNLe7nsEaiOZdN4dZoDk5
-cVyulYl9Y5DdwAxenZWvQrokJKl+nM68Hf1ZvnOBOuXUpDg7EIedwBPGmgktCE+2
-y3Q1cBVLBMfXJDe5ObY6dRZMhq8tC34nZD6NRXeKf3VcWjDHAVJGPdRRU2cC5gg1
-ZTE39f0eIamxP6Q5JFfBk9GvVw+QiOc7CiaC5uTrKBD+kIwSw7on9W6WZuxL1IcL
-bm+NjH24TLN4Wj8=
-</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
-      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
-    </md:KeyDescriptor>
-    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.testunical.it/Shibboleth.sso/Artifact/SOAP" index="1"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.testunical.it/Shibboleth.sso/SLO/SOAP"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.testunical.it/Shibboleth.sso/SLO/Redirect"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.testunical.it/Shibboleth.sso/SLO/POST"/>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.testunical.it/Shibboleth.sso/SLO/Artifact"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.testunical.it/Shibboleth.sso/NIM/SOAP"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.testunical.it/Shibboleth.sso/NIM/Redirect"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.testunical.it/Shibboleth.sso/NIM/POST"/>
-    <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.testunical.it/Shibboleth.sso/NIM/Artifact"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.testunical.it/Shibboleth.sso/SAML2/POST" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.testunical.it/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.testunical.it/Shibboleth.sso/SAML2/Artifact" index="3"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.testunical.it/Shibboleth.sso/SAML2/ECP" index="4"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.testunical.it/Shibboleth.sso/SAML/POST" index="5"/>
-  </md:SPSSODescriptor>
-
-</md:EntityDescriptor>
\ No newline at end of file
diff --git a/example/data/metadata/sp1.xml b/example/data/metadata/sp1.xml
deleted file mode 100644
index 4988899..0000000
--- a/example/data/metadata/sp1.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<ns0:EntityDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" entityID="http://sp1.testunical.it:8000/saml2/metadata/"><ns0:Extensions><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><ns1:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><ns1:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><ns1:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><ns1:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></ns0:Extensions><ns0:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"><ns0:KeyDescriptor use="signing"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQEL
-BQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0y
-OTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7c
-jrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXI
-R8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejj
-XKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInr
-FIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYz
-SSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBR
-MB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoa
-jGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
-A4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnit
-bpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1d
-S/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA
-+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJae
-QeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS
-1EX9j2GqG1yWcdGvY60GJu5Er5id
-</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:KeyDescriptor use="encryption"><ns2:KeyInfo><ns2:X509Data><ns2:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQEL
-BQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0y
-OTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7c
-jrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXI
-R8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejj
-XKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInr
-FIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYz
-SSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBR
-MB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoa
-jGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
-A4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnit
-bpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1d
-S/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA
-+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJae
-QeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS
-1EX9j2GqG1yWcdGvY60GJu5Er5id
-</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp1.testunical.it:8000/saml2/ls/post/" /><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://sp1.testunical.it:8000/saml2/ls/" /><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</ns0:NameIDFormat><ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</ns0:NameIDFormat><ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp1.testunical.it:8000/saml2/acs/" index="1" /></ns0:SPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="it">Unical</ns0:OrganizationName><ns0:OrganizationName xml:lang="en">Unical</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="it">Unical</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Unical</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="it">http://www.unical.it</ns0:OrganizationURL><ns0:OrganizationURL xml:lang="en">http://www.unical.it</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="administrative"><ns0:Company>Universita della Calabria</ns0:Company><ns0:GivenName>Giuseppe</ns0:GivenName><ns0:SurName>De Marco</ns0:SurName><ns0:EmailAddress>giuseppe.demarco@unical.it</ns0:EmailAddress></ns0:ContactPerson><ns0:ContactPerson contactType="technical"><ns0:Company>Universita della Calabria</ns0:Company><ns0:GivenName>Giuseppe</ns0:GivenName><ns0:SurName>De Marco</ns0:SurName><ns0:EmailAddress>giuseppe.demarco@unical.it</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor>
\ No newline at end of file
diff --git a/example/django_idp/idp_pysaml2.py b/example/django_idp/idp_pysaml2.py
index b56d280..08cbd4c 100644
--- a/example/django_idp/idp_pysaml2.py
+++ b/example/django_idp/idp_pysaml2.py
@@ -1,54 +1,62 @@
 import os
 import saml2
 from django.utils.translation import gettext as _
-from saml2 import (BINDING_HTTP_POST,
-                   BINDING_SOAP,
-                   BINDING_HTTP_ARTIFACT,
-                   BINDING_HTTP_REDIRECT,
-                   BINDING_PAOS)
+from saml2 import (
+    BINDING_HTTP_POST,
+    BINDING_SOAP,
+    BINDING_HTTP_ARTIFACT,
+    BINDING_HTTP_REDIRECT,
+    BINDING_PAOS
+)
 from saml2.entity_category import refeds, edugain
-from saml2.saml import (NAMEID_FORMAT_TRANSIENT,
-                        NAMEID_FORMAT_PERSISTENT)
-from saml2.saml import (NAME_FORMAT_URI,
-                        NAME_FORMAT_UNSPECIFIED,
-                        NAME_FORMAT_BASIC)
+from saml2.saml import (
+    NAMEID_FORMAT_TRANSIENT,
+    NAMEID_FORMAT_PERSISTENT,
+    NAMEID_FORMAT_UNSPECIFIED
+)
+from saml2.saml import (
+    NAME_FORMAT_URI,
+    NAME_FORMAT_UNSPECIFIED,
+    NAME_FORMAT_BASIC
+)
 
 from saml2.sigver import get_xmlsec_binary
 
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
 LOGIN_URL = '/idp/login/'
 
 # idp protocol:fqdn:port
-HOST = 'idp1.testunical.it'
-PORT = 9000 #None if 80 or 443...
-HTTPS = False
+HOST = os.environ.get("HOSTNAME", 'localhost')
+PORT = os.environ.get("PORT", 9000) # None if 80 or 443...
+HTTPS = int(os.environ.get("HTTPS", 0))
 
-BASE = "https://{}".format(HOST) if HTTPS else "http://{}".format(HOST)
-if PORT:
-    BASE += ':{}'.format(PORT)
+ENTITY_HOSTNAME = HOST
+if PORT and int(PORT) > 0:
+    ENTITY_HOSTNAME += ':{}'.format(PORT)
 
-BASE_URL = '{}/idp'.format(BASE)
-# end
+ENTITY_BASE_URL = f"https://{ENTITY_HOSTNAME}" if HTTPS else f"http://{ENTITY_HOSTNAME}"
+ENTITY_URL = '{}/idp'.format(ENTITY_BASE_URL)
+ENTITYID = '%s/metadata' % ENTITY_URL
 
 IDP_SP_METADATA_PATH = os.path.join(BASE_DIR, 'data/metadata')
 
 # please check [Refactor datetime](https://github.com/IdentityPython/pysaml2/pull/518)
 # only used to parse issue_instant in a try...
-SAML2_DATETIME_FORMATS = ['%Y-%m-%dT%H:%M:%SZ', '%Y-%m-%dT%H:%M:%S.%fZ',
-                          '%Y%m%d%H%M%SZ']
+SAML2_DATETIME_FORMATS = [
+    '%Y-%m-%dT%H:%M:%SZ',
+    '%Y-%m-%dT%H:%M:%S.%fZ',
+    '%Y%m%d%H%M%SZ'
+]
 
 # this will keep xml signed/encrypted files in /tmp
 #os.environ['PYSAML2_DELETE_XMLSEC_TMP'] = "False"
 
-
 SAML_METADATA = {
         'local': [
                  # (os.path.join(IDP_SP_METADATA_PATH, 'sp_metadata.xml'),),
                  # (os.path.join(IDP_SP_METADATA_PATH, 'sp_shib_metadata.xml'),),
                  # (os.path.join(IDP_SP_METADATA_PATH, 'satosa_backend.xml'),),
-                 ],
+        ],
         #
         # "remote": [{
             # "url": 'https://satosa.testunical.it/Saml2/metadata',
@@ -69,124 +77,49 @@
 
 }
 
-
 SAML_CONTACTS = [
-      {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
+      {'given_name': 'Claudio',
+       'sur_name': '...',
+       'company': '4Securitas',
+       'email_address': 'info@email.example.com',
        'contact_type': 'administrative'},
       {'given_name': 'Giuseppe',
        'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
+       'company': '4Securitas',
+       'email_address': 'giuseppe@email.example.com',
        'contact_type': 'technical'},
 ]
 
-
 SAML_ORG_INFO = {
-      'name': [('Unical', 'it'), ('Unical', 'en')],
-      'display_name': [('Unical', 'it'), ('Unical', 'en')],
-      'url': [('http://www.unical.it', 'it'),
-              ('http://www.unical.it', 'en')],
+      'name': [('example', 'it'), ('Example', 'en')],
+      'display_name': [('example', 'it'), ('Example', 'en')],
+      'url': [('http://www.example.com', 'it'),
+              ('http://www.example.com', 'en')],
 }
 
-
-SAML_AA_CONFIG = {
-    'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
-    'entityid': '%s/aa/metadata' % BASE_URL,
-
-    'entity_category_support': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                                refeds.RESEARCH_AND_SCHOLARSHIP],
-
-    'attribute_map_dir': 'data/attribute-maps',
-    'description': 'SAML2 IDP',
-
-    'service': {
-        "aa": {
-            "endpoints": {
-                "attribute_service": [
-                    ("%s/aap" % BASE, BINDING_HTTP_POST),
-                ]
-            },
-            # transient per default, persistent if asked by sp
-            'name_id_format': [NAMEID_FORMAT_TRANSIENT,
-                               NAMEID_FORMAT_PERSISTENT],
-
-            'validate_certificate': True,
-            # this is default
-            'only_use_keys_in_metadata': True,
-
-            # these needs to change a standard shibboleth sp configuration
-            # because in GET binding the signature is in the url and not in the XML ...
-            # solution: disable HTTP-REDIRECT bind
-            # this needs the certificate in the authn request, not implemented in every sp ...
-            "want_authn_requests_only_with_valid_cert": False,
-            # HTTP-REDIRECT and many SP still not sign the authnRequest....
-            'want_authn_requests_signed': False,
-
-            'sign_response': True,
-            'sign_assertion': True,
-
-            # the following if set should be a cert filename, not a boolean
-            # 'verify_ssl_cert': None,
-            # 'verify_encrypt_cert_assertion': None,
-            # 'verify_encrypt_cert_advice': None,
-
-            # this works if pysaml2 is installed from peppelinux's fork
-            'signing_algorithm':  saml2.xmldsig.SIG_RSA_SHA256,
-            'digest_algorithm':  saml2.xmldsig.DIGEST_SHA256,
-
-            # saml.assertion #807
-            "policy": {
-                "default": {
-                    "lifetime": {'hours': 360},
-
-                }
-            },
-
-            "release_policy": {
-                "default": {
-                    "lifetime": {"minutes":15},
-                    "attribute_restrictions": None, # means all I have
-                    "name_form": NAME_FORMAT_URI,
-                },
-            },
-        },
-    },
-
-    'metadata': SAML_METADATA,
-    'key_file': BASE_DIR + '/certificates/private.key',
-    'cert_file': BASE_DIR + '/certificates/public.cert',
-    'contact_person': SAML_CONTACTS,
-    'organization': SAML_ORG_INFO,
-
-}
-
-
-
 SAML_IDP_CONFIG = {
-    'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
-    'entityid': '%s/metadata' % BASE_URL,
+    'debug' : int(os.environ.get("SAML2_DEBUG", 1)),
+    # 'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
+    'entityid': ENTITYID,
 
-    'entity_category_support': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                                refeds.RESEARCH_AND_SCHOLARSHIP],
+    # 'entity_category_support': [
+    #     edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
+    #     refeds.RESEARCH_AND_SCHOLARSHIP
+    # ],
 
     'attribute_map_dir': 'data/attribute-maps',
     'description': 'SAML2 IDP',
 
     'service': {
         'idp': {
-            'name': 'Django testunical SAML IdP',
+            'name': 'Example SAML IdP',
 
             'ui_info': {
-                'display_name': [{'lang': 'en', 'text': 'Unical IdP'}, {'lang': 'it', 'text': 'Unical IdP'}],
-                'description': [{'lang': 'en', 'text': 'University of Calabria Identity Provider'},
-                                {'lang': 'it', 'text': 'Identity Provider della Università della Calabria'}],
-                'information_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/strutture/centri/centroict/schdeserviziict/idem/'},
-                'privacy_statement_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/ateneo/privacy/'},
+                'display_name': [{'lang': 'en', 'text': 'Example IdP'}, {'lang': 'it', 'text': 'Example IdP'}],
+                'description': [{'lang': 'en', 'text': 'Example Identity Provider'},
+                                {'lang': 'it', 'text': 'Example Identity Provider'}],
+                'information_url': {'lang': 'it', 'text': 'https://www.4securitas.com'},
+                'privacy_statement_url': {'lang': 'it', 'text': 'https://www.4securitas.com'},
                 'logo': {'width': '80',
                          'height': '60',
                          'text': "https://{}/static/img/logo.svg".format(HOST)},
@@ -194,41 +127,26 @@
 
             'endpoints': {
                 'single_sign_on_service': [
-                    ('%s/sso/post' % BASE_URL, BINDING_HTTP_POST),
-
-                    # HTTP-REDIRECT could introduce troubles with signing verifications ...
-                    ('%s/sso/redirect' % BASE_URL, BINDING_HTTP_REDIRECT),
-
-                    # TODO
-                    # ("%s/sso/art" % BASE_URL, BINDING_HTTP_ARTIFACT),
+                    ('%s/sso/post' % ENTITY_URL, BINDING_HTTP_POST),
+                    ('%s/sso/redirect' % ENTITY_URL, BINDING_HTTP_REDIRECT),
                 ],
                 "single_logout_service": [
-                    ("%s/slo/post" % BASE_URL, BINDING_HTTP_POST),
-
-                    #("%s/slo/redirect" % BASE_URL, BINDING_HTTP_REDIRECT)
-                    # ("%s/slo/soap" % BASE_URL, BINDING_SOAP),
+                    ("%s/slo/post" % ENTITY_URL, BINDING_HTTP_POST),
                 ],
 
-               # "attribute_service": [
-                    # ("%s/aap" % BASE_URL, BINDING_HTTP_POST),
-                # ]
             },
             # transient per default, persistent if asked by sp
-            'name_id_format': [NAMEID_FORMAT_TRANSIENT,
-                               NAMEID_FORMAT_PERSISTENT],
+            'name_id_format': [
+                NAMEID_FORMAT_TRANSIENT,
+                NAMEID_FORMAT_PERSISTENT,
+                NAMEID_FORMAT_UNSPECIFIED
+            ],
 
             'validate_certificate': True,
             # this is default
             'only_use_keys_in_metadata': True,
 
-            # these needs to change a standard shibboleth sp configuration
-            # because in GET binding the signature is in the url and not in the XML ...
-            # solution: disable HTTP-REDIRECT bind
-            # this needs the certificate in the authn request, not implemented in every sp ...
-            "want_authn_requests_only_with_valid_cert": False,
-            # HTTP-REDIRECT and many SP still not sign the authnRequest....
-            'want_authn_requests_signed': False,
-
+            'want_authn_requests_signed': True,
             'logout_requests_signed': True,
 
             'sign_response': True,
@@ -329,7 +247,7 @@
 SAML_IDP_DJANGO_USERNAME_FIELD = 'username'
 # alg, salt and arguments used for computed user identifier used in opaque, transient and persistent nameid_format
 SAML_COMPUTEDID_HASHALG = 'sha256'
-SAML_COMPUTEDID_SALT = b'87sdfybDSFDSFsdf__7yb'
+SAML_COMPUTEDID_SALT = os.environ.get("SAML_COMPUTEDID_SALT", b'87as87da98sd789sdfybDSFDSFsdf__7yb') 
 
 SAML_AUTHN_SIGN_ALG = saml2.xmldsig.SIG_RSA_SHA256
 SAML_AUTHN_DIGEST_ALG = saml2.xmldsig.DIGEST_SHA256
@@ -346,39 +264,22 @@
 # Disable unconfigured SP even if they are in MetadataStore
 SAML_DISALLOW_UNDEFINED_SP = False
 
-# This coniguration will be used by default for each newly created SP through admin backend.
+# This configuration will be used by default for each newly created SP through admin backend.
 DEFAULT_SPCONFIG = {
-    'processor': 'uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor',
+    'processor': 'uniauth_saml2_idp.processors.base.BaseProcessor',
     'attribute_mapping': {
-        # refeds + edugain Entities
-        "cn": "cn",
-        "eduPersonEntitlement": "eduPersonEntitlement",
-        "eduPersonPrincipalName": "eduPersonPrincipalName",
-        "schacHomeOrganization": "schacHomeOrganization",
-        "eduPersonHomeOrganization": "eduPersonHomeOrganization",
-        "eduPersonAffiliation": "eduPersonAffiliation",
-        "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
-        "eduPersonTargetedID": "eduPersonTargetedID",
         "mail": ["mail", "email"],
         "email": ["mail", "email"],
-        "schacPersonalUniqueCode": "schacPersonalUniqueCode",
-        "schacPersonalUniqueID": "schacPersonalUniqueID",
-        "sn": "sn",
-        "givenName": ["givenName", "another_possible_occourrence"],
-        "displayName": "displayName",
-
-        # custom attributes
-        "codice_fiscale": "codice_fiscale",
-        "matricola_studente": "matricola_studente",
-        "matricola_dipendente": "matricola_dipendente"
+        "sn": ["sn", "last_name"],
+        "givenName": ["givenName", "first_name"],
     },
-    'display_name': 'Unical SP',
+    'display_name': 'Service Provider',
     'display_description': 'This is for test purpose',
-    'display_agreement_message': 'Some information about you has been requested', # Only for SP externals to our organization
+    'display_agreement_message': 'Some information about it has requested: ', # Only for SP externals to our organization
     'signing_algorithm': saml2.xmldsig.SIG_RSA_SHA256,
     'digest_algorithm': saml2.xmldsig.DIGEST_SHA256,
     'disable_encrypted_assertions': True,
-    # 'show_user_agreement_screen': SAML_IDP_SHOW_USER_AGREEMENT_SCREEN
+    'show_user_agreement_screen': os.getenv("SHOW_USER_CONSENT_PAGE", 1)
 }
 
 # Quite useless, you can even configure SP through admin backend!
diff --git a/example/django_idp/idp_pysaml2.py.example b/example/django_idp/idp_pysaml2.py.example
deleted file mode 100644
index acc26ff..0000000
--- a/example/django_idp/idp_pysaml2.py.example
+++ /dev/null
@@ -1,392 +0,0 @@
-import os
-import saml2
-from django.utils.translation import gettext as _
-from saml2 import (BINDING_HTTP_POST,
-                   BINDING_SOAP,
-                   BINDING_HTTP_ARTIFACT,
-                   BINDING_HTTP_REDIRECT,
-                   BINDING_PAOS)
-from saml2.entity_category import refeds, edugain
-from saml2.saml import (NAMEID_FORMAT_TRANSIENT,
-                        NAMEID_FORMAT_PERSISTENT)
-from saml2.saml import (NAME_FORMAT_URI,
-                        NAME_FORMAT_UNSPECIFIED,
-                        NAME_FORMAT_BASIC)
-
-from saml2.sigver import get_xmlsec_binary
-
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-LOGIN_URL = '/idp/login/'
-
-# idp protocol:fqdn:port
-HOST = 'idp1.testunical.it'
-PORT = 9000 #None if 80 or 443...
-HTTPS = False
-
-BASE = "https://{}".format(HOST) if HTTPS else "http://{}".format(HOST)
-if PORT:
-    BASE += ':{}'.format(PORT)
-
-BASE_URL = '{}/idp'.format(BASE)
-# end
-
-IDP_SP_METADATA_PATH = os.path.join(BASE_DIR, 'data/metadata')
-
-# please check [Refactor datetime](https://github.com/IdentityPython/pysaml2/pull/518)
-# only used to parse issue_instant in a try...
-SAML2_DATETIME_FORMATS = ['%Y-%m-%dT%H:%M:%SZ', '%Y-%m-%dT%H:%M:%S.%fZ',
-                          '%Y%m%d%H%M%SZ']
-
-# this will keep xml signed/encrypted files in /tmp
-#os.environ['PYSAML2_DELETE_XMLSEC_TMP'] = "False"
-
-
-SAML_METADATA = {
-        'local': [
-                 # (os.path.join(IDP_SP_METADATA_PATH, 'sp_metadata.xml'),),
-                 # (os.path.join(IDP_SP_METADATA_PATH, 'sp_shib_metadata.xml'),),
-                 # (os.path.join(IDP_SP_METADATA_PATH, 'satosa_backend.xml'),),
-                 ],
-        #
-        # "remote": [{
-            # "url": 'https://satosa.testunical.it/Saml2/metadata',
-            # "cert": "/opt/satosa-saml2/pki/frontend.cert",
-
-            # working only with pplx-dev fork:
-            # "disable_ssl_certificate_validation": True,
-             # }],
-
-        # "mdq": [{
-            # "url": "http://localhost:8001",
-            ## "url": "https://ds.testunical.it",
-            # "cert": "certficates/others/ds.testunical.it.cert",
-
-            # working only with pplx-dev fork:
-            # "disable_ssl_certificate_validation": True,
-            # }]
-
-}
-
-
-SAML_CONTACTS = [
-      {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
-       'contact_type': 'administrative'},
-      {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
-       'contact_type': 'technical'},
-]
-
-
-SAML_ORG_INFO = {
-      'name': [('Unical', 'it'), ('Unical', 'en')],
-      'display_name': [('Unical', 'it'), ('Unical', 'en')],
-      'url': [('http://www.unical.it', 'it'),
-              ('http://www.unical.it', 'en')],
-}
-
-
-SAML_AA_CONFIG = {
-    'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
-    'entityid': '%s/aa/metadata' % BASE_URL,
-
-    'entity_category_support': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                                refeds.RESEARCH_AND_SCHOLARSHIP],
-
-    'attribute_map_dir': 'data/attribute-maps',
-    'description': 'SAML2 IDP',
-
-    'service': {
-        "aa": {
-            "endpoints": {
-                "attribute_service": [
-                    ("%s/aap" % BASE, BINDING_HTTP_POST),
-                ]
-            },
-            # transient per default, persistent if asked by sp
-            'name_id_format': [NAMEID_FORMAT_TRANSIENT,
-                               NAMEID_FORMAT_PERSISTENT],
-
-            'validate_certificate': True,
-            # this is default
-            'only_use_keys_in_metadata': True,
-
-            # these needs to change a standard shibboleth sp configuration
-            # because in GET binding the signature is in the url and not in the XML ...
-            # solution: disable HTTP-REDIRECT bind
-            # this needs the certificate in the authn request, not implemented in every sp ...
-            "want_authn_requests_only_with_valid_cert": False,
-            # HTTP-REDIRECT and many SP still not sign the authnRequest....
-            'want_authn_requests_signed': False,
-
-            'sign_response': True,
-            'sign_assertion': True,
-
-            # the following if set should be a cert filename, not a boolean
-            # 'verify_ssl_cert': None,
-            # 'verify_encrypt_cert_assertion': None,
-            # 'verify_encrypt_cert_advice': None,
-
-            # this works if pysaml2 is installed from peppelinux's fork
-            'signing_algorithm':  saml2.xmldsig.SIG_RSA_SHA256,
-            'digest_algorithm':  saml2.xmldsig.DIGEST_SHA256,
-
-            # saml.assertion #807
-            "policy": {
-                "default": {
-                    "lifetime": {'hours': 360},
-
-                }
-            },
-
-            "release_policy": {
-                "default": {
-                    "lifetime": {"minutes":15},
-                    "attribute_restrictions": None, # means all I have
-                    "name_form": NAME_FORMAT_URI,
-                },
-            },
-        },
-    },
-
-    'metadata': SAML_METADATA,
-    'key_file': BASE_DIR + '/certificates/private.key',
-    'cert_file': BASE_DIR + '/certificates/public.cert',
-    'contact_person': SAML_CONTACTS,
-    'organization': SAML_ORG_INFO,
-
-}
-
-
-
-SAML_IDP_CONFIG = {
-    'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
-    'entityid': '%s/metadata' % BASE_URL,
-
-    'entity_category_support': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                                refeds.RESEARCH_AND_SCHOLARSHIP],
-
-    'attribute_map_dir': 'data/attribute-maps',
-    'description': 'SAML2 IDP',
-
-    'service': {
-        'idp': {
-            'name': 'Django testunical SAML IdP',
-
-            'ui_info': {
-                'display_name': [{'lang': 'en', 'text': 'Unical IdP'}, {'lang': 'it', 'text': 'Unical IdP'}],
-                'description': [{'lang': 'en', 'text': 'University of Calabria Identity Provider'},
-                                {'lang': 'it', 'text': 'Identity Provider della Università della Calabria'}],
-                'information_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/strutture/centri/centroict/schdeserviziict/idem/'},
-                'privacy_statement_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/ateneo/privacy/'},
-                'logo': {'width': '80',
-                         'height': '60',
-                         'text': "https://{}/static/img/logo.svg".format(HOST)},
-                },
-
-            "scope": ['testunical.it'],
-
-            'endpoints': {
-                'single_sign_on_service': [
-                    ('%s/sso/post' % BASE_URL, BINDING_HTTP_POST),
-
-                    # HTTP-REDIRECT could introduce troubles with signing verifications ...
-                    ('%s/sso/redirect' % BASE_URL, BINDING_HTTP_REDIRECT),
-
-                    # TODO
-                    # ("%s/sso/art" % BASE_URL, BINDING_HTTP_ARTIFACT),
-                ],
-                "single_logout_service": [
-                    ("%s/slo/post" % BASE_URL, BINDING_HTTP_POST),
-
-                    #("%s/slo/redirect" % BASE_URL, BINDING_HTTP_REDIRECT)
-                    # ("%s/slo/soap" % BASE_URL, BINDING_SOAP),
-                ],
-
-               # "attribute_service": [
-                    # ("%s/aap" % BASE_URL, BINDING_HTTP_POST),
-                # ]
-            },
-            # transient per default, persistent if asked by sp
-            'name_id_format': [NAMEID_FORMAT_TRANSIENT,
-                               NAMEID_FORMAT_PERSISTENT],
-
-            'validate_certificate': True,
-            # this is default
-            'only_use_keys_in_metadata': True,
-
-            # these needs to change a standard shibboleth sp configuration
-            # because in GET binding the signature is in the url and not in the XML ...
-            # solution: disable HTTP-REDIRECT bind
-            # this needs the certificate in the authn request, not implemented in every sp ...
-            "want_authn_requests_only_with_valid_cert": False,
-            # HTTP-REDIRECT and many SP still not sign the authnRequest....
-            'want_authn_requests_signed': False,
-
-            'logout_requests_signed': True,
-
-            'sign_response': True,
-            'sign_assertion': True,
-
-            # the following if set should be a cert filename, not a boolean
-            # 'verify_ssl_cert': None,
-            # 'verify_encrypt_cert_assertion': None,
-            # 'verify_encrypt_cert_advice': None,
-
-            'signing_algorithm':  saml2.xmldsig.SIG_RSA_SHA256,
-            'digest_algorithm':  saml2.xmldsig.DIGEST_SHA256,
-
-            "policy": {
-                "default": {
-                    "lifetime": {"minutes": 15},
-
-                    # if the sp are not conform to entity_categories (in our metadata) the attributes will not be released
-                    # "entity_categories": ["refeds", "edugain"],
-                    # "entity_categories": ["refeds",],
-
-                    "name_form": NAME_FORMAT_URI,
-
-                    # global pysaml2 restrictions, useless with custom AttributeProcessors
-                    # "attribute_restrictions": {
-                        # 'username': None,
-                        # 'first_name': None,
-                        # 'last_name': None,
-                        #
-                        ## Here only mail addresses that end with ".umu.se" will be returned.
-                        # 'email': None,
-                        # #'email': [".*\.umu\.se$"],
-                        # "mail": [".*\.umu\.se$"],
-                    # },
-                },
-
-                # attributes will be released only if this SP have refeds in out entity_categories in its metadata.
-                # "https://sp1.testunical.it/saml2/metadata/": {
-                    # "entity_categories": ["refeds",]
-                # }
-
-
-                # "https://example.com/sp": {
-                    # "lifetime": {"minutes": 5},
-                    # "nameid_format": NAMEID_FORMAT_PERSISTENT,
-                    # "name_form": NAME_FORMAT_BASIC
-                # }
-            },
-
-        },
-
-        # AttributeAuthorityDescriptor is needed for legacy SP
-        # this adds the needed attributes in metadata ...!
-        #'aq': {
-        #
-        #    }
-
-    },
-
-    # Quite useless, you can even configure metadata store through admin backend!
-    'metadata': SAML_METADATA,
-
-    # Signing
-    'key_file': BASE_DIR + '/certificates/private.key',
-    'cert_file': BASE_DIR + '/certificates/public.cert',
-    # Encryption
-    'encryption_keypairs': [{
-        'key_file': BASE_DIR + '/certificates/private.key',
-        'cert_file': BASE_DIR + '/certificates/public.cert',
-    }],
-
-    # How many hours this configuration is expected to be accurate as eposed in metadata
-    #'valid_for': 24 * 10,
-
-    # own metadata settings
-    'contact_person': SAML_CONTACTS,
-    # you can set multilanguage information here
-    'organization': SAML_ORG_INFO,
-
-    # TODO: put idp logs in a separate file too
-    # "logger": {
-        # "rotating": {
-            # "filename": "idp.log",
-            # "maxBytes": 500000,
-            # "backupCount": 5,
-        # },
-        # "loglevel": "debug",
-    # }
-
-}
-
-SAML_IDP_SHOW_USER_AGREEMENT_SCREEN = True
-SAML_IDP_SHOW_CONSENT_FORM = False
-SAML_IDP_USER_AGREEMENT_ATTR_EXCLUDE = []
-# User agreements will be valid for 1 year unless overriden. If this attribute is not used, user agreements will not expire
-SAML_IDP_USER_AGREEMENT_VALID_FOR = 24 * 365
-
-SAML_IDP_DJANGO_USERNAME_FIELD = 'username'
-# alg, salt and arguments used for computed user identifier used in opaque, transient and persistent nameid_format
-SAML_COMPUTEDID_HASHALG = 'sha256'
-SAML_COMPUTEDID_SALT = b'87sdfybDSFDSFsdf__7yb'
-
-SAML_AUTHN_SIGN_ALG = saml2.xmldsig.SIG_RSA_SHA256
-SAML_AUTHN_DIGEST_ALG = saml2.xmldsig.DIGEST_SHA256
-
-# Encrypt authn response by default (will not work with SP that doesn't have enc keys in their metadata)
-SAML_FORCE_ENCRYPTED_ASSERTION = False
-
-# if enabled and nameid format is persistent the nameid related to user:recipient_id will be stored in PersistentId model
-SAML_ALLOWCREATE = True
-
-# SP configurations
-SAML_IDP_SPCONFIG = {}
-
-# Disable unconfigured SP even if they are in MetadataStore
-SAML_DISALLOW_UNDEFINED_SP = False
-
-# This coniguration will be used by default for each newly created SP through admin backend.
-DEFAULT_SPCONFIG = {
-    'processor': 'uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor',
-    'attribute_mapping': {
-        # refeds + edugain Entities
-        "cn": "cn",
-        "eduPersonEntitlement": "eduPersonEntitlement",
-        "eduPersonPrincipalName": "eduPersonPrincipalName",
-        "schacHomeOrganization": "schacHomeOrganization",
-        "eduPersonHomeOrganization": "eduPersonHomeOrganization",
-        "eduPersonAffiliation": "eduPersonAffiliation",
-        "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
-        "eduPersonTargetedID": "eduPersonTargetedID",
-        "mail": ["mail", "email"],
-        "email": ["mail", "email"],
-        "schacPersonalUniqueCode": "schacPersonalUniqueCode",
-        "schacPersonalUniqueID": "schacPersonalUniqueID",
-        "sn": "sn",
-        "givenName": ["givenName", "another_possible_occourrence"],
-        "displayName": "displayName",
-
-        # custom attributes
-        "codice_fiscale": "codice_fiscale",
-        "matricola_studente": "matricola_studente",
-        "matricola_dipendente": "matricola_dipendente"
-    },
-    'display_name': 'Unical SP',
-    'display_description': 'This is for test purpose',
-    'display_agreement_message': 'Some information about you has been requested', # Only for SP externals to our organization
-    'signing_algorithm': saml2.xmldsig.SIG_RSA_SHA256,
-    'digest_algorithm': saml2.xmldsig.DIGEST_SHA256,
-    'disable_encrypted_assertions': True,
-    # 'show_user_agreement_screen': SAML_IDP_SHOW_USER_AGREEMENT_SCREEN
-}
-
-# Quite useless, you can even configure SP through admin backend!
-# shibboleth test SP
-# SAML_IDP_SPCONFIG['https://sp.testunical.it/shibboleth'] = DEFAULT_SPCONFIG
-# SAML_IDP_SPCONFIG['https://sp1.testunical.it/saml2/metadata/'] = DEFAULT_SPCONFIG
-
-# satosa frontend
-# SAML_IDP_SPCONFIG['https://satosa.testunical.it/Saml2/metadata'] = DEFAULT_SPCONFIG
diff --git a/example/django_idp/settings.py b/example/django_idp/settings.py
index 3e9c294..8296baf 100644
--- a/example/django_idp/settings.py
+++ b/example/django_idp/settings.py
@@ -11,130 +11,122 @@
 """
 import ldap
 import os
+import logging
+import sys
 
 from .settingslocal import *
 
-# Quick-start development settings - unsuitable for production
-# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
+if len(sys.argv) > 1 and sys.argv[1] == 'test':
+    logging.disable(logging.CRITICAL)
 
-if not DEBUG:
-    SESSION_COOKIE_SECURE = True
-    CSRF_COOKIE_SECURE = True
-    # CSRF_USE_SESSIONS = True
-
-# Application definition
-
-MIDDLEWARE = [
-    'django.middleware.security.SecurityMiddleware',
-    'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
-
-    # SameSite Cookie workaround
-    'djangosaml2.middleware.SamlSessionMiddleware'
-]
-
-# GETTEXT LOCALIZATION
-MIDDLEWARE.append('django.middleware.locale.LocaleMiddleware')
-LOCALE_PATHS = (
-    os.path.join(BASE_DIR, "locale"),
-)
+LOCALE_PATHS = (os.path.join(BASE_DIR, "locale"),)
 #
 
-ROOT_URLCONF = 'django_idp.urls'
+ROOT_URLCONF = "django_idp.urls"
 
 TEMPLATES = [
     {
-        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
-        'APP_DIRS': True,
-        'OPTIONS': {
-            'context_processors': [
-                'django.template.context_processors.debug',
-                'django.template.context_processors.request',
-                'django.contrib.auth.context_processors.auth',
-                'django.contrib.messages.context_processors.messages',
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": ['templates'],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
             ],
         },
     },
 ]
 
 STATICFILES_FINDERS = [
-    'django.contrib.staticfiles.finders.FileSystemFinder',
-    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
-    'sass_processor.finders.CssFinder',
+    "django.contrib.staticfiles.finders.FileSystemFinder",
+    "django.contrib.staticfiles.finders.AppDirectoriesFinder",
+    "sass_processor.finders.CssFinder",
 ]
 
-WSGI_APPLICATION = 'django_idp.wsgi.application'
+WSGI_APPLICATION = "django_idp.wsgi.application"
 
 # SEE settingslocal
 # Database
 # https://docs.djangoproject.com/en/2.0/ref/settings/#databases
 
-#DATABASES = {
-    #'default': {
-        #'ENGINE': 'django.db.backends.mysql',
-        #'NAME': 'uniauth',
-        #'HOST': 'localhost',
-        #'USER': 'django-saml2-idp',
-        #'PASSWORD': 'django-saml2-idp78',
-        #'PORT': ''
-    #}
-#}
+# DATABASES = {
+#'default': {
+#'ENGINE': 'django.db.backends.mysql',
+#'NAME': 'uniauth',
+#'HOST': 'localhost',
+#'USER': 'django-saml2-idp',
+#'PASSWORD': 'django-saml2-idp78',
+#'PORT': ''
+# }
+# }
 
-#DATABASES = settingslocal.DATABASES
+# DATABASES = settingslocal.DATABASES
 
 AUTHENTICATION_BACKENDS = [
-                            'django.contrib.auth.backends.ModelBackend',
-                            # TODO
-                            # 'unical_ict.auth.SessionUniqueBackend',
-                          ]
+    "django.contrib.auth.backends.ModelBackend",
+    # TODO
+    # 'unical_ict.auth.SessionUniqueBackend',
+]
+
+# proxy
+if 'allauth' in INSTALLED_APPS:
+    AUTHENTICATION_BACKENDS.append(
+        # `allauth` specific authentication methods, such as login by e-mail
+        'allauth.account.auth_backends.AuthenticationBackend',
+    )
 
 #################
 # LDAP, optional
 #################
-if 'ldap_peoples' in INSTALLED_APPS:
+if "ldap_peoples" in INSTALLED_APPS:
     # load default and overrides as you prefer
     from ldap_peoples.settings import *
-    DEFAULT_EDUPERSON_ENTITLEMENT = ['urn:mace:terena.org:tcs:personal-user',
-                                     'urn:mace:terena.org:tcs:escience-user']
-    SCHAC_HOMEORGANIZATIONTYPE_DEFAULT = ['educationInstitution',
-                                          'university']
+
+    DEFAULT_EDUPERSON_ENTITLEMENT = [
+        "urn:mace:terena.org:tcs:personal-user",
+        "urn:mace:terena.org:tcs:escience-user",
+    ]
+    SCHAC_HOMEORGANIZATIONTYPE_DEFAULT = ["educationInstitution", "university"]
     SCHAC_HOMEORGANIZATION_DEFAULT = LDAP_BASE_DOMAIN
 
-    LDAP_CONNECTION_OPTIONS = {ldap.OPT_PROTOCOL_VERSION: 3,
-                               ldap.OPT_NETWORK_TIMEOUT: 5,
-                               # ldap.OPT_DEBUG_LEVEL: 255,
-                               # ldap.OPT_X_TLS_CACERTFILE: LDAP_CACERT,
-                               # force /etc/ldap.conf configuration.
-                               # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
-                               # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_DEMAND,
-                               # ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
-                               # ldap.OPT_X_TLS_DEMAND: True,
-                               # ldap.OPT_X_TLS: ldap.OPT_X_TLS_NEVER,
-                               # ldap.OPT_X_TLS_DEMAND: False,
-                              }
-
-    DATABASES['ldap'] = {
-        'ENGINE': 'ldapdb.backends.ldap',
+    LDAP_CONNECTION_OPTIONS = {
+        ldap.OPT_PROTOCOL_VERSION: 3,
+        ldap.OPT_NETWORK_TIMEOUT: 5,
+        # ldap.OPT_DEBUG_LEVEL: 255,
+        # ldap.OPT_X_TLS_CACERTFILE: LDAP_CACERT,
+        # force /etc/ldap.conf configuration.
+        # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
+        # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_DEMAND,
+        # ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
+        # ldap.OPT_X_TLS_DEMAND: True,
+        # ldap.OPT_X_TLS: ldap.OPT_X_TLS_NEVER,
+        # ldap.OPT_X_TLS_DEMAND: False,
+    }
+
+    DATABASES["ldap"] = {
+        "ENGINE": "ldapdb.backends.ldap",
         # only in localhost
         #'NAME': 'ldapi://',
-        'NAME': LDAP_DB_URL,
-        'USER': LDAP_CONNECTION_USER,
-        'PASSWORD': LDAP_CONNECTION_PASSWD,
-        'RETRY_DELAY': 8,
-        'RETRY_MAX': 3,
-        'CONNECTION_OPTIONS': LDAP_CONNECTION_OPTIONS
-     }
+        "NAME": LDAP_DB_URL,
+        "USER": LDAP_CONNECTION_USER,
+        "PASSWORD": LDAP_CONNECTION_PASSWD,
+        "RETRY_DELAY": 8,
+        "RETRY_MAX": 3,
+        "CONNECTION_OPTIONS": LDAP_CONNECTION_OPTIONS,
+    }
 
-    DATABASE_ROUTERS = ['ldapdb.router.Router']
-    AUTHENTICATION_BACKENDS.append('uniauth_saml2_idp.auth.ldap_peoples.LdapAcademiaAuthBackend')
+    DATABASE_ROUTERS = ["ldapdb.router.Router"]
+    AUTHENTICATION_BACKENDS.append(
+        "uniauth_saml2_idp.auth.ldap_peoples.LdapAcademiaAuthBackend"
+    )
 
-if 'multildap' in INSTALLED_APPS:
-    AUTHENTICATION_BACKENDS.append('uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend')
+if "multildap" in INSTALLED_APPS:
+    AUTHENTICATION_BACKENDS.append(
+        "uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend"
+    )
 
 
 # Password validation
@@ -142,26 +134,26 @@
 
 AUTH_PASSWORD_VALIDATORS = [
     {
-        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
     },
 ]
 
 
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/2.0/howto/static-files/
-STATIC_ROOT = os.path.join(BASE_DIR, 'static')
-STATIC_URL = '/static/'
+STATIC_ROOT = os.path.join(BASE_DIR, "static")
+STATIC_URL = "/static/"
 
-MEDIA_ROOT = os.path.join(BASE_DIR, 'data/media')
+MEDIA_ROOT = os.path.join(BASE_DIR, "data/media")
 
-if 'uniauth_saml2_idp' in INSTALLED_APPS:
+if "uniauth_saml2_idp" in INSTALLED_APPS:
     from . idp_pysaml2 import *
diff --git a/example/django_idp/settingslocal.py b/example/django_idp/settingslocal.py
index f3ea5e4..56ff6a0 100644
--- a/example/django_idp/settingslocal.py
+++ b/example/django_idp/settingslocal.py
@@ -1,21 +1,42 @@
+import json
 import os
 
+from . idp_pysaml2 import HOST, ENTITY_URL
+from . settingslocal_logging import LOGGING
+
+MFA_DOMAIN = ENTITY_URL
+MFA_SITE_TITLE = os.getenv("MFA_SITE_TITLE", "uniAuth-IDP-example")
+
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'lrx(fg&+2e=$l=y8$!+l68_=-lm3*n+myg%r3z!yjm(lg*l%-z'
+SECRET_KEY = os.environ.get("SECRET_KEY", 'lrx(fg&+2e="$TDdssdG$%TSFFDSFfdfsmyg%r3z!yjm(lg*l%-z')
+
+# CORS are needed for OAS3 app
+CORS_ORIGIN_ALLOW_ALL = bool(int(os.environ.get("CORS_ORIGIN_ALLOW_ALL", 0)))
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-SESSION_EXPIRE_AT_BROWSER_CLOSE=True
-SESSION_COOKIE_AGE = 60 * 10 # minutes
+DEBUG = int(os.environ.get("DEBUG", 1))
+if not DEBUG:
+    SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+    SESSION_COOKIE_AGE = os.environ.get(
+        "SESSION_COOKIE_AGE",
+        60 * 15 # 10 minutes
+    )
+    CSRF_COOKIE_HTTPONLY = True
+    CSRF_COOKIE_SECURE = True
+    SESSION_COOKIE_SECURE = True
 
 # the path corresponding the admin backend, default if not defined: admin/
-ADMIN_PATH = 'admin_access'
+ADMIN_PATH = os.environ.get("ADMIN_PATH", 'admin_access')
 
-ALLOWED_HOSTS = ['*']
+ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', [HOST, "localhost", "127.0.0.1", "*"])
 AUTH_USER_MODEL = 'accounts.User'
+DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
 
 INSTALLED_APPS = [
     'accounts',
@@ -26,35 +47,116 @@
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'sass_processor',
+
     # templates
-    'uniauth_unical_template',
-    'django_unical_bootstrap_italia',
+    'custom_template',
+    #  'django_unical_bootstrap_italia',
     'bootstrap_italia_template',
+
     # uniauth idp
     'uniauth_saml2_idp',
     # 'ldap_peoples',
-    'multildap',
-    'rangefilter']
-
-DATABASES = {
-    # 'default': {
-        # 'ENGINE': 'django.db.backends.mysql',
-        # 'NAME': 'uniauth',
-        # 'HOST': 'localhost',
-        # 'USER': 'that-user',
-        # 'PASSWORD': 'that-password',
-        # 'PORT': '',
-        # 'OPTIONS': {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"}
-    # },
-   'default': {
-       'ENGINE': 'django.db.backends.sqlite3',
-       'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-   }
-}
+    
+    # file upload/change/delete cleanup
+    'django_cleanup.apps.CleanupConfig',
+    
+    # 'multildap',
+    # 'rangefilter'
+
+    "corsheaders",
+    
+    # proxy
+    'allauth',
+    'allauth.account',
+    'allauth.socialaccount',
+    "allauth.socialaccount.providers.google",
+    "allauth.socialaccount.providers.azure",
+    "allauth.socialaccount.providers.microsoft",
+    
+    # custom
+    "socialauth",
+    
+    # password reset
+    "django_form_builder",
+    "password_reset",
+    
+    # mfa
+    "mfa"
+]
+
+MIDDLEWARE = [
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "corsheaders.middleware.CorsMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    
+    # GETTEXT
+    "django.middleware.locale.LocaleMiddleware",
+    
+    # SameSite Cookie workaround
+    "djangosaml2.middleware.SamlSessionMiddleware",
+]
+
+if os.environ.get("MFA", 0):
+    # Enforce MFA
+    MIDDLEWARE.append("mfa.middleware.MFAEnforceMiddleware"
+)
+
+if "allauth" in INSTALLED_APPS:
+    MIDDLEWARE.append("allauth.account.middleware.AccountMiddleware")
+
+if 'multildap' in INSTALLED_APPS:
+    from . settingslocal_ldap import *
+
+if 'multildap' in INSTALLED_APPS or 'ldap_peoples' in INSTALLED_APPS:
+    # ldap_peoples related
+    # LDAP_CONNECTION_USER = 'cn=thatuser,dc=unical,dc=it'
+    # LDAP_CONNECTION_PASSWD = 'Thatpassword'
+    # LDAP_DB_URL = 'ldap://localhost:389/'
+    LDAP_BASE_DOMAIN = 'local'
+    # LDAP_PEOPLE_DN = 'dc=proxy'
+
+if os.getenv("DATABASES", None):
+    DATABASES = json.loads(os.getenv("DATABASES"))
+else:
+    DATABASES = {
+        # 'default': {
+            # 'ENGINE': 'django.db.backends.mysql',
+            # 'NAME': 'uniauth',
+            # 'HOST': 'localhost',
+            # 'USER': 'that-user',
+            # 'PASSWORD': 'that-password',
+            # 'PORT': '',
+            # 'OPTIONS': {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"}
+        # },
+        #  'default': {
+            #  'ENGINE': 'django.db.backends.postgresql',
+            #  'NAME': os.environ.get("DB-NAME", 'uniauth'),
+            #  'USER': os.environ.get("DB-USER", 'uniauth'),
+            #  'PASSWORD': os.environ.get("DB-PASS", 'that-pass'),
+            #  'HOST': os.environ.get("DB-HOST", 'uniauth-db'),
+            #  'PORT': os.environ.get("DB-PORT", '5432'),
+            #  'OPTIONS': {
+                #  'options': os.getenv("POSTGRESQL_OPTION_CLI", '-c statement_timeout=5000'),
+                #  'connect_timeout': os.getenv("POSTGRESQL_CONNECT_TIMEOUT", 5)
+            #  }
+        #  }
+       'default': {
+           'ENGINE': 'django.db.backends.sqlite3',
+           'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+       }
+    }
 
 # needed for ldap admin forms
-DATETIME_INPUT_FORMATS = ['%Y-%m-%d %H:%M:%S',
-                          '%d/%m/%Y %H:%M:%S']
+DATETIME_INPUT_FORMATS = [
+    '%Y-%m-%d %H:%M:%S',
+    '%d/%m/%Y %H:%M:%S'
+]
 
 DATE_INPUT_FORMATS = ['%Y-%m-%d', '%d/%m/%Y']
 
@@ -70,7 +172,7 @@
 # email notification on error 500
 DEFAULT_FROM_EMAIL = 'idp-noreply@DOMAIN'
 SERVER_EMAIL = DEFAULT_FROM_EMAIL
-EMAIL_HOST = 'smtpservizi.unical.it'
+EMAIL_HOST = 'smtp.example.org'
 # EMAIL_HOST_USER = 'myemail@hotmail.com'
 # EMAIL_HOST_PASSWORD = 'mypassword'
 EMAIL_PORT = 587
@@ -79,211 +181,97 @@
 ADMINS = [('name surname', 'user1@DOMAIN'),
           ('name surnale', 'user2@DOMAIN'),]
 
-# LOGGING
-LOGGING = {
-    'version': 1,
-    'disable_existing_loggers': False,
-    'formatters': {
-        'default': {
-            # exact format is not important, this is the minimum information
-            'format': '%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
-        },
-        'detailed': {
-            'format': '[%(asctime)s] %(message)s [(%(levelname)s)]' # %(name)s.%(funcName)s:%(lineno)s]'
-        },
-    },
-    'filters': {
-        'require_debug_false': {
-            '()': 'django.utils.log.RequireDebugFalse'
-        }
-    },
-    'handlers': {
-        'mail_admins': {
-            'formatter': 'detailed',
-            'level': 'ERROR',
-            'filters': ['require_debug_false'],
-            'class': 'django.utils.log.AdminEmailHandler'
-        },
-        'console': {
-            'formatter': 'detailed',
-            'level': 'INFO',
-            'class': 'logging.StreamHandler',
-        },
+
+# Provider specific settings
+SOCIALACCOUNT_PROVIDERS = {
+    'google': {
+        'SCOPE': [
+            'profile',
+            'email',
+            'openid',
+            # 'https://www.googleapis.com/auth/calendar.readonly'
+        ],
     },
-    'loggers': {
-        'django': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'ERROR',
-            'propagate': False,
-        },
-        'uniauth_saml2_idp': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'DEBUG',
-            'propagate': False,
-        },
-        'multildap': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'DEBUG',
-            'propagate': False,
-        },
-    }
+    #  'microsoft': {"SCOPE": ["https://outlook.office365.com/.default", "email", "openid"]}
+    # 'azure' :{}
 }
 
-if 'multildap' in INSTALLED_APPS or 'ldap_peoples' in INSTALLED_APPS:
-    # ldap_peoples related
-    # LDAP_CONNECTION_USER = 'cn=thatuser,dc=unical,dc=it'
-    # LDAP_CONNECTION_PASSWD = 'Thatpassword'
-    # LDAP_DB_URL = 'ldap://localhost:389/'
-    LDAP_BASE_DOMAIN = 'testunical.it'
-    # LDAP_PEOPLE_DN = 'dc=proxy'
-
-if 'multildap' in INSTALLED_APPS:
-    #####################
-    # pyMutliLDAP related
-    #####################
-    import ldap3
-    from multildap.client import LdapClient
-    # GLOBALS
-
-    # encoding
-    ldap3.set_config_parameter('DEFAULT_SERVER_ENCODING',
-                               'UTF-8')
-    # some broken LDAP implementation may have different encoding
-    # than those expected by RFCs
-    # ldap3.set_config_paramenter('ADDITIONAL_ENCODINGS', ...)
-
-    # timeouts
-    ldap3.set_config_parameter('RESTARTABLE_TRIES', 3)
-    ldap3.set_config_parameter('POOLING_LOOP_TIMEOUT', 2)
-    ldap3.set_config_parameter('RESET_AVAILABILITY_TIMEOUT', 2)
-    ldap3.set_config_parameter('RESTARTABLE_SLEEPTIME', 2)
-
-    # _REWRITE_DN_TO = 'dc=proxy'
-    _RS_ATTRIBUTES = ['cn',
-                      'eduPersonPrincipalName',
-                      'eduPersonEntitlement',
-                      'schacHomeOrganizationType',
-                      'schacHomeOrganization',
-                      'mail',
-                      'uid',
-                      'givenName',
-                      'sn',
-                      'eduPersonScopedAffiliation',
-                      'schacPersonalUniqueID',
-                      'schacPersonalUniqueCode']
-
-    DEFAULT = dict(server =
-                       dict(host = 'ldap://ldap.testunical.it:389',
-                            connect_timeout = 5,
-                            # TLS...
-                            ),
-                   connection =
-                       dict(user = 'uid=idpuser,ou=idp,dc=testunical,dc=it',
-                            password = 'idpsecret',
-                            read_only = True,
-                            version = 3,
-                            # see ldap3 client_strategies
-                            client_strategy = ldap3.RESTARTABLE,
-                            auto_bind = True,
-                            pool_size = 10,
-                            pool_keepalive = 10),
-                    search =
-                        dict(search_base = 'ou=people,dc=testunical,dc=it',
-                             search_filter = '(objectclass=person)',
-                             search_scope = ldap3.SUBTREE,
-
-                             # general purpose for huge resultsets
-                             # TODO: implement paged resultset, see: examples/paged_resultset.py
-                             # size_limit = 500,
-                             # paged_size = 1000, # up to 500000 results
-                             # paged_criticality = True, # check if the server supports paged results
-                             # paged_cookie = True, # must be sent back while requesting subsequent entries
-
-                             # to get all = # '*'
-                             attributes = _RS_ATTRIBUTES
-                            ),
-                        encoding = 'utf-8',
-                      rewrite_rules =
-                            [
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'replace',
-                              # 'kwargs': {'from_str': 'unical', 'to_str': 'lacinu',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'regexp_replace',
-                              # 'kwargs': {'regexp': 'unical', 'sub': 'gnocc',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'add_static_attribute',
-                              # 'kwargs': {'name': 'eduPersonOrcid', 'value': 'ingoalla',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'copy_attribute_value',
-                              # 'kwargs': {'from_attr': 'uid',
-                                         # 'to_attr': 'schacPersonalUniqueID',
-                                         # 'suffix': '',
-                                         # 'prefix': 'urn:schac:personalUniqueID:IT:CF:',
-                                         # }},
-                            ],
-
-                      # Authentication settings
-                      # only needed if behind multildap proxy
-                      # rewrite_dn_to = _REWRITE_DN_TO,
-                      allow_authentication = True,
-                )
-
-    LOCAL = dict(server =
-                       dict(host = 'ldap://localhost:389',
-                            connect_timeout = 5,
-                            # TLS...
-                            ),
-                   connection =
-                       dict(user = 'cn=thatuser,ou=thatou,dc=unical,dc=it',
-                            password = 'thatpassword',
-                            read_only = True,
-                            version = 3,
-                            # see ldap3 client_strategies
-                            client_strategy = ldap3.RESTARTABLE,
-                            auto_bind = True,
-                            pool_size = 10,
-                            pool_keepalive = 10),
-                    search =
-                        dict(search_base = 'ou=people,dc=unical,dc=it',
-                             search_filter = '(objectclass=person)',
-                             search_scope = ldap3.SUBTREE,
-
-                             # general purpose for huge resultsets
-                             # TODO: implement paged resultset, see: examples/paged_resultset.py
-                             # size_limit = 500,
-                             # paged_size = 1000, # up to 500000 results
-                             # paged_criticality = True, # check if the server supports paged results
-                             # paged_cookie = True, # must be sent back while requesting subsequent entries
-
-                             # to get all = # '*'
-                             attributes = _RS_ATTRIBUTES
-                            ),
-                      encoding = 'utf-8',
-                      rewrite_rules =
-                            [
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'append',
-                              # 'kwargs': {'value': '@unical.it',
-                                         # 'to_attrs': ['eduPersonPrincipalName',]}},
-
-                             # {'package': 'attr_rewrite',
-                              # 'name': 'regexp_replace',
-                              # 'kwargs': {'regexp': '', 'sub': '',}},
-
-                            ],
-                      # Authentication settings
-                      # only needed if behind multildap proxy
-                      # rewrite_dn_to = _REWRITE_DN_TO,
-                      allow_authentication = True,
-                )
-
-    # put multiple connections here
-    LDAP_CONNECTIONS = {'DEFAULT' : DEFAULT,
-                        # 'LOCAL' : LOCAL
-                        }
-    LDAP_CONNECTIONS = [LdapClient(conf) for conf in LDAP_CONNECTIONS.values()]
+# Mail is sent using the SMTP host and port specified in the 
+# EMAIL_HOST and EMAIL_PORT settings. The EMAIL_HOST_USER and EMAIL_HOST_PASSWORD 
+# settings, if set, are used to authenticate to the SMTP server, and the 
+# EMAIL_USE_TLS and EMAIL_USE_SSL settings control whether a secure connection is used.
+
+EMAIL_BACKEND = os.getenv(
+    "EMAIL_BACKEND",
+    "django.core.mail.backends.console.EmailBackend"
+)
+EMAIL_HOST = os.getenv(
+    "EMAIL_BACKEND",
+    None
+)
+EMAIL_PORT = os.getenv(
+    "EMAIL_PORT",
+    None
+)
+EMAIL_HOST_USER = os.getenv(
+    "EMAIL_HOST_USER",
+    None
+)
+EMAIL_HOST_PASSWORD = os.getenv(
+    "EMAIL_HOST_PASSWORD",
+    None
+)
+EMAIL_USE_TLS = os.getenv(
+    "EMAIL_USE_TLS",
+    None
+)
+EMAIL_USE_SSL = os.getenv(
+    "EMAIL_USE_SSL",
+    None
+)
+EMAIL_FROM = os.getenv(
+    "EMAIL_FROM",
+    "no-reply@xdrplus-iam.acsia.org"
+)
+EMAIL_SUBJECT_PASSWD_RESET = os.getenv(
+    "EMAIL_SUBJECT_PASSWD_RESET",
+    "A password reset was requested"
+)
+EMAIL_MSG_PASSWD_RESET = os.getenv(
+    "EMAIL_MSG_PASSWD_RESET",
+    """
+    Dear {user},
+    
+    You have requested a password change for {host}.
+    Please click on the link below to confirm the password 
+    that you have provided previously during your request:
+    
+    {link}
+    
+    best regards 
+    """
+)
+
+LOGIN_REDIRECT_URL = "/idp/login/process/"
+
+# DISABLE USER SIGNUP
+ACCOUNT_ADAPTER = 'socialauth.account_adapter.CustomAccountAdapter'
+SOCIALACCOUNT_ADAPTER = 'socialauth.socialaccount_adapter.CustomSocialAccountAdapter'
+
+
+# account linking based on email
+# ACCOUNT_AUTHENTICATION_METHOD = "username_email"
+# ACCOUNT_USER_MODEL_USERNAME_FIELD = None
+
+# This option can be used to set whether an email verification is necessary for a user to log in after he registers an account.
+# ACCOUNT_EMAIL_REQUIRED = True
+
+# ACCOUNT_USERNAME_REQUIRED = False
+# ACCOUNT_AUTHENTICATION_METHOD = 'email'
+
+# SOCIALACCOUNT_EMAIL_REQUIRED = True
+# SOCIALACCOUNT_AUTO_SIGNUP = False
+
+# TODO REMOVE
+# EMAIL_VERIFICATION = None
+# SOCIALACCOUNT_EMAIL_VERIFICATION = None
diff --git a/example/django_idp/settingslocal.py.example b/example/django_idp/settingslocal.py.example
deleted file mode 100644
index dbb2e6b..0000000
--- a/example/django_idp/settingslocal.py.example
+++ /dev/null
@@ -1,290 +0,0 @@
-import os
-
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'lrx(fg&+2e=$l=y8$!+l68_=-lm3*n+myg%r3z!yjm(lg*l%-z'
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-SESSION_EXPIRE_AT_BROWSER_CLOSE=True
-SESSION_COOKIE_AGE = 60 * 10 # minutes
-
-# the path corresponding the admin backend, default if not defined: admin/
-ADMIN_PATH = 'admin_access'
-
-ALLOWED_HOSTS = ['*']
-AUTH_USER_MODEL = 'accounts.User'
-
-INSTALLED_APPS = [
-    'accounts',
-    'django.contrib.admin',
-    'django.contrib.auth',
-    'django.contrib.contenttypes',
-    'django.contrib.sessions',
-    'django.contrib.messages',
-    'django.contrib.staticfiles',
-    'sass_processor',
-    'bootstrap_italia_template',
-    'django_unical_bootstrap_italia',
-    'uniauth_saml2_idp',
-    'uniauth_unical_template',
-
-    # 'ldap_peoples',
-    'multildap',
-    'rangefilter']
-
-DATABASES = {
-    # 'default': {
-        # 'ENGINE': 'django.db.backends.mysql',
-        # 'NAME': 'uniauth',
-        # 'HOST': 'localhost',
-        # 'USER': 'that-user',
-        # 'PASSWORD': 'that-password',
-        # 'PORT': '',
-        # 'OPTIONS': {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"}
-    # },
-   'default': {
-       'ENGINE': 'django.db.backends.sqlite3',
-       'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-   }
-}
-
-# needed for ldap admin forms
-DATETIME_INPUT_FORMATS = ['%Y-%m-%d %H:%M:%S',
-                          '%d/%m/%Y %H:%M:%S']
-
-DATE_INPUT_FORMATS = ['%Y-%m-%d', '%d/%m/%Y']
-
-# https://docs.djangoproject.com/en/2.0/topics/i18n/
-
-LANGUAGE_CODE = 'en-us'
-TIME_ZONE = 'UTC'
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-
-# email notification on error 500
-DEFAULT_FROM_EMAIL = 'idp-noreply@DOMAIN'
-SERVER_EMAIL = DEFAULT_FROM_EMAIL
-EMAIL_HOST = 'smtpservizi.unical.it'
-# EMAIL_HOST_USER = 'myemail@hotmail.com'
-# EMAIL_HOST_PASSWORD = 'mypassword'
-EMAIL_PORT = 587
-EMAIL_USE_TLS = True
-
-ADMINS = [('name surname', 'user1@DOMAIN'),
-          ('name surnale', 'user2@DOMAIN'),]
-
-# LOGGING
-LOGGING = {
-    'version': 1,
-    'disable_existing_loggers': False,
-    'formatters': {
-        'default': {
-            # exact format is not important, this is the minimum information
-            'format': '%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
-        },
-        'detailed': {
-            'format': '[%(asctime)s] %(message)s [(%(levelname)s)]' # %(name)s.%(funcName)s:%(lineno)s]'
-        },
-    },
-    'filters': {
-        'require_debug_false': {
-            '()': 'django.utils.log.RequireDebugFalse'
-        }
-    },
-    'handlers': {
-        'mail_admins': {
-            'formatter': 'detailed',
-            'level': 'ERROR',
-            'filters': ['require_debug_false'],
-            'class': 'django.utils.log.AdminEmailHandler'
-        },
-        'console': {
-            'formatter': 'detailed',
-            'level': 'INFO',
-            'class': 'logging.StreamHandler',
-        },
-    },
-    'loggers': {
-        'django': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'ERROR',
-            'propagate': False,
-        },
-        'uniauth_saml2_idp': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'DEBUG',
-            'propagate': False,
-        },
-        'multildap': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'DEBUG',
-            'propagate': False,
-        },
-    }
-}
-
-
-if 'multildap' in INSTALLED_APPS or 'ldap_peoples' in INSTALLED_APPS:
-    # ldap_peoples related
-    # LDAP_CONNECTION_USER = 'cn=thatuser,dc=unical,dc=it'
-    # LDAP_CONNECTION_PASSWD = 'Thatpassword'
-    # LDAP_DB_URL = 'ldap://localhost:389/'
-    LDAP_BASE_DOMAIN = 'testunical.it'
-    # LDAP_PEOPLE_DN = 'dc=proxy'
-
-
-if 'multildap' in INSTALLED_APPS:
-    #####################
-    # pyMutliLDAP related
-    #####################
-    import ldap3
-    from multildap.client import LdapClient
-    # GLOBALS
-
-    # encoding
-    ldap3.set_config_parameter('DEFAULT_SERVER_ENCODING',
-                               'UTF-8')
-    # some broken LDAP implementation may have different encoding
-    # than those expected by RFCs
-    # ldap3.set_config_paramenter('ADDITIONAL_ENCODINGS', ...)
-
-    # timeouts
-    ldap3.set_config_parameter('RESTARTABLE_TRIES', 3)
-    ldap3.set_config_parameter('POOLING_LOOP_TIMEOUT', 2)
-    ldap3.set_config_parameter('RESET_AVAILABILITY_TIMEOUT', 2)
-    ldap3.set_config_parameter('RESTARTABLE_SLEEPTIME', 2)
-
-    # _REWRITE_DN_TO = 'dc=proxy'
-    _RS_ATTRIBUTES = ['cn',
-                      'eduPersonPrincipalName',
-                      'eduPersonEntitlement',
-                      'schacHomeOrganizationType',
-                      'schacHomeOrganization',
-                      'mail',
-                      'uid',
-                      'givenName',
-                      'sn',
-                      'eduPersonScopedAffiliation',
-                      'schacPersonalUniqueID',
-                      'schacPersonalUniqueCode']
-
-    DEFAULT = dict(server =
-                       dict(host = 'ldap://ldap.testunical.it:389',
-                            connect_timeout = 5,
-                            # TLS...
-                            ),
-                   connection =
-                       dict(user = 'uid=idpuser,ou=idp,dc=testunical,dc=it',
-                            password = 'idpsecret',
-                            read_only = True,
-                            version = 3,
-                            # see ldap3 client_strategies
-                            client_strategy = ldap3.RESTARTABLE,
-                            auto_bind = True,
-                            pool_size = 10,
-                            pool_keepalive = 10),
-                    search =
-                        dict(search_base = 'ou=people,dc=testunical,dc=it',
-                             search_filter = '(objectclass=person)',
-                             search_scope = ldap3.SUBTREE,
-
-                             # general purpose for huge resultsets
-                             # TODO: implement paged resultset, see: examples/paged_resultset.py
-                             # size_limit = 500,
-                             # paged_size = 1000, # up to 500000 results
-                             # paged_criticality = True, # check if the server supports paged results
-                             # paged_cookie = True, # must be sent back while requesting subsequent entries
-
-                             # to get all = # '*'
-                             attributes = _RS_ATTRIBUTES
-                            ),
-                        encoding = 'utf-8',
-                      rewrite_rules =
-                            [
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'replace',
-                              # 'kwargs': {'from_str': 'unical', 'to_str': 'lacinu',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'regexp_replace',
-                              # 'kwargs': {'regexp': 'unical', 'sub': 'gnocc',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'add_static_attribute',
-                              # 'kwargs': {'name': 'eduPersonOrcid', 'value': 'ingoalla',}},
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'copy_attribute_value',
-                              # 'kwargs': {'from_attr': 'uid',
-                                         # 'to_attr': 'schacPersonalUniqueID',
-                                         # 'suffix': '',
-                                         # 'prefix': 'urn:schac:personalUniqueID:IT:CF:',
-                                         # }},
-                            ],
-
-                      # Authentication settings
-                      # only needed if behind multildap proxy
-                      # rewrite_dn_to = _REWRITE_DN_TO,
-                      allow_authentication = True,
-                )
-
-    LOCAL = dict(server =
-                       dict(host = 'ldap://localhost:389',
-                            connect_timeout = 5,
-                            # TLS...
-                            ),
-                   connection =
-                       dict(user = 'cn=thatuser,ou=thatou,dc=unical,dc=it',
-                            password = 'thatpassword',
-                            read_only = True,
-                            version = 3,
-                            # see ldap3 client_strategies
-                            client_strategy = ldap3.RESTARTABLE,
-                            auto_bind = True,
-                            pool_size = 10,
-                            pool_keepalive = 10),
-                    search =
-                        dict(search_base = 'ou=people,dc=unical,dc=it',
-                             search_filter = '(objectclass=person)',
-                             search_scope = ldap3.SUBTREE,
-
-                             # general purpose for huge resultsets
-                             # TODO: implement paged resultset, see: examples/paged_resultset.py
-                             # size_limit = 500,
-                             # paged_size = 1000, # up to 500000 results
-                             # paged_criticality = True, # check if the server supports paged results
-                             # paged_cookie = True, # must be sent back while requesting subsequent entries
-
-                             # to get all = # '*'
-                             attributes = _RS_ATTRIBUTES
-                            ),
-                      encoding = 'utf-8',
-                      rewrite_rules =
-                            [
-
-                             # {'package': 'multildap.attr_rewrite',
-                              # 'name': 'append',
-                              # 'kwargs': {'value': '@unical.it',
-                                         # 'to_attrs': ['eduPersonPrincipalName',]}},
-
-                             # {'package': 'attr_rewrite',
-                              # 'name': 'regexp_replace',
-                              # 'kwargs': {'regexp': '', 'sub': '',}},
-
-                            ],
-                      # Authentication settings
-                      # only needed if behind multildap proxy
-                      # rewrite_dn_to = _REWRITE_DN_TO,
-                      allow_authentication = True,
-                )
-
-    # put multiple connections here
-    LDAP_CONNECTIONS = {'DEFAULT' : DEFAULT,
-                        # 'LOCAL' : LOCAL
-                        }
-    LDAP_CONNECTIONS = [LdapClient(conf) for conf in LDAP_CONNECTIONS.values()]
diff --git a/example/django_idp/settingslocal_ldap.py b/example/django_idp/settingslocal_ldap.py
new file mode 100644
index 0000000..a9c2eac
--- /dev/null
+++ b/example/django_idp/settingslocal_ldap.py
@@ -0,0 +1,80 @@
+#####################
+# pyMutliLDAP related
+#####################
+import ldap3
+from ldap3 import ALL, NTLM
+from multildap.client import LdapClient
+# GLOBALS
+
+# encoding
+ldap3.set_config_parameter('DEFAULT_SERVER_ENCODING',
+                           'UTF-8')
+# some broken LDAP implementation may have different encoding
+# than those expected by RFCs
+# ldap3.set_config_paramenter('ADDITIONAL_ENCODINGS', ...)
+
+# timeouts
+ldap3.set_config_parameter('RESTARTABLE_TRIES', 3)
+ldap3.set_config_parameter('POOLING_LOOP_TIMEOUT', 2)
+ldap3.set_config_parameter('RESET_AVAILABILITY_TIMEOUT', 2)
+ldap3.set_config_parameter('RESTARTABLE_SLEEPTIME', 2)
+
+
+XDR_DEMO = dict(server =
+                   dict(host = 'ldap://10.5.3.19:389',
+                        connect_timeout = 5,
+                        get_info=ALL
+                        ),
+               connection =
+                   dict(user="example.local\\xdrplus-user",
+                        password="That-password", 
+                        read_only = True,
+                        version = 3,
+                        # see ldap3 client_strategies
+                        client_strategy = ldap3.RESTARTABLE,
+                        auto_bind = True,
+                        pool_size = 10,
+                        pool_keepalive = 10,
+                        authentication=NTLM
+                        ),
+                search =
+                    dict(search_base = 'CN=Users,DC=example,DC=local',
+                         search_filter = '(objectclass=person)',
+                         search_scope = ldap3.SUBTREE,
+
+                         # general purpose for huge resultsets
+                         # TODO: implement paged resultset, see: examples/paged_resultset.py
+                         # size_limit = 500,
+                         # paged_size = 1000, # up to 500000 results
+                         # paged_criticality = True, # check if the server supports paged results
+                         # paged_cookie = True, # must be sent back while requesting subsequent entries
+
+                         # to get all = # '*'
+                         attributes = ['cn','sn','givenName','mail']
+                        ),
+                  encoding = 'utf-8',
+                  rewrite_rules =
+                        [
+
+                         # {'package': 'multildap.attr_rewrite',
+                          # 'name': 'append',
+                          # 'kwargs': {'value': '@unical.it',
+                                     # 'to_attrs': ['eduPersonPrincipalName',]}},
+
+                         # {'package': 'attr_rewrite',
+                          # 'name': 'regexp_replace',
+                          # 'kwargs': {'regexp': '', 'sub': '',}},
+
+                        ],
+                  # Authentication settings
+                  # only needed if behind multildap proxy
+                  # rewrite_dn_to = _REWRITE_DN_TO,
+                  allow_authentication = True,
+                  uid_alias = 'cn'
+            )
+
+# put multiple connections here
+LDAP_CONNECTIONS = {
+    'DEFAULT' : XDR_DEMO,
+}
+LDAP_CONNECTIONS = [LdapClient(conf) for conf in LDAP_CONNECTIONS.values()]
diff --git a/example/django_idp/settingslocal_logging.py b/example/django_idp/settingslocal_logging.py
new file mode 100644
index 0000000..4994c72
--- /dev/null
+++ b/example/django_idp/settingslocal_logging.py
@@ -0,0 +1,87 @@
+import os
+
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+# LOGGING
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'formatters': {
+        'default': {
+            # exact format is not important, this is the minimum information
+            'format': '%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
+        },
+        'detailed': {
+            'format': '[%(asctime)s] %(message)s [(%(levelname)s)]' # %(name)s.%(funcName)s:%(lineno)s]'
+        },
+        "verbose": {
+            "format": "{levelname} {asctime} {module} {process:d} {thread:d} {message}",
+            "style": "{",
+        },
+    },
+    'filters': {
+        'require_debug_false': {
+            '()': 'django.utils.log.RequireDebugFalse'
+        }
+    },
+    'handlers': {
+        'mail_admins': {
+            'formatter': 'detailed',
+            'level': 'ERROR',
+            'filters': ['require_debug_false'],
+            'class': 'django.utils.log.AdminEmailHandler'
+        },
+        'console': {
+            'formatter': 'detailed',
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+        },
+        'idp_file': {
+            'class': 'logging.handlers.RotatingFileHandler',
+            'formatter': 'verbose',
+            'filename': f'{BASE_DIR}/logs/uniauth.log',
+            'maxBytes': 1024 * 100,
+            'backupCount': 33,
+        },
+        'django_file': {
+            'class': 'logging.handlers.RotatingFileHandler',
+            'formatter': 'verbose',
+            'filename': f'{BASE_DIR}/logs/django.log',
+            'maxBytes': 1024 * 100,
+            'backupCount': 33,
+        },
+    },
+    'loggers': {
+        # disables Invalid HTTP_HOST header emails
+        'django.security.DisallowedHost': {
+                'handlers': ['mail_admins'],
+                'level': 'CRITICAL',
+                'propagate': False,
+        },
+        'django': {
+            'handlers': ['django_file', 'console', 'mail_admins'],
+            'level': 'INFO',
+            'propagate': True,
+        },
+        'uniauth_saml2_idp': {
+            'handlers': ['idp_file', 'console', 'mail_admins'],
+            'level': 'DEBUG',
+            'propagate': True,
+        },
+        'multildap': {
+            'handlers': ['idp_file', 'console', 'mail_admins'],
+            'level': 'DEBUG',
+            'propagate': True,
+        },
+        'pysaml2': {
+            'handlers': ['idp_file', 'console', 'mail_admins'],
+            'level': 'DEBUG',
+            'propagate': True,
+        },
+        'password_reset': {
+            'handlers': ['console'],
+            'level': 'DEBUG',
+            'propagate': True
+        }
+    }
+}
diff --git a/example/django_idp/urls.py b/example/django_idp/urls.py
index 2e8313e..381c971 100644
--- a/example/django_idp/urls.py
+++ b/example/django_idp/urls.py
@@ -19,8 +19,16 @@
 from django.urls import include, path
 # from uniauth_saml2_idp.views import LoginAuthView
 
+from cryptotools.views import public_jwk
+
+import os
+
+admin.site.site_title = os.getenv("ADMIN_UI_HEADER", 'uniAuth-IAM')
+admin.site.index_title = os.getenv("ADMIN_UI_HEADER", 'uniAuth Administration Backend')
+admin.site.site_header = os.getenv("ADMIN_UI_HEADER",'uniAuth Administration Backend')
+
+
 urlpatterns = [
-    # path('admin/', admin.site.urls),
     path('{}/'.format(getattr(settings, 'ADMIN_PATH', 'admin')),
          admin.site.urls),
     path('logout/', LogoutView.as_view(),
@@ -35,3 +43,12 @@
         'idp/', include((uniauth_saml2_idp.urls, 'uniauth_saml2_idp',))
     ),
 
+if 'allauth' in settings.INSTALLED_APPS:
+    urlpatterns += path('accounts/', include('allauth.urls')),
+    
+if 'password_reset' in settings.INSTALLED_APPS:
+    import password_reset.urls
+    urlpatterns += (path("", include(password_reset.urls)),)
+
+if 'mfa' in settings.INSTALLED_APPS:
+    urlpatterns += (path('mfa/', include('mfa.urls', namespace='mfa')),)
diff --git a/example/docker-compose.run b/example/docker-compose.run
new file mode 100644
index 0000000..b933505
--- /dev/null
+++ b/example/docker-compose.run
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+cd /opt/uniauth/
+python3 manage.py migrate
+python3 manage.py createsuperuser --noinput
+uwsgi --ini ./uwsgi.ini
diff --git a/example/logs/README.md b/example/logs/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/example/logs/django.log b/example/logs/django.log
new file mode 100644
index 0000000..96bacf5
--- /dev/null
+++ b/example/logs/django.log
@@ -0,0 +1,395 @@
+WARNING 2023-10-22 13:56:23,050 basehttp 5538 140198830663232 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:56:29,900 basehttp 5538 140198830663232 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:29,904 basehttp 5538 140198820173376 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:29,920 basehttp 5538 140198830663232 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:56:29,996 basehttp 5538 140198830663232 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:56:30,017 basehttp 5538 140198820173376 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:56:35,436 basehttp 5538 140198820173376 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:35,454 basehttp 5538 140198820173376 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:56:43,072 autoreload 5538 140198964768768 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 13:56:43,776 autoreload 5619 140677810483200 Watching for file changes with StatReloader
+INFO 2023-10-22 13:56:46,290 basehttp 5619 140677616760384 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:56:46,344 basehttp 5619 140677616760384 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:56:51,744 basehttp 5619 140677616760384 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:51,764 basehttp 5619 140677616760384 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:57:08,408 basehttp 5619 140677616760384 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:08,435 basehttp 5619 140677616760384 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 13:57:12,328 basehttp 5619 140677616760384 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 11608
+INFO 2023-10-22 13:57:12,365 basehttp 5619 140677606270528 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 13:57:12,380 basehttp 5619 140677606270528 "GET /static/admin/img/tooltag-add.svg HTTP/1.1" 200 331
+INFO 2023-10-22 13:57:17,250 basehttp 5619 140677616760384 "POST /admin_access/mfa/mfakey/ HTTP/1.1" 200 10143
+INFO 2023-10-22 13:57:17,280 basehttp 5619 140677606270528 "GET /static/admin/js/cancel.js HTTP/1.1" 200 884
+INFO 2023-10-22 13:57:18,490 basehttp 5619 140677616760384 "POST /admin_access/mfa/mfakey/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:18,510 basehttp 5619 140677616760384 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 10193
+INFO 2023-10-22 13:57:18,591 basehttp 5619 140677606270528 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 13:57:18,609 basehttp 5619 140677606270528 "GET /static/admin/img/icon-yes.svg HTTP/1.1" 200 436
+INFO 2023-10-22 13:57:22,821 autoreload 5619 140677810483200 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 13:57:23,548 autoreload 5638 140099201769472 Watching for file changes with StatReloader
+INFO 2023-10-22 13:57:29,342 basehttp 5638 140099009377856 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:57:29,538 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:57:29,613 basehttp 5638 140099009377856 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:29,618 basehttp 5638 140099009377856 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:29,694 basehttp 5638 140099009377856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:57:29,782 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:57:29,808 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:57:35,494 basehttp 5638 140099009377856 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:35,501 basehttp 5638 140099009377856 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:57:35,558 basehttp 5638 140099009377856 "GET /mfa/ HTTP/1.1" 200 4145
+INFO 2023-10-22 13:57:43,458 basehttp 5638 140099009377856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:01,296 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:58:01,493 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:58:01,560 basehttp 5638 140099009377856 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:01,566 basehttp 5638 140099009377856 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:01,635 basehttp 5638 140099009377856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:58:01,727 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:58:01,759 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:58:08,459 basehttp 5638 140099009377856 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:08,469 basehttp 5638 140099009377856 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:08,536 basehttp 5638 140099009377856 "GET /mfa/ HTTP/1.1" 200 4145
+INFO 2023-10-22 13:58:14,669 basehttp 5638 140099009377856 "GET /mfa/create/TOTP/ HTTP/1.1" 200 40672
+INFO 2023-10-22 13:58:50,589 basehttp 5638 140099009377856 "POST /mfa/create/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:58:50,603 basehttp 5638 140099009377856 "GET /mfa/ HTTP/1.1" 200 5065
+INFO 2023-10-22 13:59:08,719 basehttp 5638 140099009377856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:59:08,793 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:59:19,491 basehttp 5638 140099009377856 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:19,512 basehttp 5638 140099009377856 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:59:29,330 basehttp 5638 140099009377856 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:29,474 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:59:29,581 basehttp 5638 140099009377856 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:29,646 basehttp 5638 140099009377856 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 13:59:32,862 basehttp 5638 140099009377856 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 13:59:32,986 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:59:33,228 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:59:36,738 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:59:36,987 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:59:37,085 basehttp 5638 140099009377856 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 13:59:37,241 basehttp 5638 140098999936576 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 13:59:41,302 log 5638 140099009377856 Not Found: /
+WARNING 2023-10-22 13:59:41,302 basehttp 5638 140099009377856 "GET / HTTP/1.1" 404 3642
+INFO 2023-10-22 13:59:44,685 basehttp 5638 140099009377856 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:44,688 basehttp 5638 140099009377856 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:44,786 basehttp 5638 140099009377856 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:59:44,889 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:59:44,921 basehttp 5638 140099009377856 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:59:52,172 basehttp 5638 140099009377856 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:59:52,190 basehttp 5638 140099009377856 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 14:00:08,712 basehttp 5638 140099009377856 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 14:00:08,744 basehttp 5638 140099009377856 "GET /admin_access/ HTTP/1.1" 200 11827
+INFO 2023-10-22 14:00:08,827 basehttp 5638 140099009377856 "GET /static/admin/img/icon-deletelink.svg HTTP/1.1" 200 392
+INFO 2023-10-22 14:00:11,861 basehttp 5638 140099009377856 "GET /admin_access/logout/ HTTP/1.1" 200 1586
+INFO 2023-10-22 14:00:46,225 autoreload 5638 140099201769472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 14:00:47,028 autoreload 5956 139741308432384 Watching for file changes with StatReloader
+INFO 2023-11-09 14:00:24,227 autoreload 5260 140180653948928 Watching for file changes with StatReloader
+INFO 2023-11-09 14:00:56,004 autoreload 5260 140180653948928 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-11-09 14:00:56,734 autoreload 5402 140695822970880 Watching for file changes with StatReloader
+INFO 2023-11-09 14:01:05,666 basehttp 5402 140695690012224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:01:05,890 basehttp 5402 140695690012224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:01:05,975 basehttp 5402 140695698404928 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-09 14:01:05,986 basehttp 5402 140695698404928 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:01:06,068 basehttp 5402 140695698404928 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+INFO 2023-11-09 14:01:06,142 basehttp 5402 140695698404928 "GET /static/css/overrides.css HTTP/1.1" 200 8485
+INFO 2023-11-09 14:01:06,148 basehttp 5402 140695460369984 "GET /static/css/idp_style.css HTTP/1.1" 200 1265
+INFO 2023-11-09 14:01:06,149 basehttp 5402 140695690012224 "GET /static/css/unical-style.css HTTP/1.1" 200 4882
+INFO 2023-11-09 14:01:06,158 basehttp 5402 140695468762688 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 200 345665
+INFO 2023-11-09 14:01:06,159 basehttp 5402 140695477155392 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+WARNING 2023-11-09 14:01:06,381 basehttp 5402 140695477155392 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:01:06,541 basehttp 5402 140695468762688 "GET /static/images/favicon/favicon-32x32.png HTTP/1.1" 200 429
+WARNING 2023-11-09 14:01:06,556 basehttp 5402 140695468762688 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:01:13,614 log 5402 140695698404928 Forbidden: /idp/login/
+WARNING 2023-11-09 14:01:13,615 basehttp 5402 140695698404928 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 403 4378
+INFO 2023-11-09 14:01:17,209 basehttp 5402 140695698404928 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:01:17,284 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:01:24,512 basehttp 5402 140695698404928 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:01:24,540 basehttp 5402 140695698404928 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:01:42,921 basehttp 5402 140695698404928 "POST /mfa/auth/TOTP/ HTTP/1.1" 200 4389
+INFO 2023-11-09 14:01:49,651 basehttp 5402 140695698404928 "POST /mfa/auth/TOTP/ HTTP/1.1" 200 4389
+INFO 2023-11-09 14:01:56,568 basehttp 5402 140695698404928 "POST /mfa/auth/TOTP/ HTTP/1.1" 200 4389
+INFO 2023-11-09 14:02:10,087 basehttp 5402 140695698404928 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:10,194 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:10,297 basehttp 5402 140695698404928 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:10,361 basehttp 5402 140695698404928 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-11-09 14:02:13,915 basehttp 5402 140695698404928 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-11-09 14:02:14,033 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:14,218 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:16,696 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:16,896 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:16,984 basehttp 5402 140695698404928 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-11-09 14:02:17,129 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:19,131 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:19,326 basehttp 5402 140695460369984 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:02:19,398 basehttp 5402 140695698404928 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:19,405 basehttp 5402 140695698404928 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:19,468 basehttp 5402 140695698404928 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:02:19,562 basehttp 5402 140695698404928 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:02:19,604 basehttp 5402 140695698404928 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:02:25,889 basehttp 5402 140695698404928 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:25,907 basehttp 5402 140695698404928 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:02:28,199 basehttp 5402 140695698404928 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4589
+WARNING 2023-11-09 14:02:28,228 basehttp 5402 140695698404928 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-11-09 14:02:28,228 basehttp 5402 140695460369984 "GET /static/mfa/fido2.js HTTP/1.1" 200 2112
+INFO 2023-11-09 14:02:30,161 basehttp 5402 140695690012224 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4424
+INFO 2023-11-09 14:02:33,352 basehttp 5402 140695690012224 "GET /mfa HTTP/1.1" 301 0
+INFO 2023-11-09 14:02:33,368 basehttp 5402 140695690012224 "GET /mfa/ HTTP/1.1" 200 4495
+INFO 2023-11-09 14:02:44,673 basehttp 5402 140695690012224 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4424
+INFO 2023-11-09 14:02:45,390 basehttp 5402 140695690012224 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4589
+INFO 2023-11-09 14:02:46,161 basehttp 5402 140695690012224 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:02:46,790 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:02:46,850 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:02:52,618 basehttp 5402 140695690012224 "GET /admin_access/ HTTP/1.1" 200 11827
+INFO 2023-11-09 14:02:52,654 basehttp 5402 140695690012224 "GET /static/admin/css/nav_sidebar.css HTTP/1.1" 200 2271
+INFO 2023-11-09 14:02:52,654 basehttp 5402 140695698404928 "GET /static/admin/css/dashboard.css HTTP/1.1" 200 380
+INFO 2023-11-09 14:02:52,655 basehttp 5402 140695468762688 "GET /static/admin/js/nav_sidebar.js HTTP/1.1" 200 1360
+INFO 2023-11-09 14:02:52,655 basehttp 5402 140695460369984 "GET /static/admin/css/base.css HTTP/1.1" 200 19513
+INFO 2023-11-09 14:02:52,656 basehttp 5402 140695477155392 "GET /static/admin/css/responsive.css HTTP/1.1" 200 18545
+INFO 2023-11-09 14:02:52,668 basehttp 5402 140695460369984 "GET /static/admin/css/fonts.css HTTP/1.1" 200 423
+INFO 2023-11-09 14:02:52,736 basehttp 5402 140695460369984 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-11-09 14:02:52,736 basehttp 5402 140695477155392 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-11-09 14:02:52,736 basehttp 5402 140695468762688 "GET /static/admin/img/icon-deletelink.svg HTTP/1.1" 200 392
+INFO 2023-11-09 14:02:52,738 basehttp 5402 140695690012224 "GET /static/admin/fonts/Roboto-Light-webfont.woff HTTP/1.1" 200 85692
+INFO 2023-11-09 14:02:52,739 basehttp 5402 140695698404928 "GET /static/admin/fonts/Roboto-Regular-webfont.woff HTTP/1.1" 200 85876
+INFO 2023-11-09 14:02:52,739 basehttp 5402 140695477155392 "GET /static/admin/fonts/Roboto-Bold-webfont.woff HTTP/1.1" 200 86184
+WARNING 2023-11-09 14:02:52,788 log 5402 140695477155392 Not Found: /favicon.ico
+WARNING 2023-11-09 14:02:52,789 basehttp 5402 140695477155392 "GET /favicon.ico HTTP/1.1" 404 3833
+INFO 2023-11-09 14:02:54,647 basehttp 5402 140695477155392 "GET /admin_access/logout/ HTTP/1.1" 200 1586
+INFO 2023-11-09 14:02:56,135 basehttp 5402 140695477155392 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:56,140 basehttp 5402 140695477155392 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:02:56,202 basehttp 5402 140695477155392 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:02:56,278 basehttp 5402 140695477155392 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:02:56,309 basehttp 5402 140695698404928 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:03:03,461 basehttp 5402 140695690012224 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:03:03,480 basehttp 5402 140695690012224 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:10:08,006 basehttp 5402 140695690012224 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:08,084 basehttp 5402 140695468762688 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:10,308 basehttp 5402 140695690012224 "GET /admin_access/logout/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:10,317 basehttp 5402 140695690012224 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:10,374 basehttp 5402 140695690012224 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:10,437 basehttp 5402 140695690012224 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:10,542 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:11,522 basehttp 5402 140695690012224 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:11,547 basehttp 5402 140695690012224 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:11,650 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:12,338 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:12,397 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:12,772 basehttp 5402 140695690012224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:10:13,027 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:10:13,098 basehttp 5402 140695690012224 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:13,104 basehttp 5402 140695690012224 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:13,172 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:13,260 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:10:13,285 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:27,344 basehttp 5402 140695690012224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:10:27,556 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:10:27,640 basehttp 5402 140695690012224 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:27,648 basehttp 5402 140695690012224 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:27,710 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:10:27,800 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:10:27,841 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:10:42,026 basehttp 5402 140695690012224 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:10:42,047 basehttp 5402 140695690012224 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:11:09,324 basehttp 5402 140695690012224 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:11:09,429 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:09,527 basehttp 5402 140695690012224 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:11:09,591 basehttp 5402 140695690012224 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-11-09 14:11:12,397 basehttp 5402 140695690012224 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-11-09 14:11:12,514 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:12,705 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:27,061 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:27,255 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:27,348 basehttp 5402 140695690012224 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-11-09 14:11:27,522 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:28,546 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:28,741 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-09 14:11:28,817 basehttp 5402 140695690012224 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-09 14:11:28,824 basehttp 5402 140695690012224 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:11:28,890 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-09 14:11:28,970 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-09 14:11:29,007 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-09 14:11:36,147 basehttp 5402 140695690012224 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-09 14:11:36,165 basehttp 5402 140695690012224 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-09 14:11:44,903 basehttp 5402 140695690012224 "GET /mfa/ HTTP/1.1" 200 4495
+INFO 2023-11-10 08:26:31,132 basehttp 5402 140695690012224 "GET /mfa/create/TOTP/ HTTP/1.1" 200 39348
+INFO 2023-11-10 08:26:42,955 basehttp 5402 140695690012224 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-10 08:26:43,672 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-10 08:26:43,739 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-10 08:26:46,136 basehttp 5402 140695690012224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-10 08:26:46,348 basehttp 5402 140695468762688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-10 08:26:46,424 basehttp 5402 140695690012224 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-10 08:26:46,432 basehttp 5402 140695690012224 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-10 08:26:46,501 basehttp 5402 140695690012224 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-10 08:26:46,586 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-10 08:26:46,613 basehttp 5402 140695690012224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-10 10:41:56,641 autoreload 5402 140695822970880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-11-10 10:41:57,416 autoreload 10887 140509175603200 Watching for file changes with StatReloader
+INFO 2023-11-20 09:59:33,964 autoreload 3554 139897316974592 Watching for file changes with StatReloader
+INFO 2023-11-20 10:00:27,206 basehttp 3554 139897192052288 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:00:27,453 basehttp 3554 139897182611008 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:00:27,545 basehttp 3554 139897192052288 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-20 10:00:27,555 basehttp 3554 139897192052288 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:00:27,634 basehttp 3554 139897192052288 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+INFO 2023-11-20 10:00:27,722 basehttp 3554 139897192052288 "GET /static/css/overrides.css HTTP/1.1" 304 0
+INFO 2023-11-20 10:00:27,723 basehttp 3554 139897182611008 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 304 0
+INFO 2023-11-20 10:00:27,725 basehttp 3554 139897173169728 "GET /static/css/unical-style.css HTTP/1.1" 304 0
+INFO 2023-11-20 10:00:27,726 basehttp 3554 139897164777024 "GET /static/css/idp_style.css HTTP/1.1" 304 0
+INFO 2023-11-20 10:00:27,727 basehttp 3554 139896815613504 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 304 0
+WARNING 2023-11-20 10:00:27,839 basehttp 3554 139897182611008 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-20 10:00:27,867 basehttp 3554 139897173169728 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-20 10:00:47,411 basehttp 3554 139897192052288 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:00:47,445 basehttp 3554 139897192052288 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-20 10:01:15,465 basehttp 3554 139897192052288 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:15,571 basehttp 3554 139897173169728 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:15,677 basehttp 3554 139897192052288 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:15,742 basehttp 3554 139897192052288 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-11-20 10:01:18,100 basehttp 3554 139897192052288 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-11-20 10:01:18,239 basehttp 3554 139897173169728 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:18,444 basehttp 3554 139897173169728 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:36,754 basehttp 3554 139897192052288 "GET /mfa/ HTTP/1.1" 302 0
+WARNING 2023-11-20 10:01:36,779 log 3554 139897192052288 Forbidden: /idp/login/
+WARNING 2023-11-20 10:01:36,779 basehttp 3554 139897192052288 "GET /idp/login/?next=/mfa/ HTTP/1.1" 403 4271
+WARNING 2023-11-20 10:01:39,683 log 3554 139897192052288 Forbidden: /idp/login/process_user_agreement/
+WARNING 2023-11-20 10:01:39,683 basehttp 3554 139897192052288 "GET /idp/login/process_user_agreement/ HTTP/1.1" 403 4271
+INFO 2023-11-20 10:01:41,744 basehttp 3554 139897173169728 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:42,035 basehttp 3554 139897173169728 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:42,126 basehttp 3554 139897192052288 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:42,134 basehttp 3554 139897192052288 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:42,206 basehttp 3554 139897192052288 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-20 10:01:42,305 basehttp 3554 139897164777024 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-20 10:01:42,328 basehttp 3554 139896815613504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-20 10:01:47,843 basehttp 3554 139896815613504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:48,056 basehttp 3554 139896815613504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-20 10:01:48,128 basehttp 3554 139897192052288 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:48,136 basehttp 3554 139897192052288 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:48,205 basehttp 3554 139897192052288 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-20 10:01:48,300 basehttp 3554 139897192052288 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-20 10:01:48,332 basehttp 3554 139897192052288 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-20 10:01:54,716 basehttp 3554 139897192052288 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-20 10:01:54,736 basehttp 3554 139897192052288 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-20 10:02:00,030 basehttp 3554 139897192052288 "GET /mfa/ HTTP/1.1" 200 4495
+INFO 2023-11-20 10:02:18,902 basehttp 3554 139897192052288 "GET /mfa/create/recovery/ HTTP/1.1" 200 4763
+WARNING 2023-11-20 10:02:29,451 log 3554 139897192052288 Not Found: /mfa/create/totp/
+WARNING 2023-11-20 10:02:29,452 basehttp 3554 139897192052288 "GET /mfa/create/totp/ HTTP/1.1" 404 4376
+WARNING 2023-11-20 10:02:29,502 log 3554 139896815613504 Not Found: /favicon.ico
+INFO 2023-11-20 10:02:34,590 basehttp 3554 139897192052288 "GET /mfa/create/recovery/ HTTP/1.1" 200 4763
+INFO 2023-11-20 10:02:37,451 basehttp 3554 139897192052288 "GET /mfa/create/TOTP/ HTTP/1.1" 200 40162
+WARNING 2023-11-20 10:04:45,672 log 3554 139897192052288 Not Found: /password/change
+WARNING 2023-11-20 10:04:45,672 basehttp 3554 139897192052288 "GET /password/change HTTP/1.1" 404 3845
+INFO 2023-11-20 10:04:50,414 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 221710
+INFO 2023-11-20 10:06:50,595 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 186438
+INFO 2023-11-20 10:08:50,614 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 211738
+INFO 2023-11-20 10:10:50,783 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 240802
+INFO 2023-11-20 10:12:50,785 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 234670
+INFO 2023-11-20 10:14:50,778 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 219518
+INFO 2023-11-20 10:16:50,769 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 192674
+INFO 2023-11-20 10:18:50,784 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 216482
+INFO 2023-11-20 10:20:50,797 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 227510
+INFO 2023-11-20 10:22:50,787 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 230478
+INFO 2023-11-20 10:24:50,779 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 191454
+INFO 2023-11-20 10:26:50,781 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 191474
+INFO 2023-11-20 10:28:50,800 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 215998
+INFO 2023-11-20 10:30:50,817 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 229538
+INFO 2023-11-20 10:32:50,808 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 239330
+INFO 2023-11-20 10:34:52,040 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 219874
+INFO 2023-11-20 10:36:52,034 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 196778
+INFO 2023-11-20 10:38:52,086 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 224362
+INFO 2023-11-20 10:40:52,206 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 235026
+INFO 2023-11-20 10:42:52,114 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 227814
+INFO 2023-11-20 11:54:52,687 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 219234
+INFO 2023-11-20 11:56:52,646 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 206622
+INFO 2023-11-20 11:58:52,685 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 215282
+INFO 2023-11-20 12:00:52,648 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 243882
+INFO 2023-11-20 12:02:52,657 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 233602
+INFO 2023-11-20 12:04:52,661 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 234698
+INFO 2023-11-20 12:06:52,651 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 218214
+INFO 2023-11-20 12:08:52,648 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 206746
+INFO 2023-11-20 12:10:52,639 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 199410
+INFO 2023-11-20 12:12:52,665 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 233902
+INFO 2023-11-20 12:14:52,669 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 232558
+INFO 2023-11-20 12:16:52,666 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 236750
+INFO 2023-11-20 12:18:52,643 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 188994
+INFO 2023-11-20 12:20:52,676 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 248222
+INFO 2023-11-20 12:22:52,669 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 238106
+INFO 2023-11-20 12:24:52,653 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 218822
+INFO 2023-11-20 12:26:52,673 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 233566
+INFO 2023-11-20 12:28:52,683 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 249610
+INFO 2023-11-20 12:30:52,661 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 208894
+INFO 2023-11-20 12:32:52,680 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 247058
+INFO 2023-11-20 12:34:52,673 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 219250
+INFO 2023-11-20 12:36:52,714 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 229818
+INFO 2023-11-20 12:38:52,661 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 208386
+INFO 2023-11-20 12:40:52,692 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 246242
+INFO 2023-11-20 12:42:52,671 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 210658
+INFO 2023-11-20 12:44:52,679 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 201298
+INFO 2023-11-20 12:46:52,688 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 224574
+INFO 2023-11-20 12:48:53,929 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 264466
+INFO 2023-11-20 12:50:55,148 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 233054
+INFO 2023-11-20 12:52:55,131 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 223822
+INFO 2023-11-20 12:54:55,135 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 242394
+INFO 2023-11-20 12:56:55,136 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 225422
+INFO 2023-11-20 12:58:55,125 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 217398
+INFO 2023-11-20 13:00:55,149 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 259870
+INFO 2023-11-20 13:02:55,107 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 182038
+INFO 2023-11-20 13:04:55,171 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 226314
+INFO 2023-11-20 13:06:55,139 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 253814
+INFO 2023-11-20 13:08:55,175 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 218242
+INFO 2023-11-20 13:10:57,522 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 230566
+INFO 2023-11-20 13:12:57,466 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 199994
+INFO 2023-11-20 13:14:57,493 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 205682
+INFO 2023-11-20 13:16:57,498 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 192498
+INFO 2023-11-20 13:18:57,491 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 218526
+INFO 2023-11-20 13:22:24,781 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 222086
+INFO 2023-11-20 13:24:24,777 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 222006
+INFO 2023-11-20 13:26:24,803 basehttp 3554 139897192052288 "GET /password/reset HTTP/1.1" 200 258746
+INFO 2023-11-21 13:43:52,481 autoreload 4591 139753778151424 Watching for file changes with StatReloader
+INFO 2023-11-21 13:44:10,303 basehttp 4591 139753585374784 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:10,534 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:10,616 basehttp 4591 139753585374784 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:10,626 basehttp 4591 139753585374784 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:10,713 basehttp 4591 139753585374784 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-21 13:44:10,921 basehttp 4591 139753585374784 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-21 13:44:10,968 basehttp 4591 139753585374784 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-21 13:44:18,750 basehttp 4591 139753585374784 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:18,779 basehttp 4591 139753585374784 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-21 13:44:37,773 basehttp 4591 139753585374784 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:37,877 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:37,977 basehttp 4591 139753585374784 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:38,042 basehttp 4591 139753585374784 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-11-21 13:44:40,754 basehttp 4591 139753585374784 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-11-21 13:44:40,879 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:41,061 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:43,954 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:44,159 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:44,273 basehttp 4591 139753585374784 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-11-21 13:44:44,447 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:45,556 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:45,760 basehttp 4591 139753575933504 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-11-21 13:44:45,842 basehttp 4591 139753585374784 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:45,850 basehttp 4591 139753585374784 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:45,915 basehttp 4591 139753585374784 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-21 13:44:46,002 basehttp 4591 139753585374784 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-21 13:44:46,029 basehttp 4591 139753585374784 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-21 13:44:55,290 basehttp 4591 139753585374784 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:44:55,312 basehttp 4591 139753585374784 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-21 13:45:00,777 basehttp 4591 139753585374784 "GET /mfa/ HTTP/1.1" 200 4495
+INFO 2023-11-21 13:45:45,395 basehttp 4591 139753585374784 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-11-21 13:45:47,184 basehttp 4591 139753585374784 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-11-21 13:45:47,244 basehttp 4591 139753585374784 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-21 13:45:50,264 basehttp 4591 139753585374784 "GET /admin_access/ HTTP/1.1" 200 11827
+INFO 2023-11-21 13:45:50,301 basehttp 4591 139753585374784 "GET /static/admin/css/nav_sidebar.css HTTP/1.1" 200 2271
+INFO 2023-11-21 13:45:50,302 basehttp 4591 139753564395072 "GET /static/admin/js/nav_sidebar.js HTTP/1.1" 200 1360
+INFO 2023-11-21 13:45:50,304 basehttp 4591 139753575933504 "GET /static/admin/css/base.css HTTP/1.1" 200 19513
+INFO 2023-11-21 13:45:50,304 basehttp 4591 139753556002368 "GET /static/admin/css/dashboard.css HTTP/1.1" 200 380
+INFO 2023-11-21 13:45:50,304 basehttp 4591 139753547609664 "GET /static/admin/css/responsive.css HTTP/1.1" 200 18545
+INFO 2023-11-21 13:45:50,308 basehttp 4591 139753575933504 "GET /static/admin/css/fonts.css HTTP/1.1" 200 423
+INFO 2023-11-21 13:45:50,366 basehttp 4591 139753575933504 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-11-21 13:45:50,366 basehttp 4591 139753564395072 "GET /static/admin/img/icon-deletelink.svg HTTP/1.1" 200 392
+INFO 2023-11-21 13:45:50,369 basehttp 4591 139753547609664 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-11-21 13:45:50,370 basehttp 4591 139753556002368 "GET /static/admin/fonts/Roboto-Regular-webfont.woff HTTP/1.1" 200 85876
+INFO 2023-11-21 13:45:50,370 basehttp 4591 139753585374784 "GET /static/admin/fonts/Roboto-Light-webfont.woff HTTP/1.1" 200 85692
+INFO 2023-11-21 13:45:50,371 basehttp 4591 139753202644544 "GET /static/admin/fonts/Roboto-Bold-webfont.woff HTTP/1.1" 200 86184
+INFO 2023-11-21 13:45:52,481 basehttp 4591 139753202644544 "GET /admin_access/logout/ HTTP/1.1" 200 1586
+INFO 2023-11-21 13:45:54,139 basehttp 4591 139753202644544 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:45:54,145 basehttp 4591 139753202644544 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:45:54,209 basehttp 4591 139753202644544 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-11-21 13:45:54,295 basehttp 4591 139753202644544 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-11-21 13:45:54,334 basehttp 4591 139753556002368 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-11-21 13:46:09,004 basehttp 4591 139753585374784 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-11-21 13:46:09,022 basehttp 4591 139753585374784 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
diff --git a/example/logs/django.log.1 b/example/logs/django.log.1
new file mode 100644
index 0000000..5df6a01
--- /dev/null
+++ b/example/logs/django.log.1
@@ -0,0 +1,1116 @@
+WARNING 2023-10-22 02:04:50,262 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:50,287 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:04:50,423 basehttp 9386 140264545973824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:04:50,451 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:50,485 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:04:50,592 basehttp 9386 140264545973824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:04:50,622 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:50,650 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:04:54,515 basehttp 9386 140264545973824 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:04:54,807 basehttp 9386 140264535483968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:04:54,888 basehttp 9386 140264545973824 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:04:54,893 basehttp 9386 140264545973824 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:04:54,957 basehttp 9386 140264545973824 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:04:55,041 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:55,074 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:05:02,393 basehttp 9386 140264545973824 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:05:02,412 basehttp 9386 140264545973824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:05:12,406 basehttp 9386 140264535483968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:05:12,574 basehttp 9386 140264526042688 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:05:12,631 basehttp 9386 140264535483968 "POST /idp/sso/post HTTP/1.1" 302 0
+WARNING 2023-10-22 02:05:12,641 log 9386 140264535483968 Forbidden: /idp/login/process/
+WARNING 2023-10-22 02:05:12,641 basehttp 9386 140264535483968 "GET /idp/login/process/ HTTP/1.1" 403 4271
+INFO 2023-10-22 02:05:12,704 basehttp 9386 140264303752768 "GET /static/css/idp_style.css HTTP/1.1" 200 1265
+INFO 2023-10-22 02:05:12,704 basehttp 9386 140264517649984 "GET /static/css/unical-style.css HTTP/1.1" 200 4882
+INFO 2023-10-22 02:05:12,706 basehttp 9386 140264535483968 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+INFO 2023-10-22 02:05:12,707 basehttp 9386 140264526042688 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 200 345665
+INFO 2023-10-22 02:05:15,492 basehttp 9386 140264545973824 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:05:15,606 basehttp 9386 140264295360064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:05:15,702 basehttp 9386 140264545973824 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:05:15,767 basehttp 9386 140264545973824 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:05:17,528 basehttp 9386 140264545973824 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:05:17,636 basehttp 9386 140264295360064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:05:17,808 basehttp 9386 140264295360064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:05:22,873 basehttp 9386 140264545973824 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:05:22,878 basehttp 9386 140264545973824 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:05:22,940 basehttp 9386 140264545973824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:05:23,020 basehttp 9386 140264295360064 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:05:23,042 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:01,932 autoreload 9386 140264738918400 /home/wert/DEV/django-mfa3/mfa/views.py changed, reloading.
+INFO 2023-10-22 02:06:02,618 autoreload 9579 140276750827520 Watching for file changes with StatReloader
+INFO 2023-10-22 02:06:03,676 basehttp 9579 140276626617920 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:03,704 basehttp 9579 140276626617920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:06:03,728 basehttp 9579 140276626617920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:04,506 basehttp 9579 140276626617920 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:04,535 basehttp 9579 140276626617920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:06:04,560 basehttp 9579 140276626617920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:10,250 basehttp 9579 140276626617920 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:06:10,256 basehttp 9579 140276616128064 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:06:10,271 basehttp 9579 140276626617920 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:10,373 basehttp 9579 140276626617920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:06:10,398 basehttp 9579 140276616128064 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:16,059 autoreload 9579 140276750827520 /home/wert/DEV/django-mfa3/mfa/views.py changed, reloading.
+INFO 2023-10-22 02:06:16,732 autoreload 9602 139943381504000 Watching for file changes with StatReloader
+INFO 2023-10-22 02:06:30,168 autoreload 9602 139943381504000 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:06:30,831 autoreload 9609 140648967831552 Watching for file changes with StatReloader
+INFO 2023-10-22 02:06:32,373 basehttp 9609 140648770434624 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:32,398 basehttp 9609 140648770434624 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:06:32,421 basehttp 9609 140648770434624 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:38,315 basehttp 9609 140648770434624 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:38,374 basehttp 9609 140648770434624 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:06:42,181 basehttp 9609 140648770434624 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:06:42,186 basehttp 9609 140648762041920 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:06:42,203 basehttp 9609 140648770434624 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:06:42,298 basehttp 9609 140648770434624 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:06:42,321 basehttp 9609 140648762041920 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:04,603 autoreload 9609 140648967831552 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:07:05,266 autoreload 9625 140247519395840 Watching for file changes with StatReloader
+INFO 2023-10-22 02:07:07,743 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:07,772 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:07,796 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:08,320 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:08,351 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:08,378 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:08,506 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:08,538 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:08,572 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:08,693 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:08,723 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:08,748 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:08,859 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:08,885 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:08,916 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,016 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,043 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,071 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,185 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,216 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,245 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,366 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,391 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,410 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,543 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,577 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,605 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,707 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,734 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,765 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:09,884 basehttp 9625 140247325210176 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:09,909 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:09,935 basehttp 9625 140247325210176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:07:12,667 autoreload 9625 140247519395840 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:07:13,340 autoreload 9653 139918018846720 Watching for file changes with StatReloader
+INFO 2023-10-22 02:07:43,007 autoreload 9653 139918018846720 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 02:07:43,670 autoreload 9661 139727929180160 Watching for file changes with StatReloader
+INFO 2023-10-22 02:07:54,083 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:07:54,320 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:07:54,400 basehttp 9661 139727804036672 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:07:54,407 basehttp 9661 139727804036672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:07:54,473 basehttp 9661 139727804036672 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:07:54,561 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:07:54,594 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:08:06,505 basehttp 9661 139727804036672 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:06,525 basehttp 9661 139727804036672 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:08:18,580 basehttp 9661 139727804036672 "GET /mfa/ HTTP/1.1" 200 4326
+INFO 2023-10-22 02:08:20,989 basehttp 9661 139727804036672 "GET /mfa/1/delete/ HTTP/1.1" 200 3874
+INFO 2023-10-22 02:08:22,271 basehttp 9661 139727804036672 "POST /mfa/1/delete/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:22,280 basehttp 9661 139727804036672 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:08:31,852 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:32,156 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:32,222 basehttp 9661 139727804036672 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:32,227 basehttp 9661 139727804036672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:32,292 basehttp 9661 139727804036672 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:08:32,386 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:08:32,418 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:08:39,250 basehttp 9661 139727804036672 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:39,353 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:39,452 basehttp 9661 139727804036672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:39,519 basehttp 9661 139727804036672 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:08:41,951 basehttp 9661 139727804036672 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:08:42,062 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:42,227 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:44,140 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:44,329 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:44,414 basehttp 9661 139727804036672 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:08:44,528 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:47,055 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:47,248 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:47,316 basehttp 9661 139727804036672 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:47,323 basehttp 9661 139727804036672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:47,389 basehttp 9661 139727804036672 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:08:47,469 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:08:47,494 basehttp 9661 139727804036672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:08:54,235 basehttp 9661 139727804036672 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:54,334 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:54,429 basehttp 9661 139727804036672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:08:54,496 basehttp 9661 139727804036672 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:08:56,151 basehttp 9661 139727804036672 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:08:56,285 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:08:56,454 basehttp 9661 139727795643968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:02,219 autoreload 9661 139727929180160 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:09:02,912 autoreload 9801 140354619105280 Watching for file changes with StatReloader
+INFO 2023-10-22 02:09:07,217 autoreload 9801 140354619105280 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:09:07,888 autoreload 9807 140465602699264 Watching for file changes with StatReloader
+INFO 2023-10-22 02:09:10,220 basehttp 9807 140465410143808 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:10,428 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:10,514 basehttp 9807 140465410143808 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:09:10,636 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:12,136 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:12,327 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:12,401 basehttp 9807 140465410143808 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:12,408 basehttp 9807 140465410143808 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:12,478 basehttp 9807 140465410143808 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:09:12,564 basehttp 9807 140465410143808 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:09:12,593 basehttp 9807 140465410143808 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:09:19,917 basehttp 9807 140465410143808 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:20,020 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:20,115 basehttp 9807 140465410143808 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:20,175 basehttp 9807 140465410143808 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:09:22,260 basehttp 9807 140465410143808 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:09:22,373 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:22,537 basehttp 9807 140465400702528 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:34,671 autoreload 9807 140465602699264 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 02:09:35,373 autoreload 9868 140514915848192 Watching for file changes with StatReloader
+INFO 2023-10-22 02:09:37,358 basehttp 9868 140514790733376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:37,550 basehttp 9868 140514781292096 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:37,638 basehttp 9868 140514790733376 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:09:37,761 basehttp 9868 140514781292096 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:39,098 basehttp 9868 140514781292096 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:39,290 basehttp 9868 140514781292096 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:09:39,363 basehttp 9868 140514790733376 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:39,371 basehttp 9868 140514790733376 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:39,429 basehttp 9868 140514790733376 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:09:39,516 basehttp 9868 140514790733376 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:09:39,545 basehttp 9868 140514790733376 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:09:48,340 basehttp 9868 140514790733376 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:48,348 basehttp 9868 140514790733376 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:09:48,404 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:09:50,740 basehttp 9868 140514790733376 "GET /mfa/create/TOTP/ HTTP/1.1" 200 65379
+INFO 2023-10-22 02:11:00,667 basehttp 9868 140514790733376 "GET /mfa/create/TOTP/ HTTP/1.1" 200 65884
+INFO 2023-10-22 02:11:22,889 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:11:25,310 basehttp 9868 140514790733376 "GET /mfa/create/TOTP/ HTTP/1.1" 200 66902
+INFO 2023-10-22 02:11:58,896 basehttp 9868 140514790733376 "POST /mfa/create/TOTP/ HTTP/1.1" 200 66971
+INFO 2023-10-22 02:12:14,200 basehttp 9868 140514790733376 "GET /mfa/create/TOTP/ HTTP/1.1" 200 66199
+INFO 2023-10-22 02:12:17,509 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:17,693 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:17,875 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,066 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,239 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,461 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,590 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,770 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:18,945 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:19,119 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:19,303 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:19,493 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:19,673 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:19,857 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,033 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,214 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,393 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,571 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,757 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:20,938 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:21,117 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:21,285 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:21,489 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:21,663 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:21,859 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,055 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,235 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,405 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,581 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,761 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:22,941 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:23,142 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:23,334 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:23,503 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:23,675 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:23,865 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:24,047 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:24,225 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:24,407 basehttp 9868 140514790733376 "GET /mfa/ HTTP/1.1" 200 3979
+INFO 2023-10-22 02:12:27,345 basehttp 9868 140514790733376 "GET /mfa/create/FIDO2/ HTTP/1.1" 200 4860
+WARNING 2023-10-22 02:12:27,401 basehttp 9868 140514790733376 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 02:12:27,402 basehttp 9868 140514769753664 "GET /static/mfa/fido2.js HTTP/1.1" 200 2112
+INFO 2023-10-22 02:12:31,129 basehttp 9868 140514769753664 "GET /mfa/create/recovery/ HTTP/1.1" 200 4448
+INFO 2023-10-22 02:12:36,498 basehttp 9868 140514769753664 "GET /mfa/create/TOTP/ HTTP/1.1" 200 65486
+INFO 2023-10-22 02:13:07,014 autoreload 9868 140514915848192 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 02:13:07,683 autoreload 9938 139945116246016 Watching for file changes with StatReloader
+INFO 2023-10-22 02:13:21,129 autoreload 9938 139945116246016 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 02:13:21,797 autoreload 9946 140165892005888 Watching for file changes with StatReloader
+INFO 2023-10-22 02:13:28,506 basehttp 9946 140165698811456 "GET /mfa/create/TOTP/ HTTP/1.1" 200 38428
+INFO 2023-10-22 02:14:00,859 basehttp 9946 140165698811456 "POST /mfa/create/TOTP/ HTTP/1.1" 200 38497
+INFO 2023-10-22 02:14:11,143 basehttp 9946 140165698811456 "POST /mfa/create/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:11,155 basehttp 9946 140165698811456 "GET /mfa/ HTTP/1.1" 200 4895
+INFO 2023-10-22 02:14:23,625 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:14:23,827 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:14:23,895 basehttp 9946 140165698811456 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:23,902 basehttp 9946 140165698811456 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:23,967 basehttp 9946 140165698811456 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:14:24,052 basehttp 9946 140165698811456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:14:24,080 basehttp 9946 140165698811456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:14:30,670 basehttp 9946 140165698811456 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:30,686 basehttp 9946 140165698811456 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:14:47,354 basehttp 9946 140165698811456 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:47,455 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:14:47,551 basehttp 9946 140165698811456 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:14:47,612 basehttp 9946 140165698811456 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:14:49,397 basehttp 9946 140165698811456 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:14:49,511 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:14:49,674 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 02:14:53,645 log 9946 140165698811456 Not Found: /mfa/list
+WARNING 2023-10-22 02:14:53,645 basehttp 9946 140165698811456 "GET /mfa/list HTTP/1.1" 404 4304
+INFO 2023-10-22 02:15:01,468 basehttp 9946 140165698811456 "GET /mfa HTTP/1.1" 301 0
+INFO 2023-10-22 02:15:01,479 basehttp 9946 140165698811456 "GET /mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 02:15:01,536 log 9946 140165698811456 Forbidden: /idp/login/
+WARNING 2023-10-22 02:15:01,537 basehttp 9946 140165698811456 "GET /idp/login/?next=/mfa/ HTTP/1.1" 403 4271
+INFO 2023-10-22 02:15:17,979 basehttp 9946 140165698811456 "GET /mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 02:15:17,991 log 9946 140165698811456 Forbidden: /idp/login/
+WARNING 2023-10-22 02:15:17,992 basehttp 9946 140165698811456 "GET /idp/login/?next=/mfa/ HTTP/1.1" 403 4271
+WARNING 2023-10-22 02:15:22,313 log 9946 140165698811456 Not Found: /asdsd
+WARNING 2023-10-22 02:15:22,314 basehttp 9946 140165698811456 "GET /asdsd HTTP/1.1" 404 3675
+INFO 2023-10-22 02:15:26,654 basehttp 9946 140165698811456 "GET /mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 02:15:26,668 log 9946 140165698811456 Forbidden: /idp/login/
+WARNING 2023-10-22 02:15:26,668 basehttp 9946 140165698811456 "GET /idp/login/?next=/mfa/ HTTP/1.1" 403 4271
+INFO 2023-10-22 02:15:30,188 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:15:30,425 basehttp 9946 140165688321600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:15:30,490 basehttp 9946 140165698811456 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:15:30,496 basehttp 9946 140165698811456 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:15:30,563 basehttp 9946 140165698811456 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:15:30,649 basehttp 9946 140165698811456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:15:30,678 basehttp 9946 140165698811456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:15:40,357 autoreload 9946 140165892005888 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 02:15:41,038 autoreload 10038 140066637889536 Watching for file changes with StatReloader
+INFO 2023-10-22 02:15:44,693 basehttp 10038 140066444801600 "GET /idp/login/?next=/mfa/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:15:44,716 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:15:44,756 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:15:48,580 basehttp 10038 140066444801600 "GET /mfa/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:15:48,597 basehttp 10038 140066434311744 "GET /idp/login/?next=/mfa/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:15:48,627 basehttp 10038 140066434311744 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:15:48,646 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:15:53,993 basehttp 10038 140066444801600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:15:54,233 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:15:54,307 basehttp 10038 140066444801600 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:15:54,314 basehttp 10038 140066444801600 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:15:54,384 basehttp 10038 140066444801600 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:15:54,467 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:15:54,495 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:16:00,557 basehttp 10038 140066444801600 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:16:00,577 basehttp 10038 140066444801600 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:16:17,492 basehttp 10038 140066444801600 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:16:17,590 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:16:17,685 basehttp 10038 140066444801600 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:16:17,744 basehttp 10038 140066444801600 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:16:23,428 basehttp 10038 140066444801600 "GET /mfa/ HTTP/1.1" 200 4325
+INFO 2023-10-22 02:16:28,612 basehttp 10038 140066444801600 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:16:30,106 basehttp 10038 140066444801600 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13304
+INFO 2023-10-22 02:16:30,212 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:16:30,380 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:16:30,610 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:16:30,681 basehttp 10038 140066444801600 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:16:30,793 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:16:34,332 basehttp 10038 140066444801600 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:16:34,337 basehttp 10038 140066444801600 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:16:34,409 basehttp 10038 140066444801600 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:16:34,489 basehttp 10038 140066434311744 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:16:34,517 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:18:18,735 basehttp 10038 140066444801600 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:18:18,922 basehttp 10038 140066434311744 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:18:18,992 basehttp 10038 140066444801600 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:18:18,998 basehttp 10038 140066444801600 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:18:19,060 basehttp 10038 140066444801600 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:18:19,141 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:18:19,164 basehttp 10038 140066444801600 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:28:39,962 autoreload 10504 140435873218560 Watching for file changes with StatReloader
+INFO 2023-10-22 02:29:12,629 basehttp 10504 140435679868480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:12,910 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:12,997 basehttp 10504 140435679868480 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:13,007 basehttp 10504 140435679868480 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:13,068 basehttp 10504 140435679868480 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:29:13,163 basehttp 10504 140435679868480 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:29:13,197 basehttp 10504 140435679868480 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:29:22,965 basehttp 10504 140435679868480 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:22,991 basehttp 10504 140435679868480 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:29:41,931 basehttp 10504 140435679868480 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:42,033 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:42,139 basehttp 10504 140435679868480 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:42,197 basehttp 10504 140435679868480 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:29:44,656 basehttp 10504 140435679868480 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:29:44,796 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:44,999 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:50,607 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:50,833 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:50,927 basehttp 10504 140435679868480 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:29:51,061 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:52,883 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:53,143 basehttp 10504 140435670427200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:29:53,217 basehttp 10504 140435679868480 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:53,224 basehttp 10504 140435679868480 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:29:53,289 basehttp 10504 140435679868480 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:29:53,376 basehttp 10504 140435679868480 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:29:53,404 basehttp 10504 140435679868480 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:30:01,040 basehttp 10504 140435679868480 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:30:01,056 basehttp 10504 140435679868480 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:30:06,509 basehttp 10504 140435679868480 "GET /mfa/ HTTP/1.1" 200 4325
+INFO 2023-10-22 02:30:15,201 basehttp 10504 140435679868480 "GET /mfa/create/TOTP/ HTTP/1.1" 200 40261
+INFO 2023-10-22 02:30:19,485 basehttp 10504 140435679868480 "GET /mfa/create/FIDO2/ HTTP/1.1" 200 4824
+INFO 2023-10-22 02:30:19,541 basehttp 10504 140435670427200 "GET /static/mfa/fido2.js HTTP/1.1" 304 0
+WARNING 2023-10-22 02:30:19,541 basehttp 10504 140435679868480 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 02:30:23,117 basehttp 10504 140435670427200 "GET /mfa/create/recovery/ HTTP/1.1" 200 4448
+INFO 2023-10-22 02:30:28,150 basehttp 10504 140435670427200 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 02:30:31,241 basehttp 10504 140435670427200 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 11608
+INFO 2023-10-22 02:30:31,279 basehttp 10504 140435670427200 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 02:30:32,963 basehttp 10504 140435670427200 "GET /admin_access/mfa/mfakey/2/change/ HTTP/1.1" 200 13827
+INFO 2023-10-22 02:30:33,006 basehttp 10504 140435670427200 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 13:23:44,641 autoreload 3761 139902286958592 Watching for file changes with StatReloader
+INFO 2023-10-22 13:24:09,027 basehttp 3761 139902094145088 "GET /admin_access/mfa/mfakey/2/change/ HTTP/1.1" 200 13827
+INFO 2023-10-22 13:24:09,208 basehttp 3761 139902094145088 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-10-22 13:24:09,208 basehttp 3761 139902066869824 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-10-22 13:24:09,213 basehttp 3761 139902075262528 "GET /static/admin/js/change_form.js HTTP/1.1" 200 606
+INFO 2023-10-22 13:24:09,214 basehttp 3761 139902083655232 "GET /static/admin/js/prepopulate_init.js HTTP/1.1" 200 492
+INFO 2023-10-22 13:24:09,237 basehttp 3761 139902083655232 "GET /static/admin/css/widgets.css HTTP/1.1" 200 11097
+INFO 2023-10-22 13:24:14,730 basehttp 3761 139902094145088 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:24:14,851 basehttp 3761 139902066869824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:24:20,394 basehttp 3761 139902066869824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:24:20,465 basehttp 3761 139902066869824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:24:27,472 basehttp 3761 139902083655232 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:24:27,708 basehttp 3761 139902083655232 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:24:27,796 basehttp 3761 139902066869824 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:24:27,805 basehttp 3761 139902066869824 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:24:27,870 basehttp 3761 139902066869824 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:24:27,965 basehttp 3761 139902066869824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:24:27,994 basehttp 3761 139902066869824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:24:37,780 basehttp 3761 139902066869824 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:24:37,802 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4271
+INFO 2023-10-22 13:25:09,489 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 13:26:55,217 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4429
+INFO 2023-10-22 13:27:06,306 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4419
+INFO 2023-10-22 13:27:11,692 basehttp 3761 139902083655232 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:27:37,062 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4412
+INFO 2023-10-22 13:27:37,514 basehttp 3761 139902083655232 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:27:47,829 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4417
+INFO 2023-10-22 13:27:48,189 basehttp 3761 139902083655232 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:30:02,045 basehttp 3761 139902083655232 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4361
+INFO 2023-10-22 13:30:02,410 basehttp 3761 139902066869824 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:30:02,771 basehttp 3761 139902083655232 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4361
+INFO 2023-10-22 13:30:02,978 basehttp 3761 139902066869824 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+INFO 2023-10-22 13:30:02,983 basehttp 3761 139902083655232 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4361
+INFO 2023-10-22 13:30:03,491 basehttp 3761 139902066869824 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+ERROR 2023-10-22 13:34:23,575 log 3761 139902066869824 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:23,575 basehttp 3761 139902066869824 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 148935
+INFO 2023-10-22 13:34:36,381 autoreload 4787 139996553216000 Watching for file changes with StatReloader
+ERROR 2023-10-22 13:34:40,510 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:40,511 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:41,396 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:41,396 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:41,949 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:41,951 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:42,340 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:42,341 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:42,620 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:42,621 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:42,810 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:42,811 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:43,006 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:43,007 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:43,220 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: auth_base.html
+ERROR 2023-10-22 13:34:43,221 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 146501
+ERROR 2023-10-22 13:34:56,360 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 125, in find_template
+    template = loader.get_template(name, skip=skip)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loaders/base.py", line 29, in get_template
+    return Template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 155, in __init__
+    self.nodelist = self.compile_nodelist()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 193, in compile_nodelist
+    return parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 278, in do_extends
+    nodelist = parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 216, in do_block
+    nodelist = parser.parse(('endblock',))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 483, in parse
+    self.unclosed_block_tag(parse_until)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 544, in unclosed_block_tag
+    raise self.error(token, msg)
+django.template.exceptions.TemplateSyntaxError: Unclosed tag on line 6: 'block'. Looking for one of: endblock.
+ERROR 2023-10-22 13:34:56,361 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 190450
+ERROR 2023-10-22 13:35:21,866 log 4787 139996428236352 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 125, in find_template
+    template = loader.get_template(name, skip=skip)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loaders/base.py", line 29, in get_template
+    return Template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 155, in __init__
+    self.nodelist = self.compile_nodelist()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 193, in compile_nodelist
+    return parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 278, in do_extends
+    nodelist = parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 216, in do_block
+    nodelist = parser.parse(('endblock',))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 483, in parse
+    self.unclosed_block_tag(parse_until)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 544, in unclosed_block_tag
+    raise self.error(token, msg)
+django.template.exceptions.TemplateSyntaxError: Unclosed tag on line 6: 'block'. Looking for one of: endblock.
+ERROR 2023-10-22 13:35:21,867 basehttp 4787 139996428236352 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 189924
+INFO 2023-10-22 13:35:24,864 autoreload 4807 140164112416768 Watching for file changes with StatReloader
+ERROR 2023-10-22 13:35:25,713 log 4807 140163988584000 Internal Server Error: /mfa/auth/TOTP/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 125, in find_template
+    template = loader.get_template(name, skip=skip)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loaders/base.py", line 29, in get_template
+    return Template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 155, in __init__
+    self.nodelist = self.compile_nodelist()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 193, in compile_nodelist
+    return parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 278, in do_extends
+    nodelist = parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 216, in do_block
+    nodelist = parser.parse(('endblock',))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 483, in parse
+    self.unclosed_block_tag(parse_until)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 544, in unclosed_block_tag
+    raise self.error(token, msg)
+django.template.exceptions.TemplateSyntaxError: Unclosed tag on line 6: 'block'. Looking for one of: endblock.
+ERROR 2023-10-22 13:35:25,713 basehttp 4807 140163988584000 "GET /mfa/auth/TOTP/ HTTP/1.1" 500 189924
+INFO 2023-10-22 13:35:46,353 basehttp 4807 140163988584000 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4343
+INFO 2023-10-22 13:35:46,735 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:35:49,446 basehttp 4807 140163988584000 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4435
+WARNING 2023-10-22 13:35:49,494 basehttp 4807 140163988584000 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:35:49,495 basehttp 4807 140163900499520 "GET /static/mfa/fido2.js HTTP/1.1" 200 2112
+INFO 2023-10-22 13:35:49,803 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:35:51,397 basehttp 4807 140163900499520 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4343
+INFO 2023-10-22 13:35:51,616 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:35:53,226 basehttp 4807 140163900499520 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4412
+INFO 2023-10-22 13:35:53,430 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:35:55,712 basehttp 4807 140163900499520 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4343
+INFO 2023-10-22 13:35:55,927 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:36:27,364 basehttp 4807 140163900499520 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4431
+INFO 2023-10-22 13:36:27,666 basehttp 4807 140163908892224 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:03,590 autoreload 4876 139640521318400 Watching for file changes with StatReloader
+INFO 2023-10-22 13:39:06,353 basehttp 4876 139640325535296 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4431
+INFO 2023-10-22 13:39:06,659 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:08,714 basehttp 4876 139640325535296 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4596
+WARNING 2023-10-22 13:39:08,754 basehttp 4876 139640325535296 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:39:09,007 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:20,476 basehttp 4876 139640300357184 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4596
+WARNING 2023-10-22 13:39:20,512 basehttp 4876 139640300357184 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:39:20,733 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:21,840 basehttp 4876 139640308749888 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4431
+INFO 2023-10-22 13:39:22,156 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:23,765 basehttp 4876 139640308749888 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4596
+WARNING 2023-10-22 13:39:23,808 basehttp 4876 139640325535296 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:39:24,046 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:39:31,427 basehttp 4876 139640308749888 "GET /mfa HTTP/1.1" 301 0
+ERROR 2023-10-22 13:39:31,471 log 4876 139640308749888 Internal Server Error: /mfa/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 81, in rendered_content
+    template = self.resolve_template(self.template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 63, in resolve_template
+    return select_template(template, using=self.using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 42, in select_template
+    return engine.get_template(template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 34, in get_template
+    return Template(self.engine.get_template(template_name), self)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 143, in get_template
+    template, origin = self.find_template(template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 125, in find_template
+    template = loader.get_template(name, skip=skip)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loaders/base.py", line 29, in get_template
+    return Template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 155, in __init__
+    self.nodelist = self.compile_nodelist()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 193, in compile_nodelist
+    return parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 278, in do_extends
+    nodelist = parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 216, in do_block
+    nodelist = parser.parse(('endblock',))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/defaulttags.py", line 968, in do_if
+    nodelist = parser.parse(('elif', 'else', 'endif'))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/templatetags/i18n.py", line 370, in do_translate
+    message_string = parser.compile_filter(bits[1])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 563, in compile_filter
+    return FilterExpression(token, self)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 662, in __init__
+    raise TemplateSyntaxError("Could not parse the remainder: '%s' "
+django.template.exceptions.TemplateSyntaxError: Could not parse the remainder: 't' from ''You have registered only a single key. If you lose access to that key you won't'
+ERROR 2023-10-22 13:39:31,473 basehttp 4876 139640308749888 "GET /mfa/ HTTP/1.1" 500 206059
+INFO 2023-10-22 13:41:00,686 basehttp 4876 139640308749888 "GET /mfa/ HTTP/1.1" 200 4501
+INFO 2023-10-22 13:41:01,080 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:41:11,731 basehttp 4876 139640308749888 "GET /mfa/create/TOTP/ HTTP/1.1" 200 39546
+INFO 2023-10-22 13:41:12,019 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:42:10,375 basehttp 4876 139640308749888 "GET /mfa/create/TOTP/ HTTP/1.1" 200 39808
+INFO 2023-10-22 13:42:10,663 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:47:59,828 basehttp 4876 139640308749888 "GET /mfa/create/TOTP/ HTTP/1.1" 200 39567
+INFO 2023-10-22 13:48:00,120 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:48:38,548 basehttp 4876 139640308749888 "GET /mfa/create/TOTP/ HTTP/1.1" 200 39866
+INFO 2023-10-22 13:48:38,838 basehttp 4876 139640317142592 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 13:48:51,074 basehttp 4876 139640308749888 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4588
+WARNING 2023-10-22 13:48:51,109 basehttp 4876 139640308749888 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:48:52,506 basehttp 4876 139640300357184 "POST /mfa/auth/FIDO2/ HTTP/1.1" 200 4613
+WARNING 2023-10-22 13:48:52,538 basehttp 4876 139640300357184 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:48:57,510 basehttp 4876 139640325535296 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4423
+INFO 2023-10-22 13:49:08,465 basehttp 4876 139640325535296 "GET /mfa/ HTTP/1.1" 200 4493
+INFO 2023-10-22 13:49:10,426 basehttp 4876 139640325535296 "GET /mfa/2/delete/ HTTP/1.1" 200 4189
+INFO 2023-10-22 13:49:13,916 basehttp 4876 139640325535296 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4588
+WARNING 2023-10-22 13:49:13,961 basehttp 4876 139640325535296 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:49:18,681 basehttp 4876 139640300357184 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4423
+INFO 2023-10-22 13:49:22,000 basehttp 4876 139640300357184 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4588
+WARNING 2023-10-22 13:49:22,044 basehttp 4876 139640300357184 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:49:29,158 basehttp 4876 139640325535296 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4423
+INFO 2023-10-22 13:49:55,876 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:07,807 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:09,863 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:11,089 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:11,463 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:11,815 basehttp 4876 139640325535296 "POST /mfa/auth/recovery/ HTTP/1.1" 200 4476
+INFO 2023-10-22 13:50:45,380 basehttp 4876 139640325535296 "GET /mfa/auth/recovery/ HTTP/1.1" 200 4423
+INFO 2023-10-22 13:50:46,493 basehttp 4876 139640325535296 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4335
+INFO 2023-10-22 13:50:46,997 basehttp 4876 139640325535296 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:50:47,053 basehttp 4876 139640325535296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:50:48,659 basehttp 4876 139640325535296 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:50:48,861 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:50:48,932 basehttp 4876 139640325535296 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:50:48,939 basehttp 4876 139640325535296 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:50:49,009 basehttp 4876 139640325535296 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:50:49,096 basehttp 4876 139640325535296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:50:49,128 basehttp 4876 139640325535296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:50:57,794 basehttp 4876 139640325535296 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:50:57,812 basehttp 4876 139640325535296 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4335
+INFO 2023-10-22 13:51:11,298 basehttp 4876 139640325535296 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:51:11,408 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:11,518 basehttp 4876 139640325535296 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:51:11,584 basehttp 4876 139640325535296 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 13:51:13,852 basehttp 4876 139640325535296 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 13:51:13,962 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:14,137 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:16,185 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:16,360 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:16,443 basehttp 4876 139640325535296 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 13:51:16,561 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:18,170 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:18,362 basehttp 4876 139640317142592 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:51:18,430 basehttp 4876 139640325535296 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:51:18,437 basehttp 4876 139640325535296 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:51:18,500 basehttp 4876 139640325535296 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:51:18,587 basehttp 4876 139640325535296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:51:18,617 basehttp 4876 139640325535296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:54:03,963 autoreload 5368 139637734551552 Watching for file changes with StatReloader
+INFO 2023-10-22 13:54:06,531 basehttp 5368 139637609723456 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:06,535 basehttp 5368 139637609723456 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:06,599 basehttp 5368 139637609723456 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+INFO 2023-10-22 13:54:06,658 basehttp 5368 139637609723456 "GET /static/css/overrides.css HTTP/1.1" 200 8485
+INFO 2023-10-22 13:54:06,661 basehttp 5368 139637591889472 "GET /static/css/unical-style.css HTTP/1.1" 200 4882
+INFO 2023-10-22 13:54:06,661 basehttp 5368 139637238527552 "GET /static/css/idp_style.css HTTP/1.1" 200 1265
+INFO 2023-10-22 13:54:06,662 basehttp 5368 139637600282176 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+INFO 2023-10-22 13:54:06,671 basehttp 5368 139637583496768 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 200 345665
+WARNING 2023-10-22 13:54:06,821 basehttp 5368 139637600282176 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:54:06,968 basehttp 5368 139637583496768 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:54:07,831 basehttp 5368 139637583496768 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:54:08,036 basehttp 5368 139637600282176 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:54:08,111 basehttp 5368 139637583496768 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:08,118 basehttp 5368 139637583496768 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:08,187 basehttp 5368 139637583496768 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:54:08,278 basehttp 5368 139637583496768 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:54:08,313 basehttp 5368 139637583496768 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:54:20,373 basehttp 5368 139637583496768 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:20,390 basehttp 5368 139637583496768 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:54:33,298 basehttp 5368 139637583496768 "POST /mfa/auth/TOTP/ HTTP/1.1" 200 4389
+INFO 2023-10-22 13:54:42,706 basehttp 5368 139637583496768 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:42,809 basehttp 5368 139637600282176 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:54:42,910 basehttp 5368 139637583496768 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:54:42,980 basehttp 5368 139637583496768 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 13:55:08,369 basehttp 5368 139637583496768 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 13:55:08,479 basehttp 5368 139637600282176 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:55:08,647 basehttp 5368 139637600282176 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:55:16,421 basehttp 5368 139637583496768 "GET /admin_access/mfa/mfakey/2/delete/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:55:16,425 basehttp 5368 139637583496768 "GET /admin_access/login/?next=/admin_access/mfa/mfakey/2/delete/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:55:16,486 basehttp 5368 139637583496768 "GET /idp/login/?next=/admin_access/mfa/mfakey/2/delete/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:55:16,607 basehttp 5368 139637583496768 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:55:16,646 basehttp 5368 139637583496768 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:55:28,774 autoreload 5368 139637734551552 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 13:55:29,488 autoreload 5538 140198964768768 Watching for file changes with StatReloader
+INFO 2023-10-22 13:55:32,087 basehttp 5538 140198840104512 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:55:32,327 basehttp 5538 140198830663232 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:55:32,404 basehttp 5538 140198840104512 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:55:32,411 basehttp 5538 140198840104512 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:55:32,477 basehttp 5538 140198840104512 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:55:32,558 basehttp 5538 140198840104512 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 13:55:32,589 basehttp 5538 140198840104512 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 13:55:41,018 basehttp 5538 140198840104512 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:55:41,041 basehttp 5538 140198840104512 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:55:52,049 basehttp 5538 140198840104512 "GET /mfa/auth/FIDO2/ HTTP/1.1" 200 4589
+WARNING 2023-10-22 13:55:52,082 basehttp 5538 140198840104512 "GET /static/cbor-js/cbor.js HTTP/1.1" 404 1804
+INFO 2023-10-22 13:55:56,384 basehttp 5538 140198830663232 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4336
+INFO 2023-10-22 13:56:17,656 basehttp 5538 140198830663232 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:17,764 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:17,867 basehttp 5538 140198830663232 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:17,931 basehttp 5538 140198830663232 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 13:56:20,153 basehttp 5538 140198830663232 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13304
+INFO 2023-10-22 13:56:20,270 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:20,435 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:20,670 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:20,740 basehttp 5538 140198830663232 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 13:56:20,851 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:22,607 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:22,790 basehttp 5538 140198820173376 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 13:56:22,854 basehttp 5538 140198830663232 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:22,861 basehttp 5538 140198830663232 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 13:56:22,931 basehttp 5538 140198830663232 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 13:56:23,021 basehttp 5538 140198830663232 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
diff --git a/example/logs/django.log.2 b/example/logs/django.log.2
new file mode 100644
index 0000000..5f6529d
--- /dev/null
+++ b/example/logs/django.log.2
@@ -0,0 +1,1009 @@
+INFO 2023-10-22 00:43:43,060 basehttp 6137 140018460911168 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:43,238 basehttp 6137 140018460911168 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:45,508 basehttp 6137 140018460911168 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:43:45,600 log 6137 140018470352448 Forbidden: /idp/slo/post
+WARNING 2023-10-22 00:43:45,601 basehttp 6137 140018470352448 "POST /idp/slo/post HTTP/1.1" 403 4253
+INFO 2023-10-22 00:43:58,846 basehttp 6137 140018460911168 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:58,857 basehttp 6137 140018460911168 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2251
+INFO 2023-10-22 00:43:58,929 basehttp 6137 140018451469888 "GET /static/admin/css/nav_sidebar.css HTTP/1.1" 200 2271
+INFO 2023-10-22 00:43:58,929 basehttp 6137 140018460911168 "GET /static/admin/css/base.css HTTP/1.1" 200 19513
+INFO 2023-10-22 00:43:58,930 basehttp 6137 140018429437504 "GET /static/admin/js/nav_sidebar.js HTTP/1.1" 200 1360
+INFO 2023-10-22 00:43:58,930 basehttp 6137 140018081330752 "GET /static/admin/css/login.css HTTP/1.1" 200 939
+INFO 2023-10-22 00:43:58,930 basehttp 6137 140018437830208 "GET /static/admin/css/responsive.css HTTP/1.1" 200 18545
+INFO 2023-10-22 00:43:58,983 basehttp 6137 140018437830208 "GET /static/admin/css/fonts.css HTTP/1.1" 200 423
+INFO 2023-10-22 00:43:59,006 basehttp 6137 140018451469888 "GET /static/admin/fonts/Roboto-Light-webfont.woff HTTP/1.1" 200 85692
+INFO 2023-10-22 00:43:59,007 basehttp 6137 140018437830208 "GET /static/admin/fonts/Roboto-Regular-webfont.woff HTTP/1.1" 200 85876
+INFO 2023-10-22 00:44:15,434 autoreload 6137 140018662662144 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:44:16,110 autoreload 6394 140367407685632 Watching for file changes with StatReloader
+INFO 2023-10-22 00:44:20,310 autoreload 6394 140367407685632 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 00:44:20,968 autoreload 6401 139801258950656 Watching for file changes with StatReloader
+INFO 2023-10-22 00:44:29,323 autoreload 6401 139801258950656 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:44:29,985 autoreload 6407 140057508491264 Watching for file changes with StatReloader
+INFO 2023-10-22 00:44:33,273 autoreload 6407 140057508491264 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:44:33,937 autoreload 6413 140118943068160 Watching for file changes with StatReloader
+INFO 2023-10-22 00:44:55,479 autoreload 6413 140118943068160 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:44:56,144 autoreload 6429 140668085854208 Watching for file changes with StatReloader
+INFO 2023-10-22 00:44:58,191 basehttp 6429 140667893315136 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:44:58,495 basehttp 6429 140667883873856 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:44:58,578 basehttp 6429 140667893315136 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:44:58,584 basehttp 6429 140667893315136 "GET /idp/login/process/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:44:58,637 log 6429 140667893315136 Not Found: /idp/login/
+WARNING 2023-10-22 00:44:58,637 basehttp 6429 140667893315136 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 404 4989
+INFO 2023-10-22 00:45:03,039 basehttp 6429 140667893315136 "GET /idp/login/process_user_agreement/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:45:03,048 log 6429 140667893315136 Not Found: /idp/login/
+WARNING 2023-10-22 00:45:03,048 basehttp 6429 140667893315136 "GET /idp/login/?next=/idp/login/process_user_agreement/ HTTP/1.1" 404 5004
+INFO 2023-10-22 00:45:07,416 basehttp 6429 140667883873856 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:45:07,597 basehttp 6429 140667883873856 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:45:07,663 basehttp 6429 140667893315136 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:45:07,670 basehttp 6429 140667893315136 "GET /idp/login/process/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:45:07,723 log 6429 140667893315136 Not Found: /idp/login/
+WARNING 2023-10-22 00:45:07,723 basehttp 6429 140667893315136 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 404 4989
+INFO 2023-10-22 00:45:42,161 autoreload 6429 140668085854208 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:45:42,828 autoreload 6465 139685674848256 Watching for file changes with StatReloader
+INFO 2023-10-22 00:45:44,987 autoreload 6465 139685674848256 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:45:45,632 autoreload 6471 139752256798720 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:45:47,645 log 6471 139752061793856 Not Found: /idp/login/
+WARNING 2023-10-22 00:45:47,646 basehttp 6471 139752061793856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 404 5003
+WARNING 2023-10-22 00:45:48,218 log 6471 139752061793856 Not Found: /idp/login/
+WARNING 2023-10-22 00:45:48,219 basehttp 6471 139752061793856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 404 5003
+INFO 2023-10-22 00:45:53,080 basehttp 6471 139752053401152 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:45:53,268 basehttp 6471 139752053401152 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:45:53,346 basehttp 6471 139752061793856 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:45:53,354 basehttp 6471 139752061793856 "GET /idp/login/process/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:45:53,412 log 6471 139752061793856 Not Found: /idp/login/
+WARNING 2023-10-22 00:45:53,413 basehttp 6471 139752061793856 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 404 5003
+INFO 2023-10-22 00:46:14,380 autoreload 6471 139752256798720 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:46:15,035 autoreload 6491 139970195124224 Watching for file changes with StatReloader
+INFO 2023-10-22 00:46:37,588 autoreload 6491 139970195124224 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:46:38,261 autoreload 6501 140173497008128 Watching for file changes with StatReloader
+INFO 2023-10-22 00:46:53,737 autoreload 6501 140173497008128 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:46:54,405 autoreload 6509 140277903167488 Watching for file changes with StatReloader
+INFO 2023-10-22 00:47:00,557 basehttp 6509 140277710845504 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:47:00,593 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:47:00,623 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:47:09,913 basehttp 6509 140277710845504 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:10,028 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:10,135 basehttp 6509 140277710845504 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:10,193 basehttp 6509 140277710845504 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 00:47:14,004 basehttp 6509 140277710845504 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 00:47:14,116 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:14,280 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:16,358 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:16,534 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:16,614 basehttp 6509 140277710845504 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 00:47:16,733 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:19,029 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:19,213 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:19,280 basehttp 6509 140277710845504 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:19,286 basehttp 6509 140277710845504 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:19,359 basehttp 6509 140277710845504 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:47:19,440 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:47:19,465 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:47:28,959 basehttp 6509 140277710845504 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:29,061 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:29,155 basehttp 6509 140277710845504 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:29,213 basehttp 6509 140277710845504 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 00:47:31,259 basehttp 6509 140277710845504 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 00:47:31,371 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:31,537 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:33,409 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:33,587 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:33,670 basehttp 6509 140277710845504 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 00:47:33,794 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:47:40,104 basehttp 6509 140277710845504 "GET /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:40,125 basehttp 6509 140277710845504 "GET /admin_access/login/?next=/admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:47:40,179 log 6509 140277710845504 Forbidden: /idp/login/
+WARNING 2023-10-22 00:47:40,179 basehttp 6509 140277710845504 "GET /idp/login/?next=/admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:47:51,844 basehttp 6509 140277710845504 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:47:51,856 basehttp 6509 140277710845504 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:47:51,915 log 6509 140277710845504 Forbidden: /idp/login/
+WARNING 2023-10-22 00:47:51,915 basehttp 6509 140277710845504 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:48:25,118 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:48:25,311 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:48:25,378 basehttp 6509 140277710845504 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:48:25,385 basehttp 6509 140277710845504 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:48:25,454 basehttp 6509 140277710845504 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:48:25,537 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:48:25,567 basehttp 6509 140277710845504 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:48:33,871 basehttp 6509 140277710845504 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:48:33,972 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:48:34,072 basehttp 6509 140277710845504 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:48:34,138 basehttp 6509 140277710845504 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 00:48:36,365 basehttp 6509 140277710845504 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 00:48:36,482 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:48:36,649 basehttp 6509 140277700355648 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:48:41,940 basehttp 6509 140277710845504 "GET /idp/mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:48:41,950 log 6509 140277710845504 Forbidden: /idp/login/
+WARNING 2023-10-22 00:48:41,951 basehttp 6509 140277710845504 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:48:48,849 log 6509 140277710845504 Not Found: /idp/mfa/list
+WARNING 2023-10-22 00:48:48,850 basehttp 6509 140277710845504 "GET /idp/mfa/list HTTP/1.1" 404 5753
+INFO 2023-10-22 00:48:56,056 basehttp 6509 140277710845504 "GET /idp/mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:48:56,069 log 6509 140277710845504 Forbidden: /idp/login/
+WARNING 2023-10-22 00:48:56,069 basehttp 6509 140277710845504 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:49:24,022 autoreload 6509 140277903167488 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:49:24,691 autoreload 6679 140472605315072 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:49:32,401 log 6679 140472408340032 Forbidden: /idp/login/
+WARNING 2023-10-22 00:49:32,402 basehttp 6679 140472408340032 "GET /idp/login/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:49:40,208 autoreload 6679 140472605315072 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:49:40,863 autoreload 6690 140642851069952 Watching for file changes with StatReloader
+INFO 2023-10-22 00:50:00,373 autoreload 6690 140642851069952 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:50:01,026 autoreload 6697 140570707070976 Watching for file changes with StatReloader
+INFO 2023-10-22 00:50:44,911 autoreload 6697 140570707070976 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:50:45,591 autoreload 6705 139849226063872 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:50:47,119 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:47,119 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:50,838 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:50,838 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,049 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,050 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,262 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,263 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,452 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,452 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,636 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,637 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,816 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,816 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:51,989 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:51,989 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:52,189 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:52,189 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:52,370 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:52,370 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:50:52,552 log 6705 139849034102336 Forbidden: /idp/login/
+WARNING 2023-10-22 00:50:52,552 basehttp 6705 139849034102336 "GET /idp/login/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:50:59,078 autoreload 6705 139849226063872 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:50:59,764 autoreload 6713 140420140777472 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:51:00,478 log 6713 140420016240192 Forbidden: /idp/login/
+WARNING 2023-10-22 00:51:00,479 basehttp 6713 140420016240192 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:51:00,960 log 6713 140420016240192 Forbidden: /idp/login/
+WARNING 2023-10-22 00:51:00,964 basehttp 6713 140420016240192 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:51:01,141 log 6713 140420016240192 Forbidden: /idp/login/
+WARNING 2023-10-22 00:51:01,141 basehttp 6713 140420016240192 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:51:01,332 log 6713 140420016240192 Forbidden: /idp/login/
+WARNING 2023-10-22 00:51:01,332 basehttp 6713 140420016240192 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:51:01,492 log 6713 140420016240192 Forbidden: /idp/login/
+WARNING 2023-10-22 00:51:01,492 basehttp 6713 140420016240192 "GET /idp/login/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:51:10,149 autoreload 6713 140420140777472 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:51:10,822 autoreload 6720 140318799978496 Watching for file changes with StatReloader
+INFO 2023-10-22 00:51:27,388 autoreload 6720 140318799978496 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:51:28,127 autoreload 6728 139946401087488 Watching for file changes with StatReloader
+INFO 2023-10-22 00:52:00,834 autoreload 6728 139946401087488 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:52:01,490 autoreload 6737 140508545540096 Watching for file changes with StatReloader
+INFO 2023-10-22 00:52:04,714 autoreload 6737 140508545540096 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 00:52:05,368 autoreload 6743 140120957304832 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:52:08,490 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:08,490 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:09,205 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:09,205 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:09,517 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:09,517 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:09,719 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:09,720 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:09,916 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:09,916 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:10,113 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:10,114 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:10,307 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:10,307 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:10,495 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:10,495 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:10,735 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:10,735 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:31,767 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:31,768 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:32,244 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:32,244 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 00:52:32,472 log 6743 140120757892672 Forbidden: /idp/login/
+WARNING 2023-10-22 00:52:32,472 basehttp 6743 140120757892672 "GET /idp/login/ HTTP/1.1" 403 4253
+INFO 2023-10-22 00:52:34,909 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:35,154 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:35,230 basehttp 6743 140120757892672 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:35,236 basehttp 6743 140120757892672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:35,304 basehttp 6743 140120757892672 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:52:35,393 basehttp 6743 140120757892672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:52:35,433 basehttp 6743 140120757892672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:52:44,709 basehttp 6743 140120757892672 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:44,809 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:44,906 basehttp 6743 140120757892672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:44,969 basehttp 6743 140120757892672 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 00:52:49,115 basehttp 6743 140120757892672 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13304
+INFO 2023-10-22 00:52:49,225 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:49,385 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:49,611 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:49,681 basehttp 6743 140120757892672 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 00:52:49,789 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:51,556 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:51,746 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:52:51,818 basehttp 6743 140120757892672 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:51,827 basehttp 6743 140120757892672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:52:51,889 basehttp 6743 140120757892672 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:52:51,969 basehttp 6743 140120757892672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:52:51,993 basehttp 6743 140120757892672 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:52:59,943 basehttp 6743 140120757892672 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:53:00,055 basehttp 6743 140120749499968 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:53:00,148 basehttp 6743 140120757892672 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:53:00,212 basehttp 6743 140120757892672 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+ERROR 2023-10-22 00:53:05,290 log 6743 140120757892672 Internal Server Error: /idp/mfa/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 81, in rendered_content
+    template = self.resolve_template(self.template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 63, in resolve_template
+    return select_template(template, using=self.using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 47, in select_template
+    raise TemplateDoesNotExist(', '.join(template_name_list), chain=chain)
+django.template.exceptions.TemplateDoesNotExist: mfa/mfakey_list.html
+ERROR 2023-10-22 00:53:05,291 basehttp 6743 140120757892672 "GET /idp/mfa/ HTTP/1.1" 500 106066
+ERROR 2023-10-22 00:53:48,195 log 6743 140120757892672 Internal Server Error: /idp/mfa/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 84, in _execute
+    return self.cursor.execute(sql, params)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/sqlite3/base.py", line 423, in execute
+    return Database.Cursor.execute(self, query, params)
+sqlite3.OperationalError: no such column: mfa_mfakey.last_code
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/defaulttags.py", line 314, in render
+    if match:
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/models/query.py", line 284, in __bool__
+    self._fetch_all()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/models/query.py", line 1324, in _fetch_all
+    self._result_cache = list(self._iterable_class(self))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/models/query.py", line 51, in __iter__
+    results = compiler.execute_sql(chunked_fetch=self.chunked_fetch, chunk_size=self.chunk_size)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/models/sql/compiler.py", line 1175, in execute_sql
+    cursor.execute(sql, params)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 98, in execute
+    return super().execute(sql, params)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 66, in execute
+    return self._execute_with_wrappers(sql, params, many=False, executor=self._execute)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 75, in _execute_with_wrappers
+    return executor(sql, params, many, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 79, in _execute
+    with self.db.wrap_database_errors:
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/utils.py", line 90, in __exit__
+    raise dj_exc_value.with_traceback(traceback) from exc_value
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/utils.py", line 84, in _execute
+    return self.cursor.execute(sql, params)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/db/backends/sqlite3/base.py", line 423, in execute
+    return Database.Cursor.execute(self, query, params)
+django.db.utils.OperationalError: no such column: mfa_mfakey.last_code
+ERROR 2023-10-22 00:53:48,197 basehttp 6743 140120757892672 "GET /idp/mfa/ HTTP/1.1" 500 182422
+INFO 2023-10-22 00:59:43,232 autoreload 7155 139810502365184 Watching for file changes with StatReloader
+ERROR 2023-10-22 00:59:47,993 log 7155 139810310190656 Internal Server Error: /idp/mfa/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/urls/base.py", line 71, in reverse
+    extra, resolver = resolver.namespace_dict[ns]
+KeyError: 'mfa'
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 204, in _get_response
+    response = response.render()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 105, in render
+    self.content = self.rendered_content
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/response.py", line 83, in rendered_content
+    return template.render(context, self._request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/defaulttags.py", line 449, in render
+    url = reverse(view_name, args=args, kwargs=kwargs, current_app=current_app)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/urls/base.py", line 82, in reverse
+    raise NoReverseMatch("%s is not a registered namespace" % key)
+django.urls.exceptions.NoReverseMatch: 'mfa' is not a registered namespace
+ERROR 2023-10-22 00:59:47,993 basehttp 7155 139810310190656 "GET /idp/mfa/ HTTP/1.1" 500 134288
+INFO 2023-10-22 01:00:45,439 autoreload 7155 139810502365184 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 01:00:46,099 autoreload 7191 139980285362176 Watching for file changes with StatReloader
+INFO 2023-10-22 01:01:13,754 autoreload 7191 139980285362176 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-22 01:01:14,414 autoreload 7209 140615534575616 Watching for file changes with StatReloader
+INFO 2023-10-22 01:01:19,718 autoreload 7209 140615534575616 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-22 01:01:20,391 autoreload 7219 140559977897984 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:01:22,080 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:22,081 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:23,080 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:23,081 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:23,535 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:23,536 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:23,745 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:23,746 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:23,956 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:23,956 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:24,137 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:24,137 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:24,325 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:24,325 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+WARNING 2023-10-22 01:01:24,503 log 7219 140559784080960 Not Found: /idp/mfa/
+WARNING 2023-10-22 01:01:24,503 basehttp 7219 140559784080960 "GET /idp/mfa/ HTTP/1.1" 404 4917
+INFO 2023-10-22 01:01:27,237 basehttp 7219 140559784080960 "GET /mfa/ HTTP/1.1" 200 346
+INFO 2023-10-22 01:01:32,052 basehttp 7219 140559784080960 "GET /mfa/create/TOTP/ HTTP/1.1" 200 34179
+INFO 2023-10-22 01:02:23,609 basehttp 7219 140559784080960 "POST /mfa/create/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:23,627 basehttp 7219 140559784080960 "GET /mfa/ HTTP/1.1" 200 693
+INFO 2023-10-22 01:02:40,012 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:40,193 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:40,264 basehttp 7219 140559784080960 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:40,271 basehttp 7219 140559784080960 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:40,333 basehttp 7219 140559784080960 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5971
+WARNING 2023-10-22 01:02:40,420 basehttp 7219 140559784080960 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:02:40,451 basehttp 7219 140559784080960 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:02:50,420 basehttp 7219 140559784080960 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:50,520 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:50,644 basehttp 7219 140559784080960 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:50,706 basehttp 7219 140559784080960 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:02:53,739 basehttp 7219 140559784080960 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:02:53,846 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:54,020 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:56,079 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:56,261 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:56,346 basehttp 7219 140559784080960 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:02:56,468 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:58,720 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:58,896 basehttp 7219 140559775688256 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:02:58,962 basehttp 7219 140559784080960 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:58,968 basehttp 7219 140559784080960 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:02:59,031 basehttp 7219 140559784080960 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:02:59,109 basehttp 7219 140559784080960 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:02:59,136 basehttp 7219 140559784080960 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:03:52,125 autoreload 7219 140559977897984 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:03:52,810 autoreload 7317 140649518952448 Watching for file changes with StatReloader
+INFO 2023-10-22 01:03:56,809 basehttp 7317 140649394337344 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:03:57,003 basehttp 7317 140649384896064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:03:57,076 basehttp 7317 140649394337344 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:03:57,082 basehttp 7317 140649394337344 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:03:57,148 basehttp 7317 140649394337344 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:03:57,226 basehttp 7317 140649394337344 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:03:57,256 basehttp 7317 140649394337344 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:04:03,923 basehttp 7317 140649394337344 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:04:04,024 basehttp 7317 140649384896064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:04:04,119 basehttp 7317 140649394337344 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:04:04,186 basehttp 7317 140649394337344 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:04:05,994 basehttp 7317 140649394337344 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:04:06,118 basehttp 7317 140649384896064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:04:06,277 basehttp 7317 140649384896064 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:05:07,343 autoreload 7317 140649518952448 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:05:08,048 autoreload 7377 140369035935744 Watching for file changes with StatReloader
+INFO 2023-10-22 01:05:41,775 autoreload 7377 140369035935744 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:05:42,437 autoreload 7389 140015577006080 Watching for file changes with StatReloader
+INFO 2023-10-22 01:07:04,714 autoreload 7451 139778141765632 Watching for file changes with StatReloader
+INFO 2023-10-22 01:07:05,189 basehttp 7451 139777951135296 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:07:05,196 basehttp 7451 139777951135296 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+WARNING 2023-10-22 01:07:05,259 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:05,260 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:06,450 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:06,451 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:06,989 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:06,991 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:07,261 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:07,262 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:07,435 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:07,435 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:07,639 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:07,639 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:07,839 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:07,839 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,025 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,025 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,220 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,221 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,404 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,404 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,594 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,594 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,775 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,775 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+WARNING 2023-10-22 01:07:08,964 log 7451 139777951135296 Forbidden: /idp/login/
+WARNING 2023-10-22 01:07:08,965 basehttp 7451 139777951135296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+INFO 2023-10-22 01:08:08,919 autoreload 7451 139778141765632 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:08:09,585 autoreload 7466 139979270541312 Watching for file changes with StatReloader
+INFO 2023-10-22 01:08:24,829 basehttp 7466 139979078497856 "GET /admin_access/?bipass=1 HTTP/1.1" 302 0
+INFO 2023-10-22 01:08:24,834 basehttp 7466 139979078497856 "GET /admin_access/login/?next=/admin_access/%3Fbipass%3D1 HTTP/1.1" 302 0
+WARNING 2023-10-22 01:08:24,897 log 7466 139979078497856 Forbidden: /idp/login/
+WARNING 2023-10-22 01:08:24,897 basehttp 7466 139979078497856 "GET /idp/login/?next=/admin_access/%3Fbipass%3D1 HTTP/1.1" 403 4253
+INFO 2023-10-22 01:08:37,818 basehttp 7466 139979078497856 "GET /admin_access/?bypass=1 HTTP/1.1" 302 0
+INFO 2023-10-22 01:08:37,830 basehttp 7466 139979078497856 "GET /admin_access/login/?next=/admin_access/%3Fbypass%3D1 HTTP/1.1" 302 0
+WARNING 2023-10-22 01:08:37,890 log 7466 139979078497856 Forbidden: /idp/login/
+WARNING 2023-10-22 01:08:37,891 basehttp 7466 139979078497856 "GET /idp/login/?next=/admin_access/%3Fbypass%3D1 HTTP/1.1" 403 4253
+INFO 2023-10-22 01:08:55,539 autoreload 7466 139979270541312 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:08:56,217 autoreload 7480 139787524153344 Watching for file changes with StatReloader
+INFO 2023-10-22 01:09:04,760 basehttp 7480 139787398805056 "GET /admin_access/?bypass=1 HTTP/1.1" 302 0
+INFO 2023-10-22 01:09:04,765 basehttp 7480 139787398805056 "GET /admin_access/login/?next=/admin_access/%3Fbypass%3D1 HTTP/1.1" 302 0
+INFO 2023-10-22 01:09:44,280 autoreload 7480 139787524153344 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:09:44,998 autoreload 7497 139848473239552 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:09:45,721 log 7497 139848282273344 Forbidden: /idp/login/
+WARNING 2023-10-22 01:09:45,721 basehttp 7497 139848282273344 "GET /idp/login/?next=/admin_access/%3Fbypass%3D1 HTTP/1.1" 403 4253
+INFO 2023-10-22 01:09:58,045 basehttp 7497 139848282273344 "GET /admin_access/&bypass=1 HTTP/1.1" 302 0
+INFO 2023-10-22 01:09:58,053 basehttp 7497 139848282273344 "GET /admin_access/login/?next=/admin_access/%26bypass%253D1 HTTP/1.1" 302 0
+WARNING 2023-10-22 01:09:58,113 log 7497 139848282273344 Forbidden: /idp/login/
+WARNING 2023-10-22 01:09:58,113 basehttp 7497 139848282273344 "GET /idp/login/?next=/admin_access/%26bypass%253D1 HTTP/1.1" 403 4253
+INFO 2023-10-22 01:10:22,813 autoreload 7497 139848473239552 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:10:23,465 autoreload 7513 139658405117952 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:10:27,309 log 7513 139658280302144 Forbidden: /idp/login/
+WARNING 2023-10-22 01:10:27,310 basehttp 7513 139658280302144 "GET /idp/login/?next=/admin_access/%26bypass%253D1 HTTP/1.1" 403 4253
+INFO 2023-10-22 01:10:30,741 basehttp 7513 139658280302144 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:10:30,744 basehttp 7513 139658280302144 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+WARNING 2023-10-22 01:10:30,806 log 7513 139658280302144 Forbidden: /idp/login/
+WARNING 2023-10-22 01:10:30,807 basehttp 7513 139658280302144 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 403 4253
+INFO 2023-10-22 01:10:38,954 autoreload 7513 139658405117952 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:10:39,624 autoreload 7523 140387536543744 Watching for file changes with StatReloader
+INFO 2023-10-22 01:10:40,927 basehttp 7523 140387411818048 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:10:40,980 basehttp 7523 140387411818048 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:10:41,008 basehttp 7523 140387411818048 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:10:49,289 log 7523 140387411818048 Forbidden: /idp/login/
+WARNING 2023-10-22 01:10:49,290 basehttp 7523 140387411818048 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4291
+INFO 2023-10-22 01:10:55,586 basehttp 7523 140387411818048 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:10:55,592 basehttp 7523 140387411818048 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:10:55,664 basehttp 7523 140387411818048 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:10:55,752 basehttp 7523 140387411818048 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:10:55,775 basehttp 7523 140387411818048 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:11:11,868 log 7523 140387411818048 Forbidden: /idp/login/
+WARNING 2023-10-22 01:11:11,868 basehttp 7523 140387411818048 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4291
+INFO 2023-10-22 01:11:40,854 autoreload 7523 140387536543744 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:11:41,534 autoreload 7538 140315639328768 Watching for file changes with StatReloader
+INFO 2023-10-22 01:11:55,967 autoreload 7538 140315639328768 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:11:56,630 autoreload 7544 140424746012672 Watching for file changes with StatReloader
+INFO 2023-10-22 01:13:46,496 autoreload 7544 140424746012672 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:13:47,143 autoreload 7553 139723504398336 Watching for file changes with StatReloader
+INFO 2023-10-22 01:13:48,398 autoreload 7553 139723504398336 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:13:49,050 autoreload 7559 139653923422208 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:13:51,999 log 7559 139653731579456 Forbidden: /idp/login/
+WARNING 2023-10-22 01:13:51,999 basehttp 7559 139653731579456 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4035
+INFO 2023-10-22 01:13:59,326 basehttp 7559 139653722138176 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+WARNING 2023-10-22 01:14:46,028 log 7559 139653731579456 Forbidden: /idp/login/
+WARNING 2023-10-22 01:14:46,028 basehttp 7559 139653731579456 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4044
+INFO 2023-10-22 01:14:46,309 basehttp 7559 139653722138176 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+WARNING 2023-10-22 01:15:34,831 log 7559 139653731579456 Forbidden: /idp/login/
+WARNING 2023-10-22 01:15:34,832 basehttp 7559 139653731579456 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4053
+INFO 2023-10-22 01:15:35,107 basehttp 7559 139653722138176 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-22 01:15:50,399 basehttp 7559 139653731579456 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:15:50,460 basehttp 7559 139653731579456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:15:51,333 basehttp 7559 139653731579456 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:15:51,378 basehttp 7559 139653731579456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:15:54,353 basehttp 7559 139653731579456 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:15:54,420 basehttp 7559 139653731579456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:16:00,532 basehttp 7559 139653731579456 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:16:00,538 basehttp 7559 139653731579456 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:16:00,617 basehttp 7559 139653731579456 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:16:00,704 basehttp 7559 139653731579456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:16:00,728 basehttp 7559 139653731579456 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:16:08,639 log 7559 139653731579456 Forbidden: /idp/login/
+WARNING 2023-10-22 01:16:08,640 basehttp 7559 139653731579456 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4053
+INFO 2023-10-22 01:16:29,712 autoreload 7559 139653923422208 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:16:30,385 autoreload 7669 139622560038912 Watching for file changes with StatReloader
+INFO 2023-10-22 01:19:37,776 autoreload 7669 139622560038912 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:19:38,471 autoreload 7691 140266679169024 Watching for file changes with StatReloader
+INFO 2023-10-22 01:21:38,431 autoreload 7691 140266679169024 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:21:39,096 autoreload 7701 140192078585856 Watching for file changes with StatReloader
+INFO 2023-10-22 01:21:43,291 autoreload 7701 140192078585856 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:21:43,928 autoreload 7707 139666938224640 Watching for file changes with StatReloader
+INFO 2023-10-22 01:21:46,201 autoreload 7707 139666938224640 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:21:46,873 autoreload 7713 140513521418240 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:21:48,808 log 7713 140513329018432 Forbidden: /idp/login/
+WARNING 2023-10-22 01:21:48,808 basehttp 7713 140513329018432 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4322
+INFO 2023-10-22 01:22:00,351 autoreload 7713 140513521418240 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:22:01,034 autoreload 7725 140534518718464 Watching for file changes with StatReloader
+WARNING 2023-10-22 01:22:03,237 log 7725 140534325704256 Forbidden: /idp/login/
+WARNING 2023-10-22 01:22:03,237 basehttp 7725 140534325704256 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4304
+INFO 2023-10-22 01:22:42,946 autoreload 7725 140534518718464 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:22:43,610 autoreload 7732 139839908573184 Watching for file changes with StatReloader
+INFO 2023-10-22 01:22:45,019 basehttp 7732 139839783564864 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:22:45,046 basehttp 7732 139839783564864 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 01:22:50,844 basehttp 7732 139839783564864 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 11609
+INFO 2023-10-22 01:22:50,884 basehttp 7732 139839783564864 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 01:22:52,269 basehttp 7732 139839783564864 "GET /admin_access/mfa/mfakey/1/change/ HTTP/1.1" 200 13813
+INFO 2023-10-22 01:22:52,313 basehttp 7732 139839783564864 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 01:22:59,648 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:22:59,842 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:22:59,914 basehttp 7732 139839783564864 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:22:59,923 basehttp 7732 139839783564864 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:22:59,987 basehttp 7732 139839783564864 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:23:00,080 basehttp 7732 139839783564864 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:23:00,109 basehttp 7732 139839783564864 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:23:13,243 basehttp 7732 139839783564864 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:23:13,345 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:23:13,449 basehttp 7732 139839783564864 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:23:13,509 basehttp 7732 139839783564864 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:23:17,059 basehttp 7732 139839783564864 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:23:17,171 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:23:17,412 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:23:19,434 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:23:19,649 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:23:19,739 basehttp 7732 139839783564864 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:23:19,868 basehttp 7732 139839678694976 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:08,227 autoreload 7732 139839908573184 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:24:08,893 autoreload 7818 140659966078976 Watching for file changes with StatReloader
+INFO 2023-10-22 01:24:34,240 basehttp 7818 140659774191168 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:34,435 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:34,517 basehttp 7818 140659774191168 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:24:34,525 basehttp 7818 140659774191168 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:24:34,592 basehttp 7818 140659774191168 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:24:34,675 basehttp 7818 140659774191168 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:24:34,712 basehttp 7818 140659774191168 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:24:41,920 basehttp 7818 140659774191168 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:24:42,022 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:42,120 basehttp 7818 140659774191168 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:24:42,189 basehttp 7818 140659774191168 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:24:44,607 basehttp 7818 140659774191168 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:24:44,719 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:44,886 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:47,987 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:48,170 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:24:48,256 basehttp 7818 140659774191168 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:24:48,373 basehttp 7818 140659764749888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:35:31,447 autoreload 7818 140659966078976 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:35:32,132 autoreload 7920 140393626075136 Watching for file changes with StatReloader
+INFO 2023-10-22 01:35:35,476 basehttp 7920 140393500898880 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:35:35,675 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:35:35,751 basehttp 7920 140393500898880 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:35:35,758 basehttp 7920 140393500898880 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:35:35,823 basehttp 7920 140393500898880 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:35:35,909 basehttp 7920 140393500898880 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:35:35,939 basehttp 7920 140393500898880 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:35:44,482 basehttp 7920 140393500898880 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:35:44,498 basehttp 7920 140393500898880 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:36:00,451 basehttp 7920 140393500898880 "POST /mfa/auth/TOTP/ HTTP/1.1" 200 595
+INFO 2023-10-22 01:36:10,944 basehttp 7920 140393500898880 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:11,044 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:11,140 basehttp 7920 140393500898880 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:11,200 basehttp 7920 140393500898880 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:36:14,103 basehttp 7920 140393500898880 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:36:14,212 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:14,378 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:16,294 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:16,481 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:16,559 basehttp 7920 140393500898880 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:36:16,673 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:18,234 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:18,423 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:18,489 basehttp 7920 140393500898880 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:18,496 basehttp 7920 140393500898880 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:18,565 basehttp 7920 140393500898880 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:36:18,645 basehttp 7920 140393500898880 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:36:18,670 basehttp 7920 140393500898880 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:36:26,238 basehttp 7920 140393500898880 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:26,252 basehttp 7920 140393500898880 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:36:41,872 basehttp 7920 140393500898880 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:41,968 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:42,058 basehttp 7920 140393500898880 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:42,118 basehttp 7920 140393500898880 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:36:46,066 basehttp 7920 140393500898880 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:36:46,173 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:46,338 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:47,945 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:48,126 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:48,214 basehttp 7920 140393500898880 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:36:48,331 basehttp 7920 140393421207104 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:36:55,547 basehttp 7920 140393500898880 "GET /admin_access HTTP/1.1" 301 0
+INFO 2023-10-22 01:36:55,565 basehttp 7920 140393500898880 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:55,617 basehttp 7920 140393500898880 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:36:55,680 basehttp 7920 140393500898880 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:36:55,764 basehttp 7920 140393421207104 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:36:55,792 basehttp 7920 140393500898880 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:37:03,719 basehttp 7920 140393500898880 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:37:03,732 basehttp 7920 140393500898880 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:37:18,915 basehttp 7920 140393500898880 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:37:18,973 basehttp 7920 140393500898880 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 01:38:02,794 autoreload 7920 140393626075136 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:38:03,459 autoreload 8076 140640587800576 Watching for file changes with StatReloader
+INFO 2023-10-22 01:39:42,133 autoreload 8076 140640587800576 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:39:42,799 autoreload 8097 139977205088256 Watching for file changes with StatReloader
+INFO 2023-10-22 01:40:49,018 autoreload 8097 139977205088256 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:40:49,674 autoreload 8107 140378075652096 Watching for file changes with StatReloader
+INFO 2023-10-22 01:41:03,090 autoreload 8107 140378075652096 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:41:03,760 autoreload 8114 139781094305792 Watching for file changes with StatReloader
+INFO 2023-10-22 01:41:16,183 autoreload 8114 139781094305792 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:41:16,853 autoreload 8120 140316725248000 Watching for file changes with StatReloader
+INFO 2023-10-22 01:41:24,137 autoreload 8120 140316725248000 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:41:24,792 autoreload 8126 140177325711360 Watching for file changes with StatReloader
+INFO 2023-10-22 01:42:37,111 autoreload 8126 140177325711360 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:42:37,766 autoreload 8132 140026677338112 Watching for file changes with StatReloader
+INFO 2023-10-22 01:42:58,286 autoreload 8132 140026677338112 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:42:58,941 autoreload 8139 140395615350784 Watching for file changes with StatReloader
+INFO 2023-10-22 01:43:03,245 autoreload 8139 140395615350784 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:43:03,932 autoreload 8145 140395570921472 Watching for file changes with StatReloader
+INFO 2023-10-22 01:43:09,269 autoreload 8145 140395570921472 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:43:09,919 autoreload 8152 139812135206912 Watching for file changes with StatReloader
+INFO 2023-10-22 01:43:28,417 autoreload 8152 139812135206912 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:43:29,087 autoreload 8158 139816231841792 Watching for file changes with StatReloader
+INFO 2023-10-22 01:43:35,113 basehttp 8158 139816098326080 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:43:35,317 basehttp 8158 139816098326080 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:43:35,392 basehttp 8158 139816106718784 "POST /idp/sso/post HTTP/1.1" 302 0
+ERROR 2023-10-22 01:43:35,422 log 8158 139816106718784 Internal Server Error: /idp/login/process/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
+    return self.dispatch(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
+    response = view_func(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/uniauth_saml2_idp/decorators.py", line 93, in new_func
+    elif reverse("admin") in request.GET.get('next'):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/urls/base.py", line 86, in reverse
+    return resolver._reverse_with_prefix(view, prefix, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/urls/resolvers.py", line 698, in _reverse_with_prefix
+    raise NoReverseMatch(msg)
+django.urls.exceptions.NoReverseMatch: Reverse for 'admin' not found. 'admin' is not a valid view function or pattern name.
+ERROR 2023-10-22 01:43:35,424 basehttp 8158 139816106718784 "GET /idp/login/process/ HTTP/1.1" 500 118526
+INFO 2023-10-22 01:45:30,121 autoreload 8158 139816231841792 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-22 01:45:30,797 autoreload 8337 139779877789696 Watching for file changes with StatReloader
+INFO 2023-10-22 01:45:56,401 autoreload 8337 139779877789696 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:45:57,062 autoreload 8343 139919142981632 Watching for file changes with StatReloader
+INFO 2023-10-22 01:46:16,598 autoreload 8343 139919142981632 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:46:17,258 autoreload 8349 139886888075264 Watching for file changes with StatReloader
+ERROR 2023-10-22 01:46:27,596 log 8349 139886762915392 Internal Server Error: /idp/login/process/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
+    return self.dispatch(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
+    response = view_func(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/uniauth_saml2_idp/decorators.py", line 93, in new_func
+    elif settings.ADMIN_PATH in request.GET.get('next'):
+NameError: name 'settings' is not defined
+ERROR 2023-10-22 01:46:27,596 basehttp 8349 139886762915392 "GET /idp/login/process/ HTTP/1.1" 500 105645
+INFO 2023-10-22 01:46:44,945 autoreload 8349 139886888075264 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:46:45,617 autoreload 8357 140217022517248 Watching for file changes with StatReloader
+ERROR 2023-10-22 01:46:47,127 log 8357 140216897631808 Internal Server Error: /idp/login/process/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
+    return self.dispatch(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
+    response = view_func(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/uniauth_saml2_idp/decorators.py", line 94, in new_func
+    elif settings.ADMIN_PATH in request.GET.get('next'):
+TypeError: argument of type 'NoneType' is not iterable
+ERROR 2023-10-22 01:46:47,127 basehttp 8357 140216897631808 "GET /idp/login/process/ HTTP/1.1" 500 105571
+INFO 2023-10-22 01:47:32,592 autoreload 8357 140217022517248 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:47:33,258 autoreload 8364 139769656397824 Watching for file changes with StatReloader
+INFO 2023-10-22 01:47:48,652 autoreload 8364 139769656397824 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:47:49,337 autoreload 8375 139759795568640 Watching for file changes with StatReloader
+ERROR 2023-10-22 01:48:06,139 log 8375 139759671309888 Internal Server Error: /idp/login/process/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/generic/base.py", line 70, in view
+    return self.dispatch(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
+    response = view_func(request, *args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/decorators.py", line 43, in _wrapper
+    return bound_method(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/uniauth_saml2_idp/decorators.py", line 92, in new_func
+    if request.user.is_authenticated:
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/uniauth_saml2_idp/decorators.py", line 92, in new_func
+    if request.user.is_authenticated:
+  File "/usr/lib/python3.10/bdb.py", line 90, in trace_dispatch
+    return self.dispatch_line(frame)
+  File "/usr/lib/python3.10/bdb.py", line 115, in dispatch_line
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+ERROR 2023-10-22 01:48:06,139 basehttp 8375 139759671309888 "GET /idp/login/process/ HTTP/1.1" 500 118066
+INFO 2023-10-22 01:48:10,980 autoreload 8375 139759795568640 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:48:11,641 autoreload 8383 139630585843712 Watching for file changes with StatReloader
+INFO 2023-10-22 01:48:13,899 autoreload 8383 139630585843712 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:48:14,563 autoreload 8389 140676538839040 Watching for file changes with StatReloader
+INFO 2023-10-22 01:48:15,847 basehttp 8389 140676346934848 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:15,863 basehttp 8389 140676346934848 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:48:15,945 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:48:15,981 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:48:22,185 basehttp 8389 140676346934848 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:22,288 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:22,390 basehttp 8389 140676346934848 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:22,450 basehttp 8389 140676346934848 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:48:25,513 basehttp 8389 140676346934848 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:48:25,622 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:25,786 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:27,388 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:27,572 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:27,657 basehttp 8389 140676346934848 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:48:27,771 basehttp 8389 140676346934848 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:29,430 basehttp 8389 140676346934848 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:29,613 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:29,678 basehttp 8389 140676346934848 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:29,684 basehttp 8389 140676346934848 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:29,754 basehttp 8389 140676346934848 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:48:29,838 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:48:29,863 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:48:37,614 basehttp 8389 140676346934848 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:37,713 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:37,810 basehttp 8389 140676346934848 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:37,871 basehttp 8389 140676346934848 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:48:40,912 basehttp 8389 140676346934848 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:48:41,019 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:41,186 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:42,765 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:42,946 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:43,029 basehttp 8389 140676346934848 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:48:43,140 basehttp 8389 140676336444992 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:48:52,954 basehttp 8389 140676346934848 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:52,960 basehttp 8389 140676346934848 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:53,024 basehttp 8389 140676346934848 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:48:53,109 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:48:53,147 basehttp 8389 140676346934848 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:48:59,712 basehttp 8389 140676346934848 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:48:59,728 basehttp 8389 140676346934848 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:49:16,684 basehttp 8389 140676346934848 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:49:16,704 basehttp 8389 140676346934848 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 01:50:16,764 autoreload 8389 140676538839040 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:50:17,435 autoreload 8517 140253032759296 Watching for file changes with StatReloader
+INFO 2023-10-22 01:50:21,614 basehttp 8517 140252907828800 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:21,808 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:21,885 basehttp 8517 140252907828800 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:21,892 basehttp 8517 140252907828800 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:21,956 basehttp 8517 140252907828800 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:50:22,039 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:50:22,070 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:50:28,715 basehttp 8517 140252907828800 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:28,818 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:28,914 basehttp 8517 140252907828800 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:28,968 basehttp 8517 140252907828800 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:50:31,113 basehttp 8517 140252907828800 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:50:31,219 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:31,388 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:33,322 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:33,494 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:33,575 basehttp 8517 140252907828800 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:50:33,687 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:35,101 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:35,289 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:35,355 basehttp 8517 140252907828800 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:35,362 basehttp 8517 140252907828800 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:35,423 basehttp 8517 140252907828800 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:50:35,504 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:50:35,528 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:50:42,840 basehttp 8517 140252907828800 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:42,942 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:43,038 basehttp 8517 140252907828800 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:43,105 basehttp 8517 140252907828800 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:50:45,647 basehttp 8517 140252907828800 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:50:45,752 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:45,916 basehttp 8517 140252828137024 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:50:48,491 basehttp 8517 140252907828800 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:48,497 basehttp 8517 140252907828800 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:50:48,564 basehttp 8517 140252907828800 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:50:48,642 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:50:48,672 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:50:55,034 log 8517 140252907828800 Forbidden: /idp/login/
+WARNING 2023-10-22 01:50:55,035 basehttp 8517 140252907828800 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4378
+INFO 2023-10-22 01:50:58,056 basehttp 8517 140252907828800 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:50:58,102 basehttp 8517 140252907828800 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:51:05,102 basehttp 8517 140252907828800 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:51:05,116 basehttp 8517 140252907828800 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:51:23,624 basehttp 8517 140252907828800 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:51:23,681 basehttp 8517 140252907828800 "GET /admin_access/ HTTP/1.1" 200 11573
+INFO 2023-10-22 01:51:26,681 basehttp 8517 140252907828800 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 11609
+INFO 2023-10-22 01:51:26,718 basehttp 8517 140252907828800 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 01:51:28,217 basehttp 8517 140252907828800 "GET /admin_access/mfa/mfakey/1/change/ HTTP/1.1" 200 13828
+INFO 2023-10-22 01:51:28,254 basehttp 8517 140252907828800 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 01:52:38,970 autoreload 8517 140253032759296 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:52:39,657 autoreload 8645 139626469343232 Watching for file changes with StatReloader
+INFO 2023-10-22 01:52:54,059 autoreload 8645 139626469343232 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:52:54,710 autoreload 8654 140633532674048 Watching for file changes with StatReloader
+INFO 2023-10-22 01:52:55,427 basehttp 8654 140633335395904 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:52:55,608 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:52:55,684 basehttp 8654 140633335395904 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:52:55,691 basehttp 8654 140633335395904 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:52:55,752 basehttp 8654 140633335395904 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:52:55,838 basehttp 8654 140633335395904 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:52:55,870 basehttp 8654 140633335395904 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:53:03,366 basehttp 8654 140633335395904 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:03,465 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:03,560 basehttp 8654 140633335395904 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:03,621 basehttp 8654 140633335395904 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:53:09,437 basehttp 8654 140633335395904 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13304
+INFO 2023-10-22 01:53:09,550 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:09,710 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:09,939 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:10,011 basehttp 8654 140633335395904 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:53:10,122 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:11,933 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:12,120 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:12,186 basehttp 8654 140633335395904 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:12,194 basehttp 8654 140633335395904 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:12,257 basehttp 8654 140633335395904 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:53:12,336 basehttp 8654 140633335395904 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:53:12,360 basehttp 8654 140633335395904 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:53:18,912 basehttp 8654 140633335395904 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:19,017 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:19,111 basehttp 8654 140633335395904 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:19,171 basehttp 8654 140633335395904 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:53:21,114 basehttp 8654 140633335395904 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:53:21,224 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:21,394 basehttp 8654 140633327003200 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:29,538 autoreload 8654 140633532674048 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/decorators.py changed, reloading.
+INFO 2023-10-22 01:53:30,200 autoreload 8748 140648514596864 Watching for file changes with StatReloader
+INFO 2023-10-22 01:53:45,636 autoreload 8748 140648514596864 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:53:46,311 autoreload 8754 139681976971264 Watching for file changes with StatReloader
+INFO 2023-10-22 01:53:49,001 basehttp 8754 139681785181760 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:49,204 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:49,299 basehttp 8754 139681785181760 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:53:49,415 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:50,743 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:50,929 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:53:51,001 basehttp 8754 139681785181760 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:51,009 basehttp 8754 139681785181760 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:51,075 basehttp 8754 139681785181760 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:53:51,164 basehttp 8754 139681785181760 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:53:51,196 basehttp 8754 139681785181760 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:53:58,335 basehttp 8754 139681785181760 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:53:58,351 basehttp 8754 139681785181760 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 542
+INFO 2023-10-22 01:54:17,484 basehttp 8754 139681785181760 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:54:17,582 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:17,676 basehttp 8754 139681785181760 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:54:17,744 basehttp 8754 139681785181760 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 01:54:25,636 basehttp 8754 139681785181760 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 01:54:25,753 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:25,919 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:28,214 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:28,409 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:28,492 basehttp 8754 139681785181760 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 01:54:28,616 basehttp 8754 139681775740480 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:54:35,488 autoreload 8754 139681976971264 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 01:54:36,147 autoreload 8836 139873277124608 Watching for file changes with StatReloader
+INFO 2023-10-22 01:54:49,580 autoreload 8836 139873277124608 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 01:54:50,251 autoreload 8842 140525883486208 Watching for file changes with StatReloader
+INFO 2023-10-22 01:54:57,045 basehttp 8842 140525691729472 "GET /admin_access/logout/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:54:57,051 basehttp 8842 140525691729472 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:54:57,102 basehttp 8842 140525691729472 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:54:57,169 basehttp 8842 140525691729472 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:54:57,252 basehttp 8842 140525691729472 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:54:57,284 basehttp 8842 140525691729472 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:55:05,289 basehttp 8842 140525691729472 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:55:05,306 basehttp 8842 140525691729472 "GET /admin_access/ HTTP/1.1" 200 10601
+INFO 2023-10-22 01:55:10,764 basehttp 8842 140525691729472 "GET /admin_access/mfa/mfakey/ HTTP/1.1" 200 11610
+INFO 2023-10-22 01:55:10,800 basehttp 8842 140525691729472 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 01:55:12,020 basehttp 8842 140525680191040 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:55:12,034 basehttp 8842 140525680191040 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+INFO 2023-10-22 01:55:12,103 basehttp 8842 140525655012928 "GET /static/css/idp_style.css HTTP/1.1" 200 1265
+INFO 2023-10-22 01:55:12,104 basehttp 8842 140525680191040 "GET /static/css/overrides.css HTTP/1.1" 200 8485
+INFO 2023-10-22 01:55:12,104 basehttp 8842 140525663405632 "GET /static/css/unical-style.css HTTP/1.1" 200 4882
+INFO 2023-10-22 01:55:12,106 basehttp 8842 140525671798336 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+INFO 2023-10-22 01:55:12,107 basehttp 8842 140525646620224 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 200 345665
+WARNING 2023-10-22 01:55:12,331 basehttp 8842 140525671798336 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:55:12,501 basehttp 8842 140525646620224 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:55:20,203 log 8842 140525691729472 Not Found: /mfa/list
+WARNING 2023-10-22 01:55:20,204 basehttp 8842 140525691729472 "GET /mfa/list HTTP/1.1" 404 4304
+INFO 2023-10-22 01:55:25,702 basehttp 8842 140525691729472 "GET /mfa/ HTTP/1.1" 200 346
+INFO 2023-10-22 01:56:48,449 basehttp 8842 140525646620224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:56:48,633 basehttp 8842 140525646620224 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 01:56:48,705 basehttp 8842 140525691729472 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 01:56:48,712 basehttp 8842 140525691729472 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:56:48,778 basehttp 8842 140525691729472 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 01:56:48,868 basehttp 8842 140525691729472 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 01:56:48,903 basehttp 8842 140525691729472 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 01:56:55,402 basehttp 8842 140525691729472 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 01:56:55,416 basehttp 8842 140525691729472 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 548
+INFO 2023-10-22 01:57:49,918 basehttp 8842 140525691729472 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 17991
+INFO 2023-10-22 01:57:49,944 basehttp 8842 140525691729472 "GET /static/images/logo_white.png HTTP/1.1" 200 799
+INFO 2023-10-22 01:57:49,951 basehttp 8842 140525680191040 "GET /static/svg/sprites.svg HTTP/1.1" 200 78902
+INFO 2023-10-22 01:59:41,679 basehttp 8842 140525680191040 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4175
+INFO 2023-10-22 02:00:00,775 basehttp 8842 140525680191040 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:00:16,819 basehttp 8842 140525680191040 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:00:16,922 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:17,020 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:00:17,087 basehttp 8842 140525680191040 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:00:21,894 basehttp 8842 140525680191040 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:00:22,002 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:22,170 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:24,239 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:24,426 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:24,513 basehttp 8842 140525680191040 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:00:24,625 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:27,281 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:27,467 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:00:27,534 basehttp 8842 140525680191040 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:00:27,539 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:00:27,605 basehttp 8842 140525680191040 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:00:27,685 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:00:27,710 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:02:38,853 basehttp 8842 140525680191040 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:02:38,876 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:02:38,907 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:02:41,791 basehttp 8842 140525680191040 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:02:41,978 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:02:42,044 basehttp 8842 140525680191040 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:02:42,051 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:02:42,112 basehttp 8842 140525680191040 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:02:42,195 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:02:42,221 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:02:48,888 basehttp 8842 140525680191040 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:02:48,906 basehttp 8842 140525680191040 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:03:06,937 basehttp 8842 140525680191040 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:07,035 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:07,126 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:07,186 basehttp 8842 140525680191040 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:03:09,712 basehttp 8842 140525680191040 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:03:09,823 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:09,987 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:11,555 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:11,734 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:11,818 basehttp 8842 140525680191040 "POST /idp/slo/post HTTP/1.1" 200 6802
+INFO 2023-10-22 02:03:11,929 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:14,318 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:14,504 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:14,574 basehttp 8842 140525680191040 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:14,582 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:14,648 basehttp 8842 140525680191040 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:03:14,732 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:03:14,768 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:03:22,296 basehttp 8842 140525680191040 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:22,313 basehttp 8842 140525680191040 "GET /mfa/auth/TOTP/ HTTP/1.1" 200 4198
+INFO 2023-10-22 02:03:39,185 basehttp 8842 140525680191040 "POST /mfa/auth/TOTP/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:39,285 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:39,378 basehttp 8842 140525680191040 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:03:39,436 basehttp 8842 140525680191040 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 02:03:41,425 basehttp 8842 140525680191040 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
+INFO 2023-10-22 02:03:41,535 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:41,701 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:03:47,707 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:04:06,262 basehttp 8842 140525691729472 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 02:04:19,729 basehttp 8842 140525680191040 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:04:19,737 basehttp 8842 140525680191040 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 02:04:19,813 basehttp 8842 140525680191040 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:04:19,920 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:19,961 basehttp 8842 140525680191040 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:04:46,629 autoreload 8842 140525883486208 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 02:04:47,303 autoreload 9386 140264738918400 Watching for file changes with StatReloader
+INFO 2023-10-22 02:04:49,689 basehttp 9386 140264545973824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 02:04:49,718 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 02:04:49,746 basehttp 9386 140264545973824 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 02:04:50,233 basehttp 9386 140264545973824 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
diff --git a/example/logs/django.log.3 b/example/logs/django.log.3
new file mode 100644
index 0000000..ba796a8
--- /dev/null
+++ b/example/logs/django.log.3
@@ -0,0 +1,661 @@
+INFO 2023-10-21 15:39:43,852 autoreload 25862 140086617227264 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:39:44,595 autoreload 25868 140702176489472 Watching for file changes with StatReloader
+INFO 2023-10-21 15:39:47,481 basehttp 25868 140701983569472 "GET /password/reset HTTP/1.1" 200 220214
+INFO 2023-10-21 15:40:10,664 basehttp 25868 140701983569472 "GET /password/reset HTTP/1.1" 200 231206
+INFO 2023-10-21 15:40:16,583 basehttp 25868 140701983569472 "POST /password/reset HTTP/1.1" 200 2458
+ERROR 2023-10-21 15:40:22,434 log 25868 140701983569472 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:40:22,435 basehttp 25868 140701983569472 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100224
+WARNING 2023-10-21 15:40:22,488 log 25868 140701983569472 Not Found: /favicon.ico
+INFO 2023-10-21 15:40:54,060 autoreload 25868 140702176489472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:40:54,763 autoreload 26036 140703027064832 Watching for file changes with StatReloader
+INFO 2023-10-21 15:41:03,132 autoreload 26036 140703027064832 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:41:03,864 autoreload 26042 140029325549568 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:41:05,409 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:05,410 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+WARNING 2023-10-21 15:41:05,445 log 26042 140029133321792 Not Found: /favicon.ico
+ERROR 2023-10-21 15:41:11,715 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:11,715 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+WARNING 2023-10-21 15:41:11,763 log 26042 140029133321792 Not Found: /favicon.ico
+ERROR 2023-10-21 15:41:12,703 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:12,704 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+WARNING 2023-10-21 15:41:12,743 log 26042 140029133321792 Not Found: /favicon.ico
+ERROR 2023-10-21 15:41:13,129 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:13,129 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+ERROR 2023-10-21 15:41:13,391 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:13,391 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+ERROR 2023-10-21 15:41:13,669 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:13,669 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+ERROR 2023-10-21 15:41:13,898 log 26042 140029133321792 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902816, 'exp': 1697904796, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:41:13,899 basehttp 26042 140029133321792 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 100099
+INFO 2023-10-21 15:41:25,466 autoreload 26042 140029325549568 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:41:26,212 autoreload 26084 139995675283456 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:42:01,026 log 26084 139995552675392 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 180, in password_commit
+    if not secparams_check(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 82, in secparams_check
+    if i == payload['iss']:
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 82, in secparams_check
+    if i == payload['iss']:
+  File "/usr/lib/python3.10/bdb.py", line 90, in trace_dispatch
+    return self.dispatch_line(frame)
+  File "/usr/lib/python3.10/bdb.py", line 115, in dispatch_line
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+ERROR 2023-10-21 15:42:01,027 basehttp 26084 139995552675392 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 500 115736
+WARNING 2023-10-21 15:42:01,066 log 26084 139995552675392 Not Found: /favicon.ico
+INFO 2023-10-21 15:42:37,701 autoreload 26084 139995675283456 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:42:38,432 autoreload 26138 140613739552768 Watching for file changes with StatReloader
+INFO 2023-10-21 15:42:40,070 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:42,728 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:43,413 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:43,614 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:43,781 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:43,941 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,063 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,265 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,430 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,586 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,749 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:44,965 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:45,279 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:45,506 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:45,715 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:45,873 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:46,035 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:42:46,218 basehttp 26138 140613615875648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 4240
+INFO 2023-10-21 15:43:18,335 autoreload 26138 140613739552768 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:43:19,085 autoreload 26189 139785298845696 Watching for file changes with StatReloader
+INFO 2023-10-21 15:43:36,560 autoreload 26189 139785298845696 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:43:37,283 autoreload 26198 139846003798016 Watching for file changes with StatReloader
+INFO 2023-10-21 15:43:51,737 autoreload 26198 139846003798016 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:43:52,463 autoreload 26206 140179825508352 Watching for file changes with StatReloader
+INFO 2023-10-21 15:43:53,708 basehttp 26206 140179702543936 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.BlQs-0wFKy7RVJ-4vgGq55hQQKITw3pf6crFJtcF_AdyT_wg6wiKmQ-ZlOTVaQM7QDg8JPotNP6Ocnigc2KFb102TA6HCrh7eVAEjp-_DPn5byajk4HpjNTmlGN8zQU3JwYS-nUn8R7rdfiDrXRM3RM32JXq6991V21g4By6kcjc9DTki7dgT_Hzl5svhqBC_OGGa7oSI8P4wkBrd0M2dWvev3pEVHFucBo6Q5IEsa-oQwx_s1U5EqiLMtWCAiUcP1a0tHLnll5S78xwWW0xWuEtlRMff4MadXF2KMmzYukbf4d4GqaLfOj_nTeduNsATrL4nUFe4Cgt6HTHfLo4wQ.-6JEKdh5fPatQCennjxWSw.T1g7aZX9S8Jny6RniY8SEOcR_Ar1EQMH9__6dPesKfJ7_-vXjaiPFyojJtKhRJJsJBzxfOrTHj4XjoMKoUsRpoSqH89tq6S3uWvgWogY4vYTNUCAxvWQtxHEw_gFQ7CMQKKe8k_Q7WdlBBNjirBNKDh75FFbSttZC44QQw_w_zHfyjAv9qYpaqTUYluyg9iviocx1V0SsdEknmIpoLMA41RVbKQGSBOzDIN9C-I1XCp0poonE8U4twfkX0obQGWwYwy4X1WLtQCJMsXv-rZH8vnnuIVIDBSpFc3jrP24LQCd97-luBRWcljto7Pu8aDdnzWss1cno35kF2tmnHvNe81FH_uDzeTT3xbnSd9Jm6d8_5R0FpFZ3NsDm4PY3wlgzW0-3OKg4sWapqxXkitb0PYH3k10jWj6fy_6BClzm-3JtgEZRpIWxrxcakGjt5Fx9PNAyohcgnZrnVTNWPx_bI3TA-JOFkjAOUXkXjhn_rer3QWzAns0KODOrkLfGnXXCQPBHk9OwJ1fBKsm72MEwBFkLGDXvhJmzjqkdWmeVlOqBwfOMBoJpfcpri6b6Y3F.vLnmiUeNdI06F5AfG11oYHDTi8bggamo5j-DrOoc2-Y HTTP/1.1" 200 2339
+INFO 2023-10-21 15:44:18,618 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 192034
+INFO 2023-10-21 15:45:04,190 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 228058
+INFO 2023-10-21 15:45:05,908 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 206870
+INFO 2023-10-21 15:45:06,899 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 253266
+INFO 2023-10-21 15:45:09,845 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 202582
+INFO 2023-10-21 15:45:11,438 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 254318
+INFO 2023-10-21 15:45:12,510 basehttp 26206 140179702543936 "GET /password/reset HTTP/1.1" 200 237050
+INFO 2023-10-21 15:45:20,214 basehttp 26206 140179702543936 "POST /password/reset HTTP/1.1" 200 2458
+INFO 2023-10-21 15:45:32,510 basehttp 26206 140179702543936 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.dxNoo5LT87y4K_luDoQ2LkH9q3eeHMZOD9bQ-yxG4rXKXEaTDNCUuRkAI8YENCLL9EeP67ok1pQTmxUQx-C6jG1cip1n7plL2BiHwE--Es50Hc-4gCr66xA7hA-sBGI-85jESkQJXu4-NMKDROJrfOevO0Cd4tFh19kZrDmB6xNODQqyNN8vBvKY2TTTF_UmzXnsy3n57QZFFBAOfIooie8-RNbLXu2bhMWkjZ963VPCHZS9DbcU29Ju2i2WOrJ19A0MiLVB7mpsRt8i805KAGZc8C9YSwK3TzrclULybEBWXp3lzQFFBow4BNDxwOJ1O4zub5_IYE1Fi-e9V_eY0g.QmSGwMJk-7l3OMGZ52OANw.fllMsRIfJ_EUA5hwEzJYRFAh2ui9g463qzefn-s5sm_Kzia-WqPpVwmHzcPKGohuEl_5yma9Vt27DTWnlfFOubjnUhS-bCRIHbJ1s2xYuEG5wgXS7YkOkcrswQWyHi2fRGQWYoC7w1QhPwJUppPpvgfdo3Lby6tNpr1-uKL-ysm3hV4aHjqyyrV-eG8UIRGPqqhRCDrRTg5lqphnX1KAbHhkAezBDI5gA_69X9YidXmA7nQa857WnFBXsDEXtNpbeC28Fpy41U0wRlhzjPu9hl0memu1D7Q463gXIHzxmH00QcEbybJqqZmLcs-QLz5MeOBgaaoUoWVks2iVZTHx7tezo0PwRbdYEXyTpWb_FGDnn3EU0TgwFFldOsk07yQT_SGc8SqjD2MLj20UhqMVHBP2A0jl8Fx8YGcdiCmIt0fQjRyH2ytMceFXaxjanhqSvXCSMM6eQYyFSUCf6YFs56WY8Wo1jb5a3Kd8ow0Ol0Tkol5NH1xtVuKogMwTOh04DxTAFU9ct3TA5iZ5FTwbeASvzVhlCusad4dcez4cu950krfCLx945v2HE2VC70qC.SzHZS0xAJKPSmdwcr6oSQo_YNXsnHcMc4tRrgVCUvo8 HTTP/1.1" 200 2339
+INFO 2023-10-21 16:06:28,265 autoreload 27898 140340619841536 Watching for file changes with StatReloader
+INFO 2023-10-21 16:06:29,042 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 206744
+INFO 2023-10-21 16:06:49,944 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 221887
+INFO 2023-10-21 16:06:51,684 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 243131
+INFO 2023-10-21 16:07:00,980 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 230406
+INFO 2023-10-21 16:07:17,649 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 225960
+INFO 2023-10-21 16:07:26,655 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 237152
+INFO 2023-10-21 16:07:26,666 basehttp 27898 140340485940800 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 200 1185973
+INFO 2023-10-21 16:07:39,894 basehttp 27898 140340496430656 "GET /password/reset HTTP/1.1" 200 226723
+INFO 2023-10-21 16:07:39,981 basehttp 27898 140340496430656 "GET /static/images/favicon/favicon-32x32.png HTTP/1.1" 200 429
+INFO 2023-10-21 16:07:40,218 basehttp 27898 140340485940800 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-21 16:07:50,443 basehttp 27898 140340485940800 "GET /static/css/bootstrap-italia.min.css.map HTTP/1.1" 304 0
+INFO 2023-10-21 16:09:29,590 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 256891
+INFO 2023-10-21 16:09:42,073 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 212959
+INFO 2023-10-21 16:09:43,255 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 215111
+INFO 2023-10-21 16:09:44,223 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 221963
+INFO 2023-10-21 16:09:45,178 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 245291
+INFO 2023-10-21 16:09:46,183 basehttp 27898 140340270986816 "GET /password/reset HTTP/1.1" 200 223243
+INFO 2023-10-21 16:09:53,298 basehttp 27898 140340270986816 "POST /password/reset HTTP/1.1" 200 2458
+INFO 2023-10-21 16:09:58,796 basehttp 27898 140340270986816 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.SLh1uPTKtP0dxALQfMQmJwAFa4LjuTPX4gTW-Y3syGMIwsPlTuWtB-TRxAokPnYPMjnLIZ7jEFDm0igaltzYpHvAk6qH15sD0CsX82HuwuMoA7cXIK5btn4yIpDKzLgTN6zJlOMOVc-jwxWVbsoch33m1GS_sKauG_jx1QnKks_jCkUlOBPQw7M2g1niqyq2-vtToOSLDCPsqI7JyEaqPK2zmNJBVOierhwQHNj_n0sGnUhGZK-Oyg9dRZOpWMN_6NTAQIb-_qFdK4xiQGsM5aXZ6zcdgCnvBUnllU0OLYPLWul52GBQbukv9oDW_bOLsTJSpT59se_Syy8V_m8UPQ.88wYW2oHYY6XK4Ci9cn7mg.G1AcGkybI6BfF6EO-XRQDEiOKcIsVBi5zyKKkMc7hWm3MgkMfMguOxBfj0rcK2gCBnEmlMylBHFZxlz9nfbYtAjxcifyq0drsMnfsHItScKfVsmxAHma7D1Fm5mX0XdJoC7DJPUAkWjJVqsxZs9PxeYIWLgrL__aYFJ9v78qv70e-Me6vHqjGtE3XrviuKrQCVGMo_moZCkCOndRdlfsza6A02pn_93UkygcwEthfFFfv5ZRk9Kq6HHiZF-hONKOI6fA3QtpU6LibMKEAeR124fjboGEjhL5gsfrnoyMUj8gNCb9_1kb7crDaASWhyYzWBDmLzhFAlVOrQrlZzWXYUXmUolyTeSbPCD1I5X-srwomUByiX0SAX9iFMQKi9NJweCG-62dYqCqAo55Q_cx3PgHrrsW1BHmOYQhJ7503Ft3PKL_Io_Sou0sLlBEthpjYLK8x_alXAIDJO-saGhdNz8PnGN5OuDEVwcMCH5NgNvapgj4Ow_5e895H3DbocHSg98-fiXZP3x9T8ohBWpXRGyTcF6M-cVJInSPXaM-03makHwimjwu0yj_5KUtUdRz.Q_wQHRe8FPF46ahrdkpw92KhvIkcU1o4LVEayLFx3rk HTTP/1.1" 200 2339
+INFO 2023-10-21 16:42:48,716 basehttp 27898 140340270986816 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.SLh1uPTKtP0dxALQfMQmJwAFa4LjuTPX4gTW-Y3syGMIwsPlTuWtB-TRxAokPnYPMjnLIZ7jEFDm0igaltzYpHvAk6qH15sD0CsX82HuwuMoA7cXIK5btn4yIpDKzLgTN6zJlOMOVc-jwxWVbsoch33m1GS_sKauG_jx1QnKks_jCkUlOBPQw7M2g1niqyq2-vtToOSLDCPsqI7JyEaqPK2zmNJBVOierhwQHNj_n0sGnUhGZK-Oyg9dRZOpWMN_6NTAQIb-_qFdK4xiQGsM5aXZ6zcdgCnvBUnllU0OLYPLWul52GBQbukv9oDW_bOLsTJSpT59se_Syy8V_m8UPQ.88wYW2oHYY6XK4Ci9cn7mg.G1AcGkybI6BfF6EO-XRQDEiOKcIsVBi5zyKKkMc7hWm3MgkMfMguOxBfj0rcK2gCBnEmlMylBHFZxlz9nfbYtAjxcifyq0drsMnfsHItScKfVsmxAHma7D1Fm5mX0XdJoC7DJPUAkWjJVqsxZs9PxeYIWLgrL__aYFJ9v78qv70e-Me6vHqjGtE3XrviuKrQCVGMo_moZCkCOndRdlfsza6A02pn_93UkygcwEthfFFfv5ZRk9Kq6HHiZF-hONKOI6fA3QtpU6LibMKEAeR124fjboGEjhL5gsfrnoyMUj8gNCb9_1kb7crDaASWhyYzWBDmLzhFAlVOrQrlZzWXYUXmUolyTeSbPCD1I5X-srwomUByiX0SAX9iFMQKi9NJweCG-62dYqCqAo55Q_cx3PgHrrsW1BHmOYQhJ7503Ft3PKL_Io_Sou0sLlBEthpjYLK8x_alXAIDJO-saGhdNz8PnGN5OuDEVwcMCH5NgNvapgj4Ow_5e895H3DbocHSg98-fiXZP3x9T8ohBWpXRGyTcF6M-cVJInSPXaM-03makHwimjwu0yj_5KUtUdRz.Q_wQHRe8FPF46ahrdkpw92KhvIkcU1o4LVEayLFx3rk HTTP/1.1" 200 2339
+INFO 2023-10-21 16:44:23,480 autoreload 27898 140340619841536 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 16:44:24,406 autoreload 29818 139995121860608 Watching for file changes with StatReloader
+ERROR 2023-10-21 16:45:20,509 log 29818 139994928772672 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697904593, 'exp': 1697906573, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 16:45:20,510 basehttp 29818 139994928772672 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.SLh1uPTKtP0dxALQfMQmJwAFa4LjuTPX4gTW-Y3syGMIwsPlTuWtB-TRxAokPnYPMjnLIZ7jEFDm0igaltzYpHvAk6qH15sD0CsX82HuwuMoA7cXIK5btn4yIpDKzLgTN6zJlOMOVc-jwxWVbsoch33m1GS_sKauG_jx1QnKks_jCkUlOBPQw7M2g1niqyq2-vtToOSLDCPsqI7JyEaqPK2zmNJBVOierhwQHNj_n0sGnUhGZK-Oyg9dRZOpWMN_6NTAQIb-_qFdK4xiQGsM5aXZ6zcdgCnvBUnllU0OLYPLWul52GBQbukv9oDW_bOLsTJSpT59se_Syy8V_m8UPQ.88wYW2oHYY6XK4Ci9cn7mg.G1AcGkybI6BfF6EO-XRQDEiOKcIsVBi5zyKKkMc7hWm3MgkMfMguOxBfj0rcK2gCBnEmlMylBHFZxlz9nfbYtAjxcifyq0drsMnfsHItScKfVsmxAHma7D1Fm5mX0XdJoC7DJPUAkWjJVqsxZs9PxeYIWLgrL__aYFJ9v78qv70e-Me6vHqjGtE3XrviuKrQCVGMo_moZCkCOndRdlfsza6A02pn_93UkygcwEthfFFfv5ZRk9Kq6HHiZF-hONKOI6fA3QtpU6LibMKEAeR124fjboGEjhL5gsfrnoyMUj8gNCb9_1kb7crDaASWhyYzWBDmLzhFAlVOrQrlZzWXYUXmUolyTeSbPCD1I5X-srwomUByiX0SAX9iFMQKi9NJweCG-62dYqCqAo55Q_cx3PgHrrsW1BHmOYQhJ7503Ft3PKL_Io_Sou0sLlBEthpjYLK8x_alXAIDJO-saGhdNz8PnGN5OuDEVwcMCH5NgNvapgj4Ow_5e895H3DbocHSg98-fiXZP3x9T8ohBWpXRGyTcF6M-cVJInSPXaM-03makHwimjwu0yj_5KUtUdRz.Q_wQHRe8FPF46ahrdkpw92KhvIkcU1o4LVEayLFx3rk HTTP/1.1" 500 100233
+WARNING 2023-10-21 16:45:20,555 log 29818 139994928772672 Not Found: /favicon.ico
+ERROR 2023-10-21 16:45:22,288 log 29818 139994928772672 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697904593, 'exp': 1697906573, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 16:45:22,288 basehttp 29818 139994928772672 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.SLh1uPTKtP0dxALQfMQmJwAFa4LjuTPX4gTW-Y3syGMIwsPlTuWtB-TRxAokPnYPMjnLIZ7jEFDm0igaltzYpHvAk6qH15sD0CsX82HuwuMoA7cXIK5btn4yIpDKzLgTN6zJlOMOVc-jwxWVbsoch33m1GS_sKauG_jx1QnKks_jCkUlOBPQw7M2g1niqyq2-vtToOSLDCPsqI7JyEaqPK2zmNJBVOierhwQHNj_n0sGnUhGZK-Oyg9dRZOpWMN_6NTAQIb-_qFdK4xiQGsM5aXZ6zcdgCnvBUnllU0OLYPLWul52GBQbukv9oDW_bOLsTJSpT59se_Syy8V_m8UPQ.88wYW2oHYY6XK4Ci9cn7mg.G1AcGkybI6BfF6EO-XRQDEiOKcIsVBi5zyKKkMc7hWm3MgkMfMguOxBfj0rcK2gCBnEmlMylBHFZxlz9nfbYtAjxcifyq0drsMnfsHItScKfVsmxAHma7D1Fm5mX0XdJoC7DJPUAkWjJVqsxZs9PxeYIWLgrL__aYFJ9v78qv70e-Me6vHqjGtE3XrviuKrQCVGMo_moZCkCOndRdlfsza6A02pn_93UkygcwEthfFFfv5ZRk9Kq6HHiZF-hONKOI6fA3QtpU6LibMKEAeR124fjboGEjhL5gsfrnoyMUj8gNCb9_1kb7crDaASWhyYzWBDmLzhFAlVOrQrlZzWXYUXmUolyTeSbPCD1I5X-srwomUByiX0SAX9iFMQKi9NJweCG-62dYqCqAo55Q_cx3PgHrrsW1BHmOYQhJ7503Ft3PKL_Io_Sou0sLlBEthpjYLK8x_alXAIDJO-saGhdNz8PnGN5OuDEVwcMCH5NgNvapgj4Ow_5e895H3DbocHSg98-fiXZP3x9T8ohBWpXRGyTcF6M-cVJInSPXaM-03makHwimjwu0yj_5KUtUdRz.Q_wQHRe8FPF46ahrdkpw92KhvIkcU1o4LVEayLFx3rk HTTP/1.1" 500 100233
+INFO 2023-10-22 00:10:56,902 autoreload 5060 139643196141568 Watching for file changes with StatReloader
+INFO 2023-10-22 00:11:08,204 autoreload 5060 139643196141568 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:11:08,842 autoreload 5070 139833879638016 Watching for file changes with StatReloader
+INFO 2023-10-22 00:11:57,622 autoreload 5070 139833879638016 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:11:58,284 autoreload 5082 140281422184448 Watching for file changes with StatReloader
+INFO 2023-10-22 00:12:03,447 autoreload 5082 140281422184448 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:12:04,154 autoreload 5089 140504077877248 Watching for file changes with StatReloader
+INFO 2023-10-22 00:12:09,340 autoreload 5089 140504077877248 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:12:10,013 autoreload 5095 140307107667968 Watching for file changes with StatReloader
+INFO 2023-10-22 00:12:22,341 autoreload 5095 140307107667968 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:12:22,989 autoreload 5101 140161325322240 Watching for file changes with StatReloader
+INFO 2023-10-22 00:19:18,804 autoreload 5520 139987753426944 Watching for file changes with StatReloader
+INFO 2023-10-22 00:19:53,758 basehttp 5520 139987546797632 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:20:20,574 basehttp 5520 139987628586560 "GET /idp/metadata HTTP/1.1" 301 0
+INFO 2023-10-22 00:20:20,623 basehttp 5520 139987628586560 "GET /idp/metadata/ HTTP/1.1" 200 6330
+WARNING 2023-10-22 00:20:20,761 log 5520 139987628586560 Not Found: /favicon.ico
+INFO 2023-10-22 00:21:30,040 autoreload 5520 139987753426944 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:21:30,690 autoreload 5635 140424958758912 Watching for file changes with StatReloader
+INFO 2023-10-22 00:22:37,910 autoreload 5635 140424958758912 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:22:38,565 autoreload 5646 140335540891648 Watching for file changes with StatReloader
+INFO 2023-10-22 00:23:02,138 autoreload 5646 140335540891648 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:23:02,808 autoreload 5653 139666413821952 Watching for file changes with StatReloader
+INFO 2023-10-22 00:23:46,193 autoreload 5673 139636902817792 Watching for file changes with StatReloader
+INFO 2023-10-22 00:23:48,520 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,094 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,278 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,458 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,635 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,800 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:49,941 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:50,090 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:50,290 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:50,472 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:50,662 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:50,851 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,026 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,199 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,387 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,560 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,728 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:51,927 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:52,099 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:52,263 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:52,456 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:52,614 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:52,819 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:53,018 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:23:53,172 basehttp 5673 139636778202688 "GET /idp/metadata/ HTTP/1.1" 200 6330
+INFO 2023-10-22 00:24:08,817 autoreload 5673 139636902817792 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:24:09,480 autoreload 5688 139643585789952 Watching for file changes with StatReloader
+INFO 2023-10-22 00:24:17,824 autoreload 5688 139643585789952 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:24:18,488 autoreload 5694 140201398194176 Watching for file changes with StatReloader
+INFO 2023-10-22 00:24:27,846 autoreload 5694 140201398194176 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:24:28,493 autoreload 5700 139888582090752 Watching for file changes with StatReloader
+INFO 2023-10-22 00:24:38,864 autoreload 5700 139888582090752 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:24:39,520 autoreload 5707 139666440286208 Watching for file changes with StatReloader
+INFO 2023-10-22 00:25:07,146 autoreload 5707 139666440286208 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:25:07,806 autoreload 5718 140558348861440 Watching for file changes with StatReloader
+INFO 2023-10-22 00:25:32,387 autoreload 5718 140558348861440 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/idp_pysaml2.py changed, reloading.
+INFO 2023-10-22 00:25:33,054 autoreload 5725 139640181080064 Watching for file changes with StatReloader
+INFO 2023-10-22 00:25:35,789 basehttp 5725 139639988942400 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:25:38,816 basehttp 5725 139639979501120 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:25:38,994 log 5725 139639988942400 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:25:38,994 basehttp 5725 139639988942400 "POST /idp/sso/post HTTP/1.1" 403 4098
+INFO 2023-10-22 00:25:39,220 basehttp 5725 139639988942400 "GET /static/img/icons/error.svg HTTP/1.1" 200 1882
+INFO 2023-10-22 00:25:49,123 basehttp 5725 139639988942400 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:25:49,129 basehttp 5725 139639988942400 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:25:49,202 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:49,328 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:49,363 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:51,662 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:51,689 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:51,712 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:52,234 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:52,262 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:52,290 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:52,451 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:52,493 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:52,523 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:52,649 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:52,677 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:52,706 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:52,839 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:52,875 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:52,910 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:53,018 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:53,055 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:53,085 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:53,198 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:53,225 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:53,259 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:25:53,358 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5328
+WARNING 2023-10-22 00:25:53,398 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:25:53,430 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:26:59,466 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+INFO 2023-10-22 00:27:04,069 basehttp 5725 139639988942400 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+INFO 2023-10-22 00:27:04,123 basehttp 5725 139639988942400 "GET /static/css/overrides.css HTTP/1.1" 200 8485
+WARNING 2023-10-22 00:27:04,193 basehttp 5725 139639988942400 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:27:04,210 basehttp 5725 139639979501120 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:27:16,552 log 5725 139639979501120 Forbidden: /idp/login/
+WARNING 2023-10-22 00:27:16,553 basehttp 5725 139639979501120 "POST /idp/login/?next=/admin_access/ HTTP/1.1" 403 4291
+INFO 2023-10-22 00:27:29,008 basehttp 5725 139639988942400 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:27:29,178 log 5725 139639979501120 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:27:29,178 basehttp 5725 139639979501120 "POST /idp/sso/post HTTP/1.1" 403 4098
+INFO 2023-10-22 00:28:18,970 autoreload 5725 139640181080064 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:28:19,629 autoreload 5833 140057447444480 Watching for file changes with StatReloader
+INFO 2023-10-22 00:28:45,200 autoreload 5833 140057447444480 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:28:45,872 autoreload 5840 140583373914112 Watching for file changes with StatReloader
+INFO 2023-10-22 00:29:08,426 autoreload 5840 140583373914112 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:29:09,108 autoreload 5860 140395881549824 Watching for file changes with StatReloader
+INFO 2023-10-22 00:29:14,311 autoreload 5860 140395881549824 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:29:14,965 autoreload 5866 140304240058368 Watching for file changes with StatReloader
+INFO 2023-10-22 00:29:28,298 autoreload 5866 140304240058368 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:29:28,951 autoreload 5881 140118136172544 Watching for file changes with StatReloader
+INFO 2023-10-22 00:29:33,510 basehttp 5881 140117939320384 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:29:33,515 basehttp 5881 140117939320384 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:29:33,580 basehttp 5881 140117939320384 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:29:33,670 basehttp 5881 140117939320384 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:29:33,706 basehttp 5881 140117939320384 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:29:39,852 log 5881 140117939320384 Not Found: /
+WARNING 2023-10-22 00:29:39,852 basehttp 5881 140117939320384 "GET / HTTP/1.1" 404 3538
+INFO 2023-10-22 00:30:00,719 autoreload 5881 140118136172544 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:30:01,381 autoreload 5896 140482555949056 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:30:05,173 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:05,173 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:05,716 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:05,717 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:05,874 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:05,875 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:06,184 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:06,185 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:06,370 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:06,371 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:06,565 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:06,566 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:06,754 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:06,755 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:06,940 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:06,940 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:07,147 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:07,148 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:07,335 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:07,336 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:07,517 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:07,518 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:07,738 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:07,739 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:07,937 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:07,937 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:08,145 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:08,146 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:08,362 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:08,362 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:08,549 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:08,549 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:08,746 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:08,747 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:08,957 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:08,957 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:09,151 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:09,151 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:09,331 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:09,331 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:09,510 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:09,510 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:09,708 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:09,708 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:09,912 log 5896 140482430629440 Not Found: /
+WARNING 2023-10-22 00:30:09,912 basehttp 5896 140482430629440 "GET / HTTP/1.1" 404 3538
+INFO 2023-10-22 00:30:14,266 autoreload 5920 140212285456384 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:30:14,463 log 5920 140212093056576 Not Found: /
+WARNING 2023-10-22 00:30:14,464 basehttp 5920 140212093056576 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:15,365 log 5920 140212093056576 Not Found: /
+WARNING 2023-10-22 00:30:15,366 basehttp 5920 140212093056576 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:16,104 log 5920 140212093056576 Not Found: /
+WARNING 2023-10-22 00:30:16,104 basehttp 5920 140212093056576 "GET / HTTP/1.1" 404 3538
+WARNING 2023-10-22 00:30:20,672 log 5920 140212093056576 Not Found: /idp/
+WARNING 2023-10-22 00:30:20,673 basehttp 5920 140212093056576 "GET /idp/ HTTP/1.1" 404 5117
+INFO 2023-10-22 00:30:25,316 basehttp 5920 140212093056576 "GET /idp/mfa HTTP/1.1" 301 0
+INFO 2023-10-22 00:30:25,335 basehttp 5920 140212093056576 "GET /idp/mfa/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:30:25,401 basehttp 5920 140212093056576 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:30:25,481 basehttp 5920 140212093056576 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:30:25,519 basehttp 5920 140212093056576 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:30:34,906 autoreload 5920 140212285456384 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:30:35,582 autoreload 5933 140254850732032 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:30:37,704 log 5933 140254726059584 Not Found: /idp/login/
+WARNING 2023-10-22 00:30:37,704 basehttp 5933 140254726059584 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+INFO 2023-10-22 00:30:44,781 basehttp 5933 140254726059584 "GET /idp/mfa-login HTTP/1.1" 301 0
+ERROR 2023-10-22 00:30:44,808 log 5933 140254726059584 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 188, in _get_response
+    self.check_response(response, callback)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 309, in check_response
+    raise ValueError(
+ValueError: The view uniauth_saml2_idp.views.LoginMfaView didn't return an HttpResponse object. It returned None instead.
+ERROR 2023-10-22 00:30:44,809 basehttp 5933 140254726059584 "GET /idp/mfa-login/ HTTP/1.1" 500 86767
+ERROR 2023-10-22 00:31:27,690 log 5933 140254726059584 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 188, in _get_response
+    self.check_response(response, callback)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 309, in check_response
+    raise ValueError(
+ValueError: The view uniauth_saml2_idp.views.LoginMfaView didn't return an HttpResponse object. It returned None instead.
+ERROR 2023-10-22 00:31:27,690 basehttp 5933 140254726059584 "GET /idp/mfa-login/ HTTP/1.1" 500 86767
+INFO 2023-10-22 00:31:31,080 basehttp 5933 140254726059584 "GET /idp/mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:31:31,086 log 5933 140254726059584 Not Found: /idp/login/
+WARNING 2023-10-22 00:31:31,087 basehttp 5933 140254726059584 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+INFO 2023-10-22 00:31:42,302 basehttp 5933 140254726059584 "GET /idp/mfa/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:31:42,310 log 5933 140254726059584 Not Found: /idp/login/
+WARNING 2023-10-22 00:31:42,310 basehttp 5933 140254726059584 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+INFO 2023-10-22 00:36:39,408 autoreload 5933 140254850732032 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:36:40,088 autoreload 6026 140184409837568 Watching for file changes with StatReloader
+WARNING 2023-10-22 00:36:43,203 log 6026 140184284821056 Not Found: /idp/login/
+WARNING 2023-10-22 00:36:43,204 basehttp 6026 140184284821056 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+WARNING 2023-10-22 00:36:43,832 log 6026 140184284821056 Not Found: /idp/login/
+WARNING 2023-10-22 00:36:43,832 basehttp 6026 140184284821056 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+WARNING 2023-10-22 00:36:44,023 log 6026 140184284821056 Not Found: /idp/login/
+WARNING 2023-10-22 00:36:44,023 basehttp 6026 140184284821056 "GET /idp/login/?next=/idp/mfa/ HTTP/1.1" 404 4979
+ERROR 2023-10-22 00:36:52,521 log 6026 140184284821056 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: LoginMfaView() missing 1 required positional argument: 'MfaLoginAuthView'
+ERROR 2023-10-22 00:36:52,521 basehttp 6026 140184284821056 "GET /idp/mfa-login/ HTTP/1.1" 500 82087
+INFO 2023-10-22 00:37:41,327 autoreload 6026 140184409837568 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/views.py changed, reloading.
+INFO 2023-10-22 00:37:41,993 autoreload 6047 140169212895232 Watching for file changes with StatReloader
+ERROR 2023-10-22 00:37:52,538 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:52,538 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:53,603 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:53,604 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:53,847 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:53,848 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,052 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,053 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,247 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,248 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,433 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,433 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,605 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,606 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,777 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,779 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:54,960 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:54,961 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:55,130 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:55,131 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:55,308 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:55,309 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:55,495 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:55,496 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:55,668 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:55,669 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:55,845 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:55,846 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:56,015 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:56,015 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:56,210 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:56,211 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+ERROR 2023-10-22 00:37:56,399 log 6047 140169087809088 Internal Server Error: /idp/mfa-login/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+TypeError: View.__init__() takes 1 positional argument but 2 were given
+ERROR 2023-10-22 00:37:56,399 basehttp 6047 140169087809088 "GET /idp/mfa-login/ HTTP/1.1" 500 81900
+INFO 2023-10-22 00:38:37,098 autoreload 6047 140169212895232 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:38:37,765 autoreload 6062 139798915497984 Watching for file changes with StatReloader
+INFO 2023-10-22 00:38:38,716 basehttp 6062 139798791583296 "GET /idp/mfa-login/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:38:38,751 basehttp 6062 139798791583296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:38:38,777 basehttp 6062 139798791583296 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:38:46,924 log 6062 139798791583296 Forbidden: /idp/mfa-login/
+WARNING 2023-10-22 00:38:46,925 basehttp 6062 139798791583296 "POST /idp/mfa-login/ HTTP/1.1" 403 4291
+INFO 2023-10-22 00:38:54,031 basehttp 6062 139798780044864 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:38:54,194 log 6062 139798791583296 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:38:54,194 basehttp 6062 139798791583296 "POST /idp/sso/post HTTP/1.1" 403 4098
+INFO 2023-10-22 00:39:01,616 basehttp 6062 139798791583296 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:39:01,621 basehttp 6062 139798791583296 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+WARNING 2023-10-22 00:39:01,679 log 6062 139798791583296 Not Found: /idp/login/
+WARNING 2023-10-22 00:39:01,679 basehttp 6062 139798791583296 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 404 4984
+INFO 2023-10-22 00:39:08,578 autoreload 6062 139798915497984 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:39:09,259 autoreload 6097 140447884718080 Watching for file changes with StatReloader
+INFO 2023-10-22 00:39:14,541 basehttp 6097 140447691306560 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:39:14,544 basehttp 6097 140447691306560 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:39:14,614 basehttp 6097 140447691306560 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:39:14,683 basehttp 6097 140447691306560 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:39:14,715 basehttp 6097 140447691306560 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:39:23,833 autoreload 6097 140447884718080 /home/wert/DEV/ACSIA/4Sec-idp/uniauth_saml2_idp/urls.py changed, reloading.
+INFO 2023-10-22 00:39:24,485 autoreload 6106 139911013912576 Watching for file changes with StatReloader
+INFO 2023-10-22 00:39:27,543 basehttp 6106 139910820394560 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:39:27,548 basehttp 6106 139910820394560 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:39:27,617 basehttp 6106 139910820394560 "GET /idp/login/?next=/admin_access/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:39:27,692 basehttp 6106 139910820394560 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:39:27,720 basehttp 6106 139910820394560 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:39:35,932 autoreload 6106 139911013912576 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-22 00:39:36,611 autoreload 6115 139687915405312 Watching for file changes with StatReloader
+INFO 2023-10-22 00:40:05,216 autoreload 6137 140018662662144 Watching for file changes with StatReloader
+INFO 2023-10-22 00:40:07,004 basehttp 6137 140018470352448 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:40:07,029 basehttp 6137 140018470352448 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2251
+INFO 2023-10-22 00:40:12,202 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2426
+INFO 2023-10-22 00:40:16,219 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:40:16,240 basehttp 6137 140018470352448 "GET /admin_access/ HTTP/1.1" 200 10215
+INFO 2023-10-22 00:40:16,345 basehttp 6137 140018470352448 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-10-22 00:40:16,345 basehttp 6137 140018460911168 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-10-22 00:40:24,942 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:40:25,162 log 6137 140018470352448 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:40:25,163 basehttp 6137 140018470352448 "POST /idp/sso/post HTTP/1.1" 403 4098
+INFO 2023-10-22 00:40:29,777 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:40:29,789 basehttp 6137 140018470352448 "GET /admin_access/login/?next=/admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 200 2319
+INFO 2023-10-22 00:40:32,870 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 200 2494
+INFO 2023-10-22 00:40:37,207 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:40:37,237 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 200 14975
+INFO 2023-10-22 00:40:37,332 basehttp 6137 140018460911168 "GET /static/textarea_autosize.js HTTP/1.1" 200 955
+INFO 2023-10-22 00:40:37,337 basehttp 6137 140018470352448 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:40:37,386 basehttp 6137 140018460911168 "GET /static/admin/img/search.svg HTTP/1.1" 200 458
+INFO 2023-10-22 00:40:37,404 basehttp 6137 140018460911168 "GET /static/admin/img/tooltag-add.svg HTTP/1.1" 200 331
+INFO 2023-10-22 00:40:40,567 basehttp 6137 140018470352448 "GET /admin_access/accounts/user/ HTTP/1.1" 200 13799
+INFO 2023-10-22 00:40:40,600 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:40:40,619 basehttp 6137 140018460911168 "GET /static/admin/img/sorting-icons.svg HTTP/1.1" 200 1097
+INFO 2023-10-22 00:40:41,953 basehttp 6137 140018470352448 "GET /admin_access/accounts/user/1/change/ HTTP/1.1" 200 28175
+INFO 2023-10-22 00:40:41,984 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:40:45,123 basehttp 6137 140018470352448 "GET /admin_access/accounts/user/1/password/ HTTP/1.1" 200 9677
+INFO 2023-10-22 00:40:49,522 basehttp 6137 140018470352448 "POST /admin_access/accounts/user/1/password/ HTTP/1.1" 200 9862
+INFO 2023-10-22 00:40:59,362 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/serviceprovider/ HTTP/1.1" 200 14975
+INFO 2023-10-22 00:40:59,399 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:41:01,377 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/metadatastore/ HTTP/1.1" 200 11945
+INFO 2023-10-22 00:41:01,412 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:41:03,228 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/metadatastore/add/ HTTP/1.1" 200 14974
+INFO 2023-10-22 00:41:03,262 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:41:03,263 basehttp 6137 140018470352448 "GET /static/admin/img/icon-no.svg HTTP/1.1" 200 560
+INFO 2023-10-22 00:41:22,348 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:41:22,409 basehttp 6137 140018470352448 "POST /admin_access/uniauth_saml2_idp/metadatastore/add/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:41:22,475 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 200 15698
+INFO 2023-10-22 00:41:22,564 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:41:22,567 basehttp 6137 140018470352448 "GET /static/admin/img/icon-yes.svg HTTP/1.1" 200 436
+INFO 2023-10-22 00:41:26,443 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:41:26,583 log 6137 140018470352448 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:41:26,584 basehttp 6137 140018470352448 "POST /idp/sso/post HTTP/1.1" 403 4302
+INFO 2023-10-22 00:41:34,763 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+WARNING 2023-10-22 00:41:34,907 log 6137 140018470352448 Forbidden: /idp/sso/post
+WARNING 2023-10-22 00:41:34,907 basehttp 6137 140018470352448 "POST /idp/sso/post HTTP/1.1" 403 4302
+INFO 2023-10-22 00:42:19,914 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:42:52,548 basehttp 6137 140018470352448 "POST /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:42:52,564 basehttp 6137 140018470352448 "GET /admin_access/login/?next=/admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 200 2333
+INFO 2023-10-22 00:42:59,458 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 200 2508
+INFO 2023-10-22 00:43:05,092 basehttp 6137 140018470352448 "POST /admin_access/login/?next=/admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:05,112 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 200 15422
+INFO 2023-10-22 00:43:05,219 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:43:11,542 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:11,557 basehttp 6137 140018470352448 "POST /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:11,578 basehttp 6137 140018470352448 "GET /admin_access/uniauth_saml2_idp/metadatastore/1/change/ HTTP/1.1" 200 15704
+INFO 2023-10-22 00:43:11,661 basehttp 6137 140018460911168 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-22 00:43:15,000 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:20,194 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:20,442 basehttp 6137 140018451469888 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:20,519 basehttp 6137 140018470352448 "POST /idp/sso/post HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:20,526 basehttp 6137 140018470352448 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:20,591 basehttp 6137 140018470352448 "GET /idp/login/?next=/idp/login/process/ HTTP/1.1" 200 5401
+WARNING 2023-10-22 00:43:20,707 basehttp 6137 140018460911168 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+WARNING 2023-10-22 00:43:20,733 basehttp 6137 140018470352448 "GET /static/svg/sprite.svg HTTP/1.1" 404 1801
+INFO 2023-10-22 00:43:37,830 basehttp 6137 140018470352448 "POST /idp/login/?next=/idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:37,929 basehttp 6137 140018460911168 "GET /idp/metadata/ HTTP/1.1" 200 6350
+INFO 2023-10-22 00:43:38,026 basehttp 6137 140018470352448 "GET /idp/login/process/ HTTP/1.1" 302 0
+INFO 2023-10-22 00:43:38,093 basehttp 6137 140018470352448 "GET /idp/login/process_user_agreement/ HTTP/1.1" 200 6608
+INFO 2023-10-22 00:43:42,957 basehttp 6137 140018470352448 "POST /idp/login/process_user_agreement/ HTTP/1.1" 200 13312
diff --git a/example/logs/django.log.4 b/example/logs/django.log.4
new file mode 100644
index 0000000..4bde06a
--- /dev/null
+++ b/example/logs/django.log.4
@@ -0,0 +1,862 @@
+ERROR 2023-10-19 13:12:20,432 log 7342 140604970366528 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 111, in password_reset
+    _jws = create_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 138, in create_jwe
+    jwe = _keyobj.encrypt(_key.public_key())
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe_ec.py", line 209, in encrypt
+    self["enc"], _msg, auth_data=jwe.b64_encode_header(), key=cek, iv=iv
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwx.py", line 117, in __getitem__
+    return self._dict[item]
+KeyError: 'enc'
+ERROR 2023-10-19 13:12:20,433 basehttp 7342 140604970366528 "POST /password/reset HTTP/1.1" 500 111572
+INFO 2023-10-19 13:13:32,816 autoreload 7342 140605094408192 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:13:33,477 autoreload 7653 140363366518784 Watching for file changes with StatReloader
+INFO 2023-10-19 13:14:09,210 autoreload 7653 140363366518784 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_crypto.py changed, reloading.
+INFO 2023-10-19 13:24:33,500 autoreload 8627 140719361466368 Watching for file changes with StatReloader
+WARNING 2023-10-19 13:24:40,919 log 8627 140719167632960 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 154, in password_commit
+    settings.PRIVATE_ENCRYPTION_JWKS['keys'][0]
+KeyError: 'keys'
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:24:40,920 basehttp 8627 140719167632960 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..MsV3dPr7IeM-JeX1y5w43F9Hi8oieZTWSMtQ1cevT8xamuUG-f2R-3ivwD05Xoh6RJbYIJ-5r_sN_8N1tI0K32Q2s9CTRZFjLD2o6zgp0oFxMnrj7nnZ85oTFTrK4TDG3WbZtG6Ez7YekxIR3Bw291iIkuL3SzqhC61tSreqNEjkM1_-TcNSwsZTlDnGpI7FN-QoNZbF5H9-_dIpi1q8tQrDWhatSvuvv0j_1VYbBJNkD2wXU-eiV6UVfNKwC7fLBhZ0X_HLqA8GCAIa0D04GhPTMSKwz55g0VqnDfwVQA7SA8Bu4CMqwYiPDkokiRMS3pa5UMRdJNHSwOBN3paTC9Xjnc9mqKF3poTOVFSRz7PZTjjtZzFlBfvXI1FBd81ggHtWqfeFwo5VsibY0heHZHLRu3HSyHkzk9B4pfGWitDNHH4pDIcKxmQDOuV_yfB7WSAv3WgJt-DpPtUu_UtyouqdT1iZKyXjVAIUE_1qf1KV7rCuaMzfqzxJJtyNR5AT7hvoTb41SjjWZpkOZ8GQT-N2yuch4--yPYq56RpP0_s.tMzJwtQDUx17S9XKP_P-gQ HTTP/1.1" 400 101171
+INFO 2023-10-19 13:25:12,374 autoreload 8627 140719361466368 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_crypto.py changed, reloading.
+INFO 2023-10-19 13:25:13,044 autoreload 8686 140313240195072 Watching for file changes with StatReloader
+INFO 2023-10-19 13:25:24,952 basehttp 8686 140313116014144 "POST /password/reset HTTP/1.1" 200 247013
+ERROR 2023-10-19 13:25:49,625 log 8686 140313116014144 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 112, in password_reset
+    data, settings.PRIVATE_ENCRYPTION_JWKS["keys"][0]
+KeyError: 0
+ERROR 2023-10-19 13:25:49,627 basehttp 8686 140313116014144 "POST /password/reset HTTP/1.1" 500 96558
+INFO 2023-10-19 13:26:14,292 autoreload 8686 140313240195072 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_crypto.py changed, reloading.
+INFO 2023-10-19 13:26:14,954 autoreload 8787 140117512036352 Watching for file changes with StatReloader
+INFO 2023-10-19 13:26:21,265 autoreload 8787 140117512036352 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_crypto.py changed, reloading.
+INFO 2023-10-19 13:26:21,920 autoreload 8801 140614372528128 Watching for file changes with StatReloader
+ERROR 2023-10-19 13:26:27,047 log 8801 140614248166976 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 115, in password_reset
+    _jws, settings.PUBLIC_ENCRYPTION_JWKS["keys"][0]
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/conf/__init__.py", line 83, in __getattr__
+    val = getattr(self._wrapped, name)
+AttributeError: 'Settings' object has no attribute 'PUBLIC_ENCRYPTION_JWKS'
+ERROR 2023-10-19 13:26:27,048 basehttp 8801 140614248166976 "POST /password/reset HTTP/1.1" 500 102486
+INFO 2023-10-19 13:26:57,719 autoreload 8801 140614372528128 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-19 13:26:58,374 autoreload 8858 140651219025920 Watching for file changes with StatReloader
+INFO 2023-10-19 13:27:01,913 basehttp 8858 140651026970176 "POST /password/reset HTTP/1.1" 200 226117
+WARNING 2023-10-19 13:27:28,111 log 8858 140651026970176 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 146, in decrypt_jwe
+    jwe_header = unpad_jwt_header(jwe)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 18, in unpad_jwt_header
+    return unpad_jwt_element(jwt, position=0)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 13, in unpad_jwt_element
+    data = json.loads(base64.urlsafe_b64decode(padded))
+  File "/usr/lib/python3.10/json/__init__.py", line 341, in loads
+    s = s.decode(detect_encoding(s), 'surrogatepass')
+UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdc in position 0: invalid continuation byte
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 149, in decrypt_jwe
+    raise VerificationError("The JWT is not valid")
+NameError: name 'VerificationError' is not defined
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:27:28,112 basehttp 8858 140651026970176 "GET /password/commit?token=3DeyJhbGciOiJSU0EtT0FFUCIsI= HTTP/1.1" 400 115965
+INFO 2023-10-19 13:27:35,997 basehttp 8858 140651026970176 "POST /password/reset HTTP/1.1" 200 196298
+INFO 2023-10-19 13:27:53,276 basehttp 8858 140651026970176 "POST /password/reset HTTP/1.1" 200 211011
+INFO 2023-10-19 13:28:18,731 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 222824
+INFO 2023-10-19 13:28:36,395 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 211032
+INFO 2023-10-19 13:28:37,936 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 219524
+INFO 2023-10-19 13:28:39,111 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 205624
+INFO 2023-10-19 13:28:45,161 basehttp 8858 140651026970176 "POST /password/reset HTTP/1.1" 200 203067
+WARNING 2023-10-19 13:29:23,122 log 8858 140651026970176 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 146, in decrypt_jwe
+    jwe_header = unpad_jwt_header(jwe)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 18, in unpad_jwt_header
+    return unpad_jwt_element(jwt, position=0)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 13, in unpad_jwt_element
+    data = json.loads(base64.urlsafe_b64decode(padded))
+  File "/usr/lib/python3.10/json/__init__.py", line 341, in loads
+    s = s.decode(detect_encoding(s), 'surrogatepass')
+UnicodeDecodeError: 'utf-8' codec can't decode byte 0xdc in position 0: invalid continuation byte
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 149, in decrypt_jwe
+    raise VerificationError("The JWT is not valid")
+NameError: name 'VerificationError' is not defined
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:29:23,123 basehttp 8858 140651026970176 "GET /password/commit?token=3DeyJhbGciOiJSU0EtT0FFUCIsI= HTTP/1.1" 400 115421
+INFO 2023-10-19 13:30:45,320 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 205812
+WARNING 2023-10-19 13:31:24,568 log 8858 140651026970176 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 146, in decrypt_jwe
+    jwe_header = unpad_jwt_header(jwe)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 18, in unpad_jwt_header
+    return unpad_jwt_element(jwt, position=0)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/jwt.py", line 13, in unpad_jwt_element
+    data = json.loads(base64.urlsafe_b64decode(padded))
+  File "/usr/lib/python3.10/base64.py", line 133, in urlsafe_b64decode
+    return b64decode(s)
+  File "/usr/lib/python3.10/base64.py", line 87, in b64decode
+    return binascii.a2b_base64(s)
+binascii.Error: Invalid base64-encoded string: number of data characters (145) cannot be 1 more than a multiple of 4
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 149, in decrypt_jwe
+    raise VerificationError("The JWT is not valid")
+NameError: name 'VerificationError' is not defined
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:31:24,568 basehttp 8858 140651026970176 "GET /password/commit?token=3DeyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..29D9MYj4AJSE1idLrNkUwQHHuk4VBWnk7uZu1TnFIGTJo4kN7XJpyQZKShGxWX5hCTCPEy0QTQOw29m27Wr5_4GMNtt6Zuh2iBOgK-Dtd2dnvdO1dbgOkQ1uZAZwzyMrWy6570KqARnzWLt3eUmodoot1rYPtSLXRDeqTapJr-vLbT8Q7-jfjE2ECbXvWK8kzaKba8YVo7ZSPAaCOskJ3bx9KsokHiunuPFAlv6qCRMJFsuQ3Fx2SVa2MpF8CPPw_cJDMG6O9n7W9TCd_vBn7enHWkD4oS1j5Z1Pktt1clO6lA9Mpqh-8l9QVlpv9LwE1wBvxZJvOPIRiVkIC3OWFhizHeBu4kpR-KeR7u2XK8OIfd15j5EP5atn_ZEGWiOygMluuDBJ-RwJwQBVpZLuRzQWWCJRyMlTZRXpFFiRGR_7wQgszWnV3QhSCp4lY-4ECMb2UT801bVrmgMTi18-yyk-kpYUJ4IIX70b5UQ3GuZYiGNB7FXx6n6U6agsjWIPJbiRZXGSVtUz6IC0n0jWnnH1NJgi02O1Xh1Q-zkuXP7to3DyMddJCMny4vm3nL6sbqQYDIP-DPLzb615Bun0QWqZZlHgZ0EUD9k05z30FdXK8uW6gxsvkc=1o4HyLL7fPVtbiPAB7QJNmSWzRtqKW2yoptBKuW-DCprCZcEkoVBbmUCFJ_5KavCpaKkJAhpdXznn0pVYGccwJhOJZ-wEZ8bjnFSB6Q2SCMgatqzy51b8gBBc7eZldGRK1v41gzyBNQJrh4GhkzWdLiHC5X9f0xLZYe6OtXczvHEBsw6_-0Jksw0XyUNSQG2TyohhL8lO4FtlNBzo9MT92zL5NsiuwV3fkcdV004T-sI3Krj-JdNbV9q_TQvi5_iCC1CS_vXWZmzU57bS-iPrCU9Z6GSCmNM4-I8_MELTR1NpGrFTqg9xmu8zrqpEJhXf5wWcT4zwxUre8WYJtctAbONhwMd1TShoix9qzk6tx15J9OfxN1aEqhrolV6I1DOak1NysB7_Xa1_Y61CX4tD5a9AFprHt4M9d27_kBCUcYGNmvyeLBN8.ZUcSmZGCSXMp3uCockweLg HTTP/1.1" 400 135490
+INFO 2023-10-19 13:32:45,347 basehttp 8858 140651026970176 "GET /password/reset HTTP/1.1" 200 239612
+INFO 2023-10-19 13:33:08,334 autoreload 8858 140651219025920 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:33:08,999 autoreload 9733 139928453844992 Watching for file changes with StatReloader
+INFO 2023-10-19 13:33:25,453 autoreload 9733 139928453844992 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:33:26,130 autoreload 9772 140241786998784 Watching for file changes with StatReloader
+INFO 2023-10-19 13:34:53,492 basehttp 9772 140241652409920 "GET /password/reset HTTP/1.1" 200 219600
+INFO 2023-10-19 13:36:53,512 basehttp 9772 140241652409920 "GET /password/reset HTTP/1.1" 200 258656
+INFO 2023-10-19 13:37:05,049 autoreload 9772 140241786998784 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:37:05,727 autoreload 10317 140314936999936 Watching for file changes with StatReloader
+INFO 2023-10-19 13:37:48,546 autoreload 10317 140314936999936 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:37:49,221 autoreload 10396 140103464738816 Watching for file changes with StatReloader
+INFO 2023-10-19 13:37:53,732 basehttp 10396 140103341045312 "POST /password/reset HTTP/1.1" 200 220186
+INFO 2023-10-19 13:38:09,478 basehttp 10396 140103341045312 "POST /password/reset HTTP/1.1" 200 191959
+INFO 2023-10-19 13:38:29,082 basehttp 10396 140103341045312 "POST /password/reset HTTP/1.1" 200 218647
+INFO 2023-10-19 13:40:29,278 basehttp 10396 140103329506880 "GET /password/reset HTTP/1.1" 200 241236
+INFO 2023-10-19 13:42:29,269 basehttp 10396 140103329506880 "GET /password/reset HTTP/1.1" 200 229860
+INFO 2023-10-19 13:44:29,281 basehttp 10396 140103329506880 "GET /password/reset HTTP/1.1" 200 247948
+INFO 2023-10-19 13:46:29,276 basehttp 10396 140103329506880 "GET /password/reset HTTP/1.1" 200 229400
+INFO 2023-10-19 13:48:09,922 autoreload 10396 140103464738816 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:48:10,628 autoreload 11625 140641934761984 Watching for file changes with StatReloader
+INFO 2023-10-19 13:48:18,681 basehttp 11625 140641811035712 "POST /password/reset HTTP/1.1" 200 209146
+INFO 2023-10-19 13:48:36,834 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 230492
+INFO 2023-10-19 13:48:37,999 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 228996
+INFO 2023-10-19 13:48:39,262 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 200424
+INFO 2023-10-19 13:48:41,107 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 197120
+INFO 2023-10-19 13:48:42,170 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 230336
+INFO 2023-10-19 13:48:43,222 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 218644
+INFO 2023-10-19 13:48:44,325 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 193564
+INFO 2023-10-19 13:48:45,389 basehttp 11625 140641811035712 "GET /password/reset HTTP/1.1" 200 227848
+ERROR 2023-10-19 13:48:54,677 log 11625 140641811035712 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 110, in password_reset
+    _jws = create_jws(
+NameError: name 'create_jws' is not defined
+ERROR 2023-10-19 13:48:54,679 basehttp 11625 140641811035712 "POST /password/reset HTTP/1.1" 500 96884
+INFO 2023-10-19 13:49:15,924 autoreload 11625 140641934761984 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:49:16,592 autoreload 11792 140578660696064 Watching for file changes with StatReloader
+ERROR 2023-10-19 13:49:20,998 log 11792 140578536814144 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 110, in password_reset
+    _jws = create_jws(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 88, in create_jws
+    jwt = _signer.sign_compact([_key], protected=protected, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jws/jws.py", line 116, in sign_compact
+    key, xargs, _alg = self.alg_keys(keys, "sig", protected)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jws/jws.py", line 99, in alg_keys
+    raise NoSuitableSigningKeys("No key for algorithm: %s" % _alg)
+cryptojwt.jws.exception.NoSuitableSigningKeys: No key for algorithm: ES256
+ERROR 2023-10-19 13:49:21,001 basehttp 11792 140578536814144 "POST /password/reset HTTP/1.1" 500 111903
+INFO 2023-10-19 13:49:43,429 autoreload 11792 140578660696064 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:49:44,102 autoreload 11832 139879174021120 Watching for file changes with StatReloader
+INFO 2023-10-19 13:49:45,619 basehttp 11832 139879049590336 "POST /password/reset HTTP/1.1" 200 222841
+WARNING 2023-10-19 13:51:21,835 log 11832 139879049590336 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 161, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:51:21,835 basehttp 11832 139879049590336 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..ZBcG3KANJO-DE6aGa-DR3-QlIbSuwASxWhflI_3Yu4u4rjiolyhvFwRIostfybLz68LHo_LunsMaUHKk-3OM_dOj9g7QsUpGAQTbHiF2D-jTqRmH_bOk6ORA8aTOlba4oxvUZ5Q_tBRUGT5kh1U8UT1vMcon-sK5fVZuqISqbBJ_X8lKadMhdK2sw0sXlNS4Q--9YwcGnkSJflyEcPYzJhd7VSKspARjouO9RNhihT0eMu7AmlV5ZHue0tg8Ud19nEYZ9lL8_1mtMb6S9oASbZJYiA1a_QhIExw4wBp4zw6CBctit2thRDuZw7koGhd8FH0utgqMdWEeLFlo0cSQSu6X8JxHT8ZsITAk2UfyWgSjSMcq4y0r-UIRL3406t54mo6_y6DVUZS5kGrRLXK9hSaALaIJfbyPTUfF3SSYZf1MtRjF6p918S2T8IxXXwNOVk_vTkEng9-Kyvv_qcL6wRxSJR0c_mOskfkhO_vUE2ewNvusGKF4A5p67y-aFqYJdcesqvr7MxevMGnDqzd_SA.RFpk5DgB6Mubnnfc54YFQw HTTP/1.1" 400 112809
+INFO 2023-10-19 13:51:52,263 basehttp 11832 139878964655680 "GET /password/reset HTTP/1.1" 200 201888
+WARNING 2023-10-19 13:53:50,909 log 11832 139879049590336 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 161, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:53:50,910 basehttp 11832 139879049590336 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..Z8tw5vr8oQKLFc00Vt7b6fIeShkxFW7OQwezREZzxyo5EtrvW6agnrGh00ALH7AD5mBrQMGzE_RKTlx1x4lo_AL6rWdHyMLMDNg5Pqo8tWX6hSD0Iw4sQAHqfX9gU2zqjrywUY9kHYPzNxWWXpEe8IFBIOVFGdesKCUgihWKMUle08ghHXMt1hbb0y2OIfisy1dagi5FYt7vg8czEWLY0zpJun6IUgk4NAczIdZyL3PjXIq6r5c0nv4hsCVGssHA2n6_huCCsOe5Aisj0pqECmp5hKgVufmrl9SvLtbik9e6z9hLyQVLH_9Gbxelzx0pwYXNAEH9phTWO4lw6RW0QsgZLU4-5TuJazDx17RaEszFxSQL95Z1X2C3EmyjYLteZUIEYUYHFqp1IGyupimFAW7C11SIDyWk83TwpQvcMkPUoB4RuspGrxI5L-qX-wxM9WPJtgdK1ysREMLrx78NHY4zFBoFYSnXlc15_Pz61EKB7qFWOodPaS3BNLefdBN3uEzY2g7zVGKfxNv2EKByLNmWos1fLVA-ZbOD-pt-SuHQ3dC_GdQ2dOdQr3AA4zM8yIHN72nRxCVDPQq58QRtH0BFX0HGEYe2rQX4aJLcH3RrwRxCv4aGaN74qTYQ7_bC46IPqnerMXY8PHC9mBJvK0_ExDfg8_117BjY9k52MQmgWSuqXkhiy2V8WkfHuzOPygizKiq5nOKlE23Zfa1iIIoD5p4u7e9zWVA37o8MaHi2yPaOzCArdsWrZqay0v5n1ydcaDNFizkzoN648twdIB5loYEpfPyLaUurJ7T1KKk-8ZgnCvgh2Bokx9OsM293T5erzhIAh7ZffMMiCptH4WdVYUaTrwZdaFBcSDZRAmPvAaLFuiAtzc39Auwx69OaaLNi1rvClOCSYZ_5UtbouZ5AnMLFwKj14gloGpteJ_WQSw-pUbMOr-ZIc2Qh17llq14sXeeqj5pRF0-q-XbjI03-wmXqZnpGuWtILFNnIE4wyGfa0CDfVVAoLPMfQmW0gRKvSiMb_-vAnWmWzBdQAG92JiOdgizsRJqRubTprL4.27Xd7dMuC4NO5W5yf8U-NQ HTTP/1.1" 400 118415
+INFO 2023-10-19 13:53:53,059 basehttp 11832 139879049590336 "GET /password/reset HTTP/1.1" 200 227204
+INFO 2023-10-19 13:55:55,127 basehttp 11832 139879049590336 "GET /password/reset HTTP/1.1" 200 239860
+INFO 2023-10-19 13:56:37,922 autoreload 11832 139879174021120 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:56:38,598 autoreload 12622 139632544788480 Watching for file changes with StatReloader
+INFO 2023-10-19 13:56:46,914 autoreload 12622 139632544788480 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:56:47,573 autoreload 12643 139716584845312 Watching for file changes with StatReloader
+INFO 2023-10-19 13:57:55,140 basehttp 12643 139716450051648 "GET /password/reset HTTP/1.1" 200 250536
+WARNING 2023-10-19 13:59:03,889 log 12643 139716460541504 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 161, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 162, in decrypt
+    try:
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 162, in decrypt
+    try:
+  File "/usr/lib/python3.10/bdb.py", line 90, in trace_dispatch
+    return self.dispatch_line(frame)
+  File "/usr/lib/python3.10/bdb.py", line 115, in dispatch_line
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:59:03,891 basehttp 12643 139716460541504 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..Z8tw5vr8oQKLFc00Vt7b6fIeShkxFW7OQwezREZzxyo5EtrvW6agnrGh00ALH7AD5mBrQMGzE_RKTlx1x4lo_AL6rWdHyMLMDNg5Pqo8tWX6hSD0Iw4sQAHqfX9gU2zqjrywUY9kHYPzNxWWXpEe8IFBIOVFGdesKCUgihWKMUle08ghHXMt1hbb0y2OIfisy1dagi5FYt7vg8czEWLY0zpJun6IUgk4NAczIdZyL3PjXIq6r5c0nv4hsCVGssHA2n6_huCCsOe5Aisj0pqECmp5hKgVufmrl9SvLtbik9e6z9hLyQVLH_9Gbxelzx0pwYXNAEH9phTWO4lw6RW0QsgZLU4-5TuJazDx17RaEszFxSQL95Z1X2C3EmyjYLteZUIEYUYHFqp1IGyupimFAW7C11SIDyWk83TwpQvcMkPUoB4RuspGrxI5L-qX-wxM9WPJtgdK1ysREMLrx78NHY4zFBoFYSnXlc15_Pz61EKB7qFWOodPaS3BNLefdBN3uEzY2g7zVGKfxNv2EKByLNmWos1fLVA-ZbOD-pt-SuHQ3dC_GdQ2dOdQr3AA4zM8yIHN72nRxCVDPQq58QRtH0BFX0HGEYe2rQX4aJLcH3RrwRxCv4aGaN74qTYQ7_bC46IPqnerMXY8PHC9mBJvK0_ExDfg8_117BjY9k52MQmgWSuqXkhiy2V8WkfHuzOPygizKiq5nOKlE23Zfa1iIIoD5p4u7e9zWVA37o8MaHi2yPaOzCArdsWrZqay0v5n1ydcaDNFizkzoN648twdIB5loYEpfPyLaUurJ7T1KKk-8ZgnCvgh2Bokx9OsM293T5erzhIAh7ZffMMiCptH4WdVYUaTrwZdaFBcSDZRAmPvAaLFuiAtzc39Auwx69OaaLNi1rvClOCSYZ_5UtbouZ5AnMLFwKj14gloGpteJ_WQSw-pUbMOr-ZIc2Qh17llq14sXeeqj5pRF0-q-XbjI03-wmXqZnpGuWtILFNnIE4wyGfa0CDfVVAoLPMfQmW0gRKvSiMb_-vAnWmWzBdQAG92JiOdgizsRJqRubTprL4.27Xd7dMuC4NO5W5yf8U-NQ HTTP/1.1" 400 132082
+INFO 2023-10-19 13:59:55,125 basehttp 12643 139716460541504 "GET /password/reset HTTP/1.1" 200 225892
+WARNING 2023-10-19 14:00:08,776 log 12643 139716450051648 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 161, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:00:08,776 basehttp 12643 139716450051648 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..Z8tw5vr8oQKLFc00Vt7b6fIeShkxFW7OQwezREZzxyo5EtrvW6agnrGh00ALH7AD5mBrQMGzE_RKTlx1x4lo_AL6rWdHyMLMDNg5Pqo8tWX6hSD0Iw4sQAHqfX9gU2zqjrywUY9kHYPzNxWWXpEe8IFBIOVFGdesKCUgihWKMUle08ghHXMt1hbb0y2OIfisy1dagi5FYt7vg8czEWLY0zpJun6IUgk4NAczIdZyL3PjXIq6r5c0nv4hsCVGssHA2n6_huCCsOe5Aisj0pqECmp5hKgVufmrl9SvLtbik9e6z9hLyQVLH_9Gbxelzx0pwYXNAEH9phTWO4lw6RW0QsgZLU4-5TuJazDx17RaEszFxSQL95Z1X2C3EmyjYLteZUIEYUYHFqp1IGyupimFAW7C11SIDyWk83TwpQvcMkPUoB4RuspGrxI5L-qX-wxM9WPJtgdK1ysREMLrx78NHY4zFBoFYSnXlc15_Pz61EKB7qFWOodPaS3BNLefdBN3uEzY2g7zVGKfxNv2EKByLNmWos1fLVA-ZbOD-pt-SuHQ3dC_GdQ2dOdQr3AA4zM8yIHN72nRxCVDPQq58QRtH0BFX0HGEYe2rQX4aJLcH3RrwRxCv4aGaN74qTYQ7_bC46IPqnerMXY8PHC9mBJvK0_ExDfg8_117BjY9k52MQmgWSuqXkhiy2V8WkfHuzOPygizKiq5nOKlE23Zfa1iIIoD5p4u7e9zWVA37o8MaHi2yPaOzCArdsWrZqay0v5n1ydcaDNFizkzoN648twdIB5loYEpfPyLaUurJ7T1KKk-8ZgnCvgh2Bokx9OsM293T5erzhIAh7ZffMMiCptH4WdVYUaTrwZdaFBcSDZRAmPvAaLFuiAtzc39Auwx69OaaLNi1rvClOCSYZ_5UtbouZ5AnMLFwKj14gloGpteJ_WQSw-pUbMOr-ZIc2Qh17llq14sXeeqj5pRF0-q-XbjI03-wmXqZnpGuWtILFNnIE4wyGfa0CDfVVAoLPMfQmW0gRKvSiMb_-vAnWmWzBdQAG92JiOdgizsRJqRubTprL4.27Xd7dMuC4NO5W5yf8U-NQ HTTP/1.1" 400 118047
+INFO 2023-10-19 14:03:38,042 autoreload 13273 140415060082688 Watching for file changes with StatReloader
+INFO 2023-10-19 14:03:45,748 basehttp 13273 140414935889472 "POST /password/reset HTTP/1.1" 200 230518
+INFO 2023-10-19 14:03:55,429 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 210344
+INFO 2023-10-19 14:03:56,717 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 239208
+INFO 2023-10-19 14:03:58,029 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 226812
+INFO 2023-10-19 14:03:59,820 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 223004
+INFO 2023-10-19 14:04:01,020 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 215300
+INFO 2023-10-19 14:04:08,308 basehttp 13273 140414935889472 "POST /password/reset HTTP/1.1" 200 238943
+INFO 2023-10-19 14:04:20,726 basehttp 13273 140414935889472 "GET /password/reset HTTP/1.1" 200 245044
+INFO 2023-10-19 14:04:30,479 basehttp 13273 140414935889472 "POST /password/reset HTTP/1.1" 200 207083
+WARNING 2023-10-19 14:05:28,940 log 13273 140414935889472 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 156, in password_commit
+    data = verify_jws(
+NameError: name 'verify_jws' is not defined
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:05:28,941 basehttp 13273 140414935889472 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.UJWQgaUARD6BTbJ8BrLYNFmvQ6KU4qYfyQ-Rjjvmn_-vKrdGhNpqsYlRDZCqLwh5S93uHmvYNgy1jSqIBolA5iTW9URE-NgQWt2p3s7nVRg6EIGaXmbGeqLmGMGpyQ9gTclai8ZxhOWRQ5EX0FJRbeoSlyaIdxpubnZN9F4W6J-nc6_LuV6845__X4HC5pTdrrMfXh2WNkKhmwxcRv3zcPNrlWkoCzly9KoGu0QZ6ZQpdoijcKLt329tJwJtuBe4LwUO_rbSe-KASSv_a4asIKhI87PoQa8OxxKYrDrF-6AieWqy8EqMJSIwW_OkhaG46QfsbkrGC6-jNanO4YUbJw.Y41ovNvKzXlxjHA-hd2gvg.W5uAOik5zgMSH4YUQB_VN-VkoOUWBs7AifqDfJwI11rJQWwq5O7goYZ7lTQTVpCzd_Ycl11oWPOXt3XBturuP0OCxKL39wDsdm3LLSD2KE3EAEwSmz2cZUeufqjww9ThqU9QCswlr7JUrLU5deUAl_RPBStcfNMcCa0mXG_XBJnIkVOAED20fr9K__wR5_tKFh6IVlfDLKTeQPzPWfUHfrbiHNqH0CUjVby_taljxRZ3XisfoshyncZdhVHOY2ZSLK5O3D4OzBab6EKxG5p2VBJjOQpWFpMR8TOJuV02Kt1Ies3uAY8DO7F3RnbYw02WYACPQUYQETkRq0zy2sRIfcpbMuiGD8rFXEgd6W88-IYGAhEqsCzVfjuZGAb9Scc8lDT2ssgvMYxrQnZYtUDqnIaB3Oky0ZZ-WRV6HLz7ObB5AgehV2ObeBkX8hUlcqoyIzWY0LHfazKnQvKJNdiWLhYq6JdRyxWkjUAiJcl-aJZFAcYUF511DmV9q6K1TlARm6Dzk8mhK5WnfUXFRE9mDg.cKTnl0ASyeIYEHaBsuBj8_u7r8oyYHqFU_qwdlkWf_Q HTTP/1.1" 400 105386
+INFO 2023-10-19 14:05:56,810 autoreload 13273 140415060082688 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 14:05:57,469 autoreload 13528 139826052214784 Watching for file changes with StatReloader
+WARNING 2023-10-19 14:06:06,694 log 13528 139825859524160 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 156, in password_commit
+    data = verify_jws(
+NameError: name 'verify_jws' is not defined
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:06:06,695 basehttp 13528 139825859524160 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.UJWQgaUARD6BTbJ8BrLYNFmvQ6KU4qYfyQ-Rjjvmn_-vKrdGhNpqsYlRDZCqLwh5S93uHmvYNgy1jSqIBolA5iTW9URE-NgQWt2p3s7nVRg6EIGaXmbGeqLmGMGpyQ9gTclai8ZxhOWRQ5EX0FJRbeoSlyaIdxpubnZN9F4W6J-nc6_LuV6845__X4HC5pTdrrMfXh2WNkKhmwxcRv3zcPNrlWkoCzly9KoGu0QZ6ZQpdoijcKLt329tJwJtuBe4LwUO_rbSe-KASSv_a4asIKhI87PoQa8OxxKYrDrF-6AieWqy8EqMJSIwW_OkhaG46QfsbkrGC6-jNanO4YUbJw.Y41ovNvKzXlxjHA-hd2gvg.W5uAOik5zgMSH4YUQB_VN-VkoOUWBs7AifqDfJwI11rJQWwq5O7goYZ7lTQTVpCzd_Ycl11oWPOXt3XBturuP0OCxKL39wDsdm3LLSD2KE3EAEwSmz2cZUeufqjww9ThqU9QCswlr7JUrLU5deUAl_RPBStcfNMcCa0mXG_XBJnIkVOAED20fr9K__wR5_tKFh6IVlfDLKTeQPzPWfUHfrbiHNqH0CUjVby_taljxRZ3XisfoshyncZdhVHOY2ZSLK5O3D4OzBab6EKxG5p2VBJjOQpWFpMR8TOJuV02Kt1Ies3uAY8DO7F3RnbYw02WYACPQUYQETkRq0zy2sRIfcpbMuiGD8rFXEgd6W88-IYGAhEqsCzVfjuZGAb9Scc8lDT2ssgvMYxrQnZYtUDqnIaB3Oky0ZZ-WRV6HLz7ObB5AgehV2ObeBkX8hUlcqoyIzWY0LHfazKnQvKJNdiWLhYq6JdRyxWkjUAiJcl-aJZFAcYUF511DmV9q6K1TlARm6Dzk8mhK5WnfUXFRE9mDg.cKTnl0ASyeIYEHaBsuBj8_u7r8oyYHqFU_qwdlkWf_Q HTTP/1.1" 400 105386
+INFO 2023-10-19 14:06:30,648 basehttp 13528 139825859524160 "GET /password/reset HTTP/1.1" 200 235772
+INFO 2023-10-19 14:06:44,555 autoreload 13528 139826052214784 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 14:06:45,282 autoreload 13623 140655076401152 Watching for file changes with StatReloader
+WARNING 2023-10-19 14:06:52,414 log 13623 140654877341248 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 163, in password_commit
+    data = verify_jws(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 97, in verify_jws
+    raise Exception(
+Exception: kid error: NnJfREp3NVlid1k2cHNhYVcxOTkyOG9xTFNaNHkzWlYzdzZLcDRQYXZRWQ != WEJhcGd1YmdoVWNsOXFNblFFWWtGcjBjc2dWVnl3cDRvcm9tNTAwR2R3Yw
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 171, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:06:52,415 basehttp 13623 140654877341248 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.UJWQgaUARD6BTbJ8BrLYNFmvQ6KU4qYfyQ-Rjjvmn_-vKrdGhNpqsYlRDZCqLwh5S93uHmvYNgy1jSqIBolA5iTW9URE-NgQWt2p3s7nVRg6EIGaXmbGeqLmGMGpyQ9gTclai8ZxhOWRQ5EX0FJRbeoSlyaIdxpubnZN9F4W6J-nc6_LuV6845__X4HC5pTdrrMfXh2WNkKhmwxcRv3zcPNrlWkoCzly9KoGu0QZ6ZQpdoijcKLt329tJwJtuBe4LwUO_rbSe-KASSv_a4asIKhI87PoQa8OxxKYrDrF-6AieWqy8EqMJSIwW_OkhaG46QfsbkrGC6-jNanO4YUbJw.Y41ovNvKzXlxjHA-hd2gvg.W5uAOik5zgMSH4YUQB_VN-VkoOUWBs7AifqDfJwI11rJQWwq5O7goYZ7lTQTVpCzd_Ycl11oWPOXt3XBturuP0OCxKL39wDsdm3LLSD2KE3EAEwSmz2cZUeufqjww9ThqU9QCswlr7JUrLU5deUAl_RPBStcfNMcCa0mXG_XBJnIkVOAED20fr9K__wR5_tKFh6IVlfDLKTeQPzPWfUHfrbiHNqH0CUjVby_taljxRZ3XisfoshyncZdhVHOY2ZSLK5O3D4OzBab6EKxG5p2VBJjOQpWFpMR8TOJuV02Kt1Ies3uAY8DO7F3RnbYw02WYACPQUYQETkRq0zy2sRIfcpbMuiGD8rFXEgd6W88-IYGAhEqsCzVfjuZGAb9Scc8lDT2ssgvMYxrQnZYtUDqnIaB3Oky0ZZ-WRV6HLz7ObB5AgehV2ObeBkX8hUlcqoyIzWY0LHfazKnQvKJNdiWLhYq6JdRyxWkjUAiJcl-aJZFAcYUF511DmV9q6K1TlARm6Dzk8mhK5WnfUXFRE9mDg.cKTnl0ASyeIYEHaBsuBj8_u7r8oyYHqFU_qwdlkWf_Q HTTP/1.1" 400 110929
+WARNING 2023-10-19 14:07:10,185 log 13623 140654877341248 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 159, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 160, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 171, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:07:10,186 basehttp 13623 140654877341248 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..MsV3dPr7IeM-JeX1y5w43F9Hi8oieZTWSMtQ1cevT8xamuUG-f2R-3ivwD05Xoh6RJbYIJ-5r_sN_8N1tI0K32Q2s9CTRZFjLD2o6zgp0oFxMnrj7nnZ85oTFTrK4TDG3WbZtG6Ez7YekxIR3Bw291iIkuL3SzqhC61tSreqNEjkM1_-TcNSwsZTlDnGpI7FN-QoNZbF5H9-_dIpi1q8tQrDWhatSvuvv0j_1VYbBJNkD2wXU-eiV6UVfNKwC7fLBhZ0X_HLqA8GCAIa0D04GhPTMSKwz55g0VqnDfwVQA7SA8Bu4CMqwYiPDkokiRMS3pa5UMRdJNHSwOBN3paTC9Xjnc9mqKF3poTOVFSRz7PZTjjtZzFlBfvXI1FBd81ggHtWqfeFwo5VsibY0heHZHLRu3HSyHkzk9B4pfGWitDNHH4pDIcKxmQDOuV_yfB7WSAv3WgJt-DpPtUu_UtyouqdT1iZKyXjVAIUE_1qf1KV7rCuaMzfqzxJJtyNR5AT7hvoTb41SjjWZpkOZ8GQT-N2yuch4--yPYq56RpP0_s.tMzJwtQDUx17S9XKP_P-gQ HTTP/1.1" 400 112048
+WARNING 2023-10-19 14:07:21,252 log 13623 140654877341248 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 159, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 160, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 171, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:07:21,253 basehttp 13623 140654877341248 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..ZBcG3KANJO-DE6aGa-DR3-QlIbSuwASxWhflI_3Yu4u4rjiolyhvFwRIostfybLz68LHo_LunsMaUHKk-3OM_dOj9g7QsUpGAQTbHiF2D-jTqRmH_bOk6ORA8aTOlba4oxvUZ5Q_tBRUGT5kh1U8UT1vMcon-sK5fVZuqISqbBJ_X8lKadMhdK2sw0sXlNS4Q--9YwcGnkSJflyEcPYzJhd7VSKspARjouO9RNhihT0eMu7AmlV5ZHue0tg8Ud19nEYZ9lL8_1mtMb6S9oASbZJYiA1a_QhIExw4wBp4zw6CBctit2thRDuZw7koGhd8FH0utgqMdWEeLFlo0cSQSu6X8JxHT8ZsITAk2UfyWgSjSMcq4y0r-UIRL3406t54mo6_y6DVUZS5kGrRLXK9hSaALaIJfbyPTUfF3SSYZf1MtRjF6p918S2T8IxXXwNOVk_vTkEng9-Kyvv_qcL6wRxSJR0c_mOskfkhO_vUE2ewNvusGKF4A5p67y-aFqYJdcesqvr7MxevMGnDqzd_SA.RFpk5DgB6Mubnnfc54YFQw HTTP/1.1" 400 111796
+INFO 2023-10-19 14:07:47,502 basehttp 13623 140654877341248 "GET /password/reset HTTP/1.1" 200 221688
+INFO 2023-10-19 14:08:10,855 basehttp 13623 140654877341248 "POST /password/reset HTTP/1.1" 200 247315
+WARNING 2023-10-19 14:08:29,303 log 13623 140654877341248 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 163, in password_commit
+    data = verify_jws(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 97, in verify_jws
+    raise Exception(
+Exception: kid error: NnJfREp3NVlid1k2cHNhYVcxOTkyOG9xTFNaNHkzWlYzdzZLcDRQYXZRWQ != WEJhcGd1YmdoVWNsOXFNblFFWWtGcjBjc2dWVnl3cDRvcm9tNTAwR2R3Yw
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 171, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 14:08:29,304 basehttp 13623 140654877341248 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.Emmnu3Kpac2OazCNsuUQe-6EpKFWgs64mx6-g3LxTkZA4wPYu1jJpj_Fv1mj_hVe2mu9yIMDGYV1HlNUjXHBvwYkqVroHofASkpp-xOo9DhU4kEUY7NY-IjvjdWMENFD23RnU1A_XCwhgG9SPmY68nTbGGFTXnbVjOYfu-5udpiP5sB2ekbRs_6r_xFklHs0sMtj8-sZCo9uP6gdSB7ASXS7dyaG7p6wiQJj2HnVSP-Iw5Q0HEEiPL4anPtJPZ6cJ6wJlT_yTYdevqtnUAIp26MlkoVVJvbUC7WXENSoStdVX9JCFMsZCrArhXXCzkbM44o3sISSEGoGmQ85Qm8QBQ.p68dEgD_l-osFhjQ_yv0rw.I7l-OSnHGXdBDWICkoClI3vljbVqFL7I9lGNNmgzkpTVkHzT8hhTqwfvJ6L1VeZWnNkFY77CeglO-G3iHuS9wLSUHV8EuolMJI3K9HxEUncL5EcF-wBGYWiaTojsdPElN00_M9dPVepwwxgTfeodXS4hI4Lx81sN-kerXxRrer-J10h51XlR3OO6DLpQj5tmhwBKbncSMj4uhPQJrkCbCSbfmi2xUIFQzb6Jbgt90gmsttfsr9PbQSCt1krRU67Ibd8LxougKaHRfM8EFp2QauGcsU6ABu7rBaKa1fLRh0tJy1qRvBOObKOQOOBBiPmqEu1xahgqfZ4wLMmTYWVfnq9Mco2tR5CcCnoug0espAaolv3WWhTbbmxoYJNdExksS1trTjcXAmLPVa7pVzjrcRLKMMe5knX-5-ImrR5WQ97z6U8V6hwn9zIs2FRmDplVKbGpLLhvWI24g88ceAp1JDBDng79Dh2Wafbext_m9RGayXOZXmxhJlVmLKjgm83vwze3PSiiN7miunUA5kQIvg.RgAY5VWIQTL4VrDrTmXj5yvR-vVVCnMxWDss8HPYphM HTTP/1.1" 400 111054
+INFO 2023-10-19 14:08:57,682 autoreload 13623 140655076401152 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 14:08:58,343 autoreload 13852 139837411684352 Watching for file changes with StatReloader
+INFO 2023-10-19 14:09:05,289 basehttp 13852 139837218747968 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.Emmnu3Kpac2OazCNsuUQe-6EpKFWgs64mx6-g3LxTkZA4wPYu1jJpj_Fv1mj_hVe2mu9yIMDGYV1HlNUjXHBvwYkqVroHofASkpp-xOo9DhU4kEUY7NY-IjvjdWMENFD23RnU1A_XCwhgG9SPmY68nTbGGFTXnbVjOYfu-5udpiP5sB2ekbRs_6r_xFklHs0sMtj8-sZCo9uP6gdSB7ASXS7dyaG7p6wiQJj2HnVSP-Iw5Q0HEEiPL4anPtJPZ6cJ6wJlT_yTYdevqtnUAIp26MlkoVVJvbUC7WXENSoStdVX9JCFMsZCrArhXXCzkbM44o3sISSEGoGmQ85Qm8QBQ.p68dEgD_l-osFhjQ_yv0rw.I7l-OSnHGXdBDWICkoClI3vljbVqFL7I9lGNNmgzkpTVkHzT8hhTqwfvJ6L1VeZWnNkFY77CeglO-G3iHuS9wLSUHV8EuolMJI3K9HxEUncL5EcF-wBGYWiaTojsdPElN00_M9dPVepwwxgTfeodXS4hI4Lx81sN-kerXxRrer-J10h51XlR3OO6DLpQj5tmhwBKbncSMj4uhPQJrkCbCSbfmi2xUIFQzb6Jbgt90gmsttfsr9PbQSCt1krRU67Ibd8LxougKaHRfM8EFp2QauGcsU6ABu7rBaKa1fLRh0tJy1qRvBOObKOQOOBBiPmqEu1xahgqfZ4wLMmTYWVfnq9Mco2tR5CcCnoug0espAaolv3WWhTbbmxoYJNdExksS1trTjcXAmLPVa7pVzjrcRLKMMe5knX-5-ImrR5WQ97z6U8V6hwn9zIs2FRmDplVKbGpLLhvWI24g88ceAp1JDBDng79Dh2Wafbext_m9RGayXOZXmxhJlVmLKjgm83vwze3PSiiN7miunUA5kQIvg.RgAY5VWIQTL4VrDrTmXj5yvR-vVVCnMxWDss8HPYphM HTTP/1.1" 200 3
+INFO 2023-10-19 14:09:13,839 autoreload 13852 139837411684352 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 14:09:14,517 autoreload 13886 139878933553152 Watching for file changes with StatReloader
+INFO 2023-10-19 14:10:11,043 basehttp 13886 139878741308992 "GET /password/reset HTTP/1.1" 200 240812
+INFO 2023-10-19 14:12:11,032 basehttp 13886 139878741308992 "GET /password/reset HTTP/1.1" 200 224388
+INFO 2023-10-19 14:12:22,489 autoreload 13886 139878933553152 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 14:12:23,162 autoreload 14273 139931186044928 Watching for file changes with StatReloader
+INFO 2023-10-19 14:12:29,235 basehttp 14273 139931062105664 "GET /password/reset HTTP/1.1" 200 214596
+INFO 2023-10-19 14:12:44,301 basehttp 14273 139931062105664 "GET /password/reset HTTP/1.1" 200 238812
+INFO 2023-10-19 14:12:51,448 basehttp 14273 139931062105664 "POST /password/reset HTTP/1.1" 200 227159
+ERROR 2023-10-19 14:13:07,895 log 14273 139931062105664 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 179, in password_commit
+    return render(request, "password_changed.html", d)
+NameError: name 'd' is not defined
+ERROR 2023-10-19 14:13:07,895 basehttp 14273 139931062105664 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.KMiAWMnEBXAdI6UvzFXiM-ztbG9uou1dwrIvbNFtzuLsnuj4jvYGIRjlGBC-QJe8hkZtR25kopbZT1_Z7NKHsnrpatfME9PfW9GuD63nBhp4WFPlpoinXkl5YbLhCvKW6DuuSsgcomZiO4Oztzx0S-G6EryXo6a9bnq8Gc5JxGC-wYKjzSfttKPm6gdQh_Zdi8jlKalo79bGkWGHdz-qaGl-I0bsALyUrzyyh5DH65iaIc0yfaxqQK0coVPJm5rn8-eQYyeOJsepfA9ngw-fQRqxWQ0HIrrl4mJdH6TeZDHScORQe8ohqffciqZ2isXMrH5GCIsQVJhA01CZEoignQ.VZ2s16-sx86v26bLOPtLmQ.ixJlc5ajGjY-Iz0HEmQS2mCeN4mlc7coK6P108zXWKoX_dh52lNKlFwPztOr-HO8_jX0NncKlvmLo4kpYtPDFl64MLUcE-SdrEZXvbKrnP59gDKCXgr41M_74yPg4_sIzbx45dAsEBdJ-9aZ-7RkIajfeRO11XUcwEGKODPsAHwjgemPENhFQRA9l14NgGgL-mKXvY9NQvxqKk99ZLy_GKQQMkiSqJi3x_i-fXHH3LnVMLlrGsw3YU0Ib1l07Yb2-Qq_DTsIWY9LaX2USj_0HQtBPaV5h1s5ePnSic5ZSdShzVPNBqFhTlrFsGCWSfNZQMOpNELAcsiDJ_htpEmfdW2dtHyZYKSiRc2urXqHbzexHnalM6RhYvbF0sHKGJZvFpUqOwyubfz0hhxWcLDULHfHcfAQpMA9obuBGMiZmGMCzLC4_0V0wxOcIhzw5igjOGDcU7Ypv-ZNyaVjpj26wVWBtcLqOPRmwGJsoceGZnJrYHonkUoyTwzlXB7Zd5ah1MHQBMzk0A7JVrLcZA1_Uw.xCaUFloh8C60nTtiZcbAB1_rSseMPSTfb_mpHztp6b4 HTTP/1.1" 500 98420
+INFO 2023-10-19 14:13:19,415 autoreload 14273 139931186044928 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 14:13:20,104 autoreload 14384 139918871629824 Watching for file changes with StatReloader
+INFO 2023-10-19 14:13:21,413 basehttp 14384 139918681568832 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.KMiAWMnEBXAdI6UvzFXiM-ztbG9uou1dwrIvbNFtzuLsnuj4jvYGIRjlGBC-QJe8hkZtR25kopbZT1_Z7NKHsnrpatfME9PfW9GuD63nBhp4WFPlpoinXkl5YbLhCvKW6DuuSsgcomZiO4Oztzx0S-G6EryXo6a9bnq8Gc5JxGC-wYKjzSfttKPm6gdQh_Zdi8jlKalo79bGkWGHdz-qaGl-I0bsALyUrzyyh5DH65iaIc0yfaxqQK0coVPJm5rn8-eQYyeOJsepfA9ngw-fQRqxWQ0HIrrl4mJdH6TeZDHScORQe8ohqffciqZ2isXMrH5GCIsQVJhA01CZEoignQ.VZ2s16-sx86v26bLOPtLmQ.ixJlc5ajGjY-Iz0HEmQS2mCeN4mlc7coK6P108zXWKoX_dh52lNKlFwPztOr-HO8_jX0NncKlvmLo4kpYtPDFl64MLUcE-SdrEZXvbKrnP59gDKCXgr41M_74yPg4_sIzbx45dAsEBdJ-9aZ-7RkIajfeRO11XUcwEGKODPsAHwjgemPENhFQRA9l14NgGgL-mKXvY9NQvxqKk99ZLy_GKQQMkiSqJi3x_i-fXHH3LnVMLlrGsw3YU0Ib1l07Yb2-Qq_DTsIWY9LaX2USj_0HQtBPaV5h1s5ePnSic5ZSdShzVPNBqFhTlrFsGCWSfNZQMOpNELAcsiDJ_htpEmfdW2dtHyZYKSiRc2urXqHbzexHnalM6RhYvbF0sHKGJZvFpUqOwyubfz0hhxWcLDULHfHcfAQpMA9obuBGMiZmGMCzLC4_0V0wxOcIhzw5igjOGDcU7Ypv-ZNyaVjpj26wVWBtcLqOPRmwGJsoceGZnJrYHonkUoyTwzlXB7Zd5ah1MHQBMzk0A7JVrLcZA1_Uw.xCaUFloh8C60nTtiZcbAB1_rSseMPSTfb_mpHztp6b4 HTTP/1.1" 200 4240
+INFO 2023-10-19 14:13:31,350 basehttp 14384 139918681568832 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-19 14:13:31,366 basehttp 14384 139918681568832 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2251
+INFO 2023-10-19 14:13:37,967 basehttp 14384 139918681568832 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-19 14:13:37,988 basehttp 14384 139918681568832 "GET /admin_access/ HTTP/1.1" 200 10215
+INFO 2023-10-19 14:13:38,102 basehttp 14384 139918666880576 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-10-19 14:13:38,103 basehttp 14384 139918681568832 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-10-19 14:13:41,464 basehttp 14384 139918681568832 "GET /admin_access/logout/ HTTP/1.1" 200 1586
+INFO 2023-10-20 16:55:14,589 autoreload 4099 139631373774848 Watching for file changes with StatReloader
+INFO 2023-10-20 16:55:26,318 basehttp 4099 139631181952576 "GET /password/reset HTTP/1.1" 200 210180
+INFO 2023-10-20 16:55:50,965 basehttp 4099 139631181952576 "GET /password/reset HTTP/1.1" 200 208816
+INFO 2023-10-20 16:56:10,010 basehttp 4099 139631181952576 "GET /password/reset HTTP/1.1" 200 226840
+INFO 2023-10-20 16:56:33,770 basehttp 4099 139631181952576 "POST /password/reset HTTP/1.1" 200 212195
+INFO 2023-10-20 16:57:29,883 basehttp 4099 139631181952576 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.Pn96UpN8fVr4gtVeWX09h9OOS_NdxXN5qwX7iO9PbNqEgRUm7F_FRfPv8855fCTQwOXjbf_mB2NaW46BKv8ADV1XXqk-fX9jo-guEtqFF2ndvX9kVc-pE1b1a6S0rCwvEODQpQxzw3k9DPLB1PfHV7DsxmumWjcMqUXuUeVeyudsKSaHAQ7Nxjk8YLlbH1fHyRbLn0e3oeco_-ybxEfKtcsM_3WgRLVWbxM96rLBYBqwcdD-QbjXKKF7BIJ3ANctX2rlAHoFA9FxWpKjLyGiPtNam3K6YdmAc5sXWO4DsoQPm4nm_Xn1CoTIzp_MIOwHcDD0tds84itBOYNBYo9hgQ.EoXfvZK7be5utTt1nEBXiw.2bUiWnuOD_1lpEvFcEQU1GRWgHNGMmbYJhoG_s1ONDJgh-Y2l3xhJCGpwhyQCjU3J3vDkI7GMvKO2g3b9BwZEJclDcqL9klo5V0QNTn2Vzgjf6KjwdC3wVT40FBnobtevex5-qGXyrjUqsMXW9xngEXtnToOm9dhPM3gf8FgUoGZKnkF-swMKZEJbPIbU89Vv6333_5QxFtIA_IMkStBNGpsq_sFoi-yW-bTqRvymZ3hDm_Z1408rZfJqx5OHUZTDk7hdQdAnrCaJPAylWZC8LS5w7GkThMd68RJL87F2AnK7NzrrQFvIR83hOLlNBKxhbyGXzCEeekDmxiVr7SmjdZwUx33PsYRxg_7m1-pMwH2b9s7HKmByzn27QHNM_nQ6kh_xXmR-AcpW_T8wtneg6PVmoU-hK09IW4PPNb7iPeSIwfTKHLFlhMkKJZ3jzWHMPp9jBR_uZhEPDf-6SELFiHKJfIi5HhIigvTBL03zqc8EdjdRNtrDeArqL5XalDtjSUH4eIIupQiebhugyJiUg.QTQ6_2rIE5lnbM1D0nWlNMMYSDHLjBa7btBdk83-YMk HTTP/1.1" 200 4240
+INFO 2023-10-21 14:34:30,609 autoreload 21977 140682579124224 Watching for file changes with StatReloader
+INFO 2023-10-21 14:35:40,029 autoreload 21977 140682579124224 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-21 14:35:40,782 autoreload 22047 140283861299200 Watching for file changes with StatReloader
+INFO 2023-10-21 14:35:56,251 autoreload 22047 140283861299200 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-21 14:35:56,967 autoreload 22053 139794050060288 Watching for file changes with StatReloader
+INFO 2023-10-21 14:36:06,348 autoreload 22053 139794050060288 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:36:07,064 autoreload 22060 140047201329152 Watching for file changes with StatReloader
+INFO 2023-10-21 14:36:12,392 autoreload 22060 140047201329152 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:36:13,106 autoreload 22066 139784762310656 Watching for file changes with StatReloader
+INFO 2023-10-21 14:38:21,327 autoreload 22066 139784762310656 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:38:22,029 autoreload 22167 139993026039808 Watching for file changes with StatReloader
+INFO 2023-10-21 14:38:29,383 autoreload 22167 139993026039808 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:38:30,103 autoreload 22174 140663310270464 Watching for file changes with StatReloader
+INFO 2023-10-21 14:38:47,623 autoreload 22174 140663310270464 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:38:48,337 autoreload 22214 139956541530112 Watching for file changes with StatReloader
+INFO 2023-10-21 14:38:58,725 autoreload 22214 139956541530112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:38:59,462 autoreload 22220 139641193795584 Watching for file changes with StatReloader
+INFO 2023-10-21 14:39:12,883 autoreload 22220 139641193795584 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:39:13,631 autoreload 22227 140571023425536 Watching for file changes with StatReloader
+INFO 2023-10-21 14:39:25,022 autoreload 22227 140571023425536 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 14:39:25,761 autoreload 22234 140137655844864 Watching for file changes with StatReloader
+INFO 2023-10-21 14:58:39,759 autoreload 22234 140137655844864 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:58:40,414 autoreload 23092 140422327123968 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:17,140 autoreload 23092 140422327123968 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 14:59:17,800 autoreload 23121 139857294004224 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:23,088 autoreload 23121 139857294004224 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 14:59:23,750 autoreload 23127 140058520936448 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:32,090 autoreload 23127 140058520936448 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:59:32,747 autoreload 23139 140087170973696 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:51,218 autoreload 23139 140087170973696 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:59:51,885 autoreload 23177 140096074772480 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:54,125 autoreload 23177 140096074772480 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:59:54,805 autoreload 23184 140233494249472 Watching for file changes with StatReloader
+INFO 2023-10-21 14:59:56,036 autoreload 23184 140233494249472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 14:59:56,698 autoreload 23191 140522523983872 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:12,135 autoreload 23191 140522523983872 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:12,787 autoreload 23198 140673265311744 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:22,136 autoreload 23198 140673265311744 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:22,791 autoreload 23206 140658633998336 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:25,031 autoreload 23206 140658633998336 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:25,687 autoreload 23213 140653187694592 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:35,023 autoreload 23213 140653187694592 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:35,671 autoreload 23219 139811473092608 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:38,936 autoreload 23219 139811473092608 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:39,602 autoreload 23232 140025499881472 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:43,897 autoreload 23232 140025499881472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:44,558 autoreload 23262 139633761910784 Watching for file changes with StatReloader
+INFO 2023-10-21 15:00:57,967 autoreload 23262 139633761910784 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:00:58,642 autoreload 23269 140084160716800 Watching for file changes with StatReloader
+INFO 2023-10-21 15:01:06,965 autoreload 23269 140084160716800 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:01:07,626 autoreload 23275 140254506074112 Watching for file changes with StatReloader
+INFO 2023-10-21 15:01:36,259 autoreload 23275 140254506074112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:01:36,920 autoreload 23286 140282064986112 Watching for file changes with StatReloader
+INFO 2023-10-21 15:01:58,443 autoreload 23286 140282064986112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:01:59,094 autoreload 23325 140718885203968 Watching for file changes with StatReloader
+INFO 2023-10-21 15:03:19,456 autoreload 23325 140718885203968 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:03:20,113 autoreload 23382 140058198405120 Watching for file changes with StatReloader
+INFO 2023-10-21 15:04:13,077 autoreload 23382 140058198405120 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:04:13,732 autoreload 23425 140429899870208 Watching for file changes with StatReloader
+INFO 2023-10-21 15:04:27,051 autoreload 23425 140429899870208 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:04:27,716 autoreload 23435 140184043130880 Watching for file changes with StatReloader
+INFO 2023-10-21 15:04:37,975 autoreload 23435 140184043130880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:04:38,621 autoreload 23442 139915609849856 Watching for file changes with StatReloader
+INFO 2023-10-21 15:04:47,880 autoreload 23442 139915609849856 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:04:48,527 autoreload 23479 139649493712896 Watching for file changes with StatReloader
+INFO 2023-10-21 15:05:01,839 autoreload 23479 139649493712896 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:05:02,495 autoreload 23486 140054432202752 Watching for file changes with StatReloader
+INFO 2023-10-21 15:05:07,700 autoreload 23486 140054432202752 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:05:08,371 autoreload 23493 140561943707648 Watching for file changes with StatReloader
+INFO 2023-10-21 15:06:34,660 autoreload 23493 140561943707648 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:06:35,392 autoreload 23696 140256776826880 Watching for file changes with StatReloader
+INFO 2023-10-21 15:06:38,589 autoreload 23696 140256776826880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:06:39,320 autoreload 23702 140667603230720 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:06:44,620 log 23702 140667410970176 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 470, in parse
+    compile_func = self.tags[command]
+KeyError: 'static'
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 149, in password_reset
+    return render(request, "password_reset.html", d)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/shortcuts.py", line 19, in render
+    content = loader.render_to_string(template_name, context, request, using=using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 62, in render_to_string
+    return template.render(context, request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 127, in render
+    compiled_parent = self.get_parent(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 124, in get_parent
+    return self.find_template(parent, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 103, in find_template
+    template, origin = context.template.engine.find_template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 125, in find_template
+    template = loader.get_template(name, skip=skip)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loaders/base.py", line 29, in get_template
+    return Template(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 155, in __init__
+    self.nodelist = self.compile_nodelist()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 193, in compile_nodelist
+    return parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 478, in parse
+    raise self.error(token, e)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 476, in parse
+    compiled_result = compile_func(self, token)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 278, in do_extends
+    nodelist = parser.parse()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 472, in parse
+    self.invalid_block_tag(token, command, parse_until)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 531, in invalid_block_tag
+    raise self.error(
+django.template.exceptions.TemplateSyntaxError: Invalid block tag on line 3: 'static'. Did you forget to register or load this tag?
+ERROR 2023-10-21 15:06:44,621 basehttp 23702 140667410970176 "GET /password/reset HTTP/1.1" 500 191775
+WARNING 2023-10-21 15:06:44,691 log 23702 140667410970176 Not Found: /favicon.ico
+INFO 2023-10-21 15:07:06,199 basehttp 23702 140667410970176 "GET /password/reset HTTP/1.1" 200 203040
+INFO 2023-10-21 15:07:36,056 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 244457
+INFO 2023-10-21 15:08:11,088 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 230110
+INFO 2023-10-21 15:08:33,255 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 205943
+INFO 2023-10-21 15:08:34,154 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 217991
+INFO 2023-10-21 15:08:34,626 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 204859
+INFO 2023-10-21 15:09:25,786 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 238332
+INFO 2023-10-21 15:10:18,662 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 223105
+INFO 2023-10-21 15:10:39,431 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 188781
+INFO 2023-10-21 15:11:00,786 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 235169
+INFO 2023-10-21 15:11:02,420 basehttp 23702 140667400480320 "GET /password/reset HTTP/1.1" 200 234445
+INFO 2023-10-21 15:11:10,131 basehttp 23702 140667400480320 "POST /password/reset HTTP/1.1" 200 2948
+INFO 2023-10-21 15:12:07,095 autoreload 23702 140667603230720 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:12:07,827 autoreload 24030 139823091810304 Watching for file changes with StatReloader
+INFO 2023-10-21 15:12:14,531 basehttp 24030 139822967551552 "POST /password/reset HTTP/1.1" 200 2934
+INFO 2023-10-21 15:12:51,243 basehttp 24030 139822967551552 "POST /password/reset HTTP/1.1" 200 2826
+INFO 2023-10-21 15:13:15,013 basehttp 24030 139822967551552 "POST /password/reset HTTP/1.1" 200 234480
+INFO 2023-10-21 15:13:31,823 basehttp 24030 139822967551552 "GET /password/reset HTTP/1.1" 200 233234
+INFO 2023-10-21 15:13:33,433 basehttp 24030 139822967551552 "GET /password/reset HTTP/1.1" 200 227198
+INFO 2023-10-21 15:13:34,428 basehttp 24030 139822967551552 "GET /password/reset HTTP/1.1" 200 251630
+INFO 2023-10-21 15:13:42,241 basehttp 24030 139822967551552 "POST /password/reset HTTP/1.1" 200 2458
+INFO 2023-10-21 15:14:15,153 autoreload 24030 139823091810304 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:14:15,888 autoreload 24150 140282586763264 Watching for file changes with StatReloader
+INFO 2023-10-21 15:14:18,118 basehttp 24150 140282462991936 "POST /password/reset HTTP/1.1" 200 2458
+ERROR 2023-10-21 15:14:25,406 log 24150 140282462991936 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 175, in password_commit
+    if not secparams_check(data):
+NameError: name 'secparams_check' is not defined
+ERROR 2023-10-21 15:14:25,407 basehttp 24150 140282462991936 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.L5ALoAs3rES2dXkZoEZvqvy3RUyL_3FfFVufzxut2fcV8X72otk54W3mdKfY2HlQ_nyIniU7oXvNbtyhbzfYa7GPmn4RX1ldXqPISUZJQF6_Hf6-yVMZ3R03y6BzDq79_PC5YeNFvrsgGTAMGNZ0OH87oWtb0GK5JNX2xUzLGh-GWl4tKu1iiZk7ZgaqUgxgnRG_yFmk_j3N3FwVHPKabbySqfUcm8GpHF9kdZ_XeaS1PS1kor6I4EPXq2rriilxLg8Ns9SUnd8XWDX6zZUbXfNKOq3dSqD4BtWfa9xFhJ5DJTU1vRRL9a0oBv85JNUAGMNAHJ3UZxm7wmcFw5rSFA.1UFsxsA9aAIpSPOzo0xi4Q.FgEUOdBfM8sFirAO5FtRlHbZ9KKxu3L5QyjaXRX5BEh11imnNlc-5RJiXKC8XaW_bZjctXmX02R8Alh9QtGoMxqkwKxD6BsJlI7-HIG5HPRx7_13hZvdzc-PEeSgWP1I0y4Y4XMnYycD7eMXjEvnvXC8-ZOP5xmF-zcQ0CDAW7UbqYh2hZH8XGMBeHijRF2uXhbZcTjdfu25WwdDpMbroOuDVQHh3t5PwzOqn2tiFHAQIKDQUK44mFji247baMSkXJN-yGXylOP2qLpFsfmu-gvfNhL606IueQhgEQ-5gXxnBRYFZp_oupSsTSj-HC6PXPuWLy_WRlENSDroq-C7xiJn-Sr69y1ZLLL5hTRESyCikoMCdmDt4aKJBAO6gHXSC050dwNLkyVQ_CuDIPbQzVkdtcXbgAwiKVLRu1VzYb_q2adRHWEqUYjH1SSJAbZ_3Oqv6MqVnDCXC4mYKrASmYlK14QP_NB7Hs79TfvOT2MnZy4T60fKNEqbbP_QcTES9S5b_iSetDv5r5vimvjmmw.CiYZw0_alaPIoyB1SqvhTkhcZJyssDxOxCvRZyZXm5U HTTP/1.1" 500 98690
+WARNING 2023-10-21 15:14:25,477 log 24150 140282462991936 Not Found: /favicon.ico
+INFO 2023-10-21 15:14:42,610 autoreload 24150 140282586763264 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:14:43,330 autoreload 24297 139958217314304 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:14:45,355 log 24297 139958018897472 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 176, in password_commit
+    if not secparams_check(data):
+TypeError: secparams_check() missing 1 required positional argument: 'aud'
+ERROR 2023-10-21 15:14:45,356 basehttp 24297 139958018897472 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.L5ALoAs3rES2dXkZoEZvqvy3RUyL_3FfFVufzxut2fcV8X72otk54W3mdKfY2HlQ_nyIniU7oXvNbtyhbzfYa7GPmn4RX1ldXqPISUZJQF6_Hf6-yVMZ3R03y6BzDq79_PC5YeNFvrsgGTAMGNZ0OH87oWtb0GK5JNX2xUzLGh-GWl4tKu1iiZk7ZgaqUgxgnRG_yFmk_j3N3FwVHPKabbySqfUcm8GpHF9kdZ_XeaS1PS1kor6I4EPXq2rriilxLg8Ns9SUnd8XWDX6zZUbXfNKOq3dSqD4BtWfa9xFhJ5DJTU1vRRL9a0oBv85JNUAGMNAHJ3UZxm7wmcFw5rSFA.1UFsxsA9aAIpSPOzo0xi4Q.FgEUOdBfM8sFirAO5FtRlHbZ9KKxu3L5QyjaXRX5BEh11imnNlc-5RJiXKC8XaW_bZjctXmX02R8Alh9QtGoMxqkwKxD6BsJlI7-HIG5HPRx7_13hZvdzc-PEeSgWP1I0y4Y4XMnYycD7eMXjEvnvXC8-ZOP5xmF-zcQ0CDAW7UbqYh2hZH8XGMBeHijRF2uXhbZcTjdfu25WwdDpMbroOuDVQHh3t5PwzOqn2tiFHAQIKDQUK44mFji247baMSkXJN-yGXylOP2qLpFsfmu-gvfNhL606IueQhgEQ-5gXxnBRYFZp_oupSsTSj-HC6PXPuWLy_WRlENSDroq-C7xiJn-Sr69y1ZLLL5hTRESyCikoMCdmDt4aKJBAO6gHXSC050dwNLkyVQ_CuDIPbQzVkdtcXbgAwiKVLRu1VzYb_q2adRHWEqUYjH1SSJAbZ_3Oqv6MqVnDCXC4mYKrASmYlK14QP_NB7Hs79TfvOT2MnZy4T60fKNEqbbP_QcTES9S5b_iSetDv5r5vimvjmmw.CiYZw0_alaPIoyB1SqvhTkhcZJyssDxOxCvRZyZXm5U HTTP/1.1" 500 98669
+INFO 2023-10-21 15:15:06,997 autoreload 24297 139958217314304 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:15:07,734 autoreload 24337 140481861922816 Watching for file changes with StatReloader
+INFO 2023-10-21 15:21:05,937 autoreload 24337 140481861922816 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:21:06,657 autoreload 24641 139897088180224 Watching for file changes with StatReloader
+INFO 2023-10-21 15:21:07,920 autoreload 24641 139897088180224 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:21:08,625 autoreload 24649 139810564943872 Watching for file changes with StatReloader
+INFO 2023-10-21 15:21:10,904 autoreload 24649 139810564943872 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:21:11,612 autoreload 24655 139700608983040 Watching for file changes with StatReloader
+INFO 2023-10-21 15:21:29,142 autoreload 24655 139700608983040 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:21:29,862 autoreload 24662 140404369055744 Watching for file changes with StatReloader
+INFO 2023-10-21 15:21:32,055 autoreload 24662 140404369055744 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:21:32,755 autoreload 24668 139850129162240 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:21:42,877 log 24668 139850005083712 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 176, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697901258, 'exp': 1697903238, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': '/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:21:42,877 basehttp 24668 139850005083712 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.L5ALoAs3rES2dXkZoEZvqvy3RUyL_3FfFVufzxut2fcV8X72otk54W3mdKfY2HlQ_nyIniU7oXvNbtyhbzfYa7GPmn4RX1ldXqPISUZJQF6_Hf6-yVMZ3R03y6BzDq79_PC5YeNFvrsgGTAMGNZ0OH87oWtb0GK5JNX2xUzLGh-GWl4tKu1iiZk7ZgaqUgxgnRG_yFmk_j3N3FwVHPKabbySqfUcm8GpHF9kdZ_XeaS1PS1kor6I4EPXq2rriilxLg8Ns9SUnd8XWDX6zZUbXfNKOq3dSqD4BtWfa9xFhJ5DJTU1vRRL9a0oBv85JNUAGMNAHJ3UZxm7wmcFw5rSFA.1UFsxsA9aAIpSPOzo0xi4Q.FgEUOdBfM8sFirAO5FtRlHbZ9KKxu3L5QyjaXRX5BEh11imnNlc-5RJiXKC8XaW_bZjctXmX02R8Alh9QtGoMxqkwKxD6BsJlI7-HIG5HPRx7_13hZvdzc-PEeSgWP1I0y4Y4XMnYycD7eMXjEvnvXC8-ZOP5xmF-zcQ0CDAW7UbqYh2hZH8XGMBeHijRF2uXhbZcTjdfu25WwdDpMbroOuDVQHh3t5PwzOqn2tiFHAQIKDQUK44mFji247baMSkXJN-yGXylOP2qLpFsfmu-gvfNhL606IueQhgEQ-5gXxnBRYFZp_oupSsTSj-HC6PXPuWLy_WRlENSDroq-C7xiJn-Sr69y1ZLLL5hTRESyCikoMCdmDt4aKJBAO6gHXSC050dwNLkyVQ_CuDIPbQzVkdtcXbgAwiKVLRu1VzYb_q2adRHWEqUYjH1SSJAbZ_3Oqv6MqVnDCXC4mYKrASmYlK14QP_NB7Hs79TfvOT2MnZy4T60fKNEqbbP_QcTES9S5b_iSetDv5r5vimvjmmw.CiYZw0_alaPIoyB1SqvhTkhcZJyssDxOxCvRZyZXm5U HTTP/1.1" 500 99870
+WARNING 2023-10-21 15:21:42,931 log 24668 139850005083712 Not Found: /favicon.ico
+INFO 2023-10-21 15:23:20,731 autoreload 24668 139850129162240 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:23:21,438 autoreload 24755 140517179846656 Watching for file changes with StatReloader
+INFO 2023-10-21 15:23:57,251 autoreload 24755 140517179846656 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:23:57,975 autoreload 24790 140312262860800 Watching for file changes with StatReloader
+INFO 2023-10-21 15:25:28,768 autoreload 24790 140312262860800 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:25:29,547 autoreload 24851 139797173882880 Watching for file changes with StatReloader
+INFO 2023-10-21 15:25:49,151 autoreload 24851 139797173882880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:25:49,896 autoreload 24863 140137640673280 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:26:26,644 log 24863 140137448076864 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 176, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697901258, 'exp': 1697903238, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': '/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:26:26,645 basehttp 24863 140137448076864 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.L5ALoAs3rES2dXkZoEZvqvy3RUyL_3FfFVufzxut2fcV8X72otk54W3mdKfY2HlQ_nyIniU7oXvNbtyhbzfYa7GPmn4RX1ldXqPISUZJQF6_Hf6-yVMZ3R03y6BzDq79_PC5YeNFvrsgGTAMGNZ0OH87oWtb0GK5JNX2xUzLGh-GWl4tKu1iiZk7ZgaqUgxgnRG_yFmk_j3N3FwVHPKabbySqfUcm8GpHF9kdZ_XeaS1PS1kor6I4EPXq2rriilxLg8Ns9SUnd8XWDX6zZUbXfNKOq3dSqD4BtWfa9xFhJ5DJTU1vRRL9a0oBv85JNUAGMNAHJ3UZxm7wmcFw5rSFA.1UFsxsA9aAIpSPOzo0xi4Q.FgEUOdBfM8sFirAO5FtRlHbZ9KKxu3L5QyjaXRX5BEh11imnNlc-5RJiXKC8XaW_bZjctXmX02R8Alh9QtGoMxqkwKxD6BsJlI7-HIG5HPRx7_13hZvdzc-PEeSgWP1I0y4Y4XMnYycD7eMXjEvnvXC8-ZOP5xmF-zcQ0CDAW7UbqYh2hZH8XGMBeHijRF2uXhbZcTjdfu25WwdDpMbroOuDVQHh3t5PwzOqn2tiFHAQIKDQUK44mFji247baMSkXJN-yGXylOP2qLpFsfmu-gvfNhL606IueQhgEQ-5gXxnBRYFZp_oupSsTSj-HC6PXPuWLy_WRlENSDroq-C7xiJn-Sr69y1ZLLL5hTRESyCikoMCdmDt4aKJBAO6gHXSC050dwNLkyVQ_CuDIPbQzVkdtcXbgAwiKVLRu1VzYb_q2adRHWEqUYjH1SSJAbZ_3Oqv6MqVnDCXC4mYKrASmYlK14QP_NB7Hs79TfvOT2MnZy4T60fKNEqbbP_QcTES9S5b_iSetDv5r5vimvjmmw.CiYZw0_alaPIoyB1SqvhTkhcZJyssDxOxCvRZyZXm5U HTTP/1.1" 500 99745
+WARNING 2023-10-21 15:26:26,720 log 24863 140137448076864 Not Found: /favicon.ico
+INFO 2023-10-21 15:27:50,135 autoreload 24863 140137640673280 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:27:50,836 autoreload 24949 140576176885760 Watching for file changes with StatReloader
+INFO 2023-10-21 15:28:10,270 autoreload 24949 140576176885760 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:28:11,008 autoreload 25000 140450313129984 Watching for file changes with StatReloader
+INFO 2023-10-21 15:28:14,249 basehttp 25000 140450121905728 "GET /password/reset HTTP/1.1" 200 219022
+ERROR 2023-10-21 15:28:33,091 log 25000 140450121905728 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 117, in password_reset
+    aud = ''.join(
+TypeError: str.join() takes exactly one argument (2 given)
+ERROR 2023-10-21 15:28:33,092 basehttp 25000 140450121905728 "POST /password/reset HTTP/1.1" 500 96158
+WARNING 2023-10-21 15:28:33,166 log 25000 140450121905728 Not Found: /favicon.ico
+INFO 2023-10-21 15:28:46,922 autoreload 25000 140450313129984 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:28:47,636 autoreload 25023 139693005074432 Watching for file changes with StatReloader
+INFO 2023-10-21 15:28:49,656 basehttp 25023 139692881212992 "POST /password/reset HTTP/1.1" 200 2825
+INFO 2023-10-21 15:30:49,010 autoreload 25023 139693005074432 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:30:49,789 autoreload 25233 139668881858560 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:31:01,619 log 25233 139668689516096 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 180, in password_commit
+    if not secparams_check(data, aud = request.get_raw_uri().split('?')[0]):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 78, in secparams_check
+    payload.get('aud', None) not in (aud, re.sub("^https?://", "", aud))
+  File "/usr/lib/python3.10/bdb.py", line 96, in trace_dispatch
+    return self.dispatch_exception(frame, arg)
+  File "/usr/lib/python3.10/bdb.py", line 176, in dispatch_exception
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+ERROR 2023-10-21 15:31:01,620 basehttp 25233 139668689516096 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.FkUiQoyRKH4Zh6I2JYbM_YSEEjRmRe0sRkUmONdJWYa2-D4_k23pPJTAUFQ9ClUNRLGQpxGVkA7ojamLqKCPoXYj6MFp3hTKUlmt4SpOV38Drsu75y1nUinmHo1fp1-Ixmnp08Wo4plSfLRsfOUQmI5M_gRf45omWe-jbmBHRCml8bhbCQVErJiwmddYhgAaFwX9EZ4lUXi8doP9SuOtKTMMEFxytEIoJOyV_zo7lNXqM6-J2OqUEvXTIkenn2rJZ_-TGFGlbjKGtpnO9haL9QOtSOp4sxQuy3_da2BKqKsCSXh2C8Q_myZPUfHaPAOdGn5MJNBP1ozwTVum_gSKXg.wmqNBpEN5L9kT06LO03eNw.eNaPnz8rmwXqY1gOiIHCVWESiIMFvUaWnzxXZVvZnmykqiXku_LGczm-Vdi0n06YGG6dv0I4czAWCm7MnNE--k4YdKowmdwkuFzQF9b6Of-OHTte53ALB-Fv0a-bjyY5joQIzjkXlxJkDnZQC5WOzfxpyWsMOZeABb-PKtZqSiaOEg_6c7pSvyMWznU2QAh3Y-s4ov2dS702Q5PlyLSXFu2e9T3fDsyyMJ80BKNqpEGunzDA73CKiLMcTUh3-FhtxItHq9g8X7VCDcDR2O75FLexvQr0fX1ZcHb1lbn_la8jMueBK8coVov95h1-S7EP322_L3QmEUjpofrx9TsuifhebIqofZYJv124G18R8LHw33XEVX3aYDTZjqglqq1xbp6riv6NHzerwbIVNW2wFxNdVvJMGAJZMGBc4L5lVjN8TFK6hoLGxDiq1NRWRYbs1rzot4uKtxQeMRlj3WkrNxOE4CqpZsYqS7-xeEc9XW7KhJAATGpoy3J6dR6cW8akoX0clmBQKQ746Zf1sr17pxwqjwqJ2vRA9edl2cSxd5e0LxJF6aLRDymdSF11O5ks.qr6sjS2VH4G0dN-YexOOIyTS8KJz3OKXLErPRwT4WWo HTTP/1.1" 500 112304
+WARNING 2023-10-21 15:31:01,679 log 25233 139668689516096 Not Found: /favicon.ico
+INFO 2023-10-21 15:31:09,422 autoreload 25233 139668881858560 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:31:10,162 autoreload 25281 140640676425728 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:31:51,879 log 25281 140640552744512 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 181, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902129, 'exp': 1697904109, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:31:51,880 basehttp 25281 140640552744512 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.FkUiQoyRKH4Zh6I2JYbM_YSEEjRmRe0sRkUmONdJWYa2-D4_k23pPJTAUFQ9ClUNRLGQpxGVkA7ojamLqKCPoXYj6MFp3hTKUlmt4SpOV38Drsu75y1nUinmHo1fp1-Ixmnp08Wo4plSfLRsfOUQmI5M_gRf45omWe-jbmBHRCml8bhbCQVErJiwmddYhgAaFwX9EZ4lUXi8doP9SuOtKTMMEFxytEIoJOyV_zo7lNXqM6-J2OqUEvXTIkenn2rJZ_-TGFGlbjKGtpnO9haL9QOtSOp4sxQuy3_da2BKqKsCSXh2C8Q_myZPUfHaPAOdGn5MJNBP1ozwTVum_gSKXg.wmqNBpEN5L9kT06LO03eNw.eNaPnz8rmwXqY1gOiIHCVWESiIMFvUaWnzxXZVvZnmykqiXku_LGczm-Vdi0n06YGG6dv0I4czAWCm7MnNE--k4YdKowmdwkuFzQF9b6Of-OHTte53ALB-Fv0a-bjyY5joQIzjkXlxJkDnZQC5WOzfxpyWsMOZeABb-PKtZqSiaOEg_6c7pSvyMWznU2QAh3Y-s4ov2dS702Q5PlyLSXFu2e9T3fDsyyMJ80BKNqpEGunzDA73CKiLMcTUh3-FhtxItHq9g8X7VCDcDR2O75FLexvQr0fX1ZcHb1lbn_la8jMueBK8coVov95h1-S7EP322_L3QmEUjpofrx9TsuifhebIqofZYJv124G18R8LHw33XEVX3aYDTZjqglqq1xbp6riv6NHzerwbIVNW2wFxNdVvJMGAJZMGBc4L5lVjN8TFK6hoLGxDiq1NRWRYbs1rzot4uKtxQeMRlj3WkrNxOE4CqpZsYqS7-xeEc9XW7KhJAATGpoy3J6dR6cW8akoX0clmBQKQ746Zf1sr17pxwqjwqJ2vRA9edl2cSxd5e0LxJF6aLRDymdSF11O5ks.qr6sjS2VH4G0dN-YexOOIyTS8KJz3OKXLErPRwT4WWo HTTP/1.1" 500 100170
+INFO 2023-10-21 15:32:33,969 autoreload 25281 140640676425728 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:32:34,754 autoreload 25333 140358959861760 Watching for file changes with StatReloader
+INFO 2023-10-21 15:33:16,715 autoreload 25333 140358959861760 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:33:17,452 autoreload 25380 140217127288832 Watching for file changes with StatReloader
+INFO 2023-10-21 15:34:27,996 autoreload 25380 140217127288832 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:34:28,714 autoreload 25430 139805633847296 Watching for file changes with StatReloader
+INFO 2023-10-21 15:35:11,757 autoreload 25430 139805633847296 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:35:12,498 autoreload 25476 140165190524928 Watching for file changes with StatReloader
+INFO 2023-10-21 15:35:25,950 autoreload 25476 140165190524928 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:35:26,659 autoreload 25487 140503677575168 Watching for file changes with StatReloader
+INFO 2023-10-21 15:35:29,955 autoreload 25487 140503677575168 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:35:30,733 autoreload 25493 140110033018880 Watching for file changes with StatReloader
+INFO 2023-10-21 15:36:06,529 autoreload 25493 140110033018880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:36:07,261 autoreload 25536 140346473201664 Watching for file changes with StatReloader
+INFO 2023-10-21 15:36:17,586 autoreload 25536 140346473201664 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:36:18,293 autoreload 25542 140588804186112 Watching for file changes with StatReloader
+INFO 2023-10-21 15:36:44,935 autoreload 25542 140588804186112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/affiliations_api/views.py changed, reloading.
+INFO 2023-10-21 15:36:45,635 autoreload 25554 140402682597376 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:36:57,325 log 25554 140402558498368 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 180, in password_commit
+    if not secparams_check(
+TypeError: secparams_check() got an unexpected keyword argument 'allowed_clients'
+ERROR 2023-10-21 15:36:57,325 basehttp 25554 140402558498368 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.FkUiQoyRKH4Zh6I2JYbM_YSEEjRmRe0sRkUmONdJWYa2-D4_k23pPJTAUFQ9ClUNRLGQpxGVkA7ojamLqKCPoXYj6MFp3hTKUlmt4SpOV38Drsu75y1nUinmHo1fp1-Ixmnp08Wo4plSfLRsfOUQmI5M_gRf45omWe-jbmBHRCml8bhbCQVErJiwmddYhgAaFwX9EZ4lUXi8doP9SuOtKTMMEFxytEIoJOyV_zo7lNXqM6-J2OqUEvXTIkenn2rJZ_-TGFGlbjKGtpnO9haL9QOtSOp4sxQuy3_da2BKqKsCSXh2C8Q_myZPUfHaPAOdGn5MJNBP1ozwTVum_gSKXg.wmqNBpEN5L9kT06LO03eNw.eNaPnz8rmwXqY1gOiIHCVWESiIMFvUaWnzxXZVvZnmykqiXku_LGczm-Vdi0n06YGG6dv0I4czAWCm7MnNE--k4YdKowmdwkuFzQF9b6Of-OHTte53ALB-Fv0a-bjyY5joQIzjkXlxJkDnZQC5WOzfxpyWsMOZeABb-PKtZqSiaOEg_6c7pSvyMWznU2QAh3Y-s4ov2dS702Q5PlyLSXFu2e9T3fDsyyMJ80BKNqpEGunzDA73CKiLMcTUh3-FhtxItHq9g8X7VCDcDR2O75FLexvQr0fX1ZcHb1lbn_la8jMueBK8coVov95h1-S7EP322_L3QmEUjpofrx9TsuifhebIqofZYJv124G18R8LHw33XEVX3aYDTZjqglqq1xbp6riv6NHzerwbIVNW2wFxNdVvJMGAJZMGBc4L5lVjN8TFK6hoLGxDiq1NRWRYbs1rzot4uKtxQeMRlj3WkrNxOE4CqpZsYqS7-xeEc9XW7KhJAATGpoy3J6dR6cW8akoX0clmBQKQ746Zf1sr17pxwqjwqJ2vRA9edl2cSxd5e0LxJF6aLRDymdSF11O5ks.qr6sjS2VH4G0dN-YexOOIyTS8KJz3OKXLErPRwT4WWo HTTP/1.1" 500 99065
+WARNING 2023-10-21 15:36:57,379 log 25554 140402558498368 Not Found: /favicon.ico
+INFO 2023-10-21 15:37:06,246 autoreload 25554 140402682597376 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:37:06,988 autoreload 25585 140032307916800 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:37:08,004 log 25585 140032184677952 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 180, in password_commit
+    if not secparams_check(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 83, in secparams_check
+    for i in allowed_client:
+NameError: name 'allowed_client' is not defined
+ERROR 2023-10-21 15:37:08,005 basehttp 25585 140032184677952 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.FkUiQoyRKH4Zh6I2JYbM_YSEEjRmRe0sRkUmONdJWYa2-D4_k23pPJTAUFQ9ClUNRLGQpxGVkA7ojamLqKCPoXYj6MFp3hTKUlmt4SpOV38Drsu75y1nUinmHo1fp1-Ixmnp08Wo4plSfLRsfOUQmI5M_gRf45omWe-jbmBHRCml8bhbCQVErJiwmddYhgAaFwX9EZ4lUXi8doP9SuOtKTMMEFxytEIoJOyV_zo7lNXqM6-J2OqUEvXTIkenn2rJZ_-TGFGlbjKGtpnO9haL9QOtSOp4sxQuy3_da2BKqKsCSXh2C8Q_myZPUfHaPAOdGn5MJNBP1ozwTVum_gSKXg.wmqNBpEN5L9kT06LO03eNw.eNaPnz8rmwXqY1gOiIHCVWESiIMFvUaWnzxXZVvZnmykqiXku_LGczm-Vdi0n06YGG6dv0I4czAWCm7MnNE--k4YdKowmdwkuFzQF9b6Of-OHTte53ALB-Fv0a-bjyY5joQIzjkXlxJkDnZQC5WOzfxpyWsMOZeABb-PKtZqSiaOEg_6c7pSvyMWznU2QAh3Y-s4ov2dS702Q5PlyLSXFu2e9T3fDsyyMJ80BKNqpEGunzDA73CKiLMcTUh3-FhtxItHq9g8X7VCDcDR2O75FLexvQr0fX1ZcHb1lbn_la8jMueBK8coVov95h1-S7EP322_L3QmEUjpofrx9TsuifhebIqofZYJv124G18R8LHw33XEVX3aYDTZjqglqq1xbp6riv6NHzerwbIVNW2wFxNdVvJMGAJZMGBc4L5lVjN8TFK6hoLGxDiq1NRWRYbs1rzot4uKtxQeMRlj3WkrNxOE4CqpZsYqS7-xeEc9XW7KhJAATGpoy3J6dR6cW8akoX0clmBQKQ746Zf1sr17pxwqjwqJ2vRA9edl2cSxd5e0LxJF6aLRDymdSF11O5ks.qr6sjS2VH4G0dN-YexOOIyTS8KJz3OKXLErPRwT4WWo HTTP/1.1" 500 103080
+WARNING 2023-10-21 15:37:08,054 log 25585 140032184677952 Not Found: /favicon.ico
+INFO 2023-10-21 15:37:14,326 autoreload 25585 140032307916800 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-21 15:37:15,090 autoreload 25601 140315586859008 Watching for file changes with StatReloader
+ERROR 2023-10-21 15:37:16,283 log 25601 140315463775808 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 185, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902129, 'exp': 1697904109, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:37:16,283 basehttp 25601 140315463775808 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.FkUiQoyRKH4Zh6I2JYbM_YSEEjRmRe0sRkUmONdJWYa2-D4_k23pPJTAUFQ9ClUNRLGQpxGVkA7ojamLqKCPoXYj6MFp3hTKUlmt4SpOV38Drsu75y1nUinmHo1fp1-Ixmnp08Wo4plSfLRsfOUQmI5M_gRf45omWe-jbmBHRCml8bhbCQVErJiwmddYhgAaFwX9EZ4lUXi8doP9SuOtKTMMEFxytEIoJOyV_zo7lNXqM6-J2OqUEvXTIkenn2rJZ_-TGFGlbjKGtpnO9haL9QOtSOp4sxQuy3_da2BKqKsCSXh2C8Q_myZPUfHaPAOdGn5MJNBP1ozwTVum_gSKXg.wmqNBpEN5L9kT06LO03eNw.eNaPnz8rmwXqY1gOiIHCVWESiIMFvUaWnzxXZVvZnmykqiXku_LGczm-Vdi0n06YGG6dv0I4czAWCm7MnNE--k4YdKowmdwkuFzQF9b6Of-OHTte53ALB-Fv0a-bjyY5joQIzjkXlxJkDnZQC5WOzfxpyWsMOZeABb-PKtZqSiaOEg_6c7pSvyMWznU2QAh3Y-s4ov2dS702Q5PlyLSXFu2e9T3fDsyyMJ80BKNqpEGunzDA73CKiLMcTUh3-FhtxItHq9g8X7VCDcDR2O75FLexvQr0fX1ZcHb1lbn_la8jMueBK8coVov95h1-S7EP322_L3QmEUjpofrx9TsuifhebIqofZYJv124G18R8LHw33XEVX3aYDTZjqglqq1xbp6riv6NHzerwbIVNW2wFxNdVvJMGAJZMGBc4L5lVjN8TFK6hoLGxDiq1NRWRYbs1rzot4uKtxQeMRlj3WkrNxOE4CqpZsYqS7-xeEc9XW7KhJAATGpoy3J6dR6cW8akoX0clmBQKQ746Zf1sr17pxwqjwqJ2vRA9edl2cSxd5e0LxJF6aLRDymdSF11O5ks.qr6sjS2VH4G0dN-YexOOIyTS8KJz3OKXLErPRwT4WWo HTTP/1.1" 500 100103
+INFO 2023-10-21 15:38:03,064 autoreload 25601 140315586859008 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:38:03,773 autoreload 25617 139749287784448 Watching for file changes with StatReloader
+INFO 2023-10-21 15:38:11,542 basehttp 25617 139749096420928 "GET /password/reset HTTP/1.1" 200 193914
+INFO 2023-10-21 15:38:24,035 basehttp 25617 139749096420928 "GET /password/reset HTTP/1.1" 200 197358
+INFO 2023-10-21 15:38:25,219 basehttp 25617 139749096420928 "GET /password/reset HTTP/1.1" 200 229662
+INFO 2023-10-21 15:38:26,393 basehttp 25617 139749096420928 "GET /password/reset HTTP/1.1" 200 243022
+INFO 2023-10-21 15:38:27,523 basehttp 25617 139749096420928 "GET /password/reset HTTP/1.1" 200 231466
+INFO 2023-10-21 15:38:35,983 basehttp 25617 139749096420928 "POST /password/reset HTTP/1.1" 200 2458
+ERROR 2023-10-21 15:39:00,438 log 25617 139749096420928 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 186, in password_commit
+    raise ValidationError(
+django.core.exceptions.ValidationError: ["{'user_pk': 1, 'new_pass': 'CiaoMamma4!', 'iat': 1697902715, 'exp': 1697904695, 'iss': 'http://localhost:9000', 'sub': 'ciao@email.com', 'aud': 'localhost:9000/password/commit'} doesn't respect the security pattern"]
+ERROR 2023-10-21 15:39:00,439 basehttp 25617 139749096420928 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZDQkMtSFM1MTIiLCJraWQiOiJXRUpoY0dkMVltZG9WV05zT1hGTmJsRkZXV3RHY2pCamMyZFdWbmwzY0RSdmNtOXROVEF3UjJSM1l3In0.ZzYlxrHVWEWjlOkK_HUzpjrlEerWCXelkY6L_hpEXiC3KBdjAe-zMuMrTK6hIm8Cl8L9M8HXjFKWkY0biS_6cXW_2r2cMd2o4cKBX6UqUNUUwDtE2DzL2PoT3K31Nsf5QWwPRQsZi9Xvx_oKuLj8G1REm8S6FEfy3kvtBYCLWlapgto3QM25eaySbKnUp8jFYNlEBgVKM7dACSn4Rn66-pfVM1cuYOP6wa5sn_XFQdFCc163rDI0gm41Q9n-QeXfS5xMZC2g3e425O0l0K4DXTatBzPAf_r6ZutO5iueq-FqgtHpFsn67yt6TvZwI4T-59UYv1rve1S7GPEo671G_w.lYE5IIS_QLQhZLRL6ZET9g.qLiwwF6OntNgpgxEriShIei9bkjqmlLAbfUnJKQhcIBg4WREJDGREAJTWfVQX2DH6YIyAO2LDPMhCdNPKDjyvw-k4T25b1HrkkeSTy4vARmNAe143sgnfTjcMWusdBnzEKLEv9yEEmtEsqN9_PNzRFw9Iav1taM5-eXb7mf5hyBSXO0sU3uwPWI180-B5gt2Ymbh6pvjR6XjUqz-8cimFdoYUXlFcqrqxDFNXbGtqJWIB7STpdcXVD12Twb0swaCw9Zu94tsz-au6XvLLadrNUdh0Ubfnr_pIf2drzDU8rWCSQ7SwK4ugs2XM7RMGDwSaXY47QdbCYFbGxCJsqDRNs_e9RjjbcZ9vROVs03-2-FYHx9qfPIgbq9SUUQPjASFY1ZHp5coe-IF8i52a1jjkMC7jpGpLkSM12WOYsiQETGwt06cNNgGxTpy2lNg65vHGoWDyrXd3lWeom0hzfq1OhxiOblf3vUV2_kmR1i0tP5mBInp4fxMn74tAya2pa7OxCQkV_RywJKnuQwIr7nWXfoWqVRrlGpV8kGN7dyLHLT7p46pTvUCtEbUhMQknh4e.Aa7L0dlkXRW0tzvD0UwjvE3CqCtg-ILIeR2cnJ6Rmpg HTTP/1.1" 500 100240
+WARNING 2023-10-21 15:39:00,496 log 25617 139749096420928 Not Found: /favicon.ico
+INFO 2023-10-21 15:39:40,852 autoreload 25617 139749287784448 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-21 15:39:41,578 autoreload 25862 140086617227264 Watching for file changes with StatReloader
diff --git a/example/logs/django.log.5 b/example/logs/django.log.5
new file mode 100644
index 0000000..dac3608
--- /dev/null
+++ b/example/logs/django.log.5
@@ -0,0 +1,973 @@
+INFO 2023-10-18 10:19:05,003 autoreload 20743 140193057271808 Watching for file changes with StatReloader
+INFO 2023-10-18 10:19:34,265 autoreload 20845 140350106857472 Watching for file changes with StatReloader
+INFO 2023-10-18 10:21:03,368 autoreload 21196 139652059668480 Watching for file changes with StatReloader
+INFO 2023-10-18 10:21:12,855 autoreload 21221 139704394260480 Watching for file changes with StatReloader
+WARNING 2023-10-18 10:21:30,973 log 21221 139704213173824 Not Found: /
+WARNING 2023-10-18 10:21:30,973 basehttp 21221 139704213173824 "GET / HTTP/1.1" 404 3279
+WARNING 2023-10-18 10:21:31,074 log 21221 139704213173824 Not Found: /favicon.ico
+WARNING 2023-10-18 10:21:31,074 basehttp 21221 139704213173824 "GET /favicon.ico HTTP/1.1" 404 3330
+WARNING 2023-10-18 10:21:36,288 log 21221 139704213173824 Not Found: /password_reset
+WARNING 2023-10-18 10:21:36,289 basehttp 21221 139704213173824 "GET /password_reset HTTP/1.1" 404 3339
+INFO 2023-10-18 10:22:34,494 autoreload 21221 139704394260480 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/urls.py changed, reloading.
+INFO 2023-10-18 10:22:35,261 autoreload 21437 140365178826752 Watching for file changes with StatReloader
+INFO 2023-10-18 10:22:39,383 basehttp 21437 140365055129152 "GET /password_reset HTTP/1.1" 301 0
+ERROR 2023-10-18 10:22:39,421 log 21437 140365055129152 Internal Server Error: /password_reset/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 71, in password_reset
+    return render(request, "password_change.html", d)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/shortcuts.py", line 19, in render
+    content = loader.render_to_string(template_name, context, request, using=using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 61, in render_to_string
+    template = get_template(template_name, using=using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 19, in get_template
+    raise TemplateDoesNotExist(template_name, chain=chain)
+django.template.exceptions.TemplateDoesNotExist: password_change.html
+ERROR 2023-10-18 10:22:39,422 basehttp 21437 140365055129152 "GET /password_reset/ HTTP/1.1" 500 108240
+INFO 2023-10-18 10:23:08,173 autoreload 21437 140365178826752 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-18 10:23:08,988 autoreload 21496 140290960338944 Watching for file changes with StatReloader
+ERROR 2023-10-18 10:23:12,539 log 21496 140290836919872 Internal Server Error: /password_reset/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 34, in get_template
+    return Template(self.engine.get_template(template_name), self)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 143, in get_template
+    template, origin = self.find_template(template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/engine.py", line 129, in find_template
+    raise TemplateDoesNotExist(name, tried=tried)
+django.template.exceptions.TemplateDoesNotExist: widgets/captcha.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 61, in render
+    return self.template.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 170, in render
+    return self._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 150, in render
+    return compiled_parent._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 150, in render
+    return compiled_parent._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 150, in render
+    return compiled_parent._render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 162, in _render
+    return self.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 62, in render
+    result = block.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader_tags.py", line 62, in render
+    result = block.nodelist.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 938, in render
+    bit = node.render_annotated(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/defaulttags.py", line 214, in render
+    nodelist.append(node.render_annotated(context))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 905, in render_annotated
+    return self.render(context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 994, in render
+    return render_value_in_context(output, context)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/base.py", line 973, in render_value_in_context
+    value = str(value)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/utils/html.py", line 376, in <lambda>
+    klass.__str__ = lambda self: mark_safe(klass_str(self))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/boundfield.py", line 34, in __str__
+    return self.as_widget()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/boundfield.py", line 93, in as_widget
+    return widget.render(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django_form_builder/widgets.py", line 63, in render
+    return self._render(self.template_name, context, renderer) + inline_code
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/widgets.py", line 252, in _render
+    return mark_safe(renderer.render(template_name, context))
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/renderers.py", line 24, in render
+    template = self.get_template(template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/renderers.py", line 30, in get_template
+    return self.engine.get_template(template_name)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 36, in get_template
+    reraise(exc, self)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: widgets/captcha.html
+
+The above exception was the direct cause of the following exception:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 71, in password_reset
+    return render(request, "password_reset.html", d)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/shortcuts.py", line 19, in render
+    content = loader.render_to_string(template_name, context, request, using=using)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/loader.py", line 62, in render_to_string
+    return template.render(context, request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 63, in render
+    reraise(exc, self.backend)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/template/backends/django.py", line 84, in reraise
+    raise new from exc
+django.template.exceptions.TemplateDoesNotExist: widgets/captcha.html
+ERROR 2023-10-18 10:23:12,541 basehttp 21496 140290836919872 "GET /password_reset/ HTTP/1.1" 500 327327
+INFO 2023-10-18 10:26:02,194 autoreload 21496 140290960338944 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-18 10:26:03,044 autoreload 21900 140448914735104 Watching for file changes with StatReloader
+INFO 2023-10-18 10:26:10,291 basehttp 21900 140448718911040 "GET /password_reset/ HTTP/1.1" 200 233908
+INFO 2023-10-18 10:26:10,318 basehttp 21900 140448718911040 "GET /static/css/bootstrap-italia.min.css HTTP/1.1" 200 458619
+INFO 2023-10-18 10:26:10,322 basehttp 21900 140448710518336 "GET /static/css/unical-style.css HTTP/1.1" 200 4882
+INFO 2023-10-18 10:26:10,325 basehttp 21900 140448710518336 "GET /static/css/idp_style.css HTTP/1.1" 200 1265
+INFO 2023-10-18 10:26:10,327 basehttp 21900 140448702125632 "GET /static/js/bootstrap-italia.bundle.min.js HTTP/1.1" 200 345665
+INFO 2023-10-18 10:26:10,802 basehttp 21900 140448702125632 "GET /static/images/favicon/favicon-32x32.png HTTP/1.1" 200 429
+INFO 2023-10-18 10:26:26,599 basehttp 21900 140448718911040 "GET /password_reset/ HTTP/1.1" 200 227544
+INFO 2023-10-18 10:26:27,687 basehttp 21900 140448718911040 "GET /password_reset/ HTTP/1.1" 200 221216
+INFO 2023-10-18 10:27:28,713 autoreload 21900 140448914735104 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-18 10:27:29,453 autoreload 22106 140597676933120 Watching for file changes with StatReloader
+INFO 2023-10-18 10:27:36,129 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 226090
+INFO 2023-10-18 10:27:46,105 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 213158
+INFO 2023-10-18 10:29:46,134 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 238962
+INFO 2023-10-18 10:31:46,074 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 241234
+INFO 2023-10-18 10:33:46,100 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 223794
+INFO 2023-10-18 10:35:46,075 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 232102
+INFO 2023-10-18 10:37:46,098 basehttp 22106 140597485631040 "GET /password_reset/ HTTP/1.1" 200 254446
+INFO 2023-10-18 10:38:21,447 autoreload 23804 140195256537088 Watching for file changes with StatReloader
+INFO 2023-10-19 08:03:28,755 autoreload 4632 140037158051840 Watching for file changes with StatReloader
+INFO 2023-10-19 08:06:58,594 autoreload 4632 140037158051840 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:06:59,201 autoreload 4915 140703636914176 Watching for file changes with StatReloader
+INFO 2023-10-19 08:07:31,620 autoreload 4915 140703636914176 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:07:32,238 autoreload 4930 139741891969024 Watching for file changes with StatReloader
+INFO 2023-10-19 08:07:48,509 autoreload 4930 139741891969024 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:07:49,192 autoreload 4938 140426128920576 Watching for file changes with StatReloader
+INFO 2023-10-19 08:08:11,503 autoreload 4938 140426128920576 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:08:12,172 autoreload 4995 139860057333760 Watching for file changes with StatReloader
+INFO 2023-10-19 08:08:37,599 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 238448
+INFO 2023-10-19 08:08:58,324 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 239044
+INFO 2023-10-19 08:08:58,604 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 233804
+INFO 2023-10-19 08:08:59,277 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 221140
+INFO 2023-10-19 08:08:59,479 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 213696
+INFO 2023-10-19 08:08:59,742 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 221844
+INFO 2023-10-19 08:08:59,924 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 228748
+INFO 2023-10-19 08:09:00,113 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 225244
+INFO 2023-10-19 08:09:00,924 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 233408
+INFO 2023-10-19 08:09:01,730 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 222832
+INFO 2023-10-19 08:09:02,941 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 215588
+INFO 2023-10-19 08:09:03,907 basehttp 4995 139859933001280 "GET /password_reset/ HTTP/1.1" 200 224640
+INFO 2023-10-19 08:10:54,067 autoreload 4995 139860057333760 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:10:54,727 autoreload 5113 140405261639680 Watching for file changes with StatReloader
+INFO 2023-10-19 08:10:58,992 autoreload 5113 140405261639680 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:10:59,642 autoreload 5119 140318690099200 Watching for file changes with StatReloader
+INFO 2023-10-19 08:11:03,918 basehttp 5119 140318566512192 "GET /password_reset/ HTTP/1.1" 200 237532
+INFO 2023-10-19 08:11:20,207 autoreload 5119 140318690099200 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:11:20,860 autoreload 5145 139656345649152 Watching for file changes with StatReloader
+INFO 2023-10-19 08:11:45,410 autoreload 5145 139656345649152 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:11:46,068 autoreload 5151 139677687308288 Watching for file changes with StatReloader
+INFO 2023-10-19 08:12:10,622 autoreload 5151 139677687308288 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:12:11,419 autoreload 5191 139860352139264 Watching for file changes with StatReloader
+INFO 2023-10-19 08:12:24,835 autoreload 5191 139860352139264 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:12:25,491 autoreload 5204 140060461047808 Watching for file changes with StatReloader
+INFO 2023-10-19 08:12:47,014 autoreload 5204 140060461047808 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:12:47,661 autoreload 5212 140011446190080 Watching for file changes with StatReloader
+INFO 2023-10-19 08:13:03,913 basehttp 5212 140011322209856 "GET /password_reset/ HTTP/1.1" 200 226980
+INFO 2023-10-19 08:13:27,553 basehttp 5212 140011322209856 "GET /password_reset/ HTTP/1.1" 200 204708
+INFO 2023-10-19 08:13:36,560 basehttp 5212 140011322209856 "POST /password_reset/ HTTP/1.1" 200 245164
+INFO 2023-10-19 08:14:18,040 basehttp 5212 140011322209856 "POST /password_reset/ HTTP/1.1" 200 201985
+INFO 2023-10-19 08:16:18,204 basehttp 5212 140011322209856 "GET /password_reset/ HTTP/1.1" 200 207536
+INFO 2023-10-19 08:16:32,419 autoreload 5212 140011446190080 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:16:33,079 autoreload 5436 140394159751168 Watching for file changes with StatReloader
+INFO 2023-10-19 08:16:36,261 autoreload 5436 140394159751168 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:16:36,925 autoreload 5442 139724027408384 Watching for file changes with StatReloader
+INFO 2023-10-19 08:16:49,233 autoreload 5442 139724027408384 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:16:49,892 autoreload 5448 139713840934912 Watching for file changes with StatReloader
+INFO 2023-10-19 08:16:57,222 autoreload 5448 139713840934912 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:16:57,882 autoreload 5454 140029279453184 Watching for file changes with StatReloader
+INFO 2023-10-19 08:17:18,400 autoreload 5454 140029279453184 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:17:19,082 autoreload 5464 139897813401600 Watching for file changes with StatReloader
+INFO 2023-10-19 08:17:51,793 autoreload 5464 139897813401600 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:17:52,445 autoreload 5471 140050726797312 Watching for file changes with StatReloader
+INFO 2023-10-19 08:18:00,794 autoreload 5471 140050726797312 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:18:01,477 autoreload 5477 140184149348352 Watching for file changes with StatReloader
+INFO 2023-10-19 08:18:12,868 autoreload 5477 140184149348352 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:18:13,533 autoreload 5489 139905981431808 Watching for file changes with StatReloader
+INFO 2023-10-19 08:18:18,210 basehttp 5489 139905789326912 "GET /password_reset/ HTTP/1.1" 200 209884
+INFO 2023-10-19 08:20:06,441 autoreload 5489 139905981431808 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:20:07,096 autoreload 5510 140349959503872 Watching for file changes with StatReloader
+INFO 2023-10-19 08:20:25,586 basehttp 5510 140349835048512 "GET /password_reset/ HTTP/1.1" 200 214232
+INFO 2023-10-19 08:20:36,816 autoreload 5510 140349959503872 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:20:37,486 autoreload 5537 140694726148096 Watching for file changes with StatReloader
+INFO 2023-10-19 08:20:39,733 autoreload 5537 140694726148096 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:20:40,396 autoreload 5543 140149411721216 Watching for file changes with StatReloader
+INFO 2023-10-19 08:20:44,674 autoreload 5543 140149411721216 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:20:45,410 autoreload 5549 140078445207552 Watching for file changes with StatReloader
+INFO 2023-10-19 08:22:14,057 autoreload 5549 140078445207552 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:22:14,817 autoreload 5565 140355721109504 Watching for file changes with StatReloader
+ERROR 2023-10-19 08:22:20,255 log 5565 140355596973632 Internal Server Error: /password_reset/
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 64, in password_reset
+    if form.is_valid():
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/forms.py", line 175, in is_valid
+    return self.is_bound and not self.errors
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/forms.py", line 170, in errors
+    self.full_clean()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/forms.py", line 373, in full_clean
+    self._clean_form()
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/forms/forms.py", line 400, in _clean_form
+    cleaned_data = self.clean()
+  File "/home/wert/DEV/Unical/django-form-builder/django_form_builder/forms.py", line 374, in clean
+    errors = field.raise_error(None,
+  File "/home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py", line 745, in raise_error
+    errors.append(f"Password is not secure enough, please add more entropy")
+NameError: name 'errors' is not defined
+ERROR 2023-10-19 08:22:20,256 basehttp 5565 140355596973632 "POST /password_reset/ HTTP/1.1" 500 119393
+WARNING 2023-10-19 08:22:20,307 log 5565 140355596973632 Not Found: /favicon.ico
+INFO 2023-10-19 08:22:46,517 autoreload 5565 140355721109504 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 08:22:47,243 autoreload 5577 139978485104640 Watching for file changes with StatReloader
+INFO 2023-10-19 08:22:50,568 basehttp 5577 139978285774400 "POST /password_reset/ HTTP/1.1" 200 231458
+INFO 2023-10-19 08:22:59,720 basehttp 5577 139978285774400 "POST /password_reset/ HTTP/1.1" 200 251962
+INFO 2023-10-19 08:23:27,179 autoreload 5577 139978485104640 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:23:27,899 autoreload 5599 139642691235840 Watching for file changes with StatReloader
+INFO 2023-10-19 08:23:41,536 basehttp 5599 139642567390784 "POST /password_reset/ HTTP/1.1" 200 196966
+INFO 2023-10-19 08:24:04,403 basehttp 5599 139642567390784 "POST /password_reset/ HTTP/1.1" 200 212984
+INFO 2023-10-19 08:24:08,283 basehttp 5599 139642567390784 "GET /password_reset/ HTTP/1.1" 200 238168
+INFO 2023-10-19 08:26:08,260 basehttp 5599 139642555852352 "GET /password_reset/ HTTP/1.1" 200 209632
+INFO 2023-10-19 08:28:08,264 basehttp 5599 139642555852352 "GET /password_reset/ HTTP/1.1" 200 210532
+INFO 2023-10-19 08:29:29,958 autoreload 5599 139642691235840 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:29:30,661 autoreload 5680 139930452090880 Watching for file changes with StatReloader
+INFO 2023-10-19 08:30:04,238 autoreload 5680 139930452090880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:30:04,895 autoreload 5709 139864353513472 Watching for file changes with StatReloader
+INFO 2023-10-19 08:30:33,428 autoreload 5709 139864353513472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:30:34,074 autoreload 5715 139974968209408 Watching for file changes with StatReloader
+INFO 2023-10-19 08:30:53,576 autoreload 5715 139974968209408 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:30:54,231 autoreload 5722 140422558437376 Watching for file changes with StatReloader
+INFO 2023-10-19 08:30:58,499 autoreload 5722 140422558437376 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:30:59,165 autoreload 5728 140291200626688 Watching for file changes with StatReloader
+INFO 2023-10-19 08:31:16,657 autoreload 5728 140291200626688 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:31:17,305 autoreload 5735 140456585506816 Watching for file changes with StatReloader
+INFO 2023-10-19 08:31:22,519 autoreload 5735 140456585506816 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 08:31:23,178 autoreload 5741 139721109880832 Watching for file changes with StatReloader
+INFO 2023-10-19 08:39:51,676 autoreload 5741 139721109880832 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:39:52,265 autoreload 6309 139984578621440 Watching for file changes with StatReloader
+INFO 2023-10-19 08:40:41,813 autoreload 6309 139984578621440 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:40:42,359 autoreload 6325 140566587699200 Watching for file changes with StatReloader
+INFO 2023-10-19 08:40:51,584 autoreload 6325 140566587699200 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:40:52,136 autoreload 6331 140394170077184 Watching for file changes with StatReloader
+INFO 2023-10-19 08:41:05,391 autoreload 6331 140394170077184 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:41:05,937 autoreload 6333 139695903211520 Watching for file changes with StatReloader
+INFO 2023-10-19 08:41:23,222 autoreload 6333 139695903211520 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:41:23,766 autoreload 6336 140110748585984 Watching for file changes with StatReloader
+INFO 2023-10-19 08:41:26,941 autoreload 6336 140110748585984 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:41:27,489 autoreload 6338 139816751194112 Watching for file changes with StatReloader
+INFO 2023-10-19 08:41:42,756 autoreload 6338 139816751194112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:41:43,303 autoreload 6340 140555051356160 Watching for file changes with StatReloader
+INFO 2023-10-19 08:41:55,543 autoreload 6340 140555051356160 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:41:56,093 autoreload 6342 140269285027840 Watching for file changes with StatReloader
+INFO 2023-10-19 08:42:35,554 autoreload 6342 140269285027840 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 08:42:36,100 autoreload 6345 140608772608000 Watching for file changes with StatReloader
+INFO 2023-10-19 09:31:51,111 autoreload 7055 139971216707584 Watching for file changes with StatReloader
+INFO 2023-10-19 09:32:26,312 autoreload 7084 140419069444096 Watching for file changes with StatReloader
+INFO 2023-10-19 09:33:04,947 autoreload 7084 140419069444096 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/urls.py changed, reloading.
+INFO 2023-10-19 09:33:05,595 autoreload 7115 139676871544832 Watching for file changes with StatReloader
+INFO 2023-10-19 09:33:23,971 autoreload 7115 139676871544832 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/urls.py changed, reloading.
+INFO 2023-10-19 09:33:24,611 autoreload 7125 140166965354496 Watching for file changes with StatReloader
+INFO 2023-10-19 09:33:39,947 autoreload 7125 140166965354496 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:33:40,588 autoreload 7131 140159545278464 Watching for file changes with StatReloader
+INFO 2023-10-19 09:33:55,676 autoreload 7148 140575509180416 Watching for file changes with StatReloader
+INFO 2023-10-19 09:36:17,691 autoreload 7148 140575509180416 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:36:18,347 autoreload 7174 139844670029824 Watching for file changes with StatReloader
+INFO 2023-10-19 09:39:28,012 autoreload 7174 139844670029824 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-19 09:39:28,655 autoreload 7183 140050080493568 Watching for file changes with StatReloader
+INFO 2023-10-19 09:40:15,412 autoreload 7183 140050080493568 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:40:16,052 autoreload 7221 140653348188160 Watching for file changes with StatReloader
+INFO 2023-10-19 09:40:46,583 autoreload 7221 140653348188160 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:40:47,222 autoreload 7230 140328373014528 Watching for file changes with StatReloader
+INFO 2023-10-19 09:41:06,612 autoreload 7230 140328373014528 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:41:07,257 autoreload 7257 140514668777472 Watching for file changes with StatReloader
+INFO 2023-10-19 09:41:13,476 autoreload 7257 140514668777472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:41:14,171 autoreload 7263 140532346597376 Watching for file changes with StatReloader
+INFO 2023-10-19 09:43:35,172 autoreload 7263 140532346597376 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:43:35,813 autoreload 7294 140483614322688 Watching for file changes with StatReloader
+INFO 2023-10-19 09:43:53,176 autoreload 7294 140483614322688 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/urls.py changed, reloading.
+INFO 2023-10-19 09:43:53,813 autoreload 7301 139631170428928 Watching for file changes with StatReloader
+WARNING 2023-10-19 09:44:03,953 log 7301 139630978528832 Not Found: /password_reset/
+WARNING 2023-10-19 09:44:03,953 basehttp 7301 139630978528832 "POST /password_reset/ HTTP/1.1" 404 3718
+WARNING 2023-10-19 09:44:03,989 log 7301 139630978528832 Not Found: /favicon.ico
+WARNING 2023-10-19 09:44:14,059 log 7301 139630978528832 Not Found: /password/reset/
+WARNING 2023-10-19 09:44:14,060 basehttp 7301 139630978528832 "GET /password/reset/ HTTP/1.1" 404 3717
+INFO 2023-10-19 09:44:17,380 basehttp 7301 139630978528832 "GET /password/reset HTTP/1.1" 200 214772
+INFO 2023-10-19 09:45:10,909 basehttp 7301 139630978528832 "GET /admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-19 09:45:10,979 basehttp 7301 139630978528832 "GET /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2251
+INFO 2023-10-19 09:45:11,067 basehttp 7301 139630968038976 "GET /static/admin/js/nav_sidebar.js HTTP/1.1" 200 1360
+INFO 2023-10-19 09:45:11,067 basehttp 7301 139630959646272 "GET /static/admin/css/nav_sidebar.css HTTP/1.1" 200 2271
+INFO 2023-10-19 09:45:11,068 basehttp 7301 139630978528832 "GET /static/admin/css/base.css HTTP/1.1" 200 19513
+INFO 2023-10-19 09:45:11,069 basehttp 7301 139630942860864 "GET /static/admin/css/login.css HTTP/1.1" 200 939
+INFO 2023-10-19 09:45:11,069 basehttp 7301 139630951253568 "GET /static/admin/css/responsive.css HTTP/1.1" 200 18545
+INFO 2023-10-19 09:45:11,075 basehttp 7301 139630951253568 "GET /static/admin/css/fonts.css HTTP/1.1" 200 423
+INFO 2023-10-19 09:45:11,137 basehttp 7301 139630951253568 "GET /static/admin/fonts/Roboto-Regular-webfont.woff HTTP/1.1" 200 85876
+INFO 2023-10-19 09:45:11,138 basehttp 7301 139630959646272 "GET /static/admin/fonts/Roboto-Light-webfont.woff HTTP/1.1" 200 85692
+INFO 2023-10-19 09:45:13,772 basehttp 7301 139630951253568 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2426
+INFO 2023-10-19 09:45:13,831 basehttp 7301 139630951253568 "GET /static/admin/fonts/Roboto-Bold-webfont.woff HTTP/1.1" 200 86184
+INFO 2023-10-19 09:45:16,032 basehttp 7301 139630951253568 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2426
+INFO 2023-10-19 09:45:19,406 basehttp 7301 139630951253568 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2427
+INFO 2023-10-19 09:45:22,556 basehttp 7301 139630951253568 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2427
+INFO 2023-10-19 09:45:29,242 basehttp 7301 139630951253568 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 200 2426
+INFO 2023-10-19 09:46:28,080 autoreload 7480 139995384930304 Watching for file changes with StatReloader
+INFO 2023-10-19 09:46:29,035 basehttp 7480 139995193013824 "POST /admin_access/login/?next=/admin_access/ HTTP/1.1" 302 0
+INFO 2023-10-19 09:46:29,072 basehttp 7480 139995193013824 "GET /admin_access/ HTTP/1.1" 200 9889
+INFO 2023-10-19 09:46:29,147 basehttp 7480 139995193013824 "GET /static/admin/css/dashboard.css HTTP/1.1" 200 380
+INFO 2023-10-19 09:46:29,207 basehttp 7480 139995193013824 "GET /static/admin/img/icon-addlink.svg HTTP/1.1" 200 331
+INFO 2023-10-19 09:46:29,207 basehttp 7480 139995184621120 "GET /static/admin/img/icon-changelink.svg HTTP/1.1" 200 380
+INFO 2023-10-19 09:46:39,566 basehttp 7480 139995193013824 "GET /admin_access/accounts/user/ HTTP/1.1" 200 13785
+INFO 2023-10-19 09:46:39,608 basehttp 7480 139995184621120 "GET /static/admin/css/changelists.css HTTP/1.1" 200 6874
+INFO 2023-10-19 09:46:39,610 basehttp 7480 139995193013824 "GET /static/admin/css/forms.css HTTP/1.1" 200 8804
+INFO 2023-10-19 09:46:39,610 basehttp 7480 139995158394432 "GET /static/admin/js/jquery.init.js HTTP/1.1" 200 347
+INFO 2023-10-19 09:46:39,614 basehttp 7480 139995150001728 "GET /static/admin/js/core.js HTTP/1.1" 200 5698
+INFO 2023-10-19 09:46:39,615 basehttp 7480 139995184621120 "GET /static/admin/js/admin/RelatedObjectLookups.js HTTP/1.1" 200 5984
+INFO 2023-10-19 09:46:39,616 basehttp 7480 139995158394432 "GET /static/admin/js/actions.js HTTP/1.1" 200 7867
+INFO 2023-10-19 09:46:39,616 basehttp 7480 139995175179840 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-19 09:46:39,618 basehttp 7480 139995150001728 "GET /static/admin/js/urlify.js HTTP/1.1" 200 7902
+INFO 2023-10-19 09:46:39,618 basehttp 7480 139995175179840 "GET /static/admin/js/prepopulate.js HTTP/1.1" 200 1531
+INFO 2023-10-19 09:46:39,619 basehttp 7480 139995166787136 "GET /static/admin/js/vendor/jquery/jquery.js HTTP/1.1" 200 287630
+INFO 2023-10-19 09:46:39,621 basehttp 7480 139995166787136 "GET /static/admin/js/vendor/xregexp/xregexp.js HTTP/1.1" 200 232381
+INFO 2023-10-19 09:46:39,661 basehttp 7480 139995193013824 "GET /static/admin/css/widgets.css HTTP/1.1" 200 11097
+INFO 2023-10-19 09:46:39,704 basehttp 7480 139995166787136 "GET /static/admin/img/search.svg HTTP/1.1" 200 458
+INFO 2023-10-19 09:46:39,730 basehttp 7480 139995158394432 "GET /static/admin/img/sorting-icons.svg HTTP/1.1" 200 1097
+INFO 2023-10-19 09:46:39,730 basehttp 7480 139995150001728 "GET /static/admin/img/tooltag-add.svg HTTP/1.1" 200 331
+INFO 2023-10-19 09:46:41,168 basehttp 7480 139995166787136 "GET /admin_access/accounts/user/1/change/ HTTP/1.1" 200 27891
+INFO 2023-10-19 09:46:41,210 basehttp 7480 139995193013824 "GET /static/admin/js/change_form.js HTTP/1.1" 200 606
+INFO 2023-10-19 09:46:41,211 basehttp 7480 139995184621120 "GET /static/admin/js/SelectFilter2.js HTTP/1.1" 200 12350
+INFO 2023-10-19 09:46:41,211 basehttp 7480 139995150001728 "GET /static/admin/js/collapse.js HTTP/1.1" 200 1803
+INFO 2023-10-19 09:46:41,211 basehttp 7480 139995175179840 "GET /static/admin/js/SelectBox.js HTTP/1.1" 200 4360
+INFO 2023-10-19 09:46:41,212 basehttp 7480 139995158394432 "GET /static/admin/js/inlines.js HTTP/1.1" 200 15225
+INFO 2023-10-19 09:46:41,214 basehttp 7480 139995193013824 "GET /static/admin/js/prepopulate_init.js HTTP/1.1" 200 492
+INFO 2023-10-19 09:46:41,217 basehttp 7480 139995166787136 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-19 09:47:02,355 basehttp 7480 139995166787136 "POST /admin_access/accounts/user/1/change/ HTTP/1.1" 302 0
+INFO 2023-10-19 09:47:02,384 basehttp 7480 139995166787136 "GET /admin_access/accounts/user/ HTTP/1.1" 200 14011
+INFO 2023-10-19 09:47:02,475 basehttp 7480 139995166787136 "GET /admin_access/jsi18n/ HTTP/1.1" 200 7672
+INFO 2023-10-19 09:47:02,507 basehttp 7480 139995166787136 "GET /static/admin/img/icon-yes.svg HTTP/1.1" 200 436
+INFO 2023-10-19 09:47:26,917 basehttp 7480 139995166787136 "GET /password/reset HTTP/1.1" 200 202408
+ERROR 2023-10-19 09:47:35,770 log 7480 139995166787136 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 80, in password_reset
+    _user = get_user_model().objects.filter(
+NameError: name 'get_user_model' is not defined
+ERROR 2023-10-19 09:47:35,771 basehttp 7480 139995166787136 "POST /password/reset HTTP/1.1" 500 95599
+INFO 2023-10-19 09:48:12,898 autoreload 7480 139995384930304 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 09:48:13,561 autoreload 7535 140369253220352 Watching for file changes with StatReloader
+INFO 2023-10-19 09:48:18,651 basehttp 7535 140369060689472 "POST /password/reset HTTP/1.1" 200 205374
+INFO 2023-10-19 09:49:55,352 autoreload 7535 140369253220352 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal.py changed, reloading.
+INFO 2023-10-19 09:49:56,001 autoreload 7563 140172267192320 Watching for file changes with StatReloader
+INFO 2023-10-19 09:50:02,386 basehttp 7563 140172075202112 "POST /password/reset HTTP/1.1" 200 236066
+INFO 2023-10-19 09:50:20,772 basehttp 7563 140172075202112 "POST /password/reset HTTP/1.1" 200 248487
+INFO 2023-10-19 09:52:20,942 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 211892
+INFO 2023-10-19 09:54:20,944 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 205308
+INFO 2023-10-19 09:56:20,953 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 226024
+INFO 2023-10-19 09:58:20,957 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 220424
+INFO 2023-10-19 10:00:20,961 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 225744
+INFO 2023-10-19 10:02:20,958 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 212504
+INFO 2023-10-19 10:04:20,960 basehttp 7563 140172075202112 "GET /password/reset HTTP/1.1" 200 205728
+INFO 2023-10-19 10:04:45,317 autoreload 7563 140172267192320 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_logging.py changed, reloading.
+INFO 2023-10-19 10:04:45,969 autoreload 7757 140085631913984 Watching for file changes with StatReloader
+INFO 2023-10-19 10:04:52,553 basehttp 7757 140085439755840 "POST /password/reset HTTP/1.1" 200 242678
+INFO 2023-10-19 10:05:10,282 basehttp 7757 140085439755840 "GET /password/reset HTTP/1.1" 200 225028
+INFO 2023-10-19 10:05:19,657 basehttp 7757 140085439755840 "POST /password/reset HTTP/1.1" 200 254879
+INFO 2023-10-19 10:05:51,911 basehttp 7757 140085439755840 "POST /password/reset HTTP/1.1" 200 236907
+INFO 2023-10-19 10:06:24,711 autoreload 7757 140085631913984 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:06:25,363 autoreload 7793 140364253319168 Watching for file changes with StatReloader
+INFO 2023-10-19 10:06:29,643 autoreload 7793 140364253319168 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:06:30,340 autoreload 7799 140421495398400 Watching for file changes with StatReloader
+INFO 2023-10-19 10:06:37,656 autoreload 7799 140421495398400 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:06:38,326 autoreload 7805 139906431160320 Watching for file changes with StatReloader
+INFO 2023-10-19 10:06:41,769 basehttp 7805 139906307323456 "POST /password/reset HTTP/1.1" 200 243927
+INFO 2023-10-19 10:06:56,857 basehttp 7805 139906307323456 "POST /password/reset HTTP/1.1" 200 207395
+INFO 2023-10-19 10:08:57,014 basehttp 7805 139906307323456 "GET /password/reset HTTP/1.1" 200 199680
+INFO 2023-10-19 10:09:25,224 autoreload 7805 139906431160320 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:09:25,924 autoreload 7847 140599115776000 Watching for file changes with StatReloader
+INFO 2023-10-19 10:09:36,328 basehttp 7847 140598991386176 "POST /password/reset HTTP/1.1" 200 219830
+ERROR 2023-10-19 10:10:17,791 log 7847 140598991386176 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 125, in password_reset
+    for k,v in get_labeled_errors(form).items():
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 125, in password_reset
+    for k,v in get_labeled_errors(form).items():
+  File "/usr/lib/python3.10/bdb.py", line 90, in trace_dispatch
+    return self.dispatch_line(frame)
+  File "/usr/lib/python3.10/bdb.py", line 115, in dispatch_line
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+ERROR 2023-10-19 10:10:17,792 basehttp 7847 140598991386176 "POST /password/reset HTTP/1.1" 500 109043
+INFO 2023-10-19 10:12:42,187 autoreload 7847 140599115776000 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 10:12:42,858 autoreload 7896 139754352586752 Watching for file changes with StatReloader
+INFO 2023-10-19 10:12:49,171 autoreload 7896 139754352586752 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:12:49,823 autoreload 7902 140056112578560 Watching for file changes with StatReloader
+INFO 2023-10-19 10:13:00,787 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 222526
+INFO 2023-10-19 10:14:06,711 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 210999
+INFO 2023-10-19 10:14:19,047 basehttp 7902 140055920244288 "GET /password/reset HTTP/1.1" 200 235496
+INFO 2023-10-19 10:14:51,207 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 272631
+INFO 2023-10-19 10:15:02,023 basehttp 7902 140055920244288 "GET /password/reset HTTP/1.1" 200 240216
+INFO 2023-10-19 10:15:04,774 basehttp 7902 140055920244288 "GET /password/reset HTTP/1.1" 200 249296
+INFO 2023-10-19 10:15:50,760 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 237215
+INFO 2023-10-19 10:16:59,136 basehttp 7902 140055909754432 "GET /password/reset HTTP/1.1" 200 223916
+INFO 2023-10-19 10:17:04,617 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 216167
+INFO 2023-10-19 10:17:36,686 basehttp 7902 140055920244288 "POST /password/reset HTTP/1.1" 200 223771
+INFO 2023-10-19 10:18:06,244 autoreload 8003 140719801122816 Watching for file changes with StatReloader
+INFO 2023-10-19 10:18:36,174 basehttp 8003 140719677240896 "POST /password/reset HTTP/1.1" 200 221051
+INFO 2023-10-19 10:18:46,422 autoreload 8003 140719801122816 /home/wert/DEV/Unical/django-form-builder/django_form_builder/dynamic_fields.py changed, reloading.
+INFO 2023-10-19 10:18:47,083 autoreload 8014 140367504719872 Watching for file changes with StatReloader
+INFO 2023-10-19 10:20:36,341 basehttp 8014 140367311664704 "GET /password/reset HTTP/1.1" 200 204764
+INFO 2023-10-19 10:22:36,338 basehttp 8014 140367311664704 "GET /password/reset HTTP/1.1" 200 216568
+INFO 2023-10-19 10:23:26,237 autoreload 8014 140367504719872 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:23:26,891 autoreload 8068 139783376048128 Watching for file changes with StatReloader
+INFO 2023-10-19 10:23:36,643 basehttp 8068 139783183529536 "GET /password/reset HTTP/1.1" 200 211820
+INFO 2023-10-19 10:24:14,537 basehttp 8068 139783183529536 "POST /password/reset HTTP/1.1" 200 233059
+INFO 2023-10-19 10:25:17,768 autoreload 8068 139783376048128 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:25:18,462 autoreload 8094 139885948026880 Watching for file changes with StatReloader
+INFO 2023-10-19 10:25:25,372 basehttp 8094 139885824439872 "POST /password/reset HTTP/1.1" 200 223603
+INFO 2023-10-19 10:25:45,067 basehttp 8094 139885824439872 "POST /password/reset HTTP/1.1" 200 228835
+INFO 2023-10-19 10:26:40,888 basehttp 8094 139885824439872 "POST /password/reset HTTP/1.1" 200 217507
+INFO 2023-10-19 10:26:42,304 basehttp 8094 139885824439872 "POST /password/reset HTTP/1.1" 200 214007
+INFO 2023-10-19 10:26:44,323 basehttp 8094 139885824439872 "GET /password/reset HTTP/1.1" 200 240744
+INFO 2023-10-19 10:26:47,614 basehttp 8094 139885824439872 "GET /password/reset HTTP/1.1" 200 256268
+INFO 2023-10-19 10:26:57,147 autoreload 8094 139885948026880 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:26:57,857 autoreload 8125 140267396214784 Watching for file changes with StatReloader
+INFO 2023-10-19 10:27:23,597 basehttp 8125 140267272271424 "GET /password/reset HTTP/1.1" 200 217356
+INFO 2023-10-19 10:28:00,687 basehttp 8125 140267272271424 "POST /password/reset HTTP/1.1" 200 218107
+INFO 2023-10-19 10:28:31,184 basehttp 8125 140267272271424 "POST /password/reset HTTP/1.1" 200 235207
+INFO 2023-10-19 10:28:45,917 autoreload 8125 140267396214784 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:28:46,576 autoreload 8162 140028634099712 Watching for file changes with StatReloader
+INFO 2023-10-19 10:29:47,675 autoreload 8162 140028634099712 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/django_idp/settingslocal_logging.py changed, reloading.
+INFO 2023-10-19 10:29:48,321 autoreload 8174 140662542729216 Watching for file changes with StatReloader
+INFO 2023-10-19 10:29:55,263 autoreload 8190 140280899661824 Watching for file changes with StatReloader
+INFO 2023-10-19 10:30:06,346 basehttp 8190 140280775833152 "GET /password/reset HTTP/1.1" 200 215244
+INFO 2023-10-19 10:30:07,535 basehttp 8190 140280775833152 "GET /password/reset HTTP/1.1" 200 258316
+INFO 2023-10-19 10:30:14,819 basehttp 8190 140280775833152 "POST /password/reset HTTP/1.1" 200 207099
+INFO 2023-10-19 10:31:08,341 basehttp 8190 140280775833152 "POST /password/reset HTTP/1.1" 200 205683
+INFO 2023-10-19 10:31:24,259 basehttp 8190 140280775833152 "POST /password/reset HTTP/1.1" 200 224715
+INFO 2023-10-19 10:31:36,030 autoreload 8190 140280899661824 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:31:36,698 autoreload 8233 140656997150720 Watching for file changes with StatReloader
+INFO 2023-10-19 10:31:39,766 basehttp 8233 140656804623936 "POST /password/reset HTTP/1.1" 200 7418
+INFO 2023-10-19 10:31:49,155 basehttp 8233 140656804623936 "POST /password/reset HTTP/1.1" 200 7418
+INFO 2023-10-19 10:32:04,378 autoreload 8233 140656997150720 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:32:05,068 autoreload 8241 139691679670272 Watching for file changes with StatReloader
+INFO 2023-10-19 10:32:10,375 autoreload 8241 139691679670272 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:32:11,025 autoreload 8247 140361814151168 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:32:37,264 log 8247 140361690248768 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 132, in password_reset
+    return render(request, "password_reset.html", d)
+  File "/usr/lib/python3.10/bdb.py", line 94, in trace_dispatch
+    return self.dispatch_return(frame, arg)
+  File "/usr/lib/python3.10/bdb.py", line 156, in dispatch_return
+    if self.quitting: raise BdbQuit
+bdb.BdbQuit
+ERROR 2023-10-19 10:32:37,264 basehttp 8247 140361690248768 "POST /password/reset HTTP/1.1" 500 103200
+INFO 2023-10-19 10:32:55,061 autoreload 8247 140361814151168 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:32:55,712 autoreload 8257 140393887547392 Watching for file changes with StatReloader
+INFO 2023-10-19 10:33:13,291 basehttp 8257 140393689642560 "POST /password/reset HTTP/1.1" 200 7418
+INFO 2023-10-19 10:33:49,805 autoreload 8257 140393887547392 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:33:50,490 autoreload 8272 140633173147648 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:33:59,045 log 8272 140632980977216 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 100, in password_reset
+    aud = reverse('password_reset:password_commit')
+NameError: name 'reverse' is not defined
+ERROR 2023-10-19 10:33:59,046 basehttp 8272 140632980977216 "POST /password/reset HTTP/1.1" 500 94857
+INFO 2023-10-19 10:34:28,359 autoreload 8272 140633173147648 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:34:29,073 autoreload 8380 140609807933440 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:34:40,109 log 8380 140609683715648 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 103, in password_reset
+    _jws = create_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 81, in create_jwe
+    if isinstance(_key, cryptojwt.jwk.rsa.RSAKey):
+NameError: name 'cryptojwt' is not defined
+ERROR 2023-10-19 10:34:40,111 basehttp 8380 140609683715648 "POST /password/reset HTTP/1.1" 500 100638
+WARNING 2023-10-19 10:34:40,148 log 8380 140609683715648 Not Found: /favicon.ico
+INFO 2023-10-19 10:35:09,978 autoreload 8380 140609807933440 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 10:35:10,633 autoreload 8403 139946063720448 Watching for file changes with StatReloader
+INFO 2023-10-19 10:35:14,902 autoreload 8403 139946063720448 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 10:35:15,603 autoreload 8410 140333223972864 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:35:23,623 log 8410 140333099775552 Internal Server Error: /password/reset
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
+    return view_func(*args, **kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 110, in password_reset
+    _msg = settings.EMAIL_MSG_PASSWD_RESET.format(
+KeyError: 'user'
+ERROR 2023-10-19 10:35:23,624 basehttp 8410 140333099775552 "POST /password/reset HTTP/1.1" 500 97112
+INFO 2023-10-19 10:36:16,796 autoreload 8410 140333223972864 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:36:17,445 autoreload 8424 140272016527360 Watching for file changes with StatReloader
+INFO 2023-10-19 10:36:24,269 basehttp 8424 140271819945536 "POST /password/reset HTTP/1.1" 200 9167
+INFO 2023-10-19 10:36:33,998 autoreload 8424 140272016527360 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:36:34,695 autoreload 8435 140442755342336 Watching for file changes with StatReloader
+INFO 2023-10-19 10:36:37,970 autoreload 8435 140442755342336 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:36:38,643 autoreload 8441 140183816445952 Watching for file changes with StatReloader
+INFO 2023-10-19 10:37:00,164 autoreload 8441 140183816445952 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:37:00,844 autoreload 8447 139687134535680 Watching for file changes with StatReloader
+INFO 2023-10-19 10:37:03,555 basehttp 8447 139686942078528 "POST /password/reset HTTP/1.1" 200 194185
+INFO 2023-10-19 10:37:15,692 basehttp 8447 139686942078528 "GET /password/reset HTTP/1.1" 200 232428
+INFO 2023-10-19 10:37:19,621 basehttp 8447 139686942078528 "GET /password/reset HTTP/1.1" 200 241196
+INFO 2023-10-19 10:37:26,220 basehttp 8447 139686942078528 "POST /password/reset HTTP/1.1" 200 210387
+INFO 2023-10-19 10:37:46,196 basehttp 8447 139686942078528 "POST /password/reset HTTP/1.1" 200 231971
+INFO 2023-10-19 10:38:01,830 basehttp 8447 139686942078528 "GET /password/reset HTTP/1.1" 200 228492
+INFO 2023-10-19 10:38:30,480 autoreload 8447 139687134535680 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:38:31,138 autoreload 8502 139894665797632 Watching for file changes with StatReloader
+INFO 2023-10-19 10:38:35,342 basehttp 8502 139894466803264 "POST /password/reset HTTP/1.1" 200 241763
+INFO 2023-10-19 10:38:50,444 basehttp 8502 139894466803264 "POST /password/reset HTTP/1.1" 200 230979
+INFO 2023-10-19 10:39:10,740 basehttp 8502 139894466803264 "POST /password/reset HTTP/1.1" 200 214723
+INFO 2023-10-19 10:41:10,917 basehttp 8502 139894466803264 "GET /password/reset HTTP/1.1" 200 215840
+INFO 2023-10-19 10:43:10,921 basehttp 8502 139894466803264 "GET /password/reset HTTP/1.1" 200 241720
+INFO 2023-10-19 10:43:27,951 basehttp 8502 139894466803264 "POST /password/reset HTTP/1.1" 200 197350
+INFO 2023-10-19 10:43:36,398 basehttp 8502 139894466803264 "GET /password/reset HTTP/1.1" 200 213700
+INFO 2023-10-19 10:43:45,010 basehttp 8502 139894466803264 "POST /password/reset HTTP/1.1" 200 206179
+INFO 2023-10-19 10:44:14,458 autoreload 8502 139894665797632 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:44:15,130 autoreload 8604 139994384801792 Watching for file changes with StatReloader
+INFO 2023-10-19 10:44:20,176 basehttp 8604 139994190575168 "POST /password/reset HTTP/1.1" 200 241811
+INFO 2023-10-19 10:44:29,889 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 227320
+INFO 2023-10-19 10:44:31,746 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 208400
+INFO 2023-10-19 10:44:32,892 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 218320
+INFO 2023-10-19 10:44:33,919 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 226700
+INFO 2023-10-19 10:44:35,645 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 207192
+INFO 2023-10-19 10:44:38,803 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 198696
+INFO 2023-10-19 10:44:40,938 basehttp 8604 139994190575168 "GET /password/reset HTTP/1.1" 200 199672
+INFO 2023-10-19 10:44:49,361 basehttp 8604 139994190575168 "POST /password/reset HTTP/1.1" 200 263703
+INFO 2023-10-19 10:44:58,340 autoreload 8704 140363573547008 Watching for file changes with StatReloader
+INFO 2023-10-19 10:45:20,497 basehttp 8704 140363449759296 "GET /password/reset HTTP/1.1" 200 241764
+INFO 2023-10-19 10:45:22,101 basehttp 8704 140363449759296 "GET /password/reset HTTP/1.1" 200 203668
+INFO 2023-10-19 10:45:24,084 basehttp 8704 140363449759296 "GET /password/reset HTTP/1.1" 200 226988
+INFO 2023-10-19 10:45:25,463 basehttp 8704 140363449759296 "GET /password/reset HTTP/1.1" 200 233924
+INFO 2023-10-19 10:45:26,619 basehttp 8704 140363449759296 "GET /password/reset HTTP/1.1" 200 213876
+INFO 2023-10-19 10:45:36,720 basehttp 8704 140363449759296 "POST /password/reset HTTP/1.1" 200 221659
+INFO 2023-10-19 10:45:58,647 autoreload 8704 140363573547008 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:45:59,303 autoreload 8728 140226940706816 Watching for file changes with StatReloader
+INFO 2023-10-19 10:46:02,559 autoreload 8728 140226940706816 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:46:03,210 autoreload 8734 139739519262720 Watching for file changes with StatReloader
+INFO 2023-10-19 10:46:08,495 autoreload 8734 139739519262720 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:46:09,147 autoreload 8740 140461686325248 Watching for file changes with StatReloader
+INFO 2023-10-19 10:46:29,652 autoreload 8740 140461686325248 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:46:30,312 autoreload 8749 140117968207872 Watching for file changes with StatReloader
+INFO 2023-10-19 10:46:36,298 basehttp 8749 140117843899968 "POST /password/reset HTTP/1.1" 200 228163
+INFO 2023-10-19 10:46:55,425 basehttp 8749 140117843899968 "POST /password/reset HTTP/1.1" 200 203491
+INFO 2023-10-19 10:47:46,876 autoreload 8749 140117968207872 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:47:47,597 autoreload 8812 140193633005568 Watching for file changes with StatReloader
+INFO 2023-10-19 10:47:52,948 basehttp 8812 140193436792384 "POST /password/reset HTTP/1.1" 200 231378
+INFO 2023-10-19 10:48:07,332 basehttp 8812 140193436792384 "POST /password/reset HTTP/1.1" 200 203059
+ERROR 2023-10-19 10:48:11,551 log 8812 140193436792384 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 188, in _get_response
+    self.check_response(response, callback)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 309, in check_response
+    raise ValueError(
+ValueError: The view password_reset.views.password_commit didn't return an HttpResponse object. It returned None instead.
+ERROR 2023-10-19 10:48:11,551 basehttp 8812 140193436792384 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..XlkevcgxKIn8euIfuLkgO0nTjP-etsN_R9HzGY96Rg1DnmlU2T4tqD0VWHrEYqZKduq3nKcMW2QY4bXwC4a7vByh3pL04Y2L5XpinR2jyLfV5QoI3tTvQWHvDATKjmk_v2z-RJgBM9c_bbRrt0eR4Hi3jqSO78CyVR8S-MZk2mrFhC11MZMhAq1NPXN9CCa05y2AjfztMSS4EMabArbXQ4cMKPkZADBadi7jGu1B7MvPjUUxbRZayCN71YluFIFlIVVI0uEcWRF7k0oc3VQ98RV295qpl3-jJsg3rsPz_t92_x6zM71gnXBMoFF7zQnPt7mjYJf0yFG_eCza2379HZFhqM26hSq9IwYZm568tfRzStND7Lo08GjFJRDlplzDvyUH18HxRGIdP8J9NiO3ihxwNozn-vFjpfUjAJgjhgcmEGfULBe6RCVx8UvNH2uodiv-p-CX4j0hPkH_tyuxarQ69YDCNRYvKPiBQ_jEV3EeW9K8sT0RQ_ujQ_Hu6tk3ADtOKUv07ItUc5DMoUfgfBVz4jGCwRq5fVhziMrjv5c.1feEt-DSFB11jlYI0ZCb2A HTTP/1.1" 500 94185
+INFO 2023-10-19 10:49:43,858 autoreload 8812 140193633005568 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:49:44,524 autoreload 9147 140147071479808 Watching for file changes with StatReloader
+INFO 2023-10-19 10:50:07,521 basehttp 9147 140146947126848 "GET /password/reset HTTP/1.1" 200 250840
+INFO 2023-10-19 10:50:41,591 autoreload 9147 140147071479808 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:50:42,248 autoreload 9171 140698902605824 Watching for file changes with StatReloader
+INFO 2023-10-19 10:51:36,271 autoreload 9171 140698902605824 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:51:36,926 autoreload 9210 139974380572672 Watching for file changes with StatReloader
+INFO 2023-10-19 10:51:46,279 autoreload 9210 139974380572672 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:51:46,953 autoreload 9217 140446682132480 Watching for file changes with StatReloader
+INFO 2023-10-19 10:52:00,366 autoreload 9217 140446682132480 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:52:01,025 autoreload 9224 139928066527232 Watching for file changes with StatReloader
+INFO 2023-10-19 10:52:07,501 basehttp 9224 139927875483200 "GET /password/reset HTTP/1.1" 200 209720
+INFO 2023-10-19 10:52:20,557 autoreload 9224 139928066527232 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:52:21,225 autoreload 9245 139829622091776 Watching for file changes with StatReloader
+INFO 2023-10-19 10:52:29,550 autoreload 9245 139829622091776 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:52:30,213 autoreload 9251 139909279076352 Watching for file changes with StatReloader
+INFO 2023-10-19 10:52:52,738 autoreload 9251 139909279076352 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:52:53,387 autoreload 9259 139873952952320 Watching for file changes with StatReloader
+INFO 2023-10-19 10:53:01,719 autoreload 9259 139873952952320 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:53:02,382 autoreload 9265 140094081110016 Watching for file changes with StatReloader
+INFO 2023-10-19 10:53:22,893 autoreload 9265 140094081110016 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:53:23,570 autoreload 9297 140637417402368 Watching for file changes with StatReloader
+INFO 2023-10-19 10:53:32,924 autoreload 9297 140637417402368 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:53:33,584 autoreload 9311 139976299986944 Watching for file changes with StatReloader
+INFO 2023-10-19 10:54:09,642 basehttp 9311 139976176039488 "GET /password/reset HTTP/1.1" 200 243632
+INFO 2023-10-19 10:55:04,153 autoreload 9311 139976299986944 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:55:04,861 autoreload 10389 140691116994560 Watching for file changes with StatReloader
+INFO 2023-10-19 10:55:18,311 autoreload 10389 140691116994560 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:55:18,966 autoreload 10396 140509015511040 Watching for file changes with StatReloader
+INFO 2023-10-19 10:55:44,543 autoreload 10396 140509015511040 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:55:45,199 autoreload 10402 139636447006720 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:55:57,126 log 10402 139636323120704 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 150, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 157, in password_commit
+    return ValidationError()
+TypeError: ValidationError.__init__() missing 1 required positional argument: 'message'
+INFO 2023-10-19 10:56:07,178 basehttp 10402 139636323120704 "GET /password/reset HTTP/1.1" 200 235620
+INFO 2023-10-19 10:56:09,616 basehttp 10402 139636312630848 "GET /password/reset HTTP/1.1" 200 224768
+INFO 2023-10-19 10:56:21,081 basehttp 10402 139636312630848 "GET /password/reset HTTP/1.1" 200 203688
+INFO 2023-10-19 10:56:22,082 basehttp 10402 139636312630848 "GET /password/reset HTTP/1.1" 200 239696
+INFO 2023-10-19 10:56:23,176 basehttp 10402 139636312630848 "GET /password/reset HTTP/1.1" 200 220348
+INFO 2023-10-19 10:56:52,412 basehttp 10402 139636312630848 "POST /password/reset HTTP/1.1" 200 262323
+INFO 2023-10-19 10:57:20,209 autoreload 10402 139636447006720 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:57:20,913 autoreload 10509 139801429950464 Watching for file changes with StatReloader
+INFO 2023-10-19 10:57:30,033 basehttp 10509 139801238959680 "GET /password/reset HTTP/1.1" 200 233304
+INFO 2023-10-19 10:57:31,006 basehttp 10509 139801238959680 "GET /password/reset HTTP/1.1" 200 229912
+INFO 2023-10-19 10:57:32,227 basehttp 10509 139801238959680 "GET /password/reset HTTP/1.1" 200 240124
+INFO 2023-10-19 10:57:41,986 basehttp 10509 139801238959680 "POST /password/reset HTTP/1.1" 200 242531
+INFO 2023-10-19 10:58:04,417 basehttp 10509 139801238959680 "POST /password/reset HTTP/1.1" 200 221474
+INFO 2023-10-19 10:58:09,630 basehttp 10509 139801238959680 "GET /password/reset HTTP/1.1" 200 236916
+INFO 2023-10-19 10:58:17,005 autoreload 10509 139801429950464 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:58:17,669 autoreload 10562 139750664556544 Watching for file changes with StatReloader
+INFO 2023-10-19 10:58:20,459 basehttp 10562 139750540310080 "POST /password/reset HTTP/1.1" 200 242066
+INFO 2023-10-19 10:58:36,310 basehttp 10562 139750540310080 "POST /password/reset HTTP/1.1" 200 234923
+ERROR 2023-10-19 10:58:39,593 log 10562 139750540310080 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError()
+TypeError: ValidationError.__init__() missing 1 required positional argument: 'message'
+ERROR 2023-10-19 10:58:39,595 basehttp 10562 139750540310080 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100318
+INFO 2023-10-19 10:59:13,954 autoreload 10562 139750664556544 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:59:14,612 autoreload 10669 140159161274368 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:59:19,244 log 10669 140159037208128 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/allauth/account/middleware.py", line 15, in __call__
+    self._remove_dangling_login(request, response)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/allauth/account/middleware.py", line 29, in _remove_dangling_login
+    if response.status_code // 100 != 2:
+AttributeError: 'ValidationError' object has no attribute 'status_code'
+ERROR 2023-10-19 10:59:19,244 basehttp 10669 140159037208128 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 92908
+INFO 2023-10-19 10:59:34,142 autoreload 10669 140159161274368 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:59:34,824 autoreload 10679 140030539542528 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:59:36,067 log 10679 140030349669952 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status_code'
+ERROR 2023-10-19 10:59:36,068 basehttp 10679 140030349669952 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100182
+ERROR 2023-10-19 10:59:37,109 log 10679 140030349669952 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status_code'
+ERROR 2023-10-19 10:59:37,109 basehttp 10679 140030349669952 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100182
+INFO 2023-10-19 10:59:47,319 autoreload 10679 140030539542528 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 10:59:47,984 autoreload 10689 139963326423040 Watching for file changes with StatReloader
+ERROR 2023-10-19 10:59:49,370 log 10689 139963202008640 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status'
+ERROR 2023-10-19 10:59:49,371 basehttp 10689 139963202008640 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100157
+ERROR 2023-10-19 10:59:50,181 log 10689 139963202008640 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status'
+ERROR 2023-10-19 10:59:50,182 basehttp 10689 139963202008640 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100157
+ERROR 2023-10-19 10:59:50,420 log 10689 139963202008640 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status'
+ERROR 2023-10-19 10:59:50,420 basehttp 10689 139963202008640 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100157
+ERROR 2023-10-19 10:59:50,620 log 10689 139963202008640 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status'
+ERROR 2023-10-19 10:59:50,620 basehttp 10689 139963202008640 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100157
+ERROR 2023-10-19 10:59:50,792 log 10689 139963202008640 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    return ValidationError(
+TypeError: ValidationError.__init__() got an unexpected keyword argument 'status'
+ERROR 2023-10-19 10:59:50,793 basehttp 10689 139963202008640 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100157
+INFO 2023-10-19 11:00:10,577 autoreload 10689 139963326423040 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:00:11,257 autoreload 10696 140189011255296 Watching for file changes with StatReloader
+ERROR 2023-10-19 11:00:12,497 log 10696 140188888069696 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/allauth/account/middleware.py", line 15, in __call__
+    self._remove_dangling_login(request, response)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/allauth/account/middleware.py", line 29, in _remove_dangling_login
+    if response.status_code // 100 != 2:
+AttributeError: 'BadRequest' object has no attribute 'status_code'
+ERROR 2023-10-19 11:00:12,498 basehttp 10696 140188888069696 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 92824
+INFO 2023-10-19 11:00:36,477 basehttp 10696 140188888069696 "GET /password/reset HTTP/1.1" 200 203284
+INFO 2023-10-19 11:00:57,270 autoreload 10696 140189011255296 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:00:57,933 autoreload 10763 140160673361920 Watching for file changes with StatReloader
+INFO 2023-10-19 11:01:03,223 autoreload 10763 140160673361920 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:01:03,878 autoreload 10769 139756419235840 Watching for file changes with StatReloader
+INFO 2023-10-19 11:01:17,278 autoreload 10769 139756419235840 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:01:17,966 autoreload 10776 140637848834048 Watching for file changes with StatReloader
+ERROR 2023-10-19 11:01:19,077 log 10776 140637725783616 Internal Server Error: /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 151, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 158, in password_commit
+    logger.error(
+NameError: name 'logger' is not defined
+ERROR 2023-10-19 11:01:19,077 basehttp 10776 140637725783616 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 500 100007
+INFO 2023-10-19 11:01:36,501 autoreload 10776 140637848834048 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:01:37,160 autoreload 10784 140311625306112 Watching for file changes with StatReloader
+INFO 2023-10-19 11:01:55,578 autoreload 10784 140311625306112 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 11:01:56,239 autoreload 10793 139874859597824 Watching for file changes with StatReloader
+WARNING 2023-10-19 11:01:58,193 log 10793 139874665494080 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 154, in password_commit
+    settings.PRIVATE_JWKS[0]
+KeyError: 0
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 11:01:58,194 basehttp 10793 139874665494080 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..F2oKcYTktLOw06STcIF5Dd0jQgM3ppRQMCuD2UVKWZasOuWCCg2P6FrPpV63zZLoNk4eHqK1ICvbH8Q8z6w-8mwpNNmAzKmHFybRfMr7KNVQSi85RI5f-FrOyakEF_xyaZRRIR2vQ89gUsuo62HkBXeJUVI1UtFYxlqFdgsSDmEbZMQdb4-ROpZfIl_QTJaRkEUixEEGCujerPMov_LcvStv1rK5Z6h3zPA5zVGiL5QoonJUl4ccTkmdZOrPljmVRojcMT-GRX1wvFfOX48qud92WRN7yrUcksOQHcRp0mjSiNI16qcrzbH9wr05K0u5nq0zv7D-vpwG2hf_Fe9bFxhae0pQq-RqrnrIZ4RGzB3caXse-7O4dcNJmRzDN8J9oCgoxhj_X5Pmw0iWP9TaPybaJCKkrs-Sph0OVYVTCXiNkkmeosnA_gT8Ci8DfdG8SFOBjP4F1byl571HKBiWDViMzEubvAE4v6iA6N4zFU9v01mWKveFJFGqmYavv7gAtJXyTtW3E-92TeqeNOay68lrP37Wg69VBRJkFvU0Gzo.z3UkTtsjh5zafJJeibTVrg HTTP/1.1" 400 99774
+INFO 2023-10-19 11:02:13,356 basehttp 10793 139874665494080 "GET /password/reset HTTP/1.1" 200 223884
+INFO 2023-10-19 12:57:59,865 autoreload 5525 140390355845120 Watching for file changes with StatReloader
+INFO 2023-10-19 12:58:14,465 basehttp 5525 140390231438912 "GET /password/reset HTTP/1.1" 200 237760
+INFO 2023-10-19 12:58:31,963 basehttp 5525 140390231438912 "GET /password/reset HTTP/1.1" 200 224088
+INFO 2023-10-19 12:58:59,199 autoreload 5525 140390355845120 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 12:58:59,869 autoreload 5784 140080609390592 Watching for file changes with StatReloader
+INFO 2023-10-19 12:59:02,229 basehttp 5784 140080414979648 "POST /password/reset HTTP/1.1" 200 228323
+INFO 2023-10-19 12:59:29,498 basehttp 5784 140080414979648 "GET /password/reset HTTP/1.1" 200 195912
+INFO 2023-10-19 12:59:36,748 basehttp 5784 140080414979648 "POST /password/reset HTTP/1.1" 200 221747
+INFO 2023-10-19 13:00:22,754 autoreload 5784 140080609390592 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:00:23,452 autoreload 6074 139750005575680 Watching for file changes with StatReloader
+INFO 2023-10-19 13:01:36,909 basehttp 6074 139749872363072 "GET /password/reset HTTP/1.1" 200 208176
+INFO 2023-10-19 13:01:50,014 autoreload 6074 139750005575680 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:01:50,780 autoreload 6263 140157337489408 Watching for file changes with StatReloader
+INFO 2023-10-19 13:02:57,092 autoreload 6263 140157337489408 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:02:57,819 autoreload 6388 140632823566336 Watching for file changes with StatReloader
+INFO 2023-10-19 13:03:05,131 autoreload 6388 140632823566336 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:03:05,864 autoreload 6407 140244315881472 Watching for file changes with StatReloader
+INFO 2023-10-19 13:03:36,930 basehttp 6407 140244182623808 "GET /password/reset HTTP/1.1" 200 232728
+INFO 2023-10-19 13:03:46,812 autoreload 6407 140244315881472 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:03:47,607 autoreload 6484 140623042822144 Watching for file changes with StatReloader
+INFO 2023-10-19 13:04:02,005 autoreload 6484 140623042822144 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:04:02,745 autoreload 6516 140052095983616 Watching for file changes with StatReloader
+INFO 2023-10-19 13:05:36,934 basehttp 6516 140051895805504 "GET /password/reset HTTP/1.1" 200 229140
+INFO 2023-10-19 13:06:00,879 autoreload 6516 140052095983616 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:06:01,590 autoreload 6720 140686346854400 Watching for file changes with StatReloader
+INFO 2023-10-19 13:06:06,879 autoreload 6720 140686346854400 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:06:07,612 autoreload 6744 140703140450304 Watching for file changes with StatReloader
+INFO 2023-10-19 13:07:20,000 autoreload 6744 140703140450304 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:07:20,767 autoreload 6871 140511417917440 Watching for file changes with StatReloader
+INFO 2023-10-19 13:07:36,943 basehttp 6871 140511284291136 "GET /password/reset HTTP/1.1" 200 231840
+INFO 2023-10-19 13:08:02,717 autoreload 6871 140511417917440 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:08:03,414 autoreload 6956 139736490397696 Watching for file changes with StatReloader
+INFO 2023-10-19 13:08:04,645 autoreload 6956 139736490397696 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:08:05,361 autoreload 6968 139850615242752 Watching for file changes with StatReloader
+INFO 2023-10-19 13:08:26,978 autoreload 6968 139850615242752 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py changed, reloading.
+INFO 2023-10-19 13:08:27,682 autoreload 7009 139946382626816 Watching for file changes with StatReloader
+INFO 2023-10-19 13:08:42,101 autoreload 7009 139946382626816 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:08:42,817 autoreload 7039 140515757158400 Watching for file changes with StatReloader
+INFO 2023-10-19 13:09:36,943 basehttp 7039 140515550946880 "GET /password/reset HTTP/1.1" 200 226468
+WARNING 2023-10-19 13:10:04,148 log 7039 140515559339584 : /password/commit
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 152, in password_commit
+    _jws = decrypt_jwe(
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py", line 160, in decrypt_jwe
+    msg = _decryptor.decrypt(jwe, [_dkey])
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/cryptojwt/jwe/jwe.py", line 168, in decrypt
+    raise NoSuitableDecryptionKey(_alg)
+cryptojwt.jwe.exception.NoSuitableDecryptionKey: RSA-OAEP
+
+During handling of the above exception, another exception occurred:
+
+Traceback (most recent call last):
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/exception.py", line 47, in inner
+    response = get_response(request)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/env/lib/python3.10/site-packages/django/core/handlers/base.py", line 181, in _get_response
+    response = wrapped_callback(request, *callback_args, **callback_kwargs)
+  File "/home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/password_reset/views.py", line 164, in password_commit
+    raise BadRequest()
+django.core.exceptions.BadRequest
+WARNING 2023-10-19 13:10:04,149 basehttp 7039 140515559339584 "GET /password/commit?token=eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6Ik5uSmZSRXAzTlZsaWQxazJjSE5oWVZjeE9Ua3lPRzl4VEZOYU5Ia3pXbFl6ZHpaTGNEUlFZWFpSV1EiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0..MsV3dPr7IeM-JeX1y5w43F9Hi8oieZTWSMtQ1cevT8xamuUG-f2R-3ivwD05Xoh6RJbYIJ-5r_sN_8N1tI0K32Q2s9CTRZFjLD2o6zgp0oFxMnrj7nnZ85oTFTrK4TDG3WbZtG6Ez7YekxIR3Bw291iIkuL3SzqhC61tSreqNEjkM1_-TcNSwsZTlDnGpI7FN-QoNZbF5H9-_dIpi1q8tQrDWhatSvuvv0j_1VYbBJNkD2wXU-eiV6UVfNKwC7fLBhZ0X_HLqA8GCAIa0D04GhPTMSKwz55g0VqnDfwVQA7SA8Bu4CMqwYiPDkokiRMS3pa5UMRdJNHSwOBN3paTC9Xjnc9mqKF3poTOVFSRz7PZTjjtZzFlBfvXI1FBd81ggHtWqfeFwo5VsibY0heHZHLRu3HSyHkzk9B4pfGWitDNHH4pDIcKxmQDOuV_yfB7WSAv3WgJt-DpPtUu_UtyouqdT1iZKyXjVAIUE_1qf1KV7rCuaMzfqzxJJtyNR5AT7hvoTb41SjjWZpkOZ8GQT-N2yuch4--yPYq56RpP0_s.tMzJwtQDUx17S9XKP_P-gQ HTTP/1.1" 400 111979
+INFO 2023-10-19 13:11:36,945 basehttp 7039 140515559339584 "GET /password/reset HTTP/1.1" 200 240292
+INFO 2023-10-19 13:11:45,173 autoreload 7039 140515757158400 /home/wert/DEV/ACSIA/4Sec-idp/xdrplus-iam/cryptotools/tools.py changed, reloading.
+INFO 2023-10-19 13:11:45,868 autoreload 7342 140605094408192 Watching for file changes with StatReloader
+INFO 2023-10-19 13:11:55,962 basehttp 7342 140604970366528 "POST /password/reset HTTP/1.1" 200 205730
+INFO 2023-10-19 13:12:07,664 basehttp 7342 140604970366528 "GET /password/reset HTTP/1.1" 200 195060
+INFO 2023-10-19 13:12:09,044 basehttp 7342 140604970366528 "GET /password/reset HTTP/1.1" 200 211360
+INFO 2023-10-19 13:12:10,959 basehttp 7342 140604970366528 "GET /password/reset HTTP/1.1" 200 236772
+INFO 2023-10-19 13:12:12,236 basehttp 7342 140604970366528 "GET /password/reset HTTP/1.1" 200 212304
diff --git a/example/logs/uniauth.log b/example/logs/uniauth.log
new file mode 100644
index 0000000..158c5dc
--- /dev/null
+++ b/example/logs/uniauth.log
@@ -0,0 +1,573 @@
+DEBUG 2023-11-09 14:11:27,332 views 5402 140695690012224 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-pWcsxQ6OT5Eif8kYH" InResponseTo="id-TzIddPVqNWmQUxTYe" Version="2.0" IssueInstant="2023-11-09T14:11:27Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-pWcsxQ6OT5Eif8kYH">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>lniuDApWk7ZN+vCHmxnl18NxSwaNiO8Xo7Iu3A0r+1M=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>qJ4nS8krjfLKvEwxdgMC0142QRCjsoQoGFwcXfl+20fs6kZLjCesqPJNwFCmSzeq
+kE8V1ddQrH017wBea6tTCzNpgAJobrDVvAqwM5pQ5xEkbC6AYqODsB0s9dfsR0Mh
+b20CrIIb7AP1YUlR/JoVzF22Q9o3STCgm55pkKdDLCudLX3xyTiKpe6Mfjhx+BJ6
++8cKdFnla9gOvK1T1U3MxC9RvifT68Irb1GRHdEEakRwYpXjFgwqqLwxHv+a+SSY
+Yo5l29vIGyzr/wp679jwCRrXPDEZQLeKsFTeyNO2fVSCY7zFZnB8UJlHmjailsay
+H3BGLJpYKot/Aq3vuYC4uQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-11-09 14:11:27,332 views 5402 140695690012224 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-TzIddPVqNWmQUxTYe|1699539087|b1ad7c825c37d398ade3cc5efdacdcbc8a8818c0
+WARNING 2023-11-09 14:11:27,333 views 5402 140695690012224 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-11-09 14:11:28,638 decorators 5402 140695690012224 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-llDlhHFMOHtrQbPDq" Version="2.0" IssueInstant="2023-11-09T14:11:28Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-llDlhHFMOHtrQbPDq">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>2iWqsjSEgw2d806MlMkUSwYZvlkql8MknQiLuIWoHik=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>T0FS7IQwylcQQmX1qUyRkG8HM4e+L+YDf9Qpw8Do5THuxJl1QuKsvkiEz4jnLLqR
+IdiKPnug7U7UrwRY/SGbsfNnva6vhtrqwB569Jnba9uGCXF3lFUPWiCAx1EL7vP5
+1dIqLAf1Tt/cIWTKY0lnEF+28MWp2G/yoU5HjIkjIcC8/As17IJUpLX41M4lNn9A
+CLo3smz93865G6VB9YTFDU/CC2tuZfWAnL7vDhdmNC+rarqRr3HIaWLdaRQVvf7V
+dMarKOPbipMFC4SJEAULQORtl0jc9LZ9stmIbrNGxo68iwWFLguEANJ+HRA06cOl
+9oc8r+8T3qsgmf0NOzdHTg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-09 14:11:28,641 views 5402 140695690012224 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-09 14:11:28,879 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:11:36,054 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-10 08:26:43,660 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-10 08:26:46,243 decorators 5402 140695690012224 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-LT3Xjw0OzgKP6RJ1u" Version="2.0" IssueInstant="2023-11-10T08:26:46Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-LT3Xjw0OzgKP6RJ1u">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>/A6ZZwsqOsJVrD75axGjh/qe9i1o0qzKQqiPb+ZYN2Y=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>N0Ew0GcbrXirOpm7aKXTMXlHycJwjoKIZ4W5cxwMIKKfJg8odWY0V6rfgsEj99AI
+ADHSwedjWlVfbJ6I7BuEhNCmixeQL6OfLU8K1fsQGJzfk/J2KeumCrPa2vUjnjde
+u2uviIoThl0BA2GVQ1xWrOOj6KNy9CCC3Qd6t7NjA4QT2iy+4qrr6rySguZiqKaO
+OLeiOTf3nVZF45Wnfu4YTDzm4bcoTVEIsQbiHc8XzRxqw5uHKdL4/eAtPRkwb/Dn
+W9YW1eQmi9KMbag3Y9JEO48eGHL1LSuYAFLGuTPyX3wYgyQcZWKFOJ22UPOcJwps
+FV8lUO8Zrqij/r1XkXdv2g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-10 08:26:46,245 views 5402 140695690012224 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-10 08:26:46,489 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-20 10:00:27,335 decorators 3554 139897192052288 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-MfaWMZFXjF8NoDgh0" Version="2.0" IssueInstant="2023-11-20T10:00:27Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-MfaWMZFXjF8NoDgh0">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>czBFK/B/0/wDGZrBp9VvXe9XG4aFB5py4li+XjBVAhM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>le9mgUFbJm5Vvu2RG3M+VjHntp9yp6g30YiT/AXlNe9tNWz3urVAH8Ph3+1yIE6o
+mbaBByO04SyweYAVum0ZoVoAPn8VP5USRvxmysxnraionbYn1JD6DNjUqUZDhvEX
+ERcMwj0TNsmZR/wfcum+bFqxbvMyGz+g3lFd2qu+XuDhoA1iZIQReA8wmdrwyTS3
+yEV20QV7fEh1ub3JgmNik76Yn4eH83ZhhQMNkW4uExwifUjTVPOGPlLaJsFFytTP
+GYZrXVCpv1/W//jr6Zcvul+uod8AuPVMfOu8U/nLAm7enr2182+hujhmkIh2rY6/
+naVOwip+DZkYc7OtPWRnjg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-20 10:00:27,339 views 3554 139897192052288 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-20 10:00:27,612 decorators 3554 139897192052288 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-20 10:00:47,298 decorators 3554 139897192052288 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-20 10:01:15,477 views 3554 139897192052288 wert: already logged in.
+INFO 2023-11-20 10:01:15,639 views 3554 139897192052288 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-MfaWMZFXjF8NoDgh0]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-11-20 10:01:15,666 views 3554 139897192052288 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-jw8WcYCwyfKvDKit7" InResponseTo="id-MfaWMZFXjF8NoDgh0" Version="2.0" IssueInstant="2023-11-20T10:01:15Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-jw8WcYCwyfKvDKit7">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>A7/TueVchkXK2FHXvPSs99Wwmx6OG6zaPt3MqUb+o9s=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>oo1G1W9ELW1V1XOeeMWMLtQAEx3pWlJB1MZYRkvmY8RqGo77UlPdya8fLNnpZt6q
+cvFCjVP86ggtpi5qXqNcorCC9WCSnEwL9bF78PFM/agrpsEex0glxq1JmOtBvNQZ
+gwpYbazMt6p4mdPZa49Xqelp1t91KKNm06mfZ3+z3EgAhnRfEY9uQyrB3uuwxnNL
+nPvOUuDiwSLTvLibBHCzPUa0zefpY+0Cx/1fClzPY54UYlCvS0apbNRxyf3zSyci
+Q2ov+dpHnmnOuMwZsmiUd284lBr60k6UDjmqmLlM/X2ztieCTEHegzo9Kl+WKAwo
+ywTn97UPLTVEgA2tRn1kiw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-xtfnvvxj43guvxNXd" IssueInstant="2023-11-20T10:01:15Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-xtfnvvxj43guvxNXd">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>e9X0mgp72rcw+Fajd1UL9jtwTK4DY2KKFBZvdby9hlg=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>Vc2fcoruntUg0AlaqsT6K6A8IGg2aE8zCci552IcCvjoJ6rghdle+Z01WHhJXYjC
+dr73ezb7tJzJJrYwFPA+JYIFmayEa3gYwJ9Zx87VhP9eZSPRmktBoIfehvlg7EXJ
+pdkuwifvmwJ0h47MSRe/pj9ZKV6U8RdonJ6PJcBbGGggQE6CojYNpKQGbUJHn0Sx
+rAQl2nWbgFRuKkCJN5zbAtSJa18yypk1cOb0c+nXoqOirLX6QNDoumvjQuElVhh+
+A03wQcfpu5K2HuqmRi89qlBisgrCop7nzvaun7A5K2OG5a/DlP5fnQR5a1rLAE7p
+Zb1e+ufvJOj5tq14Q4OcYw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-11-20T10:16:15Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-MfaWMZFXjF8NoDgh0"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-11-20T10:01:15Z" NotOnOrAfter="2023-11-20T10:16:15Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-11-20T10:01:15Z" SessionIndex="id-eaQ7Bxa1k8ZxTM5YE">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-11-20 10:01:15,668 views 3554 139897192052288 Redirecting to process_user_agreement
+DEBUG 2023-11-20 10:01:41,895 decorators 3554 139897192052288 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-yziHXd734XcVL17iX" Version="2.0" IssueInstant="2023-11-20T10:01:41Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-yziHXd734XcVL17iX">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Q2/NisLDW1137oYpHjJ7IGbpgntCHz3MfOf1zFMoras=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>R/Hj9AU552ELtBi7Hvnd/dEOk5wI6A6epyDqiFcpzxpg9Kze32Au6nuPa1ckNA7K
+95SB4gnCW1iQASMZI/mWyFIx+2iwuk70gAWoxnSNTweEWUFTi7wnD4GaC6QenXA5
+FUs0ZI7OShaWrVICnbm/U8+S4MgpGtTc7gRK4zz7H7gK5YlIFb8bulPqCVc+tQlP
+4PVERoGPx+eNFcwaw1xtRvZ73HNcrhMmJBVfoXt2ay737T2XtmfvJNF1yStPZ5i6
+aQXdk9Ce2odlDAyYbCA3dEV6x6DO/ZfTNx8YTjsgnHAVd4mzoMTSgiCZ/gJSOyEg
+ZUQIajEREtqlaYk227t5lg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-20 10:01:41,897 views 3554 139897192052288 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-20 10:01:42,189 decorators 3554 139897192052288 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-20 10:01:47,938 decorators 3554 139897192052288 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-rXwlkhGepIOzE31PN" Version="2.0" IssueInstant="2023-11-20T10:01:47Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-rXwlkhGepIOzE31PN">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>h+ofQ3KaPOk9533us0smAgApaeSPA26eA2ffRe/CK9I=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Ec7zaOi98//tie9M0tHHo+VL7oz968oqsyBZFQZ+dJCAFdq8Zn1CfSTVFdHri72q
+O5qhYSTmGh+IhFolEi8+EKlxDMB/zZ/pBcW8SU3OE1hcEvjFlJQV+JM/2w6fjfNF
+MZLTQuJEhWOwCCsdFlNJxLMi/ofx/XyRGaazhNekzS/w80/xKhBgeJPX8z0HJw8d
+Oa7+WVoPEpHl6n9TdyLnuKVaheiLqARA1EURFLWo7fSL0yHjEoKJvOqEQxQq27JC
+MLBQ4PVmWqG4uTqmQhAMVgZDO95blix5aQYepo9l90acRQjgywff7VDC+MSY0y8L
+TI56UIya+baFFJzUWzlYBQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-20 10:01:47,940 views 3554 139897192052288 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-20 10:01:48,195 decorators 3554 139897192052288 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-20 10:01:54,621 decorators 3554 139897192052288 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-21 13:44:10,422 decorators 4591 139753585374784 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-kTbnm0IrjmbcApcQp" Version="2.0" IssueInstant="2023-11-21T13:44:10Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-kTbnm0IrjmbcApcQp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>8mIsvpUVYhSgMTEDle1ceWVMoElqBDcqFkxfV6hlFq8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ZrOCQ1dxuajAz6z9NM6ZRQCLHv3LEnJfQITTGvIdxSwKZGhe3nC905DzoFgFIovO
+0jY4wwjHmV1Ab+tkBYLApA9x2Qhh2ZYANuVcUIBuKqRsL3F71esLBm+qK3lbMF4q
+0OtlqKcxwvokliuoT9vy6UN/PebcC89U26sA/QVmzRRclTk59/P7i3g50ks5Uj8J
+I8UlcvtPJZI1DjnTm9tNyPptPYOPiNiOXZ9B4rewA2KPfao5O5WHyG0clKhc71Ja
+rKya8UDeb0d5d9xrVToG99W5vXTz7bT9T7N6GlicyUtvei2dgIQXgTkpxUqHETL+
+ipj1kKH6gL2s4fBqyNvsNA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-21 13:44:10,427 views 4591 139753585374784 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-21 13:44:10,682 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-21 13:44:18,612 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-21 13:44:37,782 views 4591 139753585374784 wert: already logged in.
+INFO 2023-11-21 13:44:37,943 views 4591 139753585374784 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-kTbnm0IrjmbcApcQp]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-11-21 13:44:37,968 views 4591 139753585374784 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-CVEp73GsN7wyuQJ0I" InResponseTo="id-kTbnm0IrjmbcApcQp" Version="2.0" IssueInstant="2023-11-21T13:44:37Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-CVEp73GsN7wyuQJ0I">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>fwdFfIVExrqry50EX5mVrODaPVvyH9E+0HENweK5z4g=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Ywt4DBgh2YSFq3HdxkItN4/pC750w5NJzH8Vr4WB85/jJRamQDc7iP4zSrTLDIPL
+EH9mxStCthLuhT6wxpolSreQRy2RligTEBo3h6O44DIUcCKjP3F5hRhTv0/Szn6o
+4az58puKXaA8wp6C4eckFEicytgzhk1P6iQaRDA4g6XW7XSwEQCxtFcSLLkhzuao
+XsW0GM/oa/dteVS//fNJ4nJk57vNLzqbLpQyImJtMOlnQ1G4XpGEJ2MYDK8YZV0B
+aKC5kg7EdTEtP9JMnBsZBA3mITXBU8JT99SME2ZTnslxjFiUBxkpZD9b5KdrNcm6
+OHVAUspw/svBHxwATvbA9A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-6fmUhkK0dE1WRorkJ" IssueInstant="2023-11-21T13:44:37Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-6fmUhkK0dE1WRorkJ">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>qRTx9QZwPPY+6vs9zN1ryo3AD6TVuggnDjRr/fC2P6E=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>Mx6THIfLWgpOt+OFj0yKl+9gRWEy8HvExziBiKJJyKvC2ZA/kblCU59YejSqMgem
+tyVJU8bzQnu2q1z3ovOWdr86/UhYE46Ltdw0/RycCibBh98DuUQhOYTSzyrKSOdP
+YfYSHbJu6AspDCL8x20eBocAK5nkMNHDvh2RckwLg+guR4++OzUfMpYYoXFXcQDM
+RfKPqDdwNuTuqZqryzS/bjn2ePu3du1kPxvGwRdWKqsA3T4LQ4Erd5Sswsxvy/3Y
+7p9RN1cpBrVx2/h466F+m2bKKIkw5H6fc29389Gd88wRa0HpmKkbXX3aDkn/+9+A
+X9hww5jz1jvfQHCqZRPOdw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-11-21T13:59:37Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-kTbnm0IrjmbcApcQp"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-11-21T13:44:37Z" NotOnOrAfter="2023-11-21T13:59:37Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-11-21T13:44:37Z" SessionIndex="id-g4iQWrN0vMCnb4WIH">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-11-21 13:44:37,970 views 4591 139753585374784 Redirecting to process_user_agreement
+DEBUG 2023-11-21 13:44:44,214 decorators 4591 139753585374784 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Ksdz0CwoFvA24z4El" Version="2.0" IssueInstant="2023-11-21T13:44:43Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Ksdz0CwoFvA24z4El">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>MlIOz8Bbo1lSsGFUtpMHEMqUlt8pMjAMF7aVILo4pI8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>krYT3l9NE2mevGKRnw98EKHHUNLSumZi/sadDK5OmwsQsuUBZCctVTfCtg6dAFH/
+AoCZC8lJb8LpUVnKl4wFnkzGtlGdAsIeC7xZCN1ljD+t5jPJ66cRniWU4jqVjix/
+O6RCIsaK0J4inJPtFizElCtwdjbvCbYjvwZU179i1wYp+2VLwwbmA898PbeYmUtO
+5utjYg73VmOzfuL8mbtYh3WOuTQrIw7K3ocgA5pAcZRcIpnko9IuHH/2Wagu3dds
+/m0uwlb9v3fx32UhnxJ46QNro5fbMh/7m0idnVfqhD/8PxBYPvzHrhBKuaYHpJ7j
+IKbag0L+5fDPNglR2LbI+w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-g4iQWrN0vMCnb4WIH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-11-21 13:44:44,216 views 4591 139753585374784 Single LogOut Service
+DEBUG 2023-11-21 13:44:44,216 views 4591 139753585374784 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-11-21 13:44:44,238 views 4591 139753585374784 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-11-21 13:44:44,238 views 4591 139753585374784 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Ksdz0CwoFvA24z4El" Version="2.0" IssueInstant="2023-11-21T13:44:43Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Ksdz0CwoFvA24z4El">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>MlIOz8Bbo1lSsGFUtpMHEMqUlt8pMjAMF7aVILo4pI8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>krYT3l9NE2mevGKRnw98EKHHUNLSumZi/sadDK5OmwsQsuUBZCctVTfCtg6dAFH/
+AoCZC8lJb8LpUVnKl4wFnkzGtlGdAsIeC7xZCN1ljD+t5jPJ66cRniWU4jqVjix/
+O6RCIsaK0J4inJPtFizElCtwdjbvCbYjvwZU179i1wYp+2VLwwbmA898PbeYmUtO
+5utjYg73VmOzfuL8mbtYh3WOuTQrIw7K3ocgA5pAcZRcIpnko9IuHH/2Wagu3dds
+/m0uwlb9v3fx32UhnxJ46QNro5fbMh/7m0idnVfqhD/8PxBYPvzHrhBKuaYHpJ7j
+IKbag0L+5fDPNglR2LbI+w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-g4iQWrN0vMCnb4WIH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-11-21 13:44:44,256 views 4591 139753585374784 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-uEreypAbKsWoKfKuv" InResponseTo="id-Ksdz0CwoFvA24z4El" Version="2.0" IssueInstant="2023-11-21T13:44:44Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-uEreypAbKsWoKfKuv">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>uT0Ou8O5lUz/lUjatxEPLYPEBYuGLppwoVMDusGOLUk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>niXPWYUVAaEpA+W3Pj7VGj717o2XpgxDxvJVdfADJ+FKmSuPV8AnWiXpTo0gzSeW
+Yg5TtrHBrhxiPex9IiXSlqYgXnEVxx2tIg+bVjo6KDNW1k4iBN1t0kOkeMZoJmFd
+yEo6sveh1v9QJcD91HlkRQV4eTRW7xI8Nl6I4x8mAgOTUumsgrJyh0oPZkAe3ATM
+BvWW3c0YoSEYZEh0EVGhXI1wk/pQx0vD/ZleCvGnFxDNcowwzNP7RQIZSK7Iv8DX
+wwpLTjW71x7jkK6nR7z+cYRnLz6L7sqKvv/zje9+m6f3OyTHVcKUzV1pfD80/Qmz
+NTH0BPPZYNocO4J/2synsg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-11-21 13:44:44,256 views 4591 139753585374784 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-Ksdz0CwoFvA24z4El|1700574283|9e1aace1e45bb783a2419400cd1a8b6c89c662fd
+WARNING 2023-11-21 13:44:44,258 views 4591 139753585374784 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-11-21 13:44:45,647 decorators 4591 139753585374784 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-hIL4Pg0vjM8ZU5qDJ" Version="2.0" IssueInstant="2023-11-21T13:44:45Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-hIL4Pg0vjM8ZU5qDJ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>YpGUSNujaNuUZ7rp78Mi8CJfLcHx0yGTsLundjhxxZI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QHEZADcO6GDRSZSCmuPZLqfmbFu5uyvkOcNhEu2SQBJvUh2BRATaAH00Zz02WS4F
+HkGz8bdPzv0ZdfrZgPzHs3WCkkwfoECyGSMosZrauTETsDzKImsMQpkswyWCFk1P
+MbKC+WgFoteHpUDVpzHFGJ+2Go7IjebG/7qparKSLUU554wqjy6Rbs9iimqtc8WR
+ko7w9Jeu9T2yw2itPSIuFeDLzUgAQVqPXc7Z+7TzzqisQ1pj6ZkKIf0fCN+Erpb7
+uMyaL3jMwg/BMOPhQPrps3EkEaZ1k3kINnKM37WzPRju24Kc57cjN/oSF+vCnmWi
+qiPHKFmz+iBeEQj5cMkBVQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-21 13:44:45,649 views 4591 139753585374784 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-21 13:44:45,904 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-21 13:44:55,189 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-21 13:45:47,172 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-21 13:45:54,197 decorators 4591 139753202644544 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-11-21 13:46:08,922 decorators 4591 139753585374784 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
diff --git a/example/logs/uniauth.log.1 b/example/logs/uniauth.log.1
new file mode 100644
index 0000000..db71773
--- /dev/null
+++ b/example/logs/uniauth.log.1
@@ -0,0 +1,1014 @@
+DEBUG 2023-10-22 13:56:17,857 views 5538 140198830663232 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-ro6k9vXL9ogu7BjaN" InResponseTo="id-itwxXF3KTav4NF8Tz" Version="2.0" IssueInstant="2023-10-22T13:56:17Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ro6k9vXL9ogu7BjaN">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>kjvqt63hkpTT+FLyp38dMsSXPxWDEQ2vsg5WtAJVIBY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>iIBchxQkWNlqPaSz2+m0B6PbxeeU4uZYlS678WuO2G8+NKtBnpWLKM0KSPYjpJpC
+1vPALR8mSZZmDLxORbPoFrgd0RRgptsKr6D4D/o092ptmmtEPL6Ht66Wps57gGb6
+IPygSGDvohufK2nhGKx7Obw9PT/5EdnYU7o8nc6hNDonbd4zzbUGSal5fwnrc2vQ
+sRramX8PCeWunRupJLEwpjHF1eEQAy0CjTR1NPt1eGf1breKuuEJtTKr+8CAXMDR
+xXb7zG54MnD7uAifgW+7qSdp5ULNjNDY6kIP07lczdSKxnUbYttQylz06Jb+6AnL
+HU1DTqBGMkMJuystEc8PBA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-FAgvfk7F6jNHY1LR4" IssueInstant="2023-10-22T13:56:17Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-FAgvfk7F6jNHY1LR4">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>MS6fKKik66hny0kYCYaEfFNIjJRU3Np5XEtb7Hs0CsY=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>RFLVrrMgTSlJ9ZuK4xBMlQvdFlCNs3pbeQVlc4+A1krdGktC+UQiBgvHPtD+xWVV
+9dinsEJodSSq95fv6hSCPErP/lJhZ+41TentjzbjgoKsGuYHTC+Naii/DBhpSCYu
+EPoXHkbHJV9qjsHnzXo+Q6BS/HK+2+kMNED3QeIELUGipFwTLXcYu3v6XvcAfsvd
+wukxR7aJqLOeRQnFRKwJaH2itlSOuWCwhQBgm4OwBULwl2vl+TVMABf/3WwhMLxX
+gD1wRNlEnLEdTsHdYuneVjaIr0Lon80iteEmVll+MR++Ya+g1FlYk2pyYxU1758U
+Ir2ClptM54wU9wXheFu7Zg==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T14:11:17Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-itwxXF3KTav4NF8Tz"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T13:56:17Z" NotOnOrAfter="2023-10-22T14:11:17Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T13:56:17Z" SessionIndex="id-ifSENV5W0qsLMGrVH">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 13:56:17,858 views 5538 140198830663232 Redirecting to process_user_agreement
+DEBUG 2023-10-22 13:56:20,706 decorators 5538 140198830663232 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-KUukA1HZqUvrJyere" Version="2.0" IssueInstant="2023-10-22T13:56:20Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-KUukA1HZqUvrJyere">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>GOPqIxru04+i6HIoyIN9ukAHPZt03Yzc3BdHMd3ldI8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>b966HEa9eKbW61ryp5k/jvh+yEx2WwJpiBdeLYGy/H3+sJjTEZkDfkX9Q+ROpbId
+L+ZM4c/iZInBkjYcNhi4nsblYqazq/Kv2N/cCwbkA0uhbelD2CzUXaVHFIiWPHWn
+89TWaCeNaFk+793iAZC2kEdNEkeH/En6hfGTOglNTx+ceSfrGIqgI+jHodGgzFYe
+zp4VaoiNUl8Yzy5m0cKZlaXAPaFCE/kuAXQtFPCZnfpr7HCd3gfd0JYwkNxnvHrm
+kyMAbiddeKi9yj8Orw4yMwo60+PIFxcRF5KaaxAeqf3GBfxlpSggZaij4BaVMkgj
+JbHnyg4317nHt8aUVv51fw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-ifSENV5W0qsLMGrVH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:56:20,707 views 5538 140198830663232 Single LogOut Service
+DEBUG 2023-10-22 13:56:20,707 views 5538 140198830663232 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 13:56:20,719 views 5538 140198830663232 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 13:56:20,719 views 5538 140198830663232 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-KUukA1HZqUvrJyere" Version="2.0" IssueInstant="2023-10-22T13:56:20Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-KUukA1HZqUvrJyere">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>GOPqIxru04+i6HIoyIN9ukAHPZt03Yzc3BdHMd3ldI8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>b966HEa9eKbW61ryp5k/jvh+yEx2WwJpiBdeLYGy/H3+sJjTEZkDfkX9Q+ROpbId
+L+ZM4c/iZInBkjYcNhi4nsblYqazq/Kv2N/cCwbkA0uhbelD2CzUXaVHFIiWPHWn
+89TWaCeNaFk+793iAZC2kEdNEkeH/En6hfGTOglNTx+ceSfrGIqgI+jHodGgzFYe
+zp4VaoiNUl8Yzy5m0cKZlaXAPaFCE/kuAXQtFPCZnfpr7HCd3gfd0JYwkNxnvHrm
+kyMAbiddeKi9yj8Orw4yMwo60+PIFxcRF5KaaxAeqf3GBfxlpSggZaij4BaVMkgj
+JbHnyg4317nHt8aUVv51fw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-ifSENV5W0qsLMGrVH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:56:20,729 views 5538 140198830663232 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-NKEAKlMBhyrtI9MPy" InResponseTo="id-KUukA1HZqUvrJyere" Version="2.0" IssueInstant="2023-10-22T13:56:20Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-NKEAKlMBhyrtI9MPy">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>TuOMbI1M3IUB8RhRf7g1zrKLltgGOKMMdtZnTl1bZwk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>O5J653cClBazCWQ04YdGW2RphUcIcdT47KK9d6VTmlE3/pw6ipUgNRh1CVFCtyBj
+adtUDlynPvHPc92B2h5aTlGn9+fHH5wl5h1Q3AwuY3AoDC/7fdvumO4uGpdYKTkB
+vh2cd3506UEYvGjmsUCwfSrFy3VJx4l7cxzUFdDEGvRbmb6WcByYNj/SxueaAXQn
+QLlm7eROhSo9QoYqu330SJw282xpn5/qBD8lE6e4G7GkcLUsipoqAGIOuXFdWs/m
+SWSUZ9fbBfg3J/w4izoj22hhRxmWCk2CZDHy61q5eWHVrpmEhAAjAtn/qM+Kak/Y
+DtthT8iI/98K1m7mojNHMQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 13:56:20,729 views 5538 140198830663232 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-KUukA1HZqUvrJyere|1697982980|dca238d05351a4107d34775511c7f1825f54ab52
+WARNING 2023-10-22 13:56:20,730 views 5538 140198830663232 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 13:56:22,689 decorators 5538 140198830663232 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-IhLMBOv9EHBm6xQlx" Version="2.0" IssueInstant="2023-10-22T13:56:22Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-IhLMBOv9EHBm6xQlx">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>RYxgtc7HS7SvSd2B1J1FsjJEtXLSjun6Y8fVTapR8uo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fFwn7ZqgZO79AgvIAKXk8ZO/nbhs/qncoN8oOD3/8Wg+QfWP7IxKYFWDEj9TuRYe
+sOtD+kr8RfWY+YUBitLywNXHc2nI1Kxy5IeywNiBncFW1CwNtoZcPuFyDsCgwyvY
+SLZ0ffTjQG8YgFCk9OiG2vszEtQ7LuB3Z4regQoawedj4ECwkHz3dedN0RfZQdIT
+Dk+9qC3/UjnA+AMWG4+W9jPRn01enUxL+JM/sDCL9JNua1lcnLYtDzLQJCYDNyZQ
+lsxR29BZYZZop+Nt9OV2/pYY2sToJ5AbXnBptfDy5jKW5dzpTJNCrXX7DvZKJBHR
+qVS/o2sxvCaopi7jej7miw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:56:22,691 views 5538 140198830663232 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:56:22,917 decorators 5538 140198830663232 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:56:29,910 decorators 5538 140198830663232 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 13:56:35,350 decorators 5538 140198820173376 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 13:56:46,278 decorators 5619 140677616760384 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 13:56:51,671 decorators 5619 140677616760384 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 13:57:29,433 decorators 5638 140099009377856 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-T9LnRskrhxFH7zMtO" Version="2.0" IssueInstant="2023-10-22T13:57:29Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-T9LnRskrhxFH7zMtO">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>DAuIqzxkjkAArPVaf5Y09ndGYBdgKXS6G+f+DYA7HWw=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>o6JI+7lD4Ansd1wQLfoWoTkGtu0l2uLTBidO8EpYimZGNuCR3J6FQlB5FpbmVqLA
+aJxeOriMCCLlxapktc8muaxZ5naUwqaNZ5fGc+UL6ZB58QGc6nMgewNB57QwW6oY
+UbubinNb0okzGPIMvO+e2PhCgwyru4GyE5c6vP0gW6gLSANrCJ6cR4NLJz5TO06h
+B0upCYvZMvwtSbw9VI1BkL0AdlMPGf41E4p1Ahz/uRIivBsU51nNuDYiCHFPrX2j
+c7sDESQz/zJ1bZw5QUsgPMBrgOcUB8Y8KMJZ7GT/oE708qr5Gfgik7/nnH9KYwI5
+eZf9r4GxFyKhqVQizjcvWA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:57:29,437 views 5638 140099009377856 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:57:29,675 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:57:35,392 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 13:58:01,388 decorators 5638 140099009377856 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-9x6tU8N2MGHNkQRXT" Version="2.0" IssueInstant="2023-10-22T13:58:01Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-9x6tU8N2MGHNkQRXT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>E/WjILDKar/Q9LYQf7hdu6fuAMp5FgohvSMdrcfw0Hk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>aytjL1y7OxH7oOGq0ee1hK0/GUFCH2IxXG7p+KYg2IP4VgZAafpy7HdlpXXLUgNX
+F1XrqPs9r0B//KPD0WIf/sls0kv9ZdNpEXTLKJJMDpVSJyCEBaCbaJKecbTWWos+
+tSD6Ibq/EHBfj46MuQTRViVBXbCYgPoy7eX0b3Oh0e0NxNosC2/AhbujNDg2Qr3W
+IrI21qmKUG52DuOUIPG+G9/sIamigcfea94/oeYVppgNpdn6LQ9vObwoxUpclq2h
+qaICaHnN1UDpQzolLirNtW42+Jt2ehbGkOGfKTHMWhrWkN0gwq2JHqqind+IqMCR
+VLawgH806nDsfqDohkR25g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:58:01,389 views 5638 140099009377856 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:58:01,625 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:58:08,365 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:59:08,708 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:59:19,393 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:59:29,338 views 5638 140099009377856 wert: already logged in.
+INFO 2023-10-22 13:59:29,543 views 5638 140099009377856 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-9x6tU8N2MGHNkQRXT]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 13:59:29,571 views 5638 140099009377856 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-RytsZadvvIrLcKduF" InResponseTo="id-9x6tU8N2MGHNkQRXT" Version="2.0" IssueInstant="2023-10-22T13:59:29Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-RytsZadvvIrLcKduF">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Iy65JzFgjtnOao9NyuzCEQcoHPw0xjlTp2o537qEbcU=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>T3bc34wARm6qQIpPLJk6HiZ7DcX2J/ltUbb/FpfJlp+9OM6qm6AEZADqRSME79el
+L4N242AuJfGtoyMUEe+lHeg3zb7uvDprIt5tBzpf+m9Pu5iPd2jn9vzJKnLZlMbd
+jFaS5ZSrhuH5s2YrMagxaWT3K4dfXk+DSH9O7HMWOuuUD29KPqRBlZzatmfOx83+
+YFuUQ7+aUmXugUAIR3E1tSGRfBMGHOStogJOy6IgOM2JAqa3MNzzPnlrvuMwSGOH
+SD7bpqBBWyI8UaxpWEPSp0PQ+DHcTrp0qgBtXlEAAL1f4kclEqf+Lc3/+Az7+1L1
+ybfhJIyoRmY5XS6QYPcorw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-pykU4IPZ26Et1C8tn" IssueInstant="2023-10-22T13:59:29Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-pykU4IPZ26Et1C8tn">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>Rm1DN9u5ccyfzBE23TbfhtHEOpTtQvpQyNC+uvZp1kI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>YR/HkWULqTiBJPfe+x9EwEYusEkQDxRwJKBoF/NXkCRJes4uwMvFJ1QkWlbu7wm2
+HNap0pxsqa78qE+tNSE7PuVMwiPbvxjXL2OS+qgXrVzEWicKvBCFNW/QNmhZLfTN
+USjoZfblHizsk8QGw12/jmj9OCvuLnnrOoTNZjSFqypc0fR+Gvof2UD91x1UryK+
+L1nuXGtBaaQkkgLDs27JPqiaixeLbs2cAyEQvgO8SGGDuPXIKJoDu9jgkj4RAfmI
+P86Hz1hfp1sQENro1FceJmmp41PfohZl8UYYsy8F48TQ3Gy10Psba5vt38CmP77z
+4wwmd/BC5aVUAdtpdnuK8A==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T14:14:29Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-9x6tU8N2MGHNkQRXT"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T13:59:29Z" NotOnOrAfter="2023-10-22T14:14:29Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T13:59:29Z" SessionIndex="id-fyW3AyODFLXgrTzTX">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 13:59:29,572 views 5638 140099009377856 Redirecting to process_user_agreement
+DEBUG 2023-10-22 13:59:37,034 decorators 5638 140099009377856 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BELCv2O3wU2VowPVr" Version="2.0" IssueInstant="2023-10-22T13:59:36Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BELCv2O3wU2VowPVr">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>z6gWjYOi6jswgRF31EpTrsS3PfN2i+duXUmK43wlo4Q=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>cS/dGWLKXCmzhcpr9q1NTwqPbh7a4B39CQmOmrDXZfSGQovfUBdZxCmjvs/v4Wq7
+ZpXbfSGKQK76lAn9WvlgzoLXjJY+9qDz50d3Ur1Ct5p3vpYYG33VssQDSZbQ0wxm
+pYSTq2FplUrDLwMKuytE+gqhLj9vosLlb5HUfe2RRn3YJ+Gn2cvHrfXo6Eju+KmL
+tDScq5oPyp54qyIrXt25+0uGHZfqLkjfqLuES9BkNXht0g5a67wznXCfDSHQFX0J
+WZP+FDXoQhC3wTdyOThPGjBQ7uE1i4qKlrE//TOfsUP0cU60jV7TJquFgz1OYkIS
+0aEnL6f67T7wqWH665mC6A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-fyW3AyODFLXgrTzTX</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:59:37,035 views 5638 140099009377856 Single LogOut Service
+DEBUG 2023-10-22 13:59:37,035 views 5638 140099009377856 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 13:59:37,052 views 5638 140099009377856 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 13:59:37,052 views 5638 140099009377856 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BELCv2O3wU2VowPVr" Version="2.0" IssueInstant="2023-10-22T13:59:36Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BELCv2O3wU2VowPVr">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>z6gWjYOi6jswgRF31EpTrsS3PfN2i+duXUmK43wlo4Q=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>cS/dGWLKXCmzhcpr9q1NTwqPbh7a4B39CQmOmrDXZfSGQovfUBdZxCmjvs/v4Wq7
+ZpXbfSGKQK76lAn9WvlgzoLXjJY+9qDz50d3Ur1Ct5p3vpYYG33VssQDSZbQ0wxm
+pYSTq2FplUrDLwMKuytE+gqhLj9vosLlb5HUfe2RRn3YJ+Gn2cvHrfXo6Eju+KmL
+tDScq5oPyp54qyIrXt25+0uGHZfqLkjfqLuES9BkNXht0g5a67wznXCfDSHQFX0J
+WZP+FDXoQhC3wTdyOThPGjBQ7uE1i4qKlrE//TOfsUP0cU60jV7TJquFgz1OYkIS
+0aEnL6f67T7wqWH665mC6A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-fyW3AyODFLXgrTzTX</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:59:37,070 views 5638 140099009377856 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Y7BLqJmvY0FqKKBu8" InResponseTo="id-BELCv2O3wU2VowPVr" Version="2.0" IssueInstant="2023-10-22T13:59:37Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Y7BLqJmvY0FqKKBu8">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>/OnNypqs4EoV7/+NL1AWQBm+QN0571iPi1vNvUPBquo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jmJYrKXVdMrBE1Jo41kORpW3on3LGQUbW4IATb/AwPnRAOgcXvn/x6zvd01giULS
+fK0Ic7dk2VXrUUXE0JObvqW/aK2TB6fUMeEoOg2XBGZ3QNWQjlFJ5VGPehdsLP0h
+XYXHRkgIMaXmSAy2Go0H+Hvmj8rBMxPqdYsJLqcPCSjkUCu2ZcBKRHovy0yLV3EJ
+hkkkRdeKwNhUSQyTTP24AYXSg6ULbQda/1JuIW/ZHDrY43gHSlKN1mRvAxd521NM
+0rCelh9Rm25bJ2noBnsMlwaWtT7tYVjOJMA7s9XztIyGCXrfAxS+F2pK+cBCDB3e
+/7vC36QriS6zq1q5HioO2g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 13:59:37,070 views 5638 140099009377856 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-BELCv2O3wU2VowPVr|1697983176|0f6357df740c8b9f21fe2163e7eb6c3bb4714e7e
+WARNING 2023-10-22 13:59:37,071 views 5638 140099009377856 Single LogOut: logging out an unauthenticated user?
+INFO 2023-10-22 13:59:44,734 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 13:59:52,092 decorators 5638 140099009377856 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-11-09 14:01:05,787 decorators 5402 140695698404928 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-i0QOz484j0Z0Ha4jA" Version="2.0" IssueInstant="2023-11-09T14:01:05Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-i0QOz484j0Z0Ha4jA">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>5K+V+zCzwP4nwU6AMQGMvI6BxTyFp+PdRqz3ugoCpzM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>CzeQwsLEBVkrP4tpmq63h60TMSIaz0vmHHl514fXvyV6qwpJ1Jkxg7e0l+Ed3A+8
+knAoGTaPINmznsUctUmV5o2smLPs6uMlfd6SelF60kVfA+I1LUFSpVpuFdPXMDTf
+jIqhFOKRkVH0h2l+mjaNzY8c3HwIaWrRBoMue7TnjYs4K3dJDWKAB6e5wEItlrbZ
+STc84IbQf54uLJZp1s3j8PGtK6NpSQJ0KuL4JBkw4L9p/Hgj3smU/TgJ9N2+NvhJ
+hR+MpzOVY1iVGvsLVr/XWOsT/50uGSkOU5cT/E8Vci6lr3ajtNTe6fSArt7oHqoe
+MgXV0G8xlWi/PSkMlX9A0A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-09 14:01:05,789 views 5402 140695698404928 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-09 14:01:06,042 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:01:13,499 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:01:17,197 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:01:24,401 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:02:10,093 views 5402 140695698404928 wert: already logged in.
+INFO 2023-11-09 14:02:10,265 views 5402 140695698404928 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-i0QOz484j0Z0Ha4jA]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-11-09 14:02:10,287 views 5402 140695698404928 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-0371RwdxjEUinHruP" InResponseTo="id-i0QOz484j0Z0Ha4jA" Version="2.0" IssueInstant="2023-11-09T14:02:10Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-0371RwdxjEUinHruP">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>BmQ1OGUTbMcCc52junk26n/uT9OIh4F/BKyHUljL/n4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>bJd5v2ob+cZWZ5PITiNTyxv53qFD9CdC8Jmjcb3BRti7lOzIHhapOYNFa/39rmao
+fxDHO1RzdOn1oqOwKxMAdyjAmNxif7Cj7RYylkZt2lvBgkkFiw0y9LZ86C8vdXPY
+0XT+dURCq2CMKHl4N9z0RbdNyqprNEnSvBvT2e+xlavXk/AJyer1iKQt3O/tcVet
+JAGlDIW7DSHMCQKMFaJigUwV03oJBweqHvoLVNjuU1kXwTfolrDTIf/zTeM27yKR
+frvN9odVWnPhs0jLnBVYWnWGaDOICZGXa6ds3Ag+HJAr2rqSseRvGbkEf6YA7QYz
+GpDS9GFft3wUM06NdScchQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-y4UzB4Pn4hZNsZ9qI" IssueInstant="2023-11-09T14:02:10Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-y4UzB4Pn4hZNsZ9qI">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>74eVWE0XLREGcMt+gn8FBg+A1WEL/dWIwbLKWTC7PAI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>bD68VEA/cZYkCw+dK03ubfjw9P2kjxxzN9SJ2Mm1H2J1OCrRBsWZlDURK2hO07ax
+sO+FoprwNnLjTt3yrYhmFRqlftXxHIjYRrU/pdgVDPFI+8rtoPtrtzPQOpPGX+/3
+YkoTimolAdy9X0kO+7NS1e9raZ2XHfMznPe60z6o65lCaFaTuacN+vYAylrLSRK/
+sYIUPNBO8BQHYwsBBAkqKnXGWKf9dQjp0epcImHyrHxeA1UGbKfuEg1LCVVhcdhX
+Lm6ClEJQWq0r9QEw0HDuET2RI6sVZ+pXbvPh7YF8TO1RCX1z3yxR5lCKQ9q6z9vH
+GPkSAdXPRG+sYYiLcFGfcw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-11-09T14:17:10Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-i0QOz484j0Z0Ha4jA"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-11-09T14:02:10Z" NotOnOrAfter="2023-11-09T14:17:10Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-11-09T14:02:10Z" SessionIndex="id-P74to6h0pUS1kw8mo">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-11-09 14:02:10,289 views 5402 140695698404928 Redirecting to process_user_agreement
+DEBUG 2023-11-09 14:02:16,937 decorators 5402 140695698404928 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-IU2yKJcZTHeLksccb" Version="2.0" IssueInstant="2023-11-09T14:02:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-IU2yKJcZTHeLksccb">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>WZkqba1mVDP7MdLDguKU1soO9kZxOksLpNIMrOqM6ww=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>kVWD01Zj7xp45T9uKiwH6EECchbK0bbfASgVRyXc5EYP6fOq9wWRXgHMzMlchRRD
+NHOv9yO0UO+7PQtXJn2CoDgcVLR/MglEEltuOBZNsuOra1w8rPOqFl8JgVIf8+ik
+XOszfTewiZJd3ej2BcGiX7Jpioi11TnWxc3YjohvPVAzd+FgdJt4zKZ3KgX4Pj5D
+yMUtt7yg+XwstFUU3jfuDdvDzJ1DvXpHItfK2utck6uha/QDh3pXPEZu3uGcHj5n
+0HyBBfJU5Hq03BlSOmj4QF9mJn/9vUoacaqchsWHhf+Cv4q30ijnE46RkpGoVoZ4
+a7FjaIjLc9ULdKbm5dl7pA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-P74to6h0pUS1kw8mo</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-11-09 14:02:16,939 views 5402 140695698404928 Single LogOut Service
+DEBUG 2023-11-09 14:02:16,939 views 5402 140695698404928 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-11-09 14:02:16,956 views 5402 140695698404928 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-11-09 14:02:16,956 views 5402 140695698404928 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-IU2yKJcZTHeLksccb" Version="2.0" IssueInstant="2023-11-09T14:02:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-IU2yKJcZTHeLksccb">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>WZkqba1mVDP7MdLDguKU1soO9kZxOksLpNIMrOqM6ww=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>kVWD01Zj7xp45T9uKiwH6EECchbK0bbfASgVRyXc5EYP6fOq9wWRXgHMzMlchRRD
+NHOv9yO0UO+7PQtXJn2CoDgcVLR/MglEEltuOBZNsuOra1w8rPOqFl8JgVIf8+ik
+XOszfTewiZJd3ej2BcGiX7Jpioi11TnWxc3YjohvPVAzd+FgdJt4zKZ3KgX4Pj5D
+yMUtt7yg+XwstFUU3jfuDdvDzJ1DvXpHItfK2utck6uha/QDh3pXPEZu3uGcHj5n
+0HyBBfJU5Hq03BlSOmj4QF9mJn/9vUoacaqchsWHhf+Cv4q30ijnE46RkpGoVoZ4
+a7FjaIjLc9ULdKbm5dl7pA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-P74to6h0pUS1kw8mo</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-11-09 14:02:16,969 views 5402 140695698404928 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-wE4qyYQubNq06w0cI" InResponseTo="id-IU2yKJcZTHeLksccb" Version="2.0" IssueInstant="2023-11-09T14:02:16Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-wE4qyYQubNq06w0cI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>4s5Dea0TAL/X4TCMOoJLFEFoTsCtb0vWX9eWk246x+g=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ML3hwO0wi4uhu33jEH/IBY2Kth1UBErs0wP8+YHEil2UJfwKWC3+S2a+aZC7cgbF
+nExv60kBA0ERtgWaPeYJV82ouuBECrYsBH1/hOgzo4738G/AWv06VxCwLWLuAP4B
+q5sIBixdPqLSH30e5SmIzeSI2HJLZwCjQsBKzP025dAJkBKbEzS12qH7Z59CNOge
+hxw1eClCjjvKlwsW3P5d2rfkRGQd70pFiVep2FRUHIRbO9qPvu66nKty/NqvwIbp
+XmJHgX2LM2DvA5v3c5kFqAjBZQx21Q2l4n0WY92pCZfE4hfxG/4OMKSuDuBOFHjE
+AA4mCtMWiZ1gNNI+EoD2rA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-11-09 14:02:16,969 views 5402 140695698404928 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-IU2yKJcZTHeLksccb|1699538536|703eb5503ab5b2f2a16bd7cc727b2615ba008444
+WARNING 2023-11-09 14:02:16,970 views 5402 140695698404928 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-11-09 14:02:19,218 decorators 5402 140695698404928 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-YhWZ8g3DNhdotHbfI" Version="2.0" IssueInstant="2023-11-09T14:02:19Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-YhWZ8g3DNhdotHbfI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>X2cPtRTTY3NdRO8BGFyYqe1DpCzekVjfBOq+KeGwf04=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>gNkDLSBFPoTrXNN6G8u+irwcRqozOvWvcmLTy8dRVBGOr3M9OO0FIqn0UYv4jV1r
+W6QC1JTI7QFNmq3wr6C4WkVH+J3qzn9Dv+rGcpIUo/U+N81xmEdmH7i4FVhiU+nr
+q+/RfZMGUjQyGcht8vycqfX8GlQ9ABAQRxxITEQRbx/b4jGr65hGmEQFkgOLMMMe
+5/U48T0UbSFSSzeCVXvKhBgcU3ibDRyZV0PcGlm0WL7ub0nl//dz1/EiCyHyo7HS
+PGq17tUI18IM+z5FNSNrrHJ1LDVoj0Aol5N1KMOr1To7LRjPjTVzSiwAgvw/At9b
+SkUDnUNHazxQZvCz048uOg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-09 14:02:19,221 views 5402 140695698404928 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-09 14:02:19,455 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:02:25,798 decorators 5402 140695698404928 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:02:46,776 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:02:56,190 decorators 5402 140695477155392 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-11-09 14:03:03,355 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-11-09 14:10:07,996 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-11-09 14:10:10,426 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-11-09 14:10:11,536 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-11-09 14:10:12,326 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-09 14:10:12,923 decorators 5402 140695690012224 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-kGwqtu5sAqcWmvpbT" Version="2.0" IssueInstant="2023-11-09T14:10:12Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-kGwqtu5sAqcWmvpbT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>kBpC1+HrAWN1QyMr2tUefyqB2xrQkHAIqzbnlgVC1Mg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>D06S585fJINMEyHXPbj/bKePXqw6zR3TlCJ0hLhbeKNxUyBxiMn1nle/Bji5Fmw3
+oDKjmuyjyszSITEs2uJQlCJC38bTAKVbFl4bbDrNV4KI0K+7834SOlKotPE08ikK
+VeepKUIvVr8Zr4LShUB7E7e1FZ3YoBS9hMpWNANb6ZyxJUFnadK0FI2gbadqFymE
+alXrFJaMOII95ES5vGStc1yNTmBQbmO2FM6evYNP9ycbAZ7iJxzxX0JZX+AIKXtj
+Nt+lnVc9Lcw6206sWfKVD2R+WzXFrZbgmD3FtmBjdY6EDvxEDfzL2916/sjFFirI
+ZIrT8bfENVb6qC3HDQsUeQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-09 14:10:12,924 views 5402 140695690012224 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-09 14:10:13,159 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-11-09 14:10:27,443 decorators 5402 140695690012224 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-3YOlVMyElJo7SwzIO" Version="2.0" IssueInstant="2023-11-09T14:10:27Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-3YOlVMyElJo7SwzIO">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>FyT6kVjKkGjRrvzioS3ExQ7rvhk42OWMQI7s/K4Tw08=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>KN71z8Lf7B2t6LKnGPvtEh3qWgEopSTPslAo7Dtfi0mmEc6RgDqY3GEFsNZAoT/f
+lIi5J0avazImGcyVXQwclqMiSMbk/AG7fLCrJrC9zq1Df1psdVO05QIu2FtFGj0Z
+0KlOU2kGvGq4k/yl5Ev/md/MhlJZVnAJ8vFDf4CsyTumh2X5qyzY1trTp2Xk2o+V
+Nk4ztaptQXw+oUnBtTNgPq7zhmkmkBplKo3ySNK9eoetgUeCOAuxQkooLZ8OrE73
+Bi8taTeqDvvQAY08ZgceYM3zgShL6y1x/p6lFJ8D7jo7l+bA99dMXYEieibLhUWf
+2FrnyFv0Bk9fUCoeyYeQ2w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-11-09 14:10:27,445 views 5402 140695690012224 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0)
+INFO 2023-11-09 14:10:27,699 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:10:41,927 decorators 5402 140695690012224 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-11-09 14:11:09,335 views 5402 140695690012224 wert: already logged in.
+INFO 2023-11-09 14:11:09,495 views 5402 140695690012224 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-3YOlVMyElJo7SwzIO]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-11-09 14:11:09,518 views 5402 140695690012224 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-hZUWjKJHqszPxxUQn" InResponseTo="id-3YOlVMyElJo7SwzIO" Version="2.0" IssueInstant="2023-11-09T14:11:09Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-hZUWjKJHqszPxxUQn">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>0bMRpk5vg4zQcsmot9ZBIfAwaRtjJ24D+EuRVWhI9Ok=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>TnHIGiFh1+anDZR+/nq8qY6DjCEju5K9+L6kFGHOYBYxLL/u9w+n2l6hvrxEozmM
+xv0XoZL0hBdEE24vhXW5uqaa2q6RfCH3swDA8LOGT4sSdXp/BVK5EN8FXjw9Z+Ug
+jnvov2qrI9wz4VDpeU29t1pIlqlKePOUXpLyT7pzim8Lp+iUuY5xrccFfGIMAkKq
+Jr+QIak4jx+uXvib/x/2MiadlbG8XcuzFZcLX7bNyrC3ApTOjg4MFOHDmnK0vXoB
+cnVjKS7aI25TcmWcpgRtNJB3nq9+AvZYO+DXZ3+rlbPMMsoYPCeKscjfBQhWHd1s
+3pFkTnF1N2QhH9AtmtflQQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-f4ChK1OKTIi6JorhQ" IssueInstant="2023-11-09T14:11:09Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-f4ChK1OKTIi6JorhQ">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>Oj22BYmf8kHdmSLEN/WB0a2QExqoxMgOlYeVeE4Ancs=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>bh9NuzhwNf8ihuMJhHwYn+OSAa+e7LFG7ob8+ptJtU4xkUOBjcwf0ip/Wtz7nQ1r
+oI4Po3RbTv81dMNAZm8X7a1KQQ3hnaQRHheVIIsDjwvSDawDpF1Yck5WlRCnbDpr
+dZjqhHauH3HZzMlwrHhRFb4XJxSX4BuFWQOOcZJIt7ExBqZHRx4jRCoEslN63+52
+fziPmdNGI0pkL4MYExdOrkpGaMr6PPQ87jVy3Ipan3JsIoCIJOscYpr24dBCMoon
+tBCbyFgnpzPUOyF+pt9/hMgZG3aYc1b9kpW3exCrP/hDPBjJ8Na05cqSvChGnWv1
+MN8LVwOBykw2r/Lfw2dn3w==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-11-09T14:26:09Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-3YOlVMyElJo7SwzIO"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-11-09T14:11:09Z" NotOnOrAfter="2023-11-09T14:26:09Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-11-09T14:11:09Z" SessionIndex="id-jYOMyk6bLEUYk3e3e">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-11-09 14:11:09,518 views 5402 140695690012224 Redirecting to process_user_agreement
+DEBUG 2023-11-09 14:11:27,299 decorators 5402 140695690012224 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-TzIddPVqNWmQUxTYe" Version="2.0" IssueInstant="2023-11-09T14:11:27Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-TzIddPVqNWmQUxTYe">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>h6XbAZQ8153LegRaejC+vnkXOtFJ+y4T+K2cG/qe/yA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>V3q1YSQUHh/9PiGGgoDhZABEZtND3gVXF4XpGLhC3BVt8yWCixwHIMhyEdGLWKA4
+1DF7iZyKvmIvQOG3WwAvrnnfHCnE5CHfDcXws7eXoF8CqbZXNM6xrdoptY5K1LrA
+SJb/bvAklYZV8CoeA+etv9Kwh8W+V1jsbzTC6WSKtRwjRMNL+uW5vD6zKwjxMQzm
+2tYM5vMun+ybetHjurdhG5+sE6dkWekoO7t/ISWfsRW5U2W1DVMpGPOdVg3BpNcG
+cw2hNw0KHCpZOn4wnjPXCoourTttBPtaokc2yQd31bR/36VAwbL8S0IAY1Kgd8Ie
+JKKPd9790T/bZYTrD9yA7Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-jYOMyk6bLEUYk3e3e</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-11-09 14:11:27,300 views 5402 140695690012224 Single LogOut Service
+DEBUG 2023-11-09 14:11:27,300 views 5402 140695690012224 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-11-09 14:11:27,319 views 5402 140695690012224 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-11-09 14:11:27,319 views 5402 140695690012224 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-TzIddPVqNWmQUxTYe" Version="2.0" IssueInstant="2023-11-09T14:11:27Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-TzIddPVqNWmQUxTYe">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>h6XbAZQ8153LegRaejC+vnkXOtFJ+y4T+K2cG/qe/yA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>V3q1YSQUHh/9PiGGgoDhZABEZtND3gVXF4XpGLhC3BVt8yWCixwHIMhyEdGLWKA4
+1DF7iZyKvmIvQOG3WwAvrnnfHCnE5CHfDcXws7eXoF8CqbZXNM6xrdoptY5K1LrA
+SJb/bvAklYZV8CoeA+etv9Kwh8W+V1jsbzTC6WSKtRwjRMNL+uW5vD6zKwjxMQzm
+2tYM5vMun+ybetHjurdhG5+sE6dkWekoO7t/ISWfsRW5U2W1DVMpGPOdVg3BpNcG
+cw2hNw0KHCpZOn4wnjPXCoourTttBPtaokc2yQd31bR/36VAwbL8S0IAY1Kgd8Ie
+JKKPd9790T/bZYTrD9yA7Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-jYOMyk6bLEUYk3e3e</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
diff --git a/example/logs/uniauth.log.2 b/example/logs/uniauth.log.2
new file mode 100644
index 0000000..dc60cd2
--- /dev/null
+++ b/example/logs/uniauth.log.2
@@ -0,0 +1,970 @@
+DEBUG 2023-10-22 02:16:17,675 views 10038 140066444801600 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-AVAIV6ZfnTXFEK9lU" InResponseTo="id-hf5rpORZmYISuojkh" Version="2.0" IssueInstant="2023-10-22T02:16:17Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-AVAIV6ZfnTXFEK9lU">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9Sg06C961p1skChLWBVZ2hqnQnNyat94YnNs0yX++s0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>CtOGjEe+0f5dMkqST/YxGou2UGSAqyvB92/0tmjqexNY3Ce69NDaEYDHMBL1jBfN
+WbcwcX2klGmDVkRXBDp/MqoJfTLK1Yrsy4zOECriBHvV1+9spR44eTHx5s9Szzwv
+MSu/sdI9IXhWITyOW9eBDCSkDFg3csXDcd6euKIee5O2dLyNvtMOMZLQICHCFrgb
+G6JTSxPD4ar1ZHUS+p2+L4xkSnYkZsEyamrEwRJPKTvPPqMgdF647kgfyADXqr+a
+0mDvQ+7/8wgvtk1KW5opFy9WWH3iHZQAiTuviqhemZ8VALoVPrtAVcU1gLad6mDK
+pAOPwwJzqyuLUheXc0DX7g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-MvZmTyYcWTefxqMRa" IssueInstant="2023-10-22T02:16:17Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-MvZmTyYcWTefxqMRa">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>QO5JcgpmQ2RXacgm5tYH7+3yAYX5Dt3pDNGvPOaQSWU=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>WWSUWyjNjZ1nQ69XiIFiOhAl4Rl6/4EZyeZQ8h8IuEUxcHMmtuZMEXHx287RTk5s
+iARxypK0xzH6jFZZdvh2AKrG5zfA5/3ziWZGQHiAZrh+uspiqLUTaRgoMisEXFAn
+VOrMTc9uJOUSi1aC/8qKanmTXxw9DAjcyOdCdRVE5WyzPQCBwoih6vqTQJWhEXHS
+SqeXa824aClOs38bGZikAOWFcmELvrIM0XNTj5z0Y/+gXoKVfPkW2O81BIictWz6
+W8+dhRpJXHAn0AswDN3/DPhcGU6a4TxkMfkoR5MRrnZ8SkKxPtCiWD7khONhjmWy
+OD4kguCUFySWCaG8LwalYw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:31:17Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-hf5rpORZmYISuojkh"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:16:17Z" NotOnOrAfter="2023-10-22T02:31:17Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:16:17Z" SessionIndex="id-Hkn2P1YGQsMsV2Ufu">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:16:17,676 views 10038 140066444801600 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:16:30,646 decorators 10038 140066444801600 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ki5gNZIOZSnZn15zc" Version="2.0" IssueInstant="2023-10-22T02:16:30Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ki5gNZIOZSnZn15zc">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>qCvvOQqFYhy3Fq08V212eOcJYKlTcKNfHNVITmQl/7o=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Vv5RiSrjrKdi6lQCVP+4tutjSXPd3zA8glk0xXeUDlnbxjm85nIdR6hjxFR07h4E
+Lu8jCkbmnXCTt31jxAkMukrSdpJI8InCFr8KTmsJ0cI3mNdEWaJYQr/SqnEY8C3r
+Zidpub1XsiQdZzpZSvwys6NgWdJgO+RNhNQK9/XAKt2B5YWRUW3e24bdjWhmRksb
+WTTN27NRknMj4fJhxkUoMhxaWLBWfUFIlT/1loskTEDWSs5S7HAa4HyVqnTOIIQn
+3poJX0Vn5t/dEiMgDhcOAekZXS1nIilVQylWeSd16w8c4jc6kFH2Lk7YHUdTaSIx
+8F8LlIGn/nXzVkmM+8ls4Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-Hkn2P1YGQsMsV2Ufu</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:16:30,647 views 10038 140066444801600 Single LogOut Service
+DEBUG 2023-10-22 02:16:30,647 views 10038 140066444801600 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:16:30,658 views 10038 140066444801600 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:16:30,658 views 10038 140066444801600 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ki5gNZIOZSnZn15zc" Version="2.0" IssueInstant="2023-10-22T02:16:30Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ki5gNZIOZSnZn15zc">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>qCvvOQqFYhy3Fq08V212eOcJYKlTcKNfHNVITmQl/7o=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Vv5RiSrjrKdi6lQCVP+4tutjSXPd3zA8glk0xXeUDlnbxjm85nIdR6hjxFR07h4E
+Lu8jCkbmnXCTt31jxAkMukrSdpJI8InCFr8KTmsJ0cI3mNdEWaJYQr/SqnEY8C3r
+Zidpub1XsiQdZzpZSvwys6NgWdJgO+RNhNQK9/XAKt2B5YWRUW3e24bdjWhmRksb
+WTTN27NRknMj4fJhxkUoMhxaWLBWfUFIlT/1loskTEDWSs5S7HAa4HyVqnTOIIQn
+3poJX0Vn5t/dEiMgDhcOAekZXS1nIilVQylWeSd16w8c4jc6kFH2Lk7YHUdTaSIx
+8F8LlIGn/nXzVkmM+8ls4Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-Hkn2P1YGQsMsV2Ufu</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:16:30,667 views 10038 140066444801600 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-TkVLkO9AWApvfYJxn" InResponseTo="id-ki5gNZIOZSnZn15zc" Version="2.0" IssueInstant="2023-10-22T02:16:30Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-TkVLkO9AWApvfYJxn">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9CQcEbG9lX+8rQjOfwxbNkIZ3P9wbhTvG++STmTgGJk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fV9qBQlaEmZ90QxY0vfaHyKqzeGwSS2DlvgFUTIakxlYL0HO5lmnqGUscRgslT+Z
+g4S7ZiT8N1prfgkQ9az1ZofH2mipoMyB5gsgHMvyOsA2aTzxPIxK3oDts98g40Ou
+VbeBTXrDrTc09Q2wPU/BVHLBwgRIqkZLJj7kRApt1BtxJFi1FUm1upR43SozXZX6
+D7pir6qwYXKUO/bEy9x4qH35SL4xM9eZI/Xl+H0CBNo5PDHfQCsJ/D6d35rKqJk9
+vhQ83ZHy/8gP46Ch0nfVSXjUtHk0ckAq5NRea2oltdCo5wvORa7i4Vz2AAsRqfAY
+C4ZsnbPjH9gVG6rePFabhA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:16:30,667 views 10038 140066444801600 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-ki5gNZIOZSnZn15zc|1697940990|fa88b5686708f31eebac497f2f0a4aa0c59b83c6
+WARNING 2023-10-22 02:16:30,668 views 10038 140066444801600 Single LogOut: logging out an unauthenticated user?
+INFO 2023-10-22 02:16:34,399 decorators 10038 140066444801600 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 02:18:18,822 decorators 10038 140066444801600 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-UKzx51cSuqvA49r4V" Version="2.0" IssueInstant="2023-10-22T02:18:18Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-UKzx51cSuqvA49r4V">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>AiYsFyTsDtKYhfQdeXXenGUHyKAMLMOU3sK9WHhZh5I=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>FgK09DcjFQbupyZpjmvuAffGYOmtmLklg77IFS0pxE3w9jpB0gwI4UQjijaZZL1U
+m+OYiFpB8WCMVmdLk42ptosnQqR6LnAjcWoh+m4I5n/ZzY1owxhyb49zn7T/HyRh
+oJMhcbRVVGQCy9xehrFVpJ6fxxprGqHly1ukuOBzCFWJDcVhe0ZzAXcTQL5Qv196
+As9ZiB5lyTVNTCS1zgM5kUZ77Qth///MtoWNA3XFQMa1wlftHJVAN9Jzt8lB8aqw
+Y3BmHXUIq1tQMMcmSUkSfD9hvXwyp2oqlAQHLZXUsy7+PqXQGbPL2KIhFWqvHCpV
+nPrmqh+lAxqTQir4963ouw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:18:18,825 views 10038 140066444801600 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:18:19,048 decorators 10038 140066444801600 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 02:29:12,790 decorators 10504 140435679868480 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-AbbIpTuZkvgi6kmP0" Version="2.0" IssueInstant="2023-10-22T02:29:12Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-AbbIpTuZkvgi6kmP0">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>AW8PvDIyP9Ys4D8+hGSFlUUZEhymlBMR9BAFalb1nPo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>XZIr5wsXx+LeIZqEhv0ZEJyOTYbVZWtiAl4c9c9HBJT++Ba7nX+R1kVBdpVINI6b
+frPkfQ1lV1Ls/wmwbZrw5RD0GWsoRZkhCtGZ9z9qyDiDpRtJ9E4PZJdo3rFbg0bg
+PHy4dksS9wbJOzl5B9JethKRDkkyJBJ5GahK2JznGjYtBGpz3eHXQMNC1sa31uz1
+JHh0BixmU/hBiL9YVsg8oFWrteHxQ6ba8q3E1P8hcTs51xKmjFRwRgDuM/6XmkQ/
+b0c0uAff98T7640f+tomPrtigNQAqbkyb45XWNgrLd7uvYFOz+E95jqy/alse9j1
+fm0TIdc4rI6UMYPLTBHKLQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:29:12,793 views 10504 140435679868480 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:29:13,055 decorators 10504 140435679868480 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:29:22,866 decorators 10504 140435679868480 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:29:41,936 views 10504 140435679868480 wert: already logged in.
+INFO 2023-10-22 02:29:42,104 views 10504 140435679868480 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-AbbIpTuZkvgi6kmP0]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:29:42,129 views 10504 140435679868480 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-VzxlLfbUGWsn5cxrQ" InResponseTo="id-AbbIpTuZkvgi6kmP0" Version="2.0" IssueInstant="2023-10-22T02:29:42Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-VzxlLfbUGWsn5cxrQ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>qp9tLF/bvstM7BmqFzvEAv+3p8g7rS0SbDTF0+PbtYQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>OVAN8fDLt7qOj0Sai1aHnDkt30w19Tiydmczu5DcEml+DPPqT87CmjY9wueb2p5L
+k56gl+yhaaVpUTGU5BHgjTGSltS8xBWpHdpAQdE39ZkVOT2pwEfawzL860G8OZBC
+QEFMFQqr/sfvXsS4Ke1DS00LdFALnzd+j2PpNUn++mJPcaiihIeayKNy64vit4mv
+9+zUlOteRm8d6NIbdJISqb3/uZEbl7X60peDh0Du2GoTU5D28hoYGc1bsiXGZgVB
+xXso1Plt4VDgJ7jgcFcn5F8BKueWXECawYCCbbptUogZ9t8d3R55S0Ky353nwUOd
+G0tclH88MbN5hwRk8bfzHQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-LM8h9M4QfTRSXZ0NX" IssueInstant="2023-10-22T02:29:42Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-LM8h9M4QfTRSXZ0NX">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>D88HrRtUxS02jKhF4ZI7FufADFSN70hjDm0pr9SAiQ4=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>gobO0Z/vF//k2WVsSJeSofBzFrv2yjUw2e/OUgzmGQeq6Oq80TAg1bdKxIdPq+1x
+vJNFQa2rAvVNkBVY/RwXZPkUS9J3ySrWaX9rvd71iLg/Dhn1XFbQCqu6iyLcV3PF
+ybCzbE5PSfKR1bgXmTIi6pRjAsFfKKTfz9s3PAZsxHUlOmgFjEbveAdgYSdlLA5d
+Uebo+lDRYWYKQ5GHUrZOlmM59NXFlyadeHMyla45hmVTzGHov0d1VFr5x9zc6a+x
+0h7MW50ZHtLdmuIAB+lGXX5q2g6G2KkyqIVHgAFjPvexWfd6yA5nkOV3neKfxhcQ
+zwqaiA2TQ6vp6QOvkBw6RQ==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:44:42Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-AbbIpTuZkvgi6kmP0"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:29:42Z" NotOnOrAfter="2023-10-22T02:44:42Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:29:42Z" SessionIndex="id-3rDJHZOTDZiWPbbYh">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:29:42,130 views 10504 140435679868480 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:29:50,873 decorators 10504 140435679868480 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-fc60mbmbsB0WaHQsf" Version="2.0" IssueInstant="2023-10-22T02:29:50Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-fc60mbmbsB0WaHQsf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>HcKlOZa+tL9s15jOaeJjeTsnDaNPxDUeBsvCTzxGewI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QSc4pyO1PjXZgEAx+YIpAeXMXGANXr05MqrzFKeqePNndH0D2YQHJYNTjl2FgIia
+Tlgjs0YKiNBfrlMjumgkBihGcNKdcX9Ry0N+T0Bpxsec1zxBj/GG+W1gniFvZv/k
+XX2PFK0wcD/qz/Wp/wpiUYzlCqMU8KjnJOjHlv8mddev5J2mcJMsDdcxK/wkqS6l
+3a4mZykF5+mCzDFMin2Jwf9WeHYt58mWEZQYo0xxDd9imtEhadJZ6nG8hmQNSRhQ
+0GxUfce6/fdTTlwWDCL3cqRLo1XL737F1cDERezvMgMjlMgOp6CgK4gvRYlg6RyD
+xav9LXjBI2OzL9gor+Czow==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-3rDJHZOTDZiWPbbYh</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:29:50,874 views 10504 140435679868480 Single LogOut Service
+DEBUG 2023-10-22 02:29:50,874 views 10504 140435679868480 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:29:50,892 views 10504 140435679868480 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:29:50,893 views 10504 140435679868480 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-fc60mbmbsB0WaHQsf" Version="2.0" IssueInstant="2023-10-22T02:29:50Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-fc60mbmbsB0WaHQsf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>HcKlOZa+tL9s15jOaeJjeTsnDaNPxDUeBsvCTzxGewI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QSc4pyO1PjXZgEAx+YIpAeXMXGANXr05MqrzFKeqePNndH0D2YQHJYNTjl2FgIia
+Tlgjs0YKiNBfrlMjumgkBihGcNKdcX9Ry0N+T0Bpxsec1zxBj/GG+W1gniFvZv/k
+XX2PFK0wcD/qz/Wp/wpiUYzlCqMU8KjnJOjHlv8mddev5J2mcJMsDdcxK/wkqS6l
+3a4mZykF5+mCzDFMin2Jwf9WeHYt58mWEZQYo0xxDd9imtEhadJZ6nG8hmQNSRhQ
+0GxUfce6/fdTTlwWDCL3cqRLo1XL737F1cDERezvMgMjlMgOp6CgK4gvRYlg6RyD
+xav9LXjBI2OzL9gor+Czow==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-3rDJHZOTDZiWPbbYh</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:29:50,908 views 10504 140435679868480 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-81u7rlVpwh1aUTDjs" InResponseTo="id-fc60mbmbsB0WaHQsf" Version="2.0" IssueInstant="2023-10-22T02:29:50Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-81u7rlVpwh1aUTDjs">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>JAnooa/Xb6jFzV0m4v8lrKi85pL4LyV45kZFRuG+waA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>V0LonVW1r2ToQJIOcTNPvCRisbzxxtxEjjoKlrVCaY495ytdrbzP744NNbYhSfh8
+SzErp+ZpVP1aGXQ+HO2QDcbEK/mANLAJQh5k0VetdinRNB/kZ23/MyxA9sIOoyEM
+GUltm6Id8kKBn9xJQDr5hGxorqCadRVi74EeseaTkMjBhQFOogw4A4llBzsVRpCe
+NPl0QNKSNK9plhssuVKd7irl1ovBA4UpcCWm1WyhY9jO64faF/ZJrJfcGmoyf9Bw
+4G7ZNTZhFNoULRRFwmK5QqDMsKt0152VAYcpanzzBg2HhyZ6Rw8+dIniIlf4Xy89
+hcwQqkKoL/mySAK0WogqjQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:29:50,908 views 10504 140435679868480 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-fc60mbmbsB0WaHQsf|1697941790|f056261fd51cd97174f7be2f252f67a50f6173cf
+WARNING 2023-10-22 02:29:50,909 views 10504 140435679868480 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:29:53,011 decorators 10504 140435679868480 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ZjULzNzt7cdhPxUwf" Version="2.0" IssueInstant="2023-10-22T02:29:52Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ZjULzNzt7cdhPxUwf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>+dj4qWg14i/6iP2Cev1PUCedmYV1pCJO0eiJ32BnJ10=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ZeV9nLI26dkxlhWjCHz3HGE4WRdfSF0R3FTAV+cbN+H68uYrnI9MiPyeDNk2cxaQ
+JotuDE+w4x8ZLQDcQmnvD2Ux9yBdAodTrcI3b6cLBuiXPEcRX0OMI5jcB4BL8Dsk
+eZ52A3ScurPcCHfDlmsVdBTeXh3WLbvABM4x0SnXyuvlUbHTEC3gpWq9PnkpwO6D
+frT4ZfceYaC3RtmgbaOD0TG48QwwCntKWF4SmRUPRwzIrX6loclRZA5cRwoP43Ip
+dEvX+tuSS4DbbzD27dwBvhMHV7tINloCwmZAeTs2zjfjFWj5cAnYBzHsv5Lz29Qq
+UYZaxsLLCsfVUpiOmtI3OA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:29:53,014 views 10504 140435679868480 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:29:53,276 decorators 10504 140435679868480 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:30:00,937 decorators 10504 140435679868480 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:24:14,716 decorators 3761 139902094145088 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 13:24:20,380 decorators 3761 139902066869824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 13:24:27,595 decorators 3761 139902066869824 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-jVzwVO8O0tNzIgTgM" Version="2.0" IssueInstant="2023-10-22T13:24:27Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-jVzwVO8O0tNzIgTgM">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>VYZkVEqVNYRdwazzj9Pfh3F8ccm/gw3rVN6OCDDcK9s=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>VW/m1qiOE6FIB7P/3kP9LrRWXvN1MsaZ32Lyl1E5GXdiSHSRlTGji9CmtD0dKyFU
+Tqlm0RC72OVnxecjn/jKx2/3AwB1jCln+bWRWKKoxjyRFh7Gh0msnhKHXJP/vgsd
+7J1tsXBnyemwBk8L4hOPTcy0wdnl8QQSqz5pIuoEOEU1rseInQ6Arv0nm++clx5Z
+1wKc/6AwNBIaMfWuUcvXrryqJnFiBDOE89kc14JnJBFkvnEH6Onau5QBZDm35WVs
+3ujlmBVvOjbXvbguNQACIVzSIeSh22az02F9MbaqIv9pS+kFogSTFap6jR3tZZtM
+Ve9Xuam8SiUGRHCXEm+VZA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:24:27,597 views 3761 139902066869824 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:24:27,859 decorators 3761 139902066869824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:24:37,687 decorators 3761 139902066869824 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:50:46,986 decorators 4876 139640325535296 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 13:50:48,757 decorators 4876 139640325535296 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-3V3mQidvpHBpVKgA3" Version="2.0" IssueInstant="2023-10-22T13:50:48Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-3V3mQidvpHBpVKgA3">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>IS1d+D2wbI5gHTM7IR0xYA8K6wN8HxugyDgENlIaPe0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Fl0gHk1QuzouqvJoh3JgW+ck0w340TeVt+lrl+TYtPk6RCjdOTCgK87KOyOvz9Gw
+v2DsCnWr1wZRIBmHmc86MJHvz+D0a0P0+K/TO35Lal2GtKDndszgvRvzjtfgZX8F
+AAdlZhSAnbUIZdB4sLxGv5hjA6PM9UumfOXR9DWX8ByH8jAVQN04uJd/20PGqE6M
+MTSo21iqXJ8fbs/Gi/23L890Lptppccbaops4qziPY7WcqS/qm5O0Z5gyO4Hvg+8
+/6p7xjc4YzGcNlG0yXG5XpMbXovgS7zNCr/nnCoanD1wQ7h6IvuXtwxzmoyUmptS
+WC1Y8VRgiwwCbsS08xEnaQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:50:48,760 views 4876 139640325535296 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:50:48,997 decorators 4876 139640325535296 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:50:57,704 decorators 4876 139640325535296 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:51:11,313 views 4876 139640325535296 wert: already logged in.
+INFO 2023-10-22 13:51:11,485 views 4876 139640325535296 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-3V3mQidvpHBpVKgA3]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 13:51:11,509 views 4876 139640325535296 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-Acpm0dye4ng2mlJNW" InResponseTo="id-3V3mQidvpHBpVKgA3" Version="2.0" IssueInstant="2023-10-22T13:51:11Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Acpm0dye4ng2mlJNW">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Rfoeo4IYmCcxPMvVPNI4xu9e4pd0qklP9/T/ExGfBnE=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>NGN9bR4JMK8SfxQPL1q3GIAUoZr0YRyGKICg2rhiyEDheKf5x7q2V+OS6JBVayAT
+yscJ+maD5JUpFW1Stov7Ztbo/acAbl7kLu7TuTUGVmScmEBegIUj9sHnbASeVSSh
+SpYRlzAdwxTz13HKFqRPl7EykxGMwL7qC0ZvhnjI16dyQm13yU+AZIvJOrpOpILG
+HPNM0apo1DyxfS2PkaEepgFCmB4q36YKC35k4nsXx/DhENLCP3Zb6CbTUTqqaQsq
++Sc9fTCUGFoIVLGNzTpubMx+FsgQ1lqL5Kji5xVQLi0hplA/VvuFOZ/Gso3rMr9b
+SQaxoPZa4y7PcbbaOdRRCw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-1BMwkeJcXb09gZ8VZ" IssueInstant="2023-10-22T13:51:11Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-1BMwkeJcXb09gZ8VZ">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>fti8PQJ6/IatZeMAHT0LJ73PgBBumIiUHeedK1yjT0Y=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>QKhnuh6Xsx4PqqLg/9HrA3Qh9i/IwuY8ZFZxqISUhtYeH4G4O/WuGP2HLbmMWP1y
+KxplM++jktR+emm98fmR4o0AQ8UboAEUGM7bk1BO+ksgFjpNjx6XM/RFRmxZTTU2
+TR5dpVMQHqY2ZP/QwvFKYsG+I7tvOY/+LxeBqnXkx66w6HIGRi7c8aNHx/rDKeUt
+BlLFhiduF5F9wwWQg+aG1DPH5SfoTppCkzo6azumSicetoNjCeHkVN+vv6qcoTNy
+2G0SNPIWt2Ff2pjyQcamGCOJVMB0U4W9cDr0de7BqziTehIPF76WTsWvx78Zvt2e
+N2EShB4mkODuV1RSwNV3sA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T14:06:11Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-3V3mQidvpHBpVKgA3"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T13:51:11Z" NotOnOrAfter="2023-10-22T14:06:11Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T13:51:11Z" SessionIndex="id-traX2fCHAX8ZRBDJ8">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 13:51:11,510 views 4876 139640325535296 Redirecting to process_user_agreement
+DEBUG 2023-10-22 13:51:16,401 decorators 4876 139640325535296 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-zhHjo8N94hpyDJN9P" Version="2.0" IssueInstant="2023-10-22T13:51:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-zhHjo8N94hpyDJN9P">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>vuv0D+pVoFWz5vMhDvxaeDJEVCtaiOVyr0n4Bdqtefo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>YpLKsBMeEIYmUDM/sFLr3WcwUIuGDYgRmh7wfzgSXok4niOm5cOtcJBGaoyxXP64
+bOrTjCXwZ/Dn/WVxsx//coBj+D8PMkb7MhJXM9sbT8K4vESOwowgW9udMG5/BGUn
+OaHJ97Il5NsaKpqlGcBItGaFQ2FFZWPRTkWv9IvE6wpX7Q50iW0cGXpWyHJ8Va7I
+wMNZyrbuvz0Q/7jt0itC0gMoCIFEEhYOUDRNKYMHWoHkR3Jc4sB+ehMMxYyfADlJ
+C4WsJhEzmrCcKNnowHzcKpsb66T0QhBpsVBTyI0uYlLF5M0gRhzZVLx9xX4cDVUR
+T2La+HL4H6KuRohLPWQriQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-traX2fCHAX8ZRBDJ8</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:51:16,403 views 4876 139640325535296 Single LogOut Service
+DEBUG 2023-10-22 13:51:16,403 views 4876 139640325535296 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 13:51:16,419 views 4876 139640325535296 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 13:51:16,420 views 4876 139640325535296 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-zhHjo8N94hpyDJN9P" Version="2.0" IssueInstant="2023-10-22T13:51:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-zhHjo8N94hpyDJN9P">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>vuv0D+pVoFWz5vMhDvxaeDJEVCtaiOVyr0n4Bdqtefo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>YpLKsBMeEIYmUDM/sFLr3WcwUIuGDYgRmh7wfzgSXok4niOm5cOtcJBGaoyxXP64
+bOrTjCXwZ/Dn/WVxsx//coBj+D8PMkb7MhJXM9sbT8K4vESOwowgW9udMG5/BGUn
+OaHJ97Il5NsaKpqlGcBItGaFQ2FFZWPRTkWv9IvE6wpX7Q50iW0cGXpWyHJ8Va7I
+wMNZyrbuvz0Q/7jt0itC0gMoCIFEEhYOUDRNKYMHWoHkR3Jc4sB+ehMMxYyfADlJ
+C4WsJhEzmrCcKNnowHzcKpsb66T0QhBpsVBTyI0uYlLF5M0gRhzZVLx9xX4cDVUR
+T2La+HL4H6KuRohLPWQriQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-traX2fCHAX8ZRBDJ8</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 13:51:16,431 views 4876 139640325535296 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-DNtDaj77z3pMUlgCQ" InResponseTo="id-zhHjo8N94hpyDJN9P" Version="2.0" IssueInstant="2023-10-22T13:51:16Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-DNtDaj77z3pMUlgCQ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Vqg5v/kFBX3ZiMGKeQUn7+rZ6xx4w5AGVKLdm+BhFhI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>WXdINR6FSXXp8x5c/NHuNoTQsthXhNPPBHsPxfQO5S5431FznDFEb3POvo+bsqCH
+C/Mjkzk1CVq06jeLpW9SwleoYKh5OwXFY/9WCdnIr5MBdeF0qoGpf/BfkfITEFYn
+Pb+mOSHIItIeOkeyR3eJTtkaMDcQydxIMg1yBdH1zjbriBbJaHVuzdcONMHcmr9O
+LRJAjmp2/WOlVjN6B+QINvonuDZtwJKq3ZbGKLXYbDY8uPvEf7f7GLbX9uIqRVyG
+32Fd7IdGRDudRibvwemQ6YnuAgnPPC+ZDvK/94IPA3l3bD7LsM4hAc6kycbsq5b8
+SVlQAXhcdUa+krtXje5QaA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 13:51:16,431 views 4876 139640325535296 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-zhHjo8N94hpyDJN9P|1697982676|50b194ea8489fc7cdc9b1626e446e326af38c2c7
+WARNING 2023-10-22 13:51:16,432 views 4876 139640325535296 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 13:51:18,261 decorators 4876 139640325535296 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-4LoMhyEoaDp6EHJOi" Version="2.0" IssueInstant="2023-10-22T13:51:18Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-4LoMhyEoaDp6EHJOi">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Fext4f8fGJcweHgJaIlOn/uBwIC8hWa86T+wU2PRhlA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>TgbuciQ/yO2UI5CXz2Ynjr+gqk7Uv9x+4XXCmoEGPtHqkbq/+f/McnYsym9G/ehR
+RM7qU9HNMpl56wVDU0eQDlkH2hMGw80Pm6ON/t1x2fSFeaNPm+pNMF44ybkzqT7+
+55yC17rDrPCSBrrZTbzYqJ3OscN1mUAANtdVQzAddq5e1VzWSpcnppAiBUQoYun7
+6utYPb4ORQ7zHTMogit6GO/pvFIHiFhAtFAch63tkBI1mqH4bBIJ5CKzg2eqNAOK
+Ditw7TUdBw3M025k3vmzlsyQOi1pSoxPfJcYcmZsBu/wc4+6BrUxNC2AC53uQXmf
+06fzJkSEIjWpCeTLKHZZTg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:51:18,262 views 4876 139640325535296 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:51:18,489 decorators 4876 139640325535296 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:54:06,583 decorators 5368 139637609723456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 13:54:07,932 decorators 5368 139637583496768 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-lRFoGk58K5GMxPOPM" Version="2.0" IssueInstant="2023-10-22T13:54:07Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-lRFoGk58K5GMxPOPM">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Y2c7YrdiHlnxBNtdXxTuGrceiDK0+OmCWFxuePRJMM8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>cD9YP66+8G3yYyG1trosE3rPJIOJnA9540QMQu6kgbc0kMaDmI7A4fWqK7+D36nr
+PZzha013aAB86HSNi7km3JaJHD981Qw02jgkSn6V2QgJ7sxWDehZC5YHD4ZAYk7E
+j/3QajamCBl4qG6kdnX6HrE1XaaAxt0p+4wxEU6tt+jdFKunLFQRGEdvvViVhx4E
+kyvzDfJHRfjqkVAdZUPC32r7KkecD+5crtLQJsdc+FaCeJ/4NcnHKssLdzRc8Ier
+NgJ2cXNLeSdu2ERxjBTE3TauVsH/IAoUxv04zoy0CNT3bafr/BR1AT/ls7ICCPvG
+gdaqgD/RrprIS7ewJD7Icg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:54:07,935 views 5368 139637583496768 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:54:08,177 decorators 5368 139637583496768 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:54:20,282 decorators 5368 139637583496768 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:54:42,712 views 5368 139637583496768 wert: already logged in.
+INFO 2023-10-22 13:54:42,876 views 5368 139637583496768 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-lRFoGk58K5GMxPOPM]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 13:54:42,900 views 5368 139637583496768 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-BbCG86RULWeKr154h" InResponseTo="id-lRFoGk58K5GMxPOPM" Version="2.0" IssueInstant="2023-10-22T13:54:42Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BbCG86RULWeKr154h">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>KKxXUUeeFF3UbQJRnur0qob/suMr7e/N6G/kxbhYVXQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>lJ0rXVDpvbXeeCMR3aZX2qvgHX+J8In+PfjKixDKgSo8NLdhbStUhHRIcJYSh5hw
+16UpqDyVpA4BvoeeABhKbvBJNr3wEdLmaSyt6Q0jTJHv/dKGjZIClPcaukCztMND
+FPCA/Nx8IB4WGyhPe/yOJhkFVb9joqugtGQWzQXDrhrPthxUVs7oV3t+Dcza6emZ
+WezVONUrKz1HxEPxM/pYkYOWfWbFGYu6XwY9fWUi7WOr/SKUb1ernYhEKlVvboLe
+wtfrm2V9JzztQo/Gs6GzKTOE6Cf3TZaRiBG5dQb0rrUxm43FDk2P15Z/4gy6LNMy
+PBRJuqcqejycuwE9tgbL9g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-hAx92a7x4tr3wsGv1" IssueInstant="2023-10-22T13:54:42Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-hAx92a7x4tr3wsGv1">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>wKf+Ox10mIhcRyWFxA3nYxSdogQGKluFb4vvGITE4bI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>aOfObL3KDDNqVocaZGhau4EvCfcjrC0CjmI8uRb2SvMBxsavxRj/gWrFlnl8kKGx
+9XwaZi6GYuGG08ZcRcmFZrDu5hlF7JRHVrfG8RS0Nu0i8T3sba9HyDjNoirNGk3/
+y+67TDzq6p9L9yBwUp2tiJZPsBjQbaJlwCtvG+3yyFIBVngsaVFvu+d+3qvN/cXO
+QKb9h7v6r0fwddksbGWwGKDbYCCP4Nxl0Ox+Im5teHgi7PVbT5zG829kNjUxSJUG
+57uj7qu9yHvLlymiLAnyRXEdqizbMUVN/0321MMc1ysOhokVvczU4rjfJabzZqW8
+aE5cV9GcLYIsXshRKJNeQQ==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T14:09:42Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-lRFoGk58K5GMxPOPM"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T13:54:42Z" NotOnOrAfter="2023-10-22T14:09:42Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T13:54:42Z" SessionIndex="id-bma3gI1OVaM3cmofz">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 13:54:42,901 views 5368 139637583496768 Redirecting to process_user_agreement
+INFO 2023-10-22 13:55:16,474 decorators 5368 139637583496768 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/mfa/mfakey/2/delete/'>
+DEBUG 2023-10-22 13:55:32,228 decorators 5538 140198840104512 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-itwxXF3KTav4NF8Tz" Version="2.0" IssueInstant="2023-10-22T13:55:32Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-itwxXF3KTav4NF8Tz">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>l7w8iA5UvcJDgKACJ0TM1JeMyaxb+/J8YUOJRMPpttM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>HuCIhF5iPkE2y/up3nkVrR5HioFg+Whf8t/17VVCXbvPWZqQ1VK4+S7Vt86Ip0iN
+lRCR0ihl8c91/dhg8m18VGgz6Kh4fJP7yBAZPAw2ScfHzBfPXTl3oQX/mKwzh8mD
+eqTcotSn8AAHOcHaBY2eJLW6/N94oV7/6+gNcKRaU1LnYS9gv1XNUOTFHsm5cJGX
+Y/Da34yR6sYBNVCzieEy8wA49POp2aIWzJT+aLKTQ+oyh2T4XeWs8K5sH0N2Z28e
+0uuDF8asxmGoAhy3Aod7uD0mojA+C1JzvmlO/QOHyItU4Xs5cpbV89C/VYXChPc8
+d3l8lSxGcw1Kp8YQdfl5nA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 13:55:32,232 views 5538 140198840104512 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 13:55:32,464 decorators 5538 140198840104512 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:55:40,926 decorators 5538 140198840104512 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 13:56:17,670 views 5538 140198830663232 wert: already logged in.
+INFO 2023-10-22 13:56:17,834 views 5538 140198830663232 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-itwxXF3KTav4NF8Tz]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
diff --git a/example/logs/uniauth.log.3 b/example/logs/uniauth.log.3
new file mode 100644
index 0000000..5c8c764
--- /dev/null
+++ b/example/logs/uniauth.log.3
@@ -0,0 +1,988 @@
+DEBUG 2023-10-22 02:05:15,692 views 9386 140264545973824 Redirecting to process_user_agreement
+INFO 2023-10-22 02:05:22,927 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:03,662 decorators 9579 140276626617920 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:04,494 decorators 9579 140276626617920 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:10,260 decorators 9579 140276626617920 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:32,360 decorators 9609 140648770434624 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:38,299 decorators 9609 140648770434624 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:06:42,192 decorators 9609 140648770434624 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:07,730 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:08,310 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:08,493 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:08,682 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:08,848 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,005 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,173 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,356 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,530 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,693 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:07:09,873 decorators 9625 140247325210176 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 02:07:54,223 decorators 9661 139727804036672 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-XwS8KQekaz09uP8J2" Version="2.0" IssueInstant="2023-10-22T02:07:54Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-XwS8KQekaz09uP8J2">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>otzBv2DN7DY2yqTlyQ4gWuHEgIjg7CCI11kdKEzsPbU=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>dciH5x+GtY/XnhA+CBQquTz4zx5BPBdaFw+d6tsyQtHweoKuu9IhKATYDBMNJIMI
+4vlGJzodI8HIOAEFGzPu/5GvgyutlRnbJcCh1Hgpa2/9VZlZDEVANmWLrMurR30Q
+O68HB4HOKKR/t15AUseMe1PRvP5Wio/MSE97EGswV9zgKYCKDEY6cKHNokjQ9AYV
+efe/NL0L6Zd29Xa7WlFSN6oekeTBaQpEZmSW4OPF7+9YymIhVRpWFF/a7ULHYD85
+3y4sbGujE7Eb42dDpnOnE2dHxPkaSMnl9VsAHcPAXE4OpFJCD7gox84GCr2Vwrqg
+l5XprFzo05HmAuYV9YNMdQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:07:54,224 views 9661 139727804036672 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:07:54,461 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:08:06,416 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 02:08:32,057 decorators 9661 139727804036672 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-d052zt7PpsXvwrxX6" Version="2.0" IssueInstant="2023-10-22T02:08:31Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-d052zt7PpsXvwrxX6">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>p3w76JjqImHbaSvO1YXO6QpQ1FlngJcOrjdJPZA4ozI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>NTMeot9vtc5S+p04/+anrIP42vQD122cfxxxx1HixJrvxUTedsgDyJFCFTOxyd5m
+ZhM3jKv19S+Ey9e+FeZH9l5gfCU+KEPxC2cf7gSBVS9lXX4vaNnZ3k4LvI/XLq2p
+4n9wZXKtcDTbLF4mgxApw2ei94wDNdfOhfWKXyQdQ5QyBXPJFhxv1Wi17/U2w1Ps
+8ptFXWB1CeNFdU3TFi2aIqR/Q7zEmBuwmNVgLujtdikOYPRzCG0jEDd2rgtNhy6N
+7JYhL2SNreqzXEW/Arkc8jmpMF2vpeBQFOt6HNXp3Py91PHEG6PAmNSXaImSB3VR
+IU/qsWGACEsZOHTdqj4jSg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:08:32,059 views 9661 139727804036672 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:08:32,279 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:08:39,163 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:08:39,258 views 9661 139727804036672 wert: already logged in.
+INFO 2023-10-22 02:08:39,415 views 9661 139727804036672 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-d052zt7PpsXvwrxX6]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:08:39,441 views 9661 139727804036672 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-BOo995mxBL32Kp7Z8" InResponseTo="id-d052zt7PpsXvwrxX6" Version="2.0" IssueInstant="2023-10-22T02:08:39Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BOo995mxBL32Kp7Z8">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Th9Pci8G6H+q80PpcBjvQ1wjvD90i3Qhid6/cVa7NA0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>EScfkmfax7JoBmLN+6BfktRfchlXnoLRH3jyz8iV26hVl7L6fx0uqvlUYe26Ky//
+OhhCvMxAaaUftbf5vepFGzTAN08YocFreMtIMQHq3ip1CQNmLloKzlSkztD/P736
+D4vDaNQDSQYrAFeIXaf8jCOUazWdOFcuH57MGs4WwMmHhPq67cT6bmyqrcvkGyuF
+EMq8GUYd2ml95Bpuq902ubRHNnTjsUUvR1AN+YFVV13wWD1d7MntQLhx7v9EQTFm
+T83bVt8NAimCno/3IY/1XIZp4mqoL9lr/rDrzH2nJrcJfaZraHpEf6MVHhafmR1j
+pqOuH855sUuiKKUOf4tung==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-cdL9HGT4Eq91fYjmy" IssueInstant="2023-10-22T02:08:39Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-cdL9HGT4Eq91fYjmy">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>E44SyPZFpqaby4onKLy83l/ozoMQWQTMh0SG2TrrEDs=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>FV/r6ruCLTeeMkaawxOARO5gZm/JSvZW09bTjwGOPxVxK9PEWHiCJNI9C4GCqj35
+4CPrdBVbTffvHGt8nExWn4+P0hi70U7UvtRbmbAFkiibWVWBqUZKAccaLL8VOj4P
+kMS+ROMJQy9S0+83X2ofxXyUNouSIWOCvTV+JmOhAADTe5spJksVPuoT7a9GW/k5
+XU019PoYdHilNq/r7Q2aSfF7XwEZTy8wwPZZ8beKyqRTtmGmn16Mwi55e85FiSWP
+Cy3Il2V4W/kj+SMpkutLWxLg6XhWgWHbFvCA0nPdZbq4vj6Ikf4HKbdOkO5rMFXO
+P+dBSEV/kPd7sTGE4QGRdA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:23:39Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-d052zt7PpsXvwrxX6"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:08:39Z" NotOnOrAfter="2023-10-22T02:23:39Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:08:39Z" SessionIndex="id-x9oDqUkjfz7gftWru">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:08:39,442 views 9661 139727804036672 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:08:44,369 decorators 9661 139727804036672 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-iS2jaWzbMwW1aMxOp" Version="2.0" IssueInstant="2023-10-22T02:08:44Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-iS2jaWzbMwW1aMxOp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>x0dTwTxW6EWwRer5pyFY8Yi/MV3Q5y6HPSiyW5HuyNc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>MroOVOH9OElzwdKWeyXAepfT9+LgidSu/0xq4bWHOlPd0BS2gTRJIFGO5I0Jm96B
+lJxK6FpxMuLqv8I7kRozNjIvNRl3zk/17YLoAaZkP8plLFS4w+311+CQdvlGnazO
+/sSdC4Hpd3PS2NZqu2tt6GqxnEPoSycSHFVwwRpC9VHjUumKapenuItlu8cED4u1
+WhEZR4waCT63841rC3n/gnE486vRo2DSix8+vwUzdgS+KFC8mkHRMsC7RId0LPkb
+yMh4Ed+VrPUWBZ7nKLojJBaXZUH25cnjpFElDYSBu+59VHVKczCEJiRYiDaO4qVU
+4bb7mCxeAZv/u6IKT6JQtA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-x9oDqUkjfz7gftWru</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:08:44,370 views 9661 139727804036672 Single LogOut Service
+DEBUG 2023-10-22 02:08:44,371 views 9661 139727804036672 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:08:44,386 views 9661 139727804036672 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:08:44,386 views 9661 139727804036672 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-iS2jaWzbMwW1aMxOp" Version="2.0" IssueInstant="2023-10-22T02:08:44Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-iS2jaWzbMwW1aMxOp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>x0dTwTxW6EWwRer5pyFY8Yi/MV3Q5y6HPSiyW5HuyNc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>MroOVOH9OElzwdKWeyXAepfT9+LgidSu/0xq4bWHOlPd0BS2gTRJIFGO5I0Jm96B
+lJxK6FpxMuLqv8I7kRozNjIvNRl3zk/17YLoAaZkP8plLFS4w+311+CQdvlGnazO
+/sSdC4Hpd3PS2NZqu2tt6GqxnEPoSycSHFVwwRpC9VHjUumKapenuItlu8cED4u1
+WhEZR4waCT63841rC3n/gnE486vRo2DSix8+vwUzdgS+KFC8mkHRMsC7RId0LPkb
+yMh4Ed+VrPUWBZ7nKLojJBaXZUH25cnjpFElDYSBu+59VHVKczCEJiRYiDaO4qVU
+4bb7mCxeAZv/u6IKT6JQtA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-x9oDqUkjfz7gftWru</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:08:44,398 views 9661 139727804036672 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-aTWf88QO8cvQcUgL5" InResponseTo="id-iS2jaWzbMwW1aMxOp" Version="2.0" IssueInstant="2023-10-22T02:08:44Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-aTWf88QO8cvQcUgL5">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>u6xlK3JgGhGQ+5c27YLv6r8k4l3SLIJKefNDKOWSs8s=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>bzy15DDXPXB98bjHqEYZzMFlkWQWNLxQy5cunQs0nxRWCcq9zMD4uKLe5cvE7J/L
+3XOxpzM8sLEwN+iCTBgoFpkouRYCOjOhgdWPkLhmRkYEt163wN4NfXhAVAVZz2F0
+qCEryGD/JGqgSroFVQCy813rnPqOsL/XhEvmr9CDhNaaed5mS0eouOenmruK1fSE
+z/xlyKusMIwiLhGsRcrNcaBqF99keiYftQYk+MT6soFVuBDtNFF+DF4zvn7LpDDC
+5o9q3Izv9IvJX+KqvuBTrDVvA1bidt0A+bAwnc5x64fsiBlgpPBHblnvtyBkHKgS
+w7ULrJ9U/5uOC14J3eLUHw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:08:44,399 views 9661 139727804036672 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-iS2jaWzbMwW1aMxOp|1697940524|8bab16d5063ecac7a3694a88c975879554a995c7
+WARNING 2023-10-22 02:08:44,400 views 9661 139727804036672 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:08:47,148 decorators 9661 139727804036672 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Vl9Qx0Rp44jndolkJ" Version="2.0" IssueInstant="2023-10-22T02:08:47Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Vl9Qx0Rp44jndolkJ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>BQY2TTQuWo/T8ZauXRY/T+8UfDDkqECNgqGE6osPe1I=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>otKi3jyRD/LtF2mCZ3h9eQ24v458piIQ0gZj3YPfVSa7j/oFxhzGcq26wLl1qJCI
+cPpcgcdgTlW2BIvFm1OPmazAtv60iweubds5zPLUWHqoEA+0AZ+rDvXyfhFwH6CA
+aXNj4NkF1Mb973MfqnYC7/1QmDaWpMdAys8b7o1XvgKtHw8cR9lxqSlWNod2wz7m
+Gh7ylmxLTDqhAK2xve9/vXZbto1pAU9zD6T4Mtvy2k/0zNR54pj6eJXs77E4s6/W
+sft8YOiemIkit6NKWr6R2oVENA3AEUK2ezmJeB9jxfXfm2KicSusYiNipyaMeHWc
+Z9F5zMnX0voRn5+xeGbhLg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:08:47,150 views 9661 139727804036672 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:08:47,377 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:08:54,073 decorators 9661 139727804036672 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:08:54,242 views 9661 139727804036672 wert: already logged in.
+INFO 2023-10-22 02:08:54,397 views 9661 139727804036672 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-Vl9Qx0Rp44jndolkJ]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:08:54,418 views 9661 139727804036672 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-GJg2XshkXxmQDTisN" InResponseTo="id-Vl9Qx0Rp44jndolkJ" Version="2.0" IssueInstant="2023-10-22T02:08:54Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-GJg2XshkXxmQDTisN">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>0oa/rr2UjuZBt+l17xT510luM7oidbCgX1Z+OHAmOgk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>qOK6ds/GZnJik9JRYfYfAMbY0AyVSFcVFMss+Kte9gt6S3D0N1G9VaTx8GFmXw0b
+mmORS1DInSBTkfMWjFl18S1ZweyrqpFTN7V76acuFBB8L9rqeTDqDt/iOsHL871K
+quir+5g6b5lE0jtnAtquYUJ+/El2i2fI77xQW9qo7BkjCyx+vKHa8YhwQzs+/CVG
+2kDfhO0LJsOQ+8EeWfYT4/U7AnrLQeNxqpEpRkFgMo0FnAyCk5uKWRC74jRU7Imp
+6sgDOVHocIizfeb3b3K5mPQotav0Pv7QLXZF6yNNlfkdv9odcdRtWPG/JmhtSyDp
+dGOEo5PPIV4DRSkQxGbfRA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-LSehbNJQiuXK57uLb" IssueInstant="2023-10-22T02:08:54Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-LSehbNJQiuXK57uLb">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>I8pfhDci2nhmZZOS4sSo4tJ2Xo7dYtag/JgX9QF0CgI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>IYZdjEea6ymUIIIgS0yLThTO78hmTf5BxDJhjr+nCJVlct7zWrXmyzJYiO6047wA
+ClpdcoJlsDnUNdRRx1mkbKrlPP3Ia6FHyO+hml1CTRmi6E7lOOH+nF0ek18gLTR3
+gMInRCcird3N+dp7qzr0pJRGKZ7M4PbdiLWY4eLF2OMGFMs62s/6AQGj/gYNsqcA
+apfD+Xn++Rfn4alGA/EuhTpvQN8uOvJE5LFj5cMWdvzghKnvLlFQyXZBehYDH7jQ
+dhlSsA/wp0nUnJlxEVLuy+624IyvAJzPri7uxI1tPNMD3sqCoTTIEzwL83qYxIcf
+Dd5aOinHSjGHab/cX/K7yg==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:23:54Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-Vl9Qx0Rp44jndolkJ"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:08:54Z" NotOnOrAfter="2023-10-22T02:23:54Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:08:54Z" SessionIndex="id-mys52foKyhV77XdQ2">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:08:54,419 views 9661 139727804036672 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:09:10,468 decorators 9807 140465410143808 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-DzJIkfiKiMOj6FDSS" Version="2.0" IssueInstant="2023-10-22T02:09:10Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-DzJIkfiKiMOj6FDSS">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Ygdn9YCWMPp7RWzIxPKw1UFyPrNb3OGbB+eDLyjVZwM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fjtLVIxwVT42IXwMGvh1q9pO65EJUPaKlrIRIePlx/xS0WKjbzZ+Ex/stXi9dR30
+OJiK+cFg3KDsCFu2NzsAvTS/8t357TEuIJskaRoED4n6rLUqh1FroQ+lf7NZ/ZB+
+GFRigysPuvMxUvbCypSrCQ1rQQzn6yp+vXzjbmypo8T5VHoGCalBgxV69tw15W/W
+CqHzWtZgV4H98ZNsNQ8HOtp9PbXVl9ZoMlUydVY/JCoAqCOUmE7aFCufS/RFhG93
+LE88/EhfMTXYqFiTn1l+GlZDV+jQQ6NYVg9hzM84n91ERdFGRuHwdGyuxCCgwvDL
+PC4PfUCcds0isvxuiKoi0w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-mys52foKyhV77XdQ2</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:09:10,470 views 9807 140465410143808 Single LogOut Service
+DEBUG 2023-10-22 02:09:10,470 views 9807 140465410143808 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:09:10,488 views 9807 140465410143808 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:09:10,489 views 9807 140465410143808 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-DzJIkfiKiMOj6FDSS" Version="2.0" IssueInstant="2023-10-22T02:09:10Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-DzJIkfiKiMOj6FDSS">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Ygdn9YCWMPp7RWzIxPKw1UFyPrNb3OGbB+eDLyjVZwM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fjtLVIxwVT42IXwMGvh1q9pO65EJUPaKlrIRIePlx/xS0WKjbzZ+Ex/stXi9dR30
+OJiK+cFg3KDsCFu2NzsAvTS/8t357TEuIJskaRoED4n6rLUqh1FroQ+lf7NZ/ZB+
+GFRigysPuvMxUvbCypSrCQ1rQQzn6yp+vXzjbmypo8T5VHoGCalBgxV69tw15W/W
+CqHzWtZgV4H98ZNsNQ8HOtp9PbXVl9ZoMlUydVY/JCoAqCOUmE7aFCufS/RFhG93
+LE88/EhfMTXYqFiTn1l+GlZDV+jQQ6NYVg9hzM84n91ERdFGRuHwdGyuxCCgwvDL
+PC4PfUCcds0isvxuiKoi0w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-mys52foKyhV77XdQ2</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:09:10,500 views 9807 140465410143808 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ya6viJ4jJVsylD1Rt" InResponseTo="id-DzJIkfiKiMOj6FDSS" Version="2.0" IssueInstant="2023-10-22T02:09:10Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ya6viJ4jJVsylD1Rt">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>sH+1CSqtpPh+cRZqGUT+OJZCUjeR5bn6IQT+GnzYvQY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>sDM9RawwtsBGIIljCt4iH2xfONUmj91HeugiG4t5/en/UWrHNla7xG+e6fmVa9Pa
+UzYPE7CnWV8Ue08Pu3yQVKtkmzH+lwbadYAKTE6AJI5kDXF/NUsuFH9MaX2zK2ms
+PveLt2ph9/Ycf3G5wOudSBxAleS8+7Nuk7xvL3KDCJBuerrxKC012J10jMwQGA99
+rhhUuIrR9s3A+6LTrb1reCo7XAQxgUY6nnej5rPAPdRxQ7vkjhJe+5nmKrmg6z3O
+mTIEtmRy+zMSEVEAcyBmkQihwB71a/YnT70mhWU9htOTpdVVL9KeV6lhzFRFkCR4
+zO2KTYwaJnHE+pAcH2soaQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:09:10,500 views 9807 140465410143808 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-DzJIkfiKiMOj6FDSS|1697940550|5b96b625f601e9bbb5a124c834ac1bf1b77b9aa8
+WARNING 2023-10-22 02:09:10,501 views 9807 140465410143808 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:09:12,230 decorators 9807 140465410143808 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-hHutgg5VPCBbujuH8" Version="2.0" IssueInstant="2023-10-22T02:09:12Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-hHutgg5VPCBbujuH8">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>KOF91Vu2jViXKLMvwyR0CHE0hVG4b/oeJyXQUNHA8M8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>XPCMPCXVXzJA/6Xtmf/O1jJGYdW3uUW422VetkrTqeExXIt5myGhwp+DObeyscP8
+SubRUjnku3R3L7MHoqlt7jB+wnhH8jsW0oKP0ezDLm+9RAUrtRP86C0kssq0+ep7
+byLvxQi0kgtubiptANXWtw89gl+RHTk8AAGTSndtcw5Y1L8jLkcC45YNN91Owx5t
+WMMi/VKEf74YqwknuTxUS1wjTuNngWXVfO6CmRfcZ6hYnhcZ2i6YNYsec+FHRhii
+kbQfCVhaJ72vkYAT3eka1ecpFUetqTPFmS43/0KOEkQKEvziQ+WLjZEFPx5gJSPZ
+O0nF6WtYD4ryL3Zd6mjTpA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:09:12,231 views 9807 140465410143808 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:09:12,465 decorators 9807 140465410143808 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:09:19,826 decorators 9807 140465410143808 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:09:19,927 views 9807 140465410143808 wert: already logged in.
+INFO 2023-10-22 02:09:20,083 views 9807 140465410143808 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-hHutgg5VPCBbujuH8]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:09:20,105 views 9807 140465410143808 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-drl0XpaBZkDSYwTRU" InResponseTo="id-hHutgg5VPCBbujuH8" Version="2.0" IssueInstant="2023-10-22T02:09:20Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-drl0XpaBZkDSYwTRU">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>3qsaWMhuDNe4J/zGbZ5cMW2k7rDRd6rttfhtlVFT2zA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>D37Wc40xZpH7OMqj2GMJadJXqX4Ho9VftJIAgzszijdh7lmzzXQSltO+MNN7lMzA
+agTf+DErjGB+hAPeHcRqt9HpfIH+I6DO4XS0Bcq3R/qy7XEBuk35cGdczYCiRl+9
+zBPIuCBIFv0K/Ric+fOfjVYP2mvXTBtyET2W1gfWrKaJEnQTkSKGalEhaeajNNoI
+4bzcVwi+T4STJfjmTCv1VOCE2a/dmFaDkYwAX6MzgV/wEvIM6RwloJUfGORPxwEK
+odM/Ha51XEu371y/9X0MLkAmfAVUIbW8WDAL0yDX8Er/hrgTTtSQk5TGXCAwmN3u
+p6TjCTbRwkXBtVVdsBgbRw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-2jgIcm7EQHkV0jt21" IssueInstant="2023-10-22T02:09:20Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-2jgIcm7EQHkV0jt21">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>ETivaTpPxMrankh6eUruXENJAAG5ILaOi6T42bGWnNM=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>cD7MBQyauPIdprr8tV2mhRx/mAh9SGPxXymbHK/WA4f/uBHGx57kxCeL1EGknsyr
+sE1pBnKhK7Ts29RNQH8rdaL2BIoXxmc/WezqXu9GPswBj/Zi3cnDbn8YmgWfQrGr
+TYFa+hZHS51Ns4HfK9bvyf82vzJWdOyBNRP0xZhOciX7AjGh4m9Xa4RP8hvvy5aF
+QyL2V0mQknpWHyNrWc2hPxCLEWtceEfC0+ayei/ePT99HyI+ncITptfqEcw5OzBF
+WLk9Chv8J7REugGxGDpDDhKJPAXBb/ZKkBY5jPEkLdwLN7DKRyY1fkIbkXqOBXle
+gjeFjh/uPnzpip+q4M9A8g==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:24:20Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-hHutgg5VPCBbujuH8"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:09:20Z" NotOnOrAfter="2023-10-22T02:24:20Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:09:20Z" SessionIndex="id-xzT4rS2ZukPEGskMH">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:09:20,106 views 9807 140465410143808 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:09:37,589 decorators 9868 140514790733376 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-SvL6armdNlOKAjHSL" Version="2.0" IssueInstant="2023-10-22T02:09:37Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-SvL6armdNlOKAjHSL">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>/Uqz4m+bP2E3kcEEpApqFY4mFNd0ssTKAkjc95vf1Nc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jWJLLepcgMH7YNcKYLImrnhy02Fh515FMHKfN9zJ6AnZ58CzzaSarlRvVAQiSFtz
+F88EGAs8tDKRpJkHBcdJfkF9OoQPSNb3x5k9PiS8PdjBZnPVMZjyxCO/JzGGNfJL
+XhfOzsZMJEbzRevg0vhDkwMH6wFKhNeNYRFeF7kNYqdJ8qR/6nvPsxt17ZpWQpFn
+MEFURNvHDVa/tapINmuNrzTU8XW6NhRplNqd1AUobeuforU9YxZHn611QyupBWHh
+n3jIbX3fVnyqUmodcaR//lZkJu/w4BbZwW0i/2+awS8Ku9TrH3m9OwyFMug5X6Ux
+yxVKda46jOGGKDsy9W504g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-xzT4rS2ZukPEGskMH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:09:37,591 views 9868 140514790733376 Single LogOut Service
+DEBUG 2023-10-22 02:09:37,591 views 9868 140514790733376 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:09:37,609 views 9868 140514790733376 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:09:37,609 views 9868 140514790733376 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-SvL6armdNlOKAjHSL" Version="2.0" IssueInstant="2023-10-22T02:09:37Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-SvL6armdNlOKAjHSL">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>/Uqz4m+bP2E3kcEEpApqFY4mFNd0ssTKAkjc95vf1Nc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jWJLLepcgMH7YNcKYLImrnhy02Fh515FMHKfN9zJ6AnZ58CzzaSarlRvVAQiSFtz
+F88EGAs8tDKRpJkHBcdJfkF9OoQPSNb3x5k9PiS8PdjBZnPVMZjyxCO/JzGGNfJL
+XhfOzsZMJEbzRevg0vhDkwMH6wFKhNeNYRFeF7kNYqdJ8qR/6nvPsxt17ZpWQpFn
+MEFURNvHDVa/tapINmuNrzTU8XW6NhRplNqd1AUobeuforU9YxZHn611QyupBWHh
+n3jIbX3fVnyqUmodcaR//lZkJu/w4BbZwW0i/2+awS8Ku9TrH3m9OwyFMug5X6Ux
+yxVKda46jOGGKDsy9W504g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-xzT4rS2ZukPEGskMH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:09:37,621 views 9868 140514790733376 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-n4M1lFb8hA3cYoTsI" InResponseTo="id-SvL6armdNlOKAjHSL" Version="2.0" IssueInstant="2023-10-22T02:09:37Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-n4M1lFb8hA3cYoTsI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9RREd+ctbihi7I3qjPJ46mSF1gSCeXQK6Pt97+f+QU0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>V7VFogd2oUAkv0vr/4wCBS8OWQRAo5wKt0CeYY98+0XFxnItpZ77leW7ebCYTO6c
+bVlmNaPQjzTaTNDZJ376Zfvq+bfFnSiem6cQq3FUTJgUviuCrhu7U1sNpOo1nIev
+oRwwjC0FnuJSN/TXkfJDX3C9f0ywHeDIhwOQwsCAd1pCF+JA6F3SZCqPmFNp85vG
+kzcLp+85oBTwy6CHaStSOly/63qot7pNqShASAqipg9oD66WAo0bOrovgjbFCstr
+q0EoVRkb/eOTE1QcRfV1kyQJu1NLzlG/aoaKsw+E7L+yKKdQm/v+6+R5ewX9BGYO
++QItxhOuH588lNfMRtvmgw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:09:37,621 views 9868 140514790733376 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-SvL6armdNlOKAjHSL|1697940577|08eb5d1a320623b013745139eb1b0b318126250c
+WARNING 2023-10-22 02:09:37,623 views 9868 140514790733376 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:09:39,188 decorators 9868 140514790733376 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-lq2MMo5OpKuzpUH4S" Version="2.0" IssueInstant="2023-10-22T02:09:39Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-lq2MMo5OpKuzpUH4S">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>VXBgqav+izxd7RQWfRqps8Kv4OZjqcB95yj2jwSujlI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>mhMyyzYNOw+sA/05ZacAdCiMFUYFbI4WaanD4etmdS/yAV1N8cywYxNbLt6NYhv3
+C5E9CQbxLRqU2A+VpTOo2VG7vDDe8ntdHp/ch3bTSS2bNMBnePysDn2u7BaLx/zr
+rnEBr5Yy1iNNnSCAUjB7G/kbHf/o07eL3p3xQwyJp86KIaXlnR6WwYliG5Wmav4x
+OCbm40xYJmbNVuyH+MYGLnbH9BmYxIDO5JBr4s7W7Mp/bknRQcdmV3jg3YNoKP3L
+svGquwTUPaorGAravWLZYKnYZOgUgHRN1yxHb7pxWvUMvpMJTTHSa6kmqUcpCFMT
+9n7rnAEW7GOxRsVZB0Hy3A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:09:39,190 views 9868 140514790733376 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:09:39,418 decorators 9868 140514790733376 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:09:48,252 decorators 9868 140514790733376 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 02:14:23,725 decorators 9946 140165698811456 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-fqvYRl3qDcviPUwLL" Version="2.0" IssueInstant="2023-10-22T02:14:23Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-fqvYRl3qDcviPUwLL">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>STl9Obt05KysoWS1exUm7YfikOpdrOYjFZkK7NkTac0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jahq0RO/PT15TAzT8EGm05ekuHKZgC8AdZPYLHtl8YNiGFs7KAZbwXqAvUnKqoNJ
+UsSvjb0rN4KpiX6rPCCAuyioJ4kS6e/ZvYDNriUfzqHErLSMxeteznvrmbwzsDyP
+5rTkdtTCh+Zra7IJkEQCIQ/e9SgHr5mWZspNcze/SmT+qpVlWFp47Hs0fKKCfqlJ
+twbOPbr7Xc4LQE9l0R+isBPRriimAyvY3i7Ka1+0bHhNPOhc7NctoedEHltzsrvC
+Fhzv0Dq5qew9LHRxw7pqnGvDo+59tldI+AcLcm964ffeGlIUvarks++jcv/Ux/qS
+ddTshUY2Y0rqSxBoydXl3g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:14:23,727 views 9946 140165698811456 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:14:23,954 decorators 9946 140165698811456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:14:30,585 decorators 9946 140165698811456 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:14:47,365 views 9946 140165698811456 wert: already logged in.
+INFO 2023-10-22 02:14:47,519 views 9946 140165698811456 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-fqvYRl3qDcviPUwLL]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:14:47,542 views 9946 140165698811456 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-0Raa5idxfGrL4ZSNC" InResponseTo="id-fqvYRl3qDcviPUwLL" Version="2.0" IssueInstant="2023-10-22T02:14:47Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-0Raa5idxfGrL4ZSNC">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>JQ84xpdO7Cu7/ok8NnxjV/g6VtabaH2XnOocRknbQwI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ZA2rhISN0kawhX2tVwjL+Lrs5k/NzK5TrW5gdmmWNCjyWRezJN335xjQBcc34eTL
+Y14rcnwDJLD34WNQYAQk61k37sAG5Yldy3W8GUHQu25quBMhDhllGJgsGnxGK7Wy
+Doa3dX+EZr/y9SaiR2v5rkkFTMD7Vd8yhtGARwn+83FP9lH7LNzbdBYr9jOLYoh0
+9iSi/S2xFMTrQ5LmN/gito80jT7lBrj6kbkDVXsdZo7RqWLmNh5GApjpQ0QY1Onw
+OHs/WrtElieEIbEdmwO4OBcr6YDE9hnHqRLhajmxLUiFRS12htUFleP4z21AQIcP
+YFk6ZWEoHxzkz1tkNT86fw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-q6LJkGPMfAbtlrRsn" IssueInstant="2023-10-22T02:14:47Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-q6LJkGPMfAbtlrRsn">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>tLtmSWPO3fboqUNR7mWAZVqypgBYy0dwpNx722967N4=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>JtUcj2GkszFFYmHzE3wMJugVZio5Om5rJlGcBM0CUbV1vGUituzVXRtbVrg8PTJb
+63zvvV54FZlTjNQS5od/VUuUC/EiOeg3Is7HTxoAOK7RAaUDkDCZPYlC7wfOmoVK
+/GDKrCKNu8qkIMVpCGBwyzCKyGmdBXD7HVnv2lC1dYEpc4PYoaR3sZLOPFkVQW6T
+E4DRVvI+vT2gAK3xB/LfvJSCdRi3A4OI33uLUaJ88tFTFHBlbJZxGM06bidc93mm
+RC5yuI/h6i3tXj7ftmzBomvGTX3ha+Jff9ab/nZpreoF1jCcKF7eRdsCBmjDp8UR
+gPzT9PU89ZqBIfS30E+vfQ==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:29:47Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-fqvYRl3qDcviPUwLL"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:14:47Z" NotOnOrAfter="2023-10-22T02:29:47Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:14:47Z" SessionIndex="id-9pZEyp6kACoYxwXQa">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:14:47,543 views 9946 140165698811456 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:15:30,322 decorators 9946 140165698811456 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-iwPEYDCAJEQhB8pmK" Version="2.0" IssueInstant="2023-10-22T02:15:30Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-iwPEYDCAJEQhB8pmK">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>pm29Mrt6Pgbc/5YTmpVREg3LTx1jT4iE3gMQe6A6SCg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>VkaEaZrTICfSn9WrWwnwTLMDvwl9RnW9Ozi2jLrhSYrl6VL4LharZ2imeub4cLF+
+38/R3+GKQPOGIhWiOGMaDlyM+h/MvYy8V5W+AyBwO/U9jLoeG67i/QZnQtOCNOHa
+iaBlkR97UF1vazTpcYd7AzvkFSnADPzvJBczFl3aezeYDVgXcJZtc8V0m19Jo68n
+FJszMVQvAML8nj9vXEuhGDS5FyMwspfirSwhIQtwHlDt5SxjjY7HZLgdzwXRDgdr
+eXU6tsFLnWLv2+S1UMXbTI4HiuG91vmBbEyHH+ThQJi1SKtBQF6ti0Qx9bsPimw5
+yCMlSdIpCVQX9A00nveanw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:15:30,324 views 9946 140165698811456 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:15:30,553 decorators 9946 140165698811456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:15:44,679 decorators 10038 140066444801600 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/mfa/'>
+INFO 2023-10-22 02:15:48,588 decorators 10038 140066434311744 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/mfa/'>
+DEBUG 2023-10-22 02:15:54,137 decorators 10038 140066444801600 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-hf5rpORZmYISuojkh" Version="2.0" IssueInstant="2023-10-22T02:15:54Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-hf5rpORZmYISuojkh">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>ZIjc/+f7sVcxFs0yMhS2ykfToWC07uCeqn74AV8xuvY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>KiwOphEBOYAyYNaeimwAeAK5pPTS5hcBcJPYz6uVX0CMu7K01fSHd5juVRZDKyeW
+l85JzgtkoKSACUDzuD/48fjePgn21X/mLOl/kaje4+LvyWOaz+v7/caau+4GOleE
+iigDRE1SOpagezpWBkWnLtJYZzWsE46z5+wSTbS5goPy2oCtCzhZBNGBEys2RovH
+4fs43HBGpcifLajaI6jBy3dO36zEPodZMhHdkI7LodZFtSBBI4fZC1/iPQSbPiP/
+eYeLEwj/Ub05e5MAXDPRJGehpQu3JidNPxvoWSyWKlLc7gFlrsgIoDaVc2v1fdyt
+/rWjcrv3xqbo4iuqKeKO7g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:15:54,138 views 10038 140066444801600 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:15:54,373 decorators 10038 140066444801600 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:16:00,472 decorators 10038 140066444801600 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:16:17,499 views 10038 140066444801600 wert: already logged in.
+INFO 2023-10-22 02:16:17,654 views 10038 140066444801600 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-hf5rpORZmYISuojkh]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
diff --git a/example/logs/uniauth.log.4 b/example/logs/uniauth.log.4
new file mode 100644
index 0000000..2f887ce
--- /dev/null
+++ b/example/logs/uniauth.log.4
@@ -0,0 +1,1028 @@
+DEBUG 2023-10-22 01:53:50,829 decorators 8754 139681785181760 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-EP0UtE05KqneP44TF" Version="2.0" IssueInstant="2023-10-22T01:53:50Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-EP0UtE05KqneP44TF">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>B+lrVP1A8ZqTJrv/uUZ8AiQg2sAmZ6mRw6iiG4eeXHM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>U22aFzWcABuYzUrX+8RDLQ9lYWllutgoerHXBrfEOrxgwevliVdP2m5v3po8TxJG
+Z4gCC/J7agJDxkEhuw0y9CgzfG5gEZjViFUGFjmL7HN2FiRvQuAQ5/+FzFyByB21
+v9125PeU5nZZG10RJ+Tp3WPJiNuLdNsJBaXeG6rlUHU4cgmW7A+VVPzfYu3YTf6y
+sOKyVWm+s+SGWllBr7GnPQT/bJHKVp8v1m3AQz0kbssJ0EVyI4DzYa3xgsaC00g7
+xhxYFucKTRgS3aHi9WV0Gr6KZ5krCERNSwKD9fqDWXtb8FU9T22BlqurJTYlBul2
+URuETTrMNHqEpYJst2Y0og==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:53:50,831 views 8754 139681785181760 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:53:51,065 decorators 8754 139681785181760 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:53:58,249 decorators 8754 139681785181760 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:54:17,492 views 8754 139681785181760 wert: already logged in.
+INFO 2023-10-22 01:54:17,644 views 8754 139681785181760 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-EP0UtE05KqneP44TF]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:54:17,667 views 8754 139681785181760 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-iyCvkkSBGddnJzmns" InResponseTo="id-EP0UtE05KqneP44TF" Version="2.0" IssueInstant="2023-10-22T01:54:17Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-iyCvkkSBGddnJzmns">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>awrP7mF48ZEPTGyrWYtS+HXTyY67WK+ESNUz9nbSfjY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>aoCHnUyNO4n0Be84DxiVbHXrDSOP5+rqn8S82cXp24XkUTlK7gZSR35AZ+CPGQO9
+3JQiZ0vDAauc/+cLpDPP67JDvl9En+N2Kkg2wEDRqI5kyzgiBr3pLSpLMEi97G8c
+Y3F2P+khHa6OZX6oaxhzfTSBxqlkrpByCnWPi+mgxGdckwALtd4KJJXJHaQNpeLb
+Cda7FkRSer0mQqXl40EpdGxn+rDpNHTt9coANBMzpM8khSzeQA3GAH2VQawno/53
+4eRMT0YL5O90IRzB51Ck9q1oJs+HCvDtHqAKA/7muAZHeREMz23U9VwTqQEs0sCJ
+BnazasthJX5sukmFVtIL6g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-UId4K97kMbdXIoqak" IssueInstant="2023-10-22T01:54:17Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-UId4K97kMbdXIoqak">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>+Kt2f1aTGSqMOGKHmLX8Mm8Fj6ceZM8gd0XonPgl8NI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>r3OfILteb86KqRUomx2JB1z14u68aUV0MO49u+7vedoL8u2EO6Bw7UYM7EKa0GjK
+nrXeMONm0knzr3T9kBxAX5IcaAA+7OVAhIiP665iFyJfTH93ooeye3TcEenW/LKY
+bKEBgbJGhf+1xlY0DK0fFxGzICBsyegBA2TwrtFRbn0nbhRpLOu2ySs1T3vi4Gg0
+9qwdQ5dduediLhXidx9GX/xRYXjTZaJ76WHJxZwxh/tkCyJnkLuJg+Pezjt4Ne6Y
+sYJDwtKLt5HpOyCPwZEUqZPtUSM/19R2fap9r1YFykAh4ToEb34TZlh3KbhQ4pJK
+yxCye6eD1gjEiXW3Bqj9dA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:09:17Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-EP0UtE05KqneP44TF"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:54:17Z" NotOnOrAfter="2023-10-22T02:09:17Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:54:17Z" SessionIndex="id-8PjfqtUXFu7Rl9SV7">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:54:17,668 views 8754 139681785181760 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:54:28,448 decorators 8754 139681785181760 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Azdfzvcdq2v4zwfhP" Version="2.0" IssueInstant="2023-10-22T01:54:28Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Azdfzvcdq2v4zwfhP">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>g5XIS3lbccHsgVyGzrQhMJ/JcPokwABMLzTOhXla96s=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>HWCLz6k2KEH3HiSLweT3qjd7y15DfKywvxpEXP92EFrxD96rjKJ77HugA+RVN5EU
+IxJPyVe16/IEWOAfTGsjhpjg1SndRHP8eDNFAZ8cMke1iZ7njiVX8FaC+JWnNsIA
+TELLycEB97UD7JaK4aFMixpID6ekK8WmcZx44bOorYDNLM8q8MRa4VjdAHP9ZnTS
+T2cYP40METu3YP/3ZpnBI66H4iYRZptxYTA9g44j18FvsHzija1815dKpwOhj1m0
+WrM/3ccHLUfMNPwZVIQiFs9H1rGLbLpWQkAliNlNSB/yRgEReQKRLW5KyCGMN4Ex
+uB7HU68ZsGNT348OMpZw3g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-8PjfqtUXFu7Rl9SV7</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:54:28,450 views 8754 139681785181760 Single LogOut Service
+DEBUG 2023-10-22 01:54:28,450 views 8754 139681785181760 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:54:28,466 views 8754 139681785181760 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:54:28,467 views 8754 139681785181760 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Azdfzvcdq2v4zwfhP" Version="2.0" IssueInstant="2023-10-22T01:54:28Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Azdfzvcdq2v4zwfhP">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>g5XIS3lbccHsgVyGzrQhMJ/JcPokwABMLzTOhXla96s=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>HWCLz6k2KEH3HiSLweT3qjd7y15DfKywvxpEXP92EFrxD96rjKJ77HugA+RVN5EU
+IxJPyVe16/IEWOAfTGsjhpjg1SndRHP8eDNFAZ8cMke1iZ7njiVX8FaC+JWnNsIA
+TELLycEB97UD7JaK4aFMixpID6ekK8WmcZx44bOorYDNLM8q8MRa4VjdAHP9ZnTS
+T2cYP40METu3YP/3ZpnBI66H4iYRZptxYTA9g44j18FvsHzija1815dKpwOhj1m0
+WrM/3ccHLUfMNPwZVIQiFs9H1rGLbLpWQkAliNlNSB/yRgEReQKRLW5KyCGMN4Ex
+uB7HU68ZsGNT348OMpZw3g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-8PjfqtUXFu7Rl9SV7</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:54:28,479 views 8754 139681785181760 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-oEh7Lc4Xscl4PvhZ7" InResponseTo="id-Azdfzvcdq2v4zwfhP" Version="2.0" IssueInstant="2023-10-22T01:54:28Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-oEh7Lc4Xscl4PvhZ7">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>kBFFZ+I2lXZgfe8y7X6NGLcEfVU+milOt9Dx88Ca8i4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>p9LezvuwozKmvslKb3/1aBmJGkl/mGBswZsfEzPTvqwXhgq53SsHFvu0Ec2TSxPe
+L69X/be12eyQ8C6YyKK0hiIYtbrCwu9za6kydNhcjbBHVmrRgNMFgZH/SI1JV1Zt
+O1FZ4j5F43dDaDw8SPyht3RylkvMb9LnMHzgA78tJJoQk78TL4jNxpjUBAVYPI1O
+UPSfbJDE4iPKNhPF9HKb6L/GALhUYoR1zlJCQDpstD1FlZFRwxKjZmMFIi7tA7IS
+fWltsVF20KupGNOWIDO+azufD1jYFu8dPQN3FaBLBExzIj7TCQcbkJSxYZOhpua1
+gsGebQ94CC47VokfIFp+6Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:54:28,479 views 8754 139681785181760 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-Azdfzvcdq2v4zwfhP|1697939668|5a5ee44c51e3a054bccc3d894008913b6f31a6e1
+WARNING 2023-10-22 01:54:28,480 views 8754 139681785181760 Single LogOut: logging out an unauthenticated user?
+INFO 2023-10-22 01:54:57,157 decorators 8842 140525691729472 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:55:05,209 decorators 8842 140525691729472 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:55:12,024 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 01:56:48,532 decorators 8842 140525691729472 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-4cbJYj9eeTtdgTDfd" Version="2.0" IssueInstant="2023-10-22T01:56:48Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-4cbJYj9eeTtdgTDfd">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>J5T6P99UM9PPbFRDIlEAzJDsD94ZFnXMCmHouVF7rfI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>PWu420BebrBUcOOa77gbUtJpj/tcO+B4KJbTR3xBA4QoWGNWStdIkoStcikP7gA4
+uxMVd0u4yFLNT/TtLYvWORCs6B0mibsYhPxg0o86/YzrUbqx4vmE27T0RGIP7jIM
+Tp4Kuk2sErCncNT7/COnZ3wCy3fmX36vHRr5a9jUIBx5tSNn3fw8BS5ORQnPVMsu
+LI8znO1y7VUJACB6RnRZMiyDZ5TN2YtkC2xFdHhMpJkmgggp5MTviTzfUYF+UTZM
+Pon8Q0HIvzQdzoydjqTNXmDoh2MG/lvf8aqzWM4rRAp6JiSQrGd91aTgVwotE84e
+c1Qnmnc9cpDeX3XGHxMTkA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:56:48,534 views 8842 140525691729472 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:56:48,767 decorators 8842 140525691729472 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:56:55,319 decorators 8842 140525691729472 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:00:16,832 views 8842 140525680191040 wert: already logged in.
+INFO 2023-10-22 02:00:16,986 views 8842 140525680191040 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-4cbJYj9eeTtdgTDfd]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:00:17,010 views 8842 140525680191040 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-JxkOHiLfBF0GcxZvY" InResponseTo="id-4cbJYj9eeTtdgTDfd" Version="2.0" IssueInstant="2023-10-22T02:00:16Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-JxkOHiLfBF0GcxZvY">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>PpN088Ww9YPL9ZrDk1+ycB4lm4zDL5CcE44IwPQuik8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>AvGcPam8JlNsqAFop0K6HOTZ+VGjKFrLDIDEmdEHMegCeBCXPK0F5ldKrV/VDqgz
+LApADDFy9c1G5O+nQEZrcQU8f4vz2aFcKbgV6q8MKuHRt11+meiw2ID3p0f57XrS
+4UyIBos4QLGNsq2kwiZjulY5njRmHvUmfk6kBG4I/vsFWSrLwmb2vcxjGB603JBY
+fVSSaipmfTy9q8EtYkGuGasfT3DgmB/GoI0pfIJltGe0BHPfTuXIFiu9ow316kfs
+51lVlSrRlqglWIIE9zY5DrPtMNRWVnlArpW0BTqFIuXav+WY4KPUCw88ZhppD5Ti
+/y4Ajb206JxiQw2RChQ4WQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-MnHramBq3RcPw7WD7" IssueInstant="2023-10-22T02:00:16Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-MnHramBq3RcPw7WD7">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>2GSfJXbE9RX8mjTcXEnKZg+NUh5nLKHJx/ol7rsn4Y4=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>TJBN63XPQZxNjMFhiUKBBZJh9TCWXDaEYyxRM7s52VG0FaacrFPRdgB24rpXcyRK
+CaWUOVcFoLYL5dccUV72Tmm52fVNd3oBs0dnrTBsn82q+S3wsFTr4NJ4ZumIqlVQ
+HjNxlwsJ71o3wU6b7pE1aS1e8H5w/WKUywiRYe+dc1xqx7GoYPXEaY35uqwK02T1
+SOjcLLHaa7UFPId8E4pTrkpYhGoLMQxkyND/hXlv4ZRNYZBEin4BG5adYVMMzlCQ
+Sx0EWQZftHRbLcvbjQj75kLJeVHy4B+bJY95l6N0ogMOIpbd0MZF9ERd+JXCil5h
+qfJlYynk1n4GWKOk23Tg3w==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:15:16Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-4cbJYj9eeTtdgTDfd"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:00:16Z" NotOnOrAfter="2023-10-22T02:15:16Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:00:16Z" SessionIndex="id-pEBlpQ6cOzaFNiOcR">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:00:17,011 views 8842 140525680191040 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:00:24,467 decorators 8842 140525680191040 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ryjyXcJalr71vqBt2" Version="2.0" IssueInstant="2023-10-22T02:00:24Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ryjyXcJalr71vqBt2">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>oAX+B60xAV1Rp9B8PU8WplWhWn74Uj0SG5Ka8ykLDxI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ScyhE/4I3ukgBiyqU/Hkb9WZSJ9c/JRcAsBmawijupfWv88a2q31Fsogei4tcyN3
+LJ9mknnGN/0lDUUlaamaDecXHUsWvF7ODjKf3pb8nKjgJVfGw3a5aXxjITVshXfC
+1sfwWzxdS9y9k/gxMNylmjnb3EvCCMRRid/l3iDy6dZ4BSaDLVtZsx8gIzP5KzwH
+D8fpoa5tLTX3k8Uy+Mp5rU47Ml+UtKS6Y99e7ucW8wGsuaCgEW4XoIT6EkwiyMC3
+j0AOPUm++QNSTRkThfAQOIsWVNO76qv9X0KNirmjoyU/HPWNHr+sX0KRrBIqyLV1
+HWPvTFnTbPjn0yoHC7dGLg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-pEBlpQ6cOzaFNiOcR</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:00:24,469 views 8842 140525680191040 Single LogOut Service
+DEBUG 2023-10-22 02:00:24,469 views 8842 140525680191040 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:00:24,485 views 8842 140525680191040 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:00:24,486 views 8842 140525680191040 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ryjyXcJalr71vqBt2" Version="2.0" IssueInstant="2023-10-22T02:00:24Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ryjyXcJalr71vqBt2">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>oAX+B60xAV1Rp9B8PU8WplWhWn74Uj0SG5Ka8ykLDxI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ScyhE/4I3ukgBiyqU/Hkb9WZSJ9c/JRcAsBmawijupfWv88a2q31Fsogei4tcyN3
+LJ9mknnGN/0lDUUlaamaDecXHUsWvF7ODjKf3pb8nKjgJVfGw3a5aXxjITVshXfC
+1sfwWzxdS9y9k/gxMNylmjnb3EvCCMRRid/l3iDy6dZ4BSaDLVtZsx8gIzP5KzwH
+D8fpoa5tLTX3k8Uy+Mp5rU47Ml+UtKS6Y99e7ucW8wGsuaCgEW4XoIT6EkwiyMC3
+j0AOPUm++QNSTRkThfAQOIsWVNO76qv9X0KNirmjoyU/HPWNHr+sX0KRrBIqyLV1
+HWPvTFnTbPjn0yoHC7dGLg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-pEBlpQ6cOzaFNiOcR</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:00:24,499 views 8842 140525680191040 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-YygX0ydAQ0AY4SxaS" InResponseTo="id-ryjyXcJalr71vqBt2" Version="2.0" IssueInstant="2023-10-22T02:00:24Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-YygX0ydAQ0AY4SxaS">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>4bf84x3epXfyPSxiWKygL9nPCqu+6vKAuBuCwaz/tGc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>IbSJGHtMSjlbG14OZXEEntKXNS9riFQ63xKxn9lYbxn61guRKLpwEE83bvmnTfjy
+VG6plLFvUx2WxpFmzxXHzw2ywoOtn5chLlufHxMZjV6z9FgHwkF4iHQWZ8HmJTQA
+fsW+zrtuvXAxs8PnGmZiOS+6xM1xYlp0qBZBtJ16ix8NBOC0Z5QCgYmtT9YZLaud
+li0aXMFTLh+YbryYqg0tdkasagkjGqCyofomXRwA6bMukIn3hql4rvKCQ94/PZWR
+EBQC9cVhDw5B0nOTZAEo/VWyEWALEDomo9i08tkcYpwfDMf0EaH73uZnd9ZxIEcs
+f9+61LKo3vSfdRhKUzdfZQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:00:24,499 views 8842 140525680191040 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-ryjyXcJalr71vqBt2|1697940024|e573fa608939efe7460e7a877a77fae2aa11e24a
+WARNING 2023-10-22 02:00:24,500 views 8842 140525680191040 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:00:27,368 decorators 8842 140525680191040 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-AQNh0HPhPI3CYupMF" Version="2.0" IssueInstant="2023-10-22T02:00:27Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-AQNh0HPhPI3CYupMF">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>FAd/jmpAyE1qNSnzEqr89OxJx0/iRvfzncU0mX5VrD0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QuSqxBTxoREMHd/SIDL38WbM39pT+eK8tR3QVCS4Kd7L3ycCEmBoLVPICyh8kGft
+oGU2IxLgOLArM+XQcNyeerA4vm+kai+OENg9e76+f8cQ1I/cwDiGkKBpDHDeX9G5
+CHj51ZBhtvFsAqJtXR1d00og9UIMs+swtC/KgPLdVj46rAYP3ZXq4lYX7JZNOYKo
+IijtEhWmWRjtOOj1QR6mTN2BOLemDnoV20O23BNcal4TRrXvO3Qgu9GmmVEH2PbJ
+0dZyCADiFwV2iv9gbSjP/4C0n7WxiK5+uqemjPn98ZIWYyGSy03YskkyduEn9MAc
+ggzDBhD9KkXMgmXJsJYKjg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:00:27,370 views 8842 140525680191040 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:00:27,594 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:02:38,841 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 02:02:41,873 decorators 8842 140525680191040 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-7lRzEm5KXp7OwJtbT" Version="2.0" IssueInstant="2023-10-22T02:02:41Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-7lRzEm5KXp7OwJtbT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>g14P6rbbkGMDifWhS8HYsyiFKQm7XTjE467B1HwXFVE=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>SzYEb+mWb3/nJaDlstWq187RMr+jEmNTw4M4FbWsrrDbOeJ8MJ9nWpJq0RCHGC88
+BnaXIcd4ksF6qCGLguisbjvL+gmaAqGUALGGKhFQeyot164qqxw8E3SgnWFiv/hP
+r/B1FPzULV2Ryk13sRnYar30gIp/PVtMjdvO8XHAhcVyOM7EPHUS2ZZrOADUxp8q
+/364M9FsBGSn3y0UT3L+HVHLfY8vFOCyS6RRYKojxjqrAOz4fOblUafvJaABrT6T
+gbvFruMSZeJIbNvK5hAMKezD/jl575cB+MBrwMSPK+cej2ilbUoLs4v4gyArUoCn
+ydnYPVbmrFpiw3w9fdwZ4g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:02:41,876 views 8842 140525680191040 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:02:42,102 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:02:48,800 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:03:06,944 views 8842 140525680191040 wert: already logged in.
+INFO 2023-10-22 02:03:07,097 views 8842 140525680191040 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-7lRzEm5KXp7OwJtbT]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:03:07,118 views 8842 140525680191040 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-BicZJcvTaEH45quEG" InResponseTo="id-7lRzEm5KXp7OwJtbT" Version="2.0" IssueInstant="2023-10-22T02:03:07Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BicZJcvTaEH45quEG">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>y8cuQP3g6g2mO4k049CXOnkyDyuKazw98ZiOnCrKets=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>s3uRN6d0lVAOFy/V41tZUC75jxt2JwqZxhdWlu0ZM1/SLEJJcOtwfeJcJlMD28i3
+nzWproK6FljcEeGwQT7Bqid+GMGA9DDZE3KwjZow30jDygCx9S24X/gGGQRJbL3a
+p1daSqIfY1MlnWr7weHeN5cJL1+zKkGCHPlzh5F8sUcrw+0JMCKp7G9rdcj7mZgf
+NdgG6ZzRY7KRfx0RsyeobbksImHmQGYVBdWBxc2N80LtZWxS8LpDEW4aoRYO47k6
+HmMVEHZCt4L+maDQK0f80eJJh3EmGLR8CezakbD54LEXns/6ZUw5cEMbW0Dgp4tj
+59r1MUf0EF3FkZy/3saiSQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-nq5d5l98UwZQAOqP6" IssueInstant="2023-10-22T02:03:07Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-nq5d5l98UwZQAOqP6">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>AME6ehy8aQqBtEUBcI41ajafNSE67S7rp/lPNHKswk4=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>hz7sndXlSijnpm2EbPMvS7YWOjnI2zL+9WalhxUMVIcBoPbmjAoLsdmJJkkBgGtI
+S5W++rdpT3PP+/uFhOTNVxh7xHWGG+blEDlXWvtXpG2WQDyyKcuh2TwikGNiyR5f
+rItIWh6D2mCfaQ0Fs51t2/K3Gxyjd5wvsEDBBE1vLpQ0widr9TeBy2NR5AASRlJr
+s+w65lkUFLjRzZvvRuWBmk6EAFhcqbrexIRgvjb81/twnQzXnWgH+afatEfP9JPH
+mwzvXoXUYeZFaFUUrik593Oa1lL+/Flg885+fq5isoE6esGXmGzVkpeppIc9wsoL
+MxAaZ4+BZeOiy/w93OReLg==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:18:07Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-7lRzEm5KXp7OwJtbT"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:03:07Z" NotOnOrAfter="2023-10-22T02:18:07Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:03:07Z" SessionIndex="id-Hk0VZGZlohr6djc05">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:03:07,118 views 8842 140525680191040 Redirecting to process_user_agreement
+DEBUG 2023-10-22 02:03:11,774 decorators 8842 140525680191040 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-cILZPatQ0O7FGjJ8s" Version="2.0" IssueInstant="2023-10-22T02:03:11Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-cILZPatQ0O7FGjJ8s">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>4obsSRKIzm4DNLvH4D5sB/oFUuBmigQ/fSi6R1i7WVY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>is4p05QOY/KXd/gbAt5foe9ShHAnh8jd50fooCeZdnKVjTHkXK1jCwWUE0rJTzQ2
+61Px7MmMW6j2Qar7n2a+FKyfIPfhwRVUHCcrnVjlME2JqiSHJmrx7GRf4W6ZS9XH
+ZimfDssEqpUns/qlxrGCNcQKZIimvqzDFvyibw6AzRGU0M9Al7wtPCqNgOZ08mdj
+87/W9HA+azjPwrH/k888vw8+xfa5YRndrevK5rzzsZ4CZBuuva5YOsrQIYrL5Jgj
+xQrFICxbGuoZV3cCZ41FyXJnmIPMOAp/gydhPJXn8zDiDQj4CS7bP1T0jnAXfOkS
++445bl9s/SmLgTsvTZLPKg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-Hk0VZGZlohr6djc05</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:03:11,776 views 8842 140525680191040 Single LogOut Service
+DEBUG 2023-10-22 02:03:11,776 views 8842 140525680191040 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 02:03:11,791 views 8842 140525680191040 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 02:03:11,792 views 8842 140525680191040 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-cILZPatQ0O7FGjJ8s" Version="2.0" IssueInstant="2023-10-22T02:03:11Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-cILZPatQ0O7FGjJ8s">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>4obsSRKIzm4DNLvH4D5sB/oFUuBmigQ/fSi6R1i7WVY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>is4p05QOY/KXd/gbAt5foe9ShHAnh8jd50fooCeZdnKVjTHkXK1jCwWUE0rJTzQ2
+61Px7MmMW6j2Qar7n2a+FKyfIPfhwRVUHCcrnVjlME2JqiSHJmrx7GRf4W6ZS9XH
+ZimfDssEqpUns/qlxrGCNcQKZIimvqzDFvyibw6AzRGU0M9Al7wtPCqNgOZ08mdj
+87/W9HA+azjPwrH/k888vw8+xfa5YRndrevK5rzzsZ4CZBuuva5YOsrQIYrL5Jgj
+xQrFICxbGuoZV3cCZ41FyXJnmIPMOAp/gydhPJXn8zDiDQj4CS7bP1T0jnAXfOkS
++445bl9s/SmLgTsvTZLPKg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-Hk0VZGZlohr6djc05</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 02:03:11,804 views 8842 140525680191040 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-FdUCTgeUYmhDkAM1R" InResponseTo="id-cILZPatQ0O7FGjJ8s" Version="2.0" IssueInstant="2023-10-22T02:03:11Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-FdUCTgeUYmhDkAM1R">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>weeGRt57GYeFSdzb5OQ+dN2HlJYpqNB/dEsGt/ZBC0c=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>JqqxX3eoPqrXtM9OQ8H74OzfkB2IflcuEJIINcTkZO6jXrU9DYBwlwBm7iHLx7mQ
+1++zihnbL9Y/iBchf1J86vsnGaeu3ZnhjHIN4Ju6JYSjWLnA0K5Y/Z5pjyVE1Pdd
+nRCiClC8tyPVMIwP6nl1FYqlCU7LnBvbUmPgy2qy1J6icRHoO+vUrvPVx8edEWGo
+BqXLIzZdXrdb9/AFxrCaTOBWkbu70PBe14fRIbXSQWRRD7quyFS5WE7JNel1RjCW
++P3Bf7GUFsjr2/ClMcy5IzOS5qrdu9uv4nPxS0qRBV27RC01pHtosVycASzeKGVj
+9fr2E3VKvY+lNUWusYJEwA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 02:03:11,804 views 8842 140525680191040 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-cILZPatQ0O7FGjJ8s|1697940191|b0e6e64d66cf5b62f549c3d0c540adb13bca28d2
+WARNING 2023-10-22 02:03:11,805 views 8842 140525680191040 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 02:03:14,406 decorators 8842 140525680191040 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-uxanxweG4DnT5xJQv" Version="2.0" IssueInstant="2023-10-22T02:03:14Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-uxanxweG4DnT5xJQv">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Ces6HawEgMGpdm2djg11mAdwhQB2h6hw/ykIR5auStk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>kAGhKNDQdDP9RU0gXJQcPKslydLjEci2owqxkaQmZTrWjYNAEc/fujnURizG1UbT
+CFUN/Si2FZs6hjWvPtqyUC7nurh6t8CzeHyaSw+URQjSxBwgOB1uUDDMZaGy2XuG
+LZ67+1Hs9OZ4EhVFxRbyuH3jRfBRCFpJH15TUEn/bXwh6E69xw6kzFc5nK9g6PmN
+JwVFhucrk9d9Lm6QaUw6kSawfKUMHORRjWWV0wvd9qh6+FIXKpbk8FWZlq7N7dTL
+l7avS25Fwg77oa7h+BQPTzxEeO4r07rpFPG97ADayq4Ip3ieuZF6wgcJ3pO97u5U
+3525OKBkYJLd/L/nHs7OpQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:03:14,407 views 8842 140525680191040 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:03:14,635 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:03:22,211 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:03:39,192 views 8842 140525680191040 wert: already logged in.
+INFO 2023-10-22 02:03:39,347 views 8842 140525680191040 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-uxanxweG4DnT5xJQv]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:03:39,368 views 8842 140525680191040 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-h3CIcuPTfN3W7jkAS" InResponseTo="id-uxanxweG4DnT5xJQv" Version="2.0" IssueInstant="2023-10-22T02:03:39Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-h3CIcuPTfN3W7jkAS">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>ZM1G84RNoBnKT9FQ5eIZxIutk3jUxZn0uuFTWDhspGE=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Aep3CSizIXDZ+oL2jwUHOwMyB0tXw8sGcURgDi1h/cSd4H+iG13sRuBlwkfqfUTo
+f81sjieb5p7c4cZMQe7MjkLKBfXllY7MYl38zmQFdeN6uXtWMX9se2xBQh5h2Vm4
+2nmRprkJgGnioS6jt9JghwVblyctwtuDGklUDbWx/p2iPEL1E5sRm7RfGlTG9C9s
+NFUe9cLzCAgqWhnkCnUJHwFVYmIKEO0XzNCL268lcfqiukshpXVjU0Q6N/XnhT7l
+/5Ewak4hj/Y40tB10NvLH9rbuPQ4XTQUuubORL5lVXIFdRVdO6rVjsBZiRRnNyNj
+3N4LHA5h7C5hJB3AxuY7ww==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-34zS3nGOVS9Fpx8l3" IssueInstant="2023-10-22T02:03:39Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-34zS3nGOVS9Fpx8l3">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>KNZr874n5GHRBntkRTLhprTr0j3glXkak7DutO8hU3w=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>F3Ossp1yyeS4LxAGqM/Je8y2PghDPsQMrWZKkOp2JZyxVddwS64db6nCLYsJMlHr
+pOS62WzCL/iiqbVMqucmZB1hOGL/CDk04dHNJzAKgSA14+h2iKrjnfR8E1kyb7M/
+7LzKK6KhLceE7exSQEPmQZ7HH9+M87VpobXZ+rchvr4JKLsdMpftakfKE9izR3iZ
+qOyi+2sN940fegCL5WSkqvKt1cgr1STp5Z4MoqQ/7XEHNiaUXjehL1eaUvxR0XML
+66voOfRpy5mZ+mokWM+zTyMGjo/uJBk3oXUy93/tJ5m2eO30SdFs1FiFkfltK3BJ
+m3Ni+SeYfZOflD05fGkXAA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:18:39Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-uxanxweG4DnT5xJQv"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:03:39Z" NotOnOrAfter="2023-10-22T02:18:39Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:03:39Z" SessionIndex="id-ezFwzdngY3WOfw1EU">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 02:03:39,369 views 8842 140525680191040 Redirecting to process_user_agreement
+INFO 2023-10-22 02:04:19,795 decorators 8842 140525680191040 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:04:49,675 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:04:50,220 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:04:50,412 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 02:04:50,581 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 02:04:54,698 decorators 9386 140264545973824 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-eeof3ZdvyOzrNgqRd" Version="2.0" IssueInstant="2023-10-22T02:04:54Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-eeof3ZdvyOzrNgqRd">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>bxxq1pwHxALCLQoQ3yJgmC55R2/K4SoduqdKAp8p+D0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Ra0ODSLMjpJHuXlIanky6SE1w0cg9iPQTArv5xbOVxzRFQbdDCApK9POoL37iZJz
+tQKo6+0j12IcfQTzC0DH8SB1x17Sp5NbLpZzROLX7ee62s12eWMKsfPn5K/alJsw
+eRLUegcm9ZlKD0+xmt4rlyiTDhP9GgAXi4gOk76pup3KuwQgFXzE0rFR5d2zaX03
+lsFmNl1RWGfjBvHGuz5VWiFEdJd/w0xS97jvaoS84i4R0QbyeIfOtpOL/QgYIL5H
+HjuvM69bZSPByYdBON2WWZlFw9O3AjL0UvyqwYX+sfAq72EH94LjowAXgpN8//1L
+iPLt8jwI0c2JvDZ7hYvOsA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:04:54,702 views 9386 140264545973824 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:04:54,946 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 02:05:02,304 decorators 9386 140264545973824 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 02:05:12,484 decorators 9386 140264535483968 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Ztm1G6M41iQb6Yq2s" Version="2.0" IssueInstant="2023-10-22T02:05:12Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Ztm1G6M41iQb6Yq2s">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>V6MUzwoClL+icCG09JfdMk9/KaEi7/2KOVvaJ3PEqUg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>KBqiGLHyBe4RaXB0uQJldyWrutMFGvUAvmM0ZEuJmeSLOzjzC5bah/f5zha05zds
+449lQ7HhdiWTQpn2V2YO9aQHlpiYUGMyhFCDYfDwrVdg0c/QHfkPiHx1tGln5Z0a
+bTDgh1+FnIqGH8HVrLQw8Pwzh8KYADKSUnp0+3nPYgibm0JUXIOh3VWVFdgi3Py1
+arLGSqEvzj0pbb3Kne4WJFNTTYlxOXjKbqtxHTaFXpedbxYanNGqX3oHkMsp+B+I
+QL/0sEyAppxbIHAzv08nYAK8Q2tv1xIyIuVhcWF4pTrA2De3BuJQqvwzqGJmKRjx
+/xvppHtFMrV77gKkoJZT2Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 02:05:12,484 views 9386 140264535483968 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 02:05:15,506 views 9386 140264545973824 wert: already logged in.
+INFO 2023-10-22 02:05:15,670 views 9386 140264545973824 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-eeof3ZdvyOzrNgqRd]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 02:05:15,691 views 9386 140264545973824 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-W9sK2Ovy0BhRHJmj7" InResponseTo="id-eeof3ZdvyOzrNgqRd" Version="2.0" IssueInstant="2023-10-22T02:05:15Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-W9sK2Ovy0BhRHJmj7">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>heX8yboDYoiOl9n+onQuZQpo4R9OaHSmt3fEnGkQ0ik=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>sj6Bo7ir9djs6RiIUHXAnNiCLHerWvlGbhi0oKtWbXSg3YuNepPIuepU30Jp7SBN
+T0yJXPfib185X1ileAD+3UnyVEKRTnDaTlMJ1chbZRLahO7xlf/hYbovwUKCprrl
+cK0SG9dLGthHGhcswPwPv0/J8Xe/A4lp/ij88Pb0yLnxU5SZff9UZOWkH3pSk3Ej
+rvQOAd6tvPOyhAnDVMQ3HIw7o1bVwtjI6IXZI3Ara+ID8NjfreJuqtEdMrY8cXAi
+av4uMpX/eqdZLVgFD8+wxXT7tlVU7N19GNabSFhIRDCJMmJMNpZtPL7DzMgO1UXm
+U2eEhtPp0sQGeZvt5475Sw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-Kno9qZMDEXVVMKm0M" IssueInstant="2023-10-22T02:05:15Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-Kno9qZMDEXVVMKm0M">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>QXdt3sXO6ew2kyt6fuxY3sZS4NkyWjpFdDRQ+i3E5yo=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>pnjtkGDsnYU0yJsoOF68ZDQc7kkQQMeG0eFYFNAPJvInExxGns6tgTpNiHQQJOvv
+c99xivNuk9X8Ud4JYf1vpBbOPpkZ520fgbrtpCuxEjurIYvtRExDbpgbi2gACJK1
+yfb0yuWO+z1mX0rnFMGXKEszATgQYUUYO6lB1iTvb+avyhewTiQYr0cSIcKRCnJb
+q4DUvpB8iTwuSHUyUopQvFU8VCvE3QsvpjWgpnLLYHCh2p8z6vpUVPZPKL//g1V+
+fM3+w6n0gIZaBwinycGIEL4z9cPMs8kdvbs33OzkBBWKQK2ydRWJ+zuR7S8l0j+I
+b9uaY9CG+OKQDSsOcYazgw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:20:15Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-eeof3ZdvyOzrNgqRd"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T02:05:15Z" NotOnOrAfter="2023-10-22T02:20:15Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T02:05:15Z" SessionIndex="id-O9QCpupFYM8MvTPjw">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
diff --git a/example/logs/uniauth.log.5 b/example/logs/uniauth.log.5
new file mode 100644
index 0000000..931e4ca
--- /dev/null
+++ b/example/logs/uniauth.log.5
@@ -0,0 +1,1028 @@
+DEBUG 2023-10-22 01:48:37,797 views 8389 140676346934848 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-V3FOsynVlRlBKrNbg" InResponseTo="id-fXGOD72zaNju1rtPM" Version="2.0" IssueInstant="2023-10-22T01:48:37Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-V3FOsynVlRlBKrNbg">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>g5qRBHgYcsVPNnq/4YIeSjFn8sVMH6LzZNjW+8NJJoI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>hxMZZkn6H83yPCU+0Tw68shpurwbVf1WoV+4JuZjM4+CeBs37zPvlcEZHToJAos2
+YoxuFW55qFNe9L2VgQQ0VJYLa6Vvt4p/4c+j+ro5ohRgjUgyZ9KplBoswQSDI8+2
+/sESU5mblgksDuqI/OOJb1LUb7gchxIwpNm/udmQxbRx9ExDn67bYbqJ9vqqHC4Q
+mutY7f8TrNG+R/9DZQuJfV1srBOWJuzR9QmTl4c6KRTgXG77F/cPzLYPQoJxSOoq
+N3qI9tJ/ujbBj4vnExBvHNjnj3TuK34rUA0V6Asxygz98mryThV0N8749gSdsHOQ
+7pSHwkaeZ5gPvqcmo2xpSA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-gW9OkvFel1UjdfJ4g" IssueInstant="2023-10-22T01:48:37Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-gW9OkvFel1UjdfJ4g">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>waed6lyWYPjxOJSnZ2JJUD4x+Qv/s9ZiRS9zRKVmGE4=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>eCTUHhti5Nb/XalT0Qs/FBhSABD9tGMJ7lmFS9JmTHRxlkOoK4OP1auW1nujX52c
+8ymqkoYkM6r2+0b2p4AiynaNWilGY++VRvRDZPpdDUH0mjvn3UMMmiUL2mpE4oas
+wlTHAVDJVbo4MgGonhUhyzDojHDYd2AtrycN1E70dXwY0pNrsPNcKT5RTzYP6k5h
+jRsTpVkYH+6LoiHsx5XbHNiTVV3SZZ142+WQBeTyPhBKlBeAK1/5Gnoqtifd3RSP
+BhzYTUSdTD7j4Y9g7DJBCjQrpFY81tASk5B97RdXqL3P9qKoBSeRCQFJ0wsdWAAG
+UeUZLMHmmFIFigZSzq9k6Q==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:03:37Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-fXGOD72zaNju1rtPM"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:48:37Z" NotOnOrAfter="2023-10-22T02:03:37Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:48:37Z" SessionIndex="id-0AEVFbFhyV7Z8lF3h">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:48:37,799 views 8389 140676346934848 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:48:42,984 decorators 8389 140676346934848 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BAZguFJmMOxHUC2Br" Version="2.0" IssueInstant="2023-10-22T01:48:42Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BAZguFJmMOxHUC2Br">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>3dsdlkMpGcWtg1xTISb3SVeXyrnskze8PSrxUpN3dRc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>D7zx3HdVnWbqA9+1iDKtXn977Ijze40/uDh9y+XVhKd6mpdjnnEzQjIvsS1aGhNs
+09zh5cLk+Mbm5reLoNbKCIq2n4ezSiO7B1hepYat4WAVblBoPSjEm/c382vIQGHQ
+P+x+Jpe4Q5iWug53DVEi5WFx+ClrpdGRjC7mAxFMP2zF+4y57Bv2O3HIZkyJthGL
+qgJSc3pXyFrd7+NXdIMbaYN3CXymnqMPiAkYFg2MOga+lSkNgRYIQi/XykzaZEL+
+adjusWgb+BYMKmUIf97R6cz/YQcSQt6nrqep0IXI3xuXX5bNuGwUn6Xa4uovJnHJ
+7hISyk8n3ZqzUxqjEUB8SQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-0AEVFbFhyV7Z8lF3h</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:48:42,986 views 8389 140676346934848 Single LogOut Service
+DEBUG 2023-10-22 01:48:42,986 views 8389 140676346934848 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:48:43,002 views 8389 140676346934848 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:48:43,003 views 8389 140676346934848 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BAZguFJmMOxHUC2Br" Version="2.0" IssueInstant="2023-10-22T01:48:42Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BAZguFJmMOxHUC2Br">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>3dsdlkMpGcWtg1xTISb3SVeXyrnskze8PSrxUpN3dRc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>D7zx3HdVnWbqA9+1iDKtXn977Ijze40/uDh9y+XVhKd6mpdjnnEzQjIvsS1aGhNs
+09zh5cLk+Mbm5reLoNbKCIq2n4ezSiO7B1hepYat4WAVblBoPSjEm/c382vIQGHQ
+P+x+Jpe4Q5iWug53DVEi5WFx+ClrpdGRjC7mAxFMP2zF+4y57Bv2O3HIZkyJthGL
+qgJSc3pXyFrd7+NXdIMbaYN3CXymnqMPiAkYFg2MOga+lSkNgRYIQi/XykzaZEL+
+adjusWgb+BYMKmUIf97R6cz/YQcSQt6nrqep0IXI3xuXX5bNuGwUn6Xa4uovJnHJ
+7hISyk8n3ZqzUxqjEUB8SQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-0AEVFbFhyV7Z8lF3h</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:48:43,015 views 8389 140676346934848 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-UI3AjP6cLjaowOW4u" InResponseTo="id-BAZguFJmMOxHUC2Br" Version="2.0" IssueInstant="2023-10-22T01:48:42Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-UI3AjP6cLjaowOW4u">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Qbo+30JkplLd5ixQQbPbHgJlSiT/rKTyoQZewYIH8KA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>VCVd6ruykP8CPWu308MBdD8t/1oqDGIRAo1R0/6UFuKECg6CBE812I/klGfzzG03
+vnxGCY2Kp1hD/8eVFdr2IUb45yDryeKjSVvlVnMfGEhiDU7cQ+lnb/2mbmL683K0
+djJrU7pN7Pa6GZ5hSrLu6xyxrVos2Izd6bvTTLZBPw0EO5tc/OuabxzpFzBpH0+x
+JMWx8z7a8BmfPb+vsGHJb3kTMzBCccXlVtqY7TddPFFSqygP+vyhOnh9wCZwal7a
+tjJOaUqTZUeWJ3HDik1UPqo5zqm3ZUQg01QJTPHBKPkQ+/dMbVN8ZxQkN5TK/agP
+/lwUnocsqFA8SB3eEVA5uQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:48:43,015 views 8389 140676346934848 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-BAZguFJmMOxHUC2Br|1697939322|6078c53ffee4620846a06e2c526f1bd7b609d876
+WARNING 2023-10-22 01:48:43,016 views 8389 140676346934848 Single LogOut: logging out an unauthenticated user?
+INFO 2023-10-22 01:48:53,009 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:48:59,628 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 01:50:21,700 decorators 8517 140252907828800 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ZISLwlJGtaz1dVLDT" Version="2.0" IssueInstant="2023-10-22T01:50:21Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ZISLwlJGtaz1dVLDT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>DEzQuHWVuLmWx2zo4DvEnvSMA072hE8s1cogLcGImwI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>DrtEbL5DddBPIXoQUTuf2qrKBWcUzK4ICMLUEo/OMjD7hTHmMmY8O5sWupe5j2zy
+awshBUmvJNjMPP3jOKEMmcFZignagkuSr/oHdcdxLn73ulPLeJJaZpMCGO5Nh0En
+f1cY7D3h9CWsZimOP/+vO19l1DyapEEVxp2oYzNd0oy7Zys+D0rKvglAJSq3gCmb
+oMk/ulna5n270MTPSdgfOQfA5Wyz7U/AJWI9osdhPE4Xp/lVB+vCSIAicMDBbT60
+AnBu55oJIU0JivVRIHRkYnlyL3ywcRz1JnVkG4eeop9l2rdP7tQ87kcekBDzNTV6
+bIlb3Xqr2IWp7+tA8Yqc0Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:50:21,705 views 8517 140252907828800 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:50:21,943 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:50:28,630 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:50:28,721 views 8517 140252907828800 wert: already logged in.
+INFO 2023-10-22 01:50:28,882 views 8517 140252907828800 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-ZISLwlJGtaz1dVLDT]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:50:28,905 views 8517 140252907828800 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-NaJoRsJLeYfQvgk0q" InResponseTo="id-ZISLwlJGtaz1dVLDT" Version="2.0" IssueInstant="2023-10-22T01:50:28Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-NaJoRsJLeYfQvgk0q">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>xlCaURf4MS75sd+ATRKCulE6mtBvRgiBavqbXuT0RNg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>eT+ywFyOYQkgjqy9tCV09lyqMR9OfMkJ8bqSfGSGcJJIg5ZxLD6jL3xdBrUt1Mwc
+4n9zS0gSsSSrKQhNGo9wWGrZWW0oatn6juqU57Ibhx0c8hpscEf+t8VfhFgES5xK
+ySyZ0unN1cq0HI9vgNt2/DztE5El3mLlhLl0I7RAdKth7qTyxDeqMwGHS26zBjN5
+zWrwEemBatbgXQVA//t9J8gOCgQQu+AezZAgIEgums52vR5PUCyr5i87rOWVfF8g
+KOuxylvDEdKTnO0dH2OC6QdFRYQatv1o2wFHN9lBUtZT7K2i7JXK4sHxBzfRTSMV
+51e237kDbJqEYKBC/Hj28A==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-PB7d1ioWxclrzakYS" IssueInstant="2023-10-22T01:50:28Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-PB7d1ioWxclrzakYS">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>TB9YkZbLFD1bSkzKpPBVsLtNACX2gXYFGbJxsXZuRo8=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>EOeBfOsTsSJIs3OxYiIJndOXv7m9mX0jgteIt2tJ1480HlfMCqZhn2oH6FMlivFo
+hA+BR+O4gGGWxUwWxJGJd6b4DWQaXdvFoJ2fCvC2kBickxSB+3Kmn80Grhnhtymy
+7nq7Y9RQaRB4OLB+KdzMjnjK/B+DZyxccIcC4kw6B802WWA0BK+Wz+SQj51dLmhU
+DHyoF/t9wppjLGD/7+K7MZ4Rk571yDKbvNHSWRXVUhEHZ8dG7Aaq3gsj54o9TOcH
+MV+xgcRBcYnx+M2SAL9nBoHJgGDyOfzpe873wC3o4d+JOq8H6S/EUhvbFx5cMfp4
+Ln67K5x61604ReGi3A6f6A==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:05:28Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-ZISLwlJGtaz1dVLDT"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:50:28Z" NotOnOrAfter="2023-10-22T02:05:28Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:50:28Z" SessionIndex="id-SJXCrhSjc053IMrjv">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:50:28,906 views 8517 140252907828800 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:50:33,535 decorators 8517 140252907828800 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-RbygQx9RbbVy0v42G" Version="2.0" IssueInstant="2023-10-22T01:50:33Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-RbygQx9RbbVy0v42G">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Ex6VFq55hZEL48bbKIZy1WBUnwmCjeVKEixe34PC9O4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>BVkSnQdQyDS+ZveWCgqqvrFflBcFxE/jnhjh7Hch0pHCS6HI3nQaa5Z0GbJ/FOjO
+hiQoEsmgBBfYrJwt/XICRCdT22WRYDAfNolMfyuEZ4hcikSRcSAa0vpAox/pC/5C
+dNvqKU5P59vFyW3DSA1A1+XngkAaSD8yRCfqkAk7ZdtQWxhMODaKLA79LoLXj21h
+s0mD6BbgNyPBFf0Uj3yKiIk7Jsu9IckFLjsZxSkVK5BffFaC+jOvQizRmucY4BMC
+qLhDBP3FYlQ7hoeczHCJoTvCiwAlnBzCZm4U9+D5nPAFmxANzzPUBeS3bBYfhSWk
+SMTrACh1agnBS2hCWVr3Bw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-SJXCrhSjc053IMrjv</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:50:33,536 views 8517 140252907828800 Single LogOut Service
+DEBUG 2023-10-22 01:50:33,536 views 8517 140252907828800 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:50:33,551 views 8517 140252907828800 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:50:33,552 views 8517 140252907828800 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-RbygQx9RbbVy0v42G" Version="2.0" IssueInstant="2023-10-22T01:50:33Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-RbygQx9RbbVy0v42G">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Ex6VFq55hZEL48bbKIZy1WBUnwmCjeVKEixe34PC9O4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>BVkSnQdQyDS+ZveWCgqqvrFflBcFxE/jnhjh7Hch0pHCS6HI3nQaa5Z0GbJ/FOjO
+hiQoEsmgBBfYrJwt/XICRCdT22WRYDAfNolMfyuEZ4hcikSRcSAa0vpAox/pC/5C
+dNvqKU5P59vFyW3DSA1A1+XngkAaSD8yRCfqkAk7ZdtQWxhMODaKLA79LoLXj21h
+s0mD6BbgNyPBFf0Uj3yKiIk7Jsu9IckFLjsZxSkVK5BffFaC+jOvQizRmucY4BMC
+qLhDBP3FYlQ7hoeczHCJoTvCiwAlnBzCZm4U9+D5nPAFmxANzzPUBeS3bBYfhSWk
+SMTrACh1agnBS2hCWVr3Bw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-SJXCrhSjc053IMrjv</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:50:33,563 views 8517 140252907828800 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-VTSlqZEHGPIjTAE74" InResponseTo="id-RbygQx9RbbVy0v42G" Version="2.0" IssueInstant="2023-10-22T01:50:33Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-VTSlqZEHGPIjTAE74">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>LWgwt7W63iZKp81Dxz7cJApCW83UmnHwoSdRaEi3Buo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>m8JRxc9BnKd/Sdl8/0DrIT5u/720PzZbF1saazmSHPHiKHACq9DPU46sdz3+K5gv
+ZpOSpvVnsh4rEmC4SFSy39F3YUKPoBGjSKAN9r1LyuGz4SSumLt0VuYiEtXa0tp/
+y79+kvakosMF8ymm/2n/fZtjpjtG3y+kim20Saiib7ZcaauBeYlJHJYFrK9mdb3I
+m8wPuixsG9ytN72UOlxTjDHPxb33FezcbcNB9FpKIrdjRnKmMi5Bn5PSOyNtXLuO
+5Gp3TkC+HD3QBwAWJiUgH8VuQe9EL0nRr/9eZ0kM8t5RVVd/KWa7WPNrdpNpOKjt
+AuaeortdC6YnZN+wY2COqw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:50:33,563 views 8517 140252907828800 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-RbygQx9RbbVy0v42G|1697939433|80332b0852b738ee0f14bb9c877cf1982cfd1e8c
+WARNING 2023-10-22 01:50:33,563 views 8517 140252907828800 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:50:35,188 decorators 8517 140252907828800 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-bYzIy5bJ8nhhO2NU8" Version="2.0" IssueInstant="2023-10-22T01:50:35Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-bYzIy5bJ8nhhO2NU8">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>N4mS3pCwaMnwCs6k/TGxld09rfpWoeEZaOXmLAcPRc0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>N9q4u/zmm+K5gohnRLyhOZ4SJ6OMGbf4gCI7LJZzyb95DgBD3dgIlZnVFzX7e+WT
+/daVYOZEh12u0s4kmtWL2vO5udOhJ8jfzDLZAuC308Bo8AIu/PlCYh6BD/1TC2ll
+ezrhPSjzex5dwYa8oDRksLld8BmtQCDIs9EuZtzV1bM3roiV2VzB6vcZ8uerPlJX
+hup664nSh+7D5bNfUrAahR8eemxUA8ZH+l+7yoK1/c34Opp61GVyr7ZNXCCV2kDo
+wpP88hl0Cct5AahFrJwAcxZ+elNfSw2niNzbJed75wnTse5p1BQ5+4PXt89henM3
+S3/iomgTv8vumRYwrSVCSw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:50:35,189 views 8517 140252907828800 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:50:35,413 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:50:42,755 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:50:42,845 views 8517 140252907828800 wert: already logged in.
+INFO 2023-10-22 01:50:43,006 views 8517 140252907828800 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-bYzIy5bJ8nhhO2NU8]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:50:43,030 views 8517 140252907828800 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-xjy74Q1wfpL8RjhO3" InResponseTo="id-bYzIy5bJ8nhhO2NU8" Version="2.0" IssueInstant="2023-10-22T01:50:43Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-xjy74Q1wfpL8RjhO3">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>p23Mu1S2ERHaNB8c6TP7lW11/22uqbVfb64q0OmMF10=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>aKsh5uoeVyoPhEhc0yoZfz4Gl2Bgo83F+QhiB+TZVk5s9mrjILIZFL8GZdurwCbC
+2+YOG1ju43RtqypvfvgpXxVDDk+eT7ns+pB3F26VoNFYSmBaLRjHxxhmjFqw13gT
+wqMNuIBRYTxZWfaPuEG3gkX2IYFKdCC8MfdH99UldZnJd/FKxpMZBq1ljpQ41rmg
+JgI1dJndgorACsaueZeGQUJGWcyC3g+QpXhAT86PlIS2s9fRcrD+iCWG7eSaf/+8
+ho6IK2TLD8IX6fv+SZo84zMrLpBiPa1+llkgJh4PNlC4zZ+Wn5tV7WogF/0xF61Q
+bVq++MZUhG6aRiNq1GQBZg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-2xkX3VL4oM2QMZaH7" IssueInstant="2023-10-22T01:50:43Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-2xkX3VL4oM2QMZaH7">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>lbvAPZxvL4eVxQSoNkOOrERHclL2ZbNvIHJhaOYaCVA=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>RXbfPeKaEZFv6jVnCDY6r+ClDI1NckW8ESn1CUHcDSa4z/4+46n9GVIf66aQMzgj
+7/BhYCOrtmRrfOJiWhxOVb3BWf/0g1WMH7Xt5a206cENyq0WHdmnt/rkFTnFNDEX
+5YKGOmQwNzQ6nfFmShHbN+FKWK/zbOYYmjdjdWk+gOhLInTaQGtmj47vT9ha5b7M
+XgVbeAP0YNDIx+o5KT0AgxxPbjq+v6p0wp3Kw22RoEoDLwHtjajD7VDLrLjcBe27
+e0vWhAoIDZFcScjglBAZ4peEmGsYAu8pCoyl/8QYU9P1o4xTi7iXASXB4JLkWBHM
+HdimvvWYK8u1csjiLb7M7w==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:05:43Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-bYzIy5bJ8nhhO2NU8"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:50:43Z" NotOnOrAfter="2023-10-22T02:05:43Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:50:43Z" SessionIndex="id-kDKQ5xPKSr3eBS86h">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:50:43,031 views 8517 140252907828800 Redirecting to process_user_agreement
+INFO 2023-10-22 01:50:48,551 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:50:54,885 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:50:58,043 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:51:05,035 decorators 8517 140252907828800 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 01:52:55,506 decorators 8654 140633335395904 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-QMR334zCMqkg0vQhj" Version="2.0" IssueInstant="2023-10-22T01:52:55Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-QMR334zCMqkg0vQhj">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>T9g+oJW2ImkXeCKPpNU8WW0Cyw6cvF9RTY/oKGrSXXs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>OZVnZO9SccEW+8LWODJB1H3e+SpwJKg5L1FVF5MEyKTnpw24LhiMqiqzyGWUB809
+V20YgceqGy9DuClGj92Jf6qhmyUjBt+iIHGaZAAo1nVMSCTwhZ+Bu73uUgy1uUH0
++gGirG0XBXJcmxxZMCVGmvTbzTqFsuz4XTpZpflyasgYfDd4yooVhMrtDn+ozZ3F
+GzagrGqpE2tWNVE4sWfP0KrCq117JK8TW4At4um4xdfIYgn0opmBoUsxsnx838/J
+OlzRryUDQ+nslXFb0YWZGq9iY/9DW/3IY2Hchk/MK1K5lLF6HsGWjX4HhlsFoMA3
+A4BA5KQrjwbpHOh73WbYAw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:52:55,508 views 8654 140633335395904 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:52:55,740 decorators 8654 140633335395904 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:53:03,281 decorators 8654 140633335395904 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:53:03,372 views 8654 140633335395904 wert: already logged in.
+INFO 2023-10-22 01:53:03,527 views 8654 140633335395904 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-QMR334zCMqkg0vQhj]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:53:03,549 views 8654 140633335395904 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-bA3jCCrZpZEc3Yaeh" InResponseTo="id-QMR334zCMqkg0vQhj" Version="2.0" IssueInstant="2023-10-22T01:53:03Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-bA3jCCrZpZEc3Yaeh">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>+vahpPL8fAsooS/Wur2OfIfKE8LUuAMSHwApvOLt57Y=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fC8x98JL1BgtXHzxModZj7X4M7kqXZKM7dypipSoMA0c/71djErt7TOIXXMUhh2J
+mU9ygT4b0p0fQSamdb2nI7CmM79jpcZrisNmVU9MFVeTSys+sJng/QDkb6ENtP6o
+8oPoWHoVb9wKJw+kamucwNYmtUOzlSaTzDZwQcfz/on/VOS35BXumgxWejSSaxsH
+zHPcak0xJtfGF5HYZ0HulbX7i1zJZPfGfU4QPaL/Y/nEnTWgY7CYj45SVhuDtD4c
+h7LFgck+Q2DFK0OZFW2uaiEWI5LxGpZAzmuo6OvxO9zb0473RYBDMwAnVIDdUlGh
+fcL4KFfSRhVFwEjE/pDvRg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-InQH6sxkJenjHMczO" IssueInstant="2023-10-22T01:53:03Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-InQH6sxkJenjHMczO">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>kyItcU4CejkcasCgULxcHsiFu+ayTsKFWEQXOxNeig8=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>hrKsmR/R68GRSBL3NkMvLZdsmtrhK60RsIhu9I3KzRwwMgLPgbpKxgw5KlTPM70D
+H9zGsPJXXrMNiV/D/H3cHJADVISaftuhs9V3dRIFYNaPYkmBW1Ro2Cw146Mggutt
+d9GR5fbxC06Pid2iXHEYBepvbUb8JP3HQIxix1ZmR9dO1djZ7etwWc5EARdrBXPq
+L4JIWukiYAkg6W7oCN9sA5ByhnNOOIoQkTClisAOksDhvXEcdThRi8F4ijUgZLi4
+n8XHNG4urmM1VWnwQraQBvJy1Lq4VlcLQ3sdaGhimSiBJw6mdp5ffVk5EY5UiSy0
+H1eiXuOGsqaSCH5ZFdGO8A==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:08:03Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-QMR334zCMqkg0vQhj"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:53:03Z" NotOnOrAfter="2023-10-22T02:08:03Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:53:03Z" SessionIndex="id-b5lbSMBYbdK2PKmjH">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:53:03,550 views 8654 140633335395904 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:53:09,975 decorators 8654 140633335395904 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-R2XXriGxvIaMPwydT" Version="2.0" IssueInstant="2023-10-22T01:53:09Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-R2XXriGxvIaMPwydT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>S5+M16GB8AhiCIlZQepMXYAgevDbz8ltKcanIJsbGMo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QpIvs9x8jzQgZ6yWoSxT6rb7rtpUUItNkUAhuEeXlI3mgb6ApvmvZqUYwlfy06K8
+F+460XDDda90v/UjQZI6nXBC+LVasLTjcbDhO5hkfOyg4mJlWQCMbIWT55WEsfPC
+2jFCmRUXNiT0v58bhnt2A4unaaM1HTCD31G/Nt7C5iyLpTrI+EIxZGjNBWrpj8ey
+Cz7htuFRvBfMM3wpZnNwaoHXr9uX5jLkABV7rPq2pxFNoD7gjGEcfll1PwIXjiwy
+x8yV7BpRcbu1JhyKnvpfV38/TLl0L2CcpLd3Bo7RJkP37Zer2JrfbWz4e7bUhC2a
+DySjvALtV65/jwlEOcyuVg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-b5lbSMBYbdK2PKmjH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:53:09,975 views 8654 140633335395904 Single LogOut Service
+DEBUG 2023-10-22 01:53:09,975 views 8654 140633335395904 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:53:09,987 views 8654 140633335395904 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:53:09,987 views 8654 140633335395904 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-R2XXriGxvIaMPwydT" Version="2.0" IssueInstant="2023-10-22T01:53:09Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-R2XXriGxvIaMPwydT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>S5+M16GB8AhiCIlZQepMXYAgevDbz8ltKcanIJsbGMo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>QpIvs9x8jzQgZ6yWoSxT6rb7rtpUUItNkUAhuEeXlI3mgb6ApvmvZqUYwlfy06K8
+F+460XDDda90v/UjQZI6nXBC+LVasLTjcbDhO5hkfOyg4mJlWQCMbIWT55WEsfPC
+2jFCmRUXNiT0v58bhnt2A4unaaM1HTCD31G/Nt7C5iyLpTrI+EIxZGjNBWrpj8ey
+Cz7htuFRvBfMM3wpZnNwaoHXr9uX5jLkABV7rPq2pxFNoD7gjGEcfll1PwIXjiwy
+x8yV7BpRcbu1JhyKnvpfV38/TLl0L2CcpLd3Bo7RJkP37Zer2JrfbWz4e7bUhC2a
+DySjvALtV65/jwlEOcyuVg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-b5lbSMBYbdK2PKmjH</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:53:09,996 views 8654 140633335395904 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-cA2vXiibgwnSFcWrb" InResponseTo="id-R2XXriGxvIaMPwydT" Version="2.0" IssueInstant="2023-10-22T01:53:09Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-cA2vXiibgwnSFcWrb">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>cMYfum5rYQ8+8HuidPx1yyY9aSfe2t9CK7ZX4V8LLSs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>UawtiApaC/9wXwAzrtXTLcn4g5oE8gu9CQICOdYo5VjSdLtbGqK6VhQsuGlMz4ej
+2KSFc3/JwHUtF1l/AI+kL+DwhGEDmMUfjxNzRyjBZTKkkQZBEniTF3nTeQQyQFlz
++mtf7SbkdwGl6V6Q4fBOxp2Bi8RXrgIDzQKc1OBbItM9U9aBsI0DrkpAAi8g3IEW
+XKSb9bBhJpLmw1AtCSyKWlPKA5w/c0lSDAptgWavfY5xEdBM4PUS+EnBc3kcdev2
+75kjzLpGgFmEvBSTDSKg0yatjtvB5hgMYuX4GSe4QUEOWkSEJLc7gOG2fuPItZAk
+QZok+8bix0an4ulyOlpT4w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:53:09,996 views 8654 140633335395904 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-R2XXriGxvIaMPwydT|1697939589|49d1ae48213e6465f420e67dcc127b55ade60616
+WARNING 2023-10-22 01:53:09,997 views 8654 140633335395904 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:53:12,020 decorators 8654 140633335395904 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-T8uLqkPHVA9U6BVyl" Version="2.0" IssueInstant="2023-10-22T01:53:11Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-T8uLqkPHVA9U6BVyl">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>iftB7fTJk/rSVCvQFLpO/NRghqcyUCs3iC4Hd1k8TLM=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Q5dBk4b1bJXSANsx9tIIipxUqXPiuKqxq5axaINr2BFmeH8Gr0Iib9ki/FuUUOPM
+MEEqrEoHDbUPWKtFRpwyf0ktn67faoMypaeHTCqKG+YzcCW3divOCB+/bfGLt/+k
+Fy41zz3NNvfSBewi+AZV1Mvd7ezFXuWO9naYW1hP6d2W3+JAgxFiN13/diJF9//Z
+cdj4WgiWnqK4ozW+0JAdC644BW/iDIPxRugBIXkCXqdsdU0nBZB3Xh0fO6NOWfBD
+eWv6bAYV1hbvVAWKCohztyJY7uLjuVIHXWim9Dnn3vbo/Vz22aWJMaIwnUfJ7csK
+c77q/4EFqqz66T1XoEHWvg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:53:12,021 views 8654 140633335395904 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:53:12,246 decorators 8654 140633335395904 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:53:18,827 decorators 8654 140633335395904 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:53:18,921 views 8654 140633335395904 wert: already logged in.
+INFO 2023-10-22 01:53:19,080 views 8654 140633335395904 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-T8uLqkPHVA9U6BVyl]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:53:19,103 views 8654 140633335395904 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-FKeO7gOJXC3iYcuQl" InResponseTo="id-T8uLqkPHVA9U6BVyl" Version="2.0" IssueInstant="2023-10-22T01:53:19Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-FKeO7gOJXC3iYcuQl">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>GywyJpXX2YhMgDHQtpG6VdklM0UrCo751dM46ayvDXo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>OfCbsoY+c6KP0r+7AAqt1MLsCXD9dQcdWz8q2yEBCcQ+uPjVnvov+UVu15WS3rFR
+lSvU873KdDjcQHUSBwE5vby6dUxiIFqwiYylQnN2Ng9eZOifhk/pg3w/UwQgkl+W
+KiHLGhzFE+qjQ0Yym84k83OvkOMEIHYdLgqjgcro9M92YvP0H8vOwt4rPFMMnGf5
+vim3p+iIKdyROU6p2R2+B8TpyWFIgMwJ/dGB3fOoUkDLlZZP5iNBH8NM1IJ9Npjg
+FNk/knJN2gOh6UerJupaoP1rXY7JSBT4hAPRjY6ifmx7eEVboKivT6niSZIyBgt6
+LpETRh3m3FgiY1+pHtynUA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-1Z1zFRs5KePyZCq9Y" IssueInstant="2023-10-22T01:53:19Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-1Z1zFRs5KePyZCq9Y">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>d8yo16F8bp/kvYBVl2pkTAEOyVTWULBLG9VOoONKkYU=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>NHze1y35cSo0kg7eXg+xaWS4K/uAUT3Jwf6zSBlCLltTcDTPsaUnaObylmrOGCo1
+xAJnqHB4oQNjjn4nX2iH/oO7F60Ds4cOapHvOEkYlQo5ByujSose5KuSxNbk62pZ
+WxUSilIo6ptiro9ID31XCEQcI0inN+ie9DLko6G6N/09vqszBqTt1F5HXkJoMMk9
+ixlI1M0zSfUCNcuBY7KQdnS/hEdQ3Duxs+iwR6H91xksdH0QWGa43skwFg0wk9Jl
+puXYZOoB9d0zIb6Ni7utV9rHXyw3qIie1wXupgA5cJuwbWBZBw/VTkoXIpV3ZWWa
+DqYOYRHfg7Zv5Y6cg9K35A==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:08:19Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-T8uLqkPHVA9U6BVyl"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:53:19Z" NotOnOrAfter="2023-10-22T02:08:19Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:53:19Z" SessionIndex="id-x0thAWeuy6ZCKymB0">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:53:19,104 views 8654 140633335395904 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:53:49,247 decorators 8754 139681785181760 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-g5yoycM8vQs115OEi" Version="2.0" IssueInstant="2023-10-22T01:53:49Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-g5yoycM8vQs115OEi">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>TBNJ457g+l5BbP5mpNb1bir2Yo9s0P9uCPZ6Q1t6u08=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>I8YD1HiN4EyVGuYOPhhan/BsHPTRRxaYiw27foeU4cJc23qdTxqWM+RYStjE9uuF
+tffrXQXPn7Hl/0GPHZDEReSBcgl9SQuShDZeHTA2co5h2jqoy4DTgqlSFjv2vpqV
+1TU4wXJl8QeXbNFrCkq52d5zPwghpesTMMj7Lq6YE0ajfQEOnVNcbm+TtYCGCc3p
+mQRj6rPCKe/JJYScS4Y3Tahj0drZynT7zIZlit9Uo/N7aiiqTzqTcaKzhhR2b6BJ
+jGRKvVORAzTxvjB6R1cN1yz2K0sH7GeDOBY3L6FuREYpfzxvUxI4xi9Pu44jPiFB
+T1rnsnOWGbu0HNw+GnUPwA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-x0thAWeuy6ZCKymB0</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:53:49,249 views 8754 139681785181760 Single LogOut Service
+DEBUG 2023-10-22 01:53:49,249 views 8754 139681785181760 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:53:49,268 views 8754 139681785181760 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:53:49,269 views 8754 139681785181760 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-g5yoycM8vQs115OEi" Version="2.0" IssueInstant="2023-10-22T01:53:49Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-g5yoycM8vQs115OEi">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>TBNJ457g+l5BbP5mpNb1bir2Yo9s0P9uCPZ6Q1t6u08=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>I8YD1HiN4EyVGuYOPhhan/BsHPTRRxaYiw27foeU4cJc23qdTxqWM+RYStjE9uuF
+tffrXQXPn7Hl/0GPHZDEReSBcgl9SQuShDZeHTA2co5h2jqoy4DTgqlSFjv2vpqV
+1TU4wXJl8QeXbNFrCkq52d5zPwghpesTMMj7Lq6YE0ajfQEOnVNcbm+TtYCGCc3p
+mQRj6rPCKe/JJYScS4Y3Tahj0drZynT7zIZlit9Uo/N7aiiqTzqTcaKzhhR2b6BJ
+jGRKvVORAzTxvjB6R1cN1yz2K0sH7GeDOBY3L6FuREYpfzxvUxI4xi9Pu44jPiFB
+T1rnsnOWGbu0HNw+GnUPwA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-x0thAWeuy6ZCKymB0</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:53:49,282 views 8754 139681785181760 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-di2NkpSRcROsHcCZy" InResponseTo="id-g5yoycM8vQs115OEi" Version="2.0" IssueInstant="2023-10-22T01:53:49Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-di2NkpSRcROsHcCZy">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>cOqk2O6wvDWBNa0BBaJ4p5Cwg+YZSS27W24df8nsbMQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>iQJu7oWVT8/VX1Ecs77U1t4gO3Ec3r4nz+YB09lnnQhIie2td1TduR1MzEH7Qp00
+UBKq9o7CB6jiTy/FpBRFwkk6zFbmIRc0TowwKeUTSvRDOCYaPcobE+OSyQkQw5PV
+D/ytje91KvSPcXBytnEWonfAPpWfwErDjZRwgezDhdKIdmJggEj5Zyalw08EpfHd
+5vKQ+zkBSyQtjvSRrn8uCJ5HjAVGQG1C2wq6FT5qHYoOTxFg950h0Jlie7VmVOt+
+aldjeFdkF/M++P0J0hsWH8oHBX9O/v4TUVld+JTipfDB1bq2EwseZdducWHMKwlu
+0zgPxlib7M8TugahJgDveA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:53:49,282 views 8754 139681785181760 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-g5yoycM8vQs115OEi|1697939629|1c4172908c3251481d9fc9615633cab6fc85f24c
+WARNING 2023-10-22 01:53:49,284 views 8754 139681785181760 Single LogOut: logging out an unauthenticated user?
diff --git a/example/logs/uniauth.log.6 b/example/logs/uniauth.log.6
new file mode 100644
index 0000000..50dee16
--- /dev/null
+++ b/example/logs/uniauth.log.6
@@ -0,0 +1,971 @@
+DEBUG 2023-10-22 01:24:34,336 decorators 7818 140659774191168 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-3rFFUw0Y980MWEfvf" Version="2.0" IssueInstant="2023-10-22T01:24:34Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-3rFFUw0Y980MWEfvf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>LKnHBBImzTc/xF7V6WWNuSX+uF72lNsh+xG5yVBpVls=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>eRnb/GnWLq3sEmAJUOHlxuQ4pPUxkMkRpC3fG05BctF2/TWeKaM4/cwGbPiXAbx6
+sDh42sqOTeNKn3qcHjZmaNwNvLOLJsLt+WecSEkTZ6BXL5K+NxoFg7WwKZ/b8U2g
+UyMT5Ji40j2HZmB/Sa5VJVouNU1YvD9Wr7TSFYmDa4n22x40KVyDCAieg6zWXdME
+CwVRENsZZUT6x3CW3365N+h8KXv8rnjSJIBU5qLUq3/K/8AD5xJj9bPFRRcv0iCX
+QIjR78atxvRJMzB4vghYC0P4BOb2RNbalgcgjdKR0n2sGlG9gzHS2YIQ+qGpRYZj
+dO4p7jd/J3i1ttTvRfizHw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:24:34,340 views 7818 140659774191168 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:24:34,579 decorators 7818 140659774191168 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:24:41,828 decorators 7818 140659774191168 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:24:41,925 views 7818 140659774191168 wert: already logged in.
+INFO 2023-10-22 01:24:42,086 views 7818 140659774191168 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-3rFFUw0Y980MWEfvf]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:24:42,110 views 7818 140659774191168 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-9NQO2Df9SVBMEDCc1" InResponseTo="id-3rFFUw0Y980MWEfvf" Version="2.0" IssueInstant="2023-10-22T01:24:42Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-9NQO2Df9SVBMEDCc1">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>ECbLnxPYdeYnyanOPrYPgvmnvR1mQE3C+FJPAK5kfy8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>MzH/9nEaifHKKIXqifVi6Ms/QgBYHgks+V+pEQQnQI7TssenVYdwipPuwCUlY8I3
+WfgEsC4K2viGm92gJ6oTyNTx7tOMMFkiOfxIixJ5lk4pHIFOoDVA2vNZEYu21+k8
+VcPDVn96csBziRl6chA9nE5KT8yMyCYBp2uYHbePeDQkld444H5Rxbz8zZ9FNP2Q
+iD/NBlPa0pJd1zJTtbOTfdOsdIb6m3iyX0TjL6psskrlXPUQpg/qBE66ow1glv3H
+gemVDyR78ZoU4NABsLRE1127n9qJOGN1dKWRdrUtDg2espi+fl6zvvggGnx19eE8
+a6la/qi6a4gGMSrUNhr8VA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-cj9aU9BnDUZ6YiObX" IssueInstant="2023-10-22T01:24:42Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-cj9aU9BnDUZ6YiObX">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>ZoHieZiJ2BpLx8zrCy7+Tf9Q27h3vbo3f32XO6V6Tlk=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>hIksVoUfYLGJrArePjIr0iXYdwdES+yNUSFB99uv4Ok+8gDlK3HXo6fId83ppI54
+KjN6Yg76S7HMCn3WjlOJemTDsXYriH3lbVcB7DeCFu0zYk5WJWxK28H3mzeh6nW4
+kPOXbQHGv72z/gTKuzbiZMNGr3VrDztMFDyCOIKFV/OZsvAe3f7ZS3BOGCpuXPu+
+Q2/ftl/T6nc2KEMKhR/PDSfSqUFOna3qrRCCs2n9ZGPHgYD1w4G9h7c0Pd7oGW91
+fOXpxwF5+r0RvEsr/uSkghEhfa/fsTRof5jaQ1EUkA4ogXLXJnm487oY2Qk0DEtF
+jtzGwYVfzKu3/+jR2z4bIg==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:39:42Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-3rFFUw0Y980MWEfvf"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:24:42Z" NotOnOrAfter="2023-10-22T01:39:42Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:24:42Z" SessionIndex="id-L8MK7yJ6odSXGMy2j">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:24:42,111 views 7818 140659774191168 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:24:48,210 decorators 7818 140659774191168 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-scineepMr0Y5qGQPI" Version="2.0" IssueInstant="2023-10-22T01:24:48Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-scineepMr0Y5qGQPI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>R0SKQt7JToPbWuo08x1eb9VOCnqippTx3NmT6sReVWs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Lil2WZ6kis8SHDi9w2dKG/3R0R12qbHaysUkrjZZsC6v9oeKdVyJlBPLkKKen8ZZ
+Tyh+AWoSqZRn0sBRkg3rtGkVVffhoMFV4euPtqd/Zxy/rE8mQRVgDOxXbSx/aSbO
+MX5Zj5kNIinL3m/LEVGRBeMF7GutBh7aIgitjzTTkSo0c0D7fCann1SKRvWMvYKW
+6eygtfOfoZkD29THANKSYVYIOgulLRbBS1akvFpA8Pko3jSusBRcHcUct6KdtMUZ
+OHQWMFexvGXHX6xx0G9o2+yHS1F2N+STMBsVnfpQMdZ1mzSWojKvVX64Xbi559RR
+NMZ9mmf4pR1xL6tTY8dksQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-L8MK7yJ6odSXGMy2j</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:24:48,211 views 7818 140659774191168 Single LogOut Service
+DEBUG 2023-10-22 01:24:48,211 views 7818 140659774191168 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:24:48,226 views 7818 140659774191168 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:24:48,227 views 7818 140659774191168 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-scineepMr0Y5qGQPI" Version="2.0" IssueInstant="2023-10-22T01:24:48Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-scineepMr0Y5qGQPI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>R0SKQt7JToPbWuo08x1eb9VOCnqippTx3NmT6sReVWs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Lil2WZ6kis8SHDi9w2dKG/3R0R12qbHaysUkrjZZsC6v9oeKdVyJlBPLkKKen8ZZ
+Tyh+AWoSqZRn0sBRkg3rtGkVVffhoMFV4euPtqd/Zxy/rE8mQRVgDOxXbSx/aSbO
+MX5Zj5kNIinL3m/LEVGRBeMF7GutBh7aIgitjzTTkSo0c0D7fCann1SKRvWMvYKW
+6eygtfOfoZkD29THANKSYVYIOgulLRbBS1akvFpA8Pko3jSusBRcHcUct6KdtMUZ
+OHQWMFexvGXHX6xx0G9o2+yHS1F2N+STMBsVnfpQMdZ1mzSWojKvVX64Xbi559RR
+NMZ9mmf4pR1xL6tTY8dksQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-L8MK7yJ6odSXGMy2j</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:24:48,239 views 7818 140659774191168 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-JedVbBkEhiN213YKQ" InResponseTo="id-scineepMr0Y5qGQPI" Version="2.0" IssueInstant="2023-10-22T01:24:48Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-JedVbBkEhiN213YKQ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>kUYcgKVchbYCKNDSzHjIvXAxGqiTA37ESsZWB3oOTrg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>BP2P53cmSp/2kg6UEEIuMeuYJ7NSTAhKoVEo11r0/schqAwNsR3FLSSVSB/DMYt4
+/rwjQC573zPIY+B84YrFnqoZk6Ynx6bIQXbsTkLJvB3TQDuD7225NTDvdDocOIGr
+YGiblxHzNyX8nhkdZTQlUSpU+S28+hhlhR3z/E/zL9jJPaqMnmGt8WMxzLa02Mnu
+//dYc0rEAUqtAI0KCPYlpZpd45MTyvQ52yK/O4r6IfUlH2ltaN8kWcDmh9IX5q+A
+DAYhnTAw28zKCFaPW+9z0U/MzQykJjjyO3n8QdIx5p1kPFkqP+ZCJjFQ+nyrsheg
+1IFt4MPM/NK/DuaMxayGZQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:24:48,239 views 7818 140659774191168 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-scineepMr0Y5qGQPI|1697937888|7c88c5da241ebb39ad7deaaace2dfb862029fc80
+WARNING 2023-10-22 01:24:48,240 views 7818 140659774191168 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:35:35,573 decorators 7920 140393500898880 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Ulaeyr9Y66iipjUDO" Version="2.0" IssueInstant="2023-10-22T01:35:35Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Ulaeyr9Y66iipjUDO">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>R7DUAkjnvqy4nDd3VdfEYPsIRQjD9MQbxJQLUrP/EkU=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>FBPKVV6VHj3LSLpHOWiyvNS0Uh73xTzjwFf7JFVyAw/oKFq8iJhioqDGPx4j5TXb
+w5Mhe4Po8qf2u1mnEXvRZAj2146JhwyDPaphG8ixWq25PTaG+tcU2w6FxQ4ml/C6
+YSyVHqApNqhVZ83semADveDFiKN5fECkqp2S2rTk46dDYm2lxJSo7OKytsE6lKgh
+IGX0jfAirhic87rSoEdt0fjXJ6g/ZK89nBmVYaiKhSwg2L77vVKcdg4vTzjrfz8u
+x/9N/I4iq4BiwHYRXdkzIRkLkLO/161kb0wjEuMjrBbXWZTMKt3JobucD4nOofxj
+aqAT29ejnEiXadsx2FKbyQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:35:35,576 views 7920 140393500898880 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:35:35,810 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:35:44,396 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:36:10,953 views 7920 140393500898880 wert: already logged in.
+INFO 2023-10-22 01:36:11,109 views 7920 140393500898880 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-Ulaeyr9Y66iipjUDO]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:36:11,131 views 7920 140393500898880 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-y3LYxFwQ3H7HXmyPj" InResponseTo="id-Ulaeyr9Y66iipjUDO" Version="2.0" IssueInstant="2023-10-22T01:36:11Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-y3LYxFwQ3H7HXmyPj">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>IwRhhuBekJU0WWET+bZaNIh4NALMr95vzrf1S7GdkBo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>omXpkqNElkRTnZ8xKs2EIbyJmN/0lj7z8O2CTnrHqHliCICr81Bhq5sPTmTCjrxw
+LkNsGZrHnWzNn719mZ2yxiA+/povKzmAM+aNAt2NKVfhB+r+SntsPF21eCbhqBw+
+S8D4fmVkEmsInE/1hfSJZ2Mg3gYc7QHb/fX+lML6cA8ycMUEvKwLmd57Uh8gKAqE
+MCjnULYmcp9Yzr6ZjNj3muDjN8b34nabhjEazeeks+x0mvtMyt75gG1HRVBA+eMO
+Un7i93xZ3ATxfm+PnjR20xRG2ziYWPkrOBI/65a1wCrva9ejSQDwJDt6akF/5igU
+4oeU8KJpe26lU6k9xXCozg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-p1ISnkOGR7OHMnUD1" IssueInstant="2023-10-22T01:36:11Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-p1ISnkOGR7OHMnUD1">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>JJZ+hKYChYE0ggzBowEkIgLHCuwVwnW7o4sIC7gC/XI=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>bhZ/gg1z2mPDFo4CUjhb9tBxzeMYgF6ZstGlhIP8rtVjN98BNTaMQOKG5wGt6ppC
+kZkOzWxuA/4TW1sEvCZig55ZOd8HNiCqTlHXyuDuwg+1MvIjXDCuCDMy/ZfoFwcu
+/DfToIiDfSvEehIUGlfQQ05um9xGV7D9AQAWaIPuh8s3wzDVmkCoNo7flAUjveC1
+OZExRaurghiAVF34E0/tjfmzEK61BBagXPk2483moe0KMhSfH2t3eDx57zeEckGI
+nKXXz6739pAY7sKEM8x9EBKKgdzJMJaYeW7+h6blkLfmDJs2nr8pWwd0QJl4iMl4
+EGXUgBpo6xyiIh+5xoZtzA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:51:11Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-Ulaeyr9Y66iipjUDO"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:36:11Z" NotOnOrAfter="2023-10-22T01:51:11Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:36:11Z" SessionIndex="id-QAGvNVlAbJAkQvujb">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:36:11,132 views 7920 140393500898880 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:36:16,520 decorators 7920 140393500898880 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-8xqRUBCvasqKEZEyR" Version="2.0" IssueInstant="2023-10-22T01:36:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-8xqRUBCvasqKEZEyR">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>7tmPP/u0RkTTaQf4GDMrEV+0jMThyqO+mZwu7pp0/q0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jWD9pCw6V7S47a1IW4Fd8tmcrqFJA/1/pqaa5wJ6gkVIFYxekKEuqna4QgCqi5S6
+k4gy2EmYZSmKynekWA+cWxlJSfoAqSKyg6vqqEjWK57YT+NxFj0Oc5VWmFbzT6Si
+iBGOXefC5oaglSR2/PqsVCUOHiG612e4JwO+XaXBl2rUzj2TfdSnrccsL4VBrC00
+QMGZglwabjoOQrF2vOR51vJqDsYIcGkIs6xuKchugUrHucSWwe+3W4nJ6hCKOxWb
+W8Y8FDcAMxumAJE5cynpM1v6vz9ydI6vpxDgXK3Qh5KKMPUqguzV6qCUXbdZF5ev
+uXtbRvQDr5zuCxnql7w1nA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-QAGvNVlAbJAkQvujb</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:36:16,522 views 7920 140393500898880 Single LogOut Service
+DEBUG 2023-10-22 01:36:16,522 views 7920 140393500898880 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:36:16,536 views 7920 140393500898880 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:36:16,537 views 7920 140393500898880 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-8xqRUBCvasqKEZEyR" Version="2.0" IssueInstant="2023-10-22T01:36:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-8xqRUBCvasqKEZEyR">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>7tmPP/u0RkTTaQf4GDMrEV+0jMThyqO+mZwu7pp0/q0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jWD9pCw6V7S47a1IW4Fd8tmcrqFJA/1/pqaa5wJ6gkVIFYxekKEuqna4QgCqi5S6
+k4gy2EmYZSmKynekWA+cWxlJSfoAqSKyg6vqqEjWK57YT+NxFj0Oc5VWmFbzT6Si
+iBGOXefC5oaglSR2/PqsVCUOHiG612e4JwO+XaXBl2rUzj2TfdSnrccsL4VBrC00
+QMGZglwabjoOQrF2vOR51vJqDsYIcGkIs6xuKchugUrHucSWwe+3W4nJ6hCKOxWb
+W8Y8FDcAMxumAJE5cynpM1v6vz9ydI6vpxDgXK3Qh5KKMPUqguzV6qCUXbdZF5ev
+uXtbRvQDr5zuCxnql7w1nA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-QAGvNVlAbJAkQvujb</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:36:16,546 views 7920 140393500898880 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-J5lRIS4Dn1K7fqTOJ" InResponseTo="id-8xqRUBCvasqKEZEyR" Version="2.0" IssueInstant="2023-10-22T01:36:16Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-J5lRIS4Dn1K7fqTOJ">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>wm3yDUzcMVTZRknbLRfqoNqgpx7AzO9xGImShpXXLBs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jxbCjNe6rNGFz1a1x51nveo32XcuzPr5Zh626nRFg8YtX/TbiFZjebajj3PDKHWo
+l8MCG1K67edUMtYEJGbHrf0yQpURQ3eIZJ6z0NLUdklcGbC0RYmC9Dg+Y14QN8ZP
+7zMb+SGBgtZtFRj4jecnLlnFXQDm4wJ0bKxCrIUJDOhw8kjmsMNSSaatAxruloIZ
+GlcjUDXuGmkRP8VHsDrmOQIkSRSKmu1igAWXh2aEg0XBwNVPDTqQZxy3wQYMBql5
+9SoOnqg6nCdI+ls4AKDygEAJLZloJGzCsckx2pBA8lyoaaluSGczwVRdf0xzsK93
+4Ww5l1T9fVr0SidPCKDG+g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:36:16,547 views 7920 140393500898880 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-8xqRUBCvasqKEZEyR|1697938576|086275995b97e87277611c8aa79fd67812487549
+WARNING 2023-10-22 01:36:16,548 views 7920 140393500898880 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:36:18,317 decorators 7920 140393500898880 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-uwOjAjuO1efLax9EM" Version="2.0" IssueInstant="2023-10-22T01:36:18Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-uwOjAjuO1efLax9EM">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>3kJ+q4vYAtCsDSDUzeYOFt1UGL3zGy0dqrgOR8Vc7KU=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>OEhd7amctg2o1Ii0yQyzvque2EJrUX9k1/igFQSZbx1TLrtni5NjHpfpNmrGVHxl
+z+yNz1gkB3WIQ9bXuxpB9OOREL8H6pVumZqJDE3ftCybJQlWwIyfilYycvuucUEq
+raSIBrbd/ZCM3CWnbNLOaAfMEmp3EUBLSm4UjN7uZlpUXm0fulRrxzAlt60vHh1a
+xJpYUCYxMfkpg+EJLgRFM1PX23F9xdhDSYhZwDuiImS3XG416+7hfOwZJlXMghGM
+BdAm59SNT5lyCBrgyK6WD5IlnrIZap+g69pjdEaga1rj2T0eBox/a6vVR2oV2R76
+JZDlZxRK9FKb1/BCSfIvZw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:36:18,320 views 7920 140393500898880 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:36:18,553 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:36:26,146 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:36:41,879 views 7920 140393500898880 wert: already logged in.
+INFO 2023-10-22 01:36:42,029 views 7920 140393500898880 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-uwOjAjuO1efLax9EM]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:36:42,049 views 7920 140393500898880 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-pGsEDGmVeYS2qYIpx" InResponseTo="id-uwOjAjuO1efLax9EM" Version="2.0" IssueInstant="2023-10-22T01:36:42Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-pGsEDGmVeYS2qYIpx">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>L69f++FrYzirRMDEOQzC2RAEeGsf2PPj/aAmNn9Qv7g=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>rFb0Ewt9wDhtpX17LmMlW4sbHUDlY7cY407A/TF/ziRLB5/+yQvGxKeo+qguXJTW
+fBCenSLytDdjpGPS38Lzu5gjq+hSASn+qZYgSkcxRlnCSt40ycVdP+OKtXFpeI4t
+4SEFOHyQsGBELixmkmU3ou5UXjJMAcpGnupIwD3I+ytINMqbAo+zTCt1cHgsXAmT
+u4VZgu4EAWw0806SRZFWZ4B94pS2lI2WCW+UWhgugnHA8DA3ThFp4MrAJGUB8JMZ
+9g9BdyCtIucWz8ePF/paywNpp1wvMkiulKYZ/1qWHtiIUJ2sep97y6ZFD1aE2CxT
+pGkIXwJrfmYO7ExIRPO4HA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-lyRrOz2ppwacn3Ztk" IssueInstant="2023-10-22T01:36:42Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-lyRrOz2ppwacn3Ztk">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>iqXq1vKfizqHNaJI/adbUXwlF96Sf000TpfbMsxSoTE=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>Gm6Qjq2effo+IETdLFLB2WWu7xuJrO9Y3UqRruLFX5A8QoAqZhf1YUpfMiCRDNSO
+2niDHZUhRaGtLg2IwyGEDDBn9jqLAA7yBDptMDDAh2AmKm6J2V9JJ4pvjbEaB8vJ
+bFyQvvUzpmRxyoxV/1/NTCl3ZKLH3NgKZJUjDRu+xezL9CxDerIXcmOhb8W2KnEv
+qL3gG+yrOau23QetOUtnG/kPlBIm1eShRX+VcKQBymAu9zvBkCS9dkp5IppHc2Yw
+VYI2StwCm9odR976Hpfwh+nlAYxmvYd6jpGs07lXktbO15QivxySbyodOoWPh0yo
+OXAxleRU92VU92P58xHGSw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:51:42Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-uwOjAjuO1efLax9EM"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:36:42Z" NotOnOrAfter="2023-10-22T01:51:42Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:36:42Z" SessionIndex="id-hbTomR89rK9BxYcTO">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:36:42,050 views 7920 140393500898880 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:36:48,169 decorators 7920 140393500898880 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-HTvWhqdTsWHrIX36Z" Version="2.0" IssueInstant="2023-10-22T01:36:47Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-HTvWhqdTsWHrIX36Z">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>FJTosFtdtcJ8EiLrxtJXH8fdjUHbQUZMoDquX4J2Ouk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>kSF3ONr0y55yasIoaGk53J5wyNd9rR6Dn2SJln9bqL03e+QdhPDLNAQ0JvJQSqDC
+zAg00tLfr5jE87BUZy4HdWzRQwsTjMTh2wlR6fkWKL28FbA+EOtKvTqDusZA3kJu
+LHfGw2geEFibWZ8UNf1QhwekODsPij4cIuMfWiX6HrMG/MLS8L/sm8v/W9IBmnHu
+yNCtCkBcxB5sv2KeKPMyGe0aZMBoWqJf91zrdj2P2QnERxanoZkR/0lKimWiXCT/
+Zm+FGLCakJG9FvF0dLVrNWYbtewRi7Uxtjn0gEbv+dQlRssNeT4CAav4VHTsHnA3
+beTYth8NUMTGfHP5ewZTRw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-hbTomR89rK9BxYcTO</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:36:48,170 views 7920 140393500898880 Single LogOut Service
+DEBUG 2023-10-22 01:36:48,170 views 7920 140393500898880 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:36:48,186 views 7920 140393500898880 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:36:48,187 views 7920 140393500898880 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-HTvWhqdTsWHrIX36Z" Version="2.0" IssueInstant="2023-10-22T01:36:47Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-HTvWhqdTsWHrIX36Z">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>FJTosFtdtcJ8EiLrxtJXH8fdjUHbQUZMoDquX4J2Ouk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>kSF3ONr0y55yasIoaGk53J5wyNd9rR6Dn2SJln9bqL03e+QdhPDLNAQ0JvJQSqDC
+zAg00tLfr5jE87BUZy4HdWzRQwsTjMTh2wlR6fkWKL28FbA+EOtKvTqDusZA3kJu
+LHfGw2geEFibWZ8UNf1QhwekODsPij4cIuMfWiX6HrMG/MLS8L/sm8v/W9IBmnHu
+yNCtCkBcxB5sv2KeKPMyGe0aZMBoWqJf91zrdj2P2QnERxanoZkR/0lKimWiXCT/
+Zm+FGLCakJG9FvF0dLVrNWYbtewRi7Uxtjn0gEbv+dQlRssNeT4CAav4VHTsHnA3
+beTYth8NUMTGfHP5ewZTRw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-hbTomR89rK9BxYcTO</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:36:48,200 views 7920 140393500898880 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-otetrMUzrkFq4abUE" InResponseTo="id-HTvWhqdTsWHrIX36Z" Version="2.0" IssueInstant="2023-10-22T01:36:48Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-otetrMUzrkFq4abUE">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>hhgInQzvu+GqcrBGyLQfVfORDfqph1QOSVvyhPXShMI=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>HQeP0KO9BlkRgZJldVTEpI54ghyPW3OauejZEhgNbG/I/iDHWaFbKdHCi66RWog1
+VVTEC+BrJun+nZcNSe+Ki0Hf2ok3eejNZy7GAD/o/DUsQiYVyyt09ZVO6QYrlPJB
+q4UoMGSZgCsD3BfynfIgEl72IrNge64y7x72qwRKeOPForj67BHmJAuehcSHkgrW
+uRrTlvFsuHeeqvp+r4dU+Icok3M6Ha8+UuhAaz7qCVoxPP1XOpR0EQ39FEqtFA+O
+pL7uh6sw83NHHMn3IUWKfcbS+vE+QDlhd1R0c6rvdFF/gmgzaVUf8XxorS8dhtZa
+DmtYCM/jBucDuNmt4ieEAA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:36:48,200 views 7920 140393500898880 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-HTvWhqdTsWHrIX36Z|1697938607|0a1e0d951dd40f26407dfb9e0e0b411788dd54c6
+WARNING 2023-10-22 01:36:48,201 views 7920 140393500898880 Single LogOut: logging out an unauthenticated user?
+INFO 2023-10-22 01:36:55,669 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:37:03,654 decorators 7920 140393500898880 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 01:43:35,216 decorators 8158 139816106718784 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-HV1CxQMBxWDbT60X2" Version="2.0" IssueInstant="2023-10-22T01:43:35Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-HV1CxQMBxWDbT60X2">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>A9oYvqY0VMk6+xTep8C2P6hfj2GSM3oqJc9sqkJk1/k=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>jg1bk15QzeUbJyHJ8VHAvxPZ+plDJRXAHKm/lTE/xw0tC5QutwsbYOvGATWzQDkS
+JNWwlgb8tg9vR2BDHKZvCZFxSe5VUf7A7qz1SnjIs8oJrwzxsPHmDVg7lScLCcfp
+5to7AEF2aHItTr794XKTOZ+xka351yfLouTNTh3fw4+A4tTcQFnaMx/czFN35Qo6
++MJqSozVzrPEQZHuyXe+StmVB0x3T0/kcCeh4oNON5rtRxLUIQERu6n+/EyGVXvq
+lpbnDTSpO5ep1j0uP1rynEXlga1p0AuFEyvpEhb+zunr4NCJ53JQ/BzZFBxulQN0
++7Z9PWVqY9S4KHKLX1jkWw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:43:35,217 views 8158 139816106718784 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:48:15,853 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:48:22,102 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:48:22,191 views 8389 140676346934848 wert: already logged in.
+INFO 2023-10-22 01:48:22,356 views 8389 140676346934848 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-HV1CxQMBxWDbT60X2]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:48:22,381 views 8389 140676346934848 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-O8ux7XIiuSEEGNMep" InResponseTo="id-HV1CxQMBxWDbT60X2" Version="2.0" IssueInstant="2023-10-22T01:48:22Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-O8ux7XIiuSEEGNMep">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>J1Ck3WO3Wf+HrB3sDykmdCstuGiZRFv/tKn89ibOKHQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>DVzTkm1jh6LnsVpj3jTQuAmhPl0gQ1Hh4C9h4zymHvRgXTIVRSo9cUgFb++yvVia
+YcJ4S+/njlGkEzkvg+HO/eonDfp1dGUbPZKkp7q7IRpI4P+Me0MaKp97qs5/dIWM
+WH1ISOO0029OKVdYPQD1mj4Xg1+weAMVsfwEeJ/QlgBjPdIWUc5Mm53yZ1qcnuTX
+bJ5RiXjbo5I+DCtMXOKmcfLsJJvwM+gZOWUWSfZLj+z4Jc8kd72eJdNe0FHiaz8c
+PiW/dChzoWRIemJkHnoUS7cMuogzx7AkKazGduFw9Y1sC9lhqozO+1PRWNsjFL3B
++xkaXtwPARjLEjrjnoNsjg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-VQgODpfnLYPIgfkAr" IssueInstant="2023-10-22T01:48:22Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-VQgODpfnLYPIgfkAr">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>pKMHEUqhP986SDnetto+qaVFrWIYZR+WSP2PGQ7V1xg=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>NZcgUumDzUP1LRp3ODxlBR/N0uuFXJ8XYTxvjrPMfdc5xkGDUk7CtAP2HIerA7dA
+gJ10sXd/SGE5mhiyqHlOqS1MN4fTtUAhhgp4Jls5w69lzt2TSOGhgd8LWbygToCn
+ITyzKK75m92u/wOSHLxnRxsxSczyZxJIGnBn0gZ/Dqxe1RODWJbggX0UrbSvXK8k
+moqBDTGVvERXNi4Z9zggx0ICnkucdVwQjPuVwYRxGwzGbnNDF+67YNNuPRnxf6VM
+f8lKuoTmk2qoGPr5ArSC1aRrOrlX+0YZ9brNYli2h0p1iqsd3NiNOkqL6a7YnTwu
+E3jOyipRgyHlX/9z8iUa1w==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T02:03:22Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-HV1CxQMBxWDbT60X2"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:48:22Z" NotOnOrAfter="2023-10-22T02:03:22Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:48:22Z" SessionIndex="id-KzovXUEX8TWRqkZ9j">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:48:22,382 views 8389 140676346934848 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:48:27,613 decorators 8389 140676346934848 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ae0QRFzg1BS5GpsHp" Version="2.0" IssueInstant="2023-10-22T01:48:27Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ae0QRFzg1BS5GpsHp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>lD+S3ZzJC2HdJj01rDdIvGkssK4F0I7SAMnNA7tbxjg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Trkze9gCRDM3j4vBxEJ004htz7iNlLApDljpb56cH2haNNQPNcDKgYtbWL+K1N6R
+n9Xoo+08h5jKkcvhpaCqobMkqDe+66+YZrDstMbwmd6rbIB9zVVUMH6Epin4JWM/
+cSGKa03xmpSQj5cQnRlLs+m9C3MV2I2QpOwcwETYF2zdVOjthi4v0g2EH8rf/hQz
+ZuHZX2bUVRln+xpzsAxXf2XAn6gHXPr7njgI/UKuggaky+YubKPgSumXcT/36CgT
+sTYZeXcDCj1EIHSuMx75ef9KuC6p/awSErjmao2dVCPNAFzd5owpuscslmyvdG/X
+2w+2z2m6Yl3IJPDbosMq7w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-KzovXUEX8TWRqkZ9j</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:48:27,615 views 8389 140676346934848 Single LogOut Service
+DEBUG 2023-10-22 01:48:27,615 views 8389 140676346934848 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:48:27,630 views 8389 140676346934848 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:48:27,631 views 8389 140676346934848 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-ae0QRFzg1BS5GpsHp" Version="2.0" IssueInstant="2023-10-22T01:48:27Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-ae0QRFzg1BS5GpsHp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>lD+S3ZzJC2HdJj01rDdIvGkssK4F0I7SAMnNA7tbxjg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Trkze9gCRDM3j4vBxEJ004htz7iNlLApDljpb56cH2haNNQPNcDKgYtbWL+K1N6R
+n9Xoo+08h5jKkcvhpaCqobMkqDe+66+YZrDstMbwmd6rbIB9zVVUMH6Epin4JWM/
+cSGKa03xmpSQj5cQnRlLs+m9C3MV2I2QpOwcwETYF2zdVOjthi4v0g2EH8rf/hQz
+ZuHZX2bUVRln+xpzsAxXf2XAn6gHXPr7njgI/UKuggaky+YubKPgSumXcT/36CgT
+sTYZeXcDCj1EIHSuMx75ef9KuC6p/awSErjmao2dVCPNAFzd5owpuscslmyvdG/X
+2w+2z2m6Yl3IJPDbosMq7w==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-KzovXUEX8TWRqkZ9j</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:48:27,644 views 8389 140676346934848 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-bHefTAH9tNnf07cVG" InResponseTo="id-ae0QRFzg1BS5GpsHp" Version="2.0" IssueInstant="2023-10-22T01:48:27Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-bHefTAH9tNnf07cVG">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>8QiLbBYa5U1+KN9E0asRU+N0Fw0lAMeyYOVrTSJ8SV4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>VHJ5b3qBfA7xihESSU3jgJFekNNx/l239egKjcwvosoBmtTd1Oxn0BDxMXcHc3Uh
+kKA9joPXqgjwqEdUmERv+UpxA3EkOJnNGViMavCJ/rkzXZxSSlBJRroC0+fcaPRa
+Xq+EV3cy1NiWrAh+fo8vTY6rFh076VfCCjPzDaX4f8xt3uUePUoyxAMO2HMwIBHe
+i9cKRM3GJoGSugXtUk2z7u/iTvNTvofGFt7TLO4iXnG5g3bKWonEvPID5uD7rXjd
+a4OqS7pas8sUY8ziAO29uMs6EClF9+uHyqCCp/80sNlYABnP7R6m3zR9l4Gj0oI9
+OjRyrgmKGh4criRPOY7fIg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:48:27,644 views 8389 140676346934848 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-ae0QRFzg1BS5GpsHp|1697939307|f397be766375761f38dd21a559d6c0e2da904b64
+WARNING 2023-10-22 01:48:27,645 views 8389 140676346934848 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:48:29,517 decorators 8389 140676346934848 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-fXGOD72zaNju1rtPM" Version="2.0" IssueInstant="2023-10-22T01:48:29Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-fXGOD72zaNju1rtPM">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>FOWcpMy7DTGkGr19TM2TL1FFPp8nZ8CmIpmNuXcopcs=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Fy/jY6W8cedi8LBiB+eTczqE/TfLpptQYgPZaPykGQdKqVvlXc7HA3MFl/FXxdMn
+NyHOE10ijx4VkPNRPX2ycPAYNqcoj3mLW3sR7tZACNYnTAGRpcrKAbvnJ99A7WyK
+qq4EVsv1lVA+Ra9ceHouU+EyYW4gol7+hxYVVEnzddqeWU6OUMMhBEnEmEXgm85v
++BMQdM3pm3j6KVjUtaIMX6kV+YCqlHv2LzmQyySvB/ABXi9c+b/uJqiQfsUviNl1
+xInVywroABA4n9JRCdNqTTwSNhj/PnUQ2ku8qIy2Ylx0I2qbgcrcmpRBH75MXTTb
+KzyIES8f/myc36/ZJs2fQw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:48:29,518 views 8389 140676346934848 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:48:29,742 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:48:37,529 decorators 8389 140676346934848 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:48:37,620 views 8389 140676346934848 wert: already logged in.
+INFO 2023-10-22 01:48:37,775 views 8389 140676346934848 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-fXGOD72zaNju1rtPM]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
diff --git a/example/logs/uniauth.log.7 b/example/logs/uniauth.log.7
new file mode 100644
index 0000000..17a37a4
--- /dev/null
+++ b/example/logs/uniauth.log.7
@@ -0,0 +1,1003 @@
+DEBUG 2023-10-22 00:52:35,047 decorators 6743 140120757892672 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-RZZcLw0qT4FHuORC6" Version="2.0" IssueInstant="2023-10-22T00:52:34Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-RZZcLw0qT4FHuORC6">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>2CTMfc11QYMsdG+Kr8YpOd1XNI/4jLbFFwZYWCZPU3A=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>eA8E35aaSrdGKHqHp1eRKTxQHx7PPIKvw25kur+AhTokoDHppgRNLEy+ELyPnlqG
+H/tcPDN+RPrcg12Km4+mQLmW4Nysgy6WeiKSwXvtBYANKXx7iv0LS255OJsOUbD1
+VxciL0ozW9/MsEhwxvlrHnYaz1ryPZlaSmSBe6AGgMWvPQ8ApUuhjQvBLTroleXE
+s+SY1NUtKtHAhCUwtc4jUt/d4Np2TK60rdKy7Vpt5LL3kbJYhGfO/Z4fB+nHOp0P
+1x4eTk1V6vhVWG1fkstdYG262VLa0hQXld5jVoTWOqquKRpCOhodW97kv3OpnrW8
+V2ln808/HEkApAppcT6xIw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:52:35,050 views 6743 140120757892672 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:52:35,292 decorators 6743 140120757892672 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:52:44,617 decorators 6743 140120757892672 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:52:44,715 views 6743 140120757892672 wert: already logged in.
+INFO 2023-10-22 00:52:44,872 views 6743 140120757892672 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-RZZcLw0qT4FHuORC6]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:52:44,897 views 6743 140120757892672 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-er9jauGOlNrRMeuZT" InResponseTo="id-RZZcLw0qT4FHuORC6" Version="2.0" IssueInstant="2023-10-22T00:52:44Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-er9jauGOlNrRMeuZT">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>LEdE90pC1NgFtHarIuGACa43/+mjIQ/e09LXOsljXds=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>plbkn6qNQDp9bBZgSQgHwgtUaeGp4nJJUvB5N98cNAKqqyuALGJiRd/wyKsnhi/Q
+uhMd+Y+xKe+eWiiUPuvtKmz0jyHAFbPyMBAG39hHBYnsNhH5up6CX2f6YzlWCy1N
+N4cMg2m4aAl391icDccZOwvNSzjsJQL0mpt+CbIo8pF13FiB9C8LuaQHDktNWi9b
+7PddEFjDKlqYWMxIsGpWmr1c0KuqXYVzVz6YEP6AqgrAllIuNOERVtgJSoIgeQEC
+d2xsT/cH3bQzUBQo85ByuBjXSs/uukS3p+7WMxRKPCyc7EBONiID65V+hI4xwLnx
+XSkNzqWtI/WPuU0/ifE4TA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-1SLxRvI7UXswrPYuW" IssueInstant="2023-10-22T00:52:44Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-1SLxRvI7UXswrPYuW">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>G71nK28By9DsjbXrwQp3QZQSwYedLRk6vXVmp89JeFc=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>BkBBeBEeR/6pAYRxlOOYOwLk+8LVsjqB8IrQmTyk58stXn+eteYAOiNe7FI6YFFx
+FAXBRNc6ZpnV4Gr2wzGERntKFcGjKAdluK6EBaqRXOUjMINsqBEzrRmgi0+81ejN
+WC5zwLYYdg4XdPrTD5m2CFjGedADtac90nkT/Xf+eCIGn9+2rGHrl3XSZKEt0+jh
+fMcYKmeAEdHWMyrfKQhQOWQp16Ub87xVFXn12lNsW9xBPWolsqjFTd/ruDpyMcxz
+Zl0+FPyVI5097vbuNHcykZf+uhlBLCzwLRZI2ROv1PfPKzl/gpRgHXsnI/bjRSN6
+7cnTvX63WG4tooZsLecyVw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:07:44Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-RZZcLw0qT4FHuORC6"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:52:44Z" NotOnOrAfter="2023-10-22T01:07:44Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:52:44Z" SessionIndex="id-M6j100ElRPk5SIpva">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:52:44,898 views 6743 140120757892672 Redirecting to process_user_agreement
+DEBUG 2023-10-22 00:52:49,647 decorators 6743 140120757892672 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-lfhiulRLhg14gnmyg" Version="2.0" IssueInstant="2023-10-22T00:52:49Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-lfhiulRLhg14gnmyg">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>cP2GvEvd27+ODAhv3djVcMS1M47y95yFBEfvzuHhbyk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>eaFdSXygknDmvbb0dpt1+iYx/yhdEiE0PYZRUNP0QU5/X557scRqrYODuw/b8yC9
+Jw0GX7/tSOcQWe58KMrjTIJbTNvL4/gZsRb5rqp3NnN+WoE/V3V/TegLKx5Ym8kn
+/ARhdbiMlv/bK2NF7UBrLUdX8tHCPWWD2BpLvQHQDJVTSgIH/sIxVM3gkx3Eio+3
+rdyctqaVxMuAcEueEBmfYvuw++GQ2NRrG/yJ0W+SqIcVTRgpjsiMLRBYQOCUK1bQ
+6GZLeeZDrZd92k8WMsngPL6oP/SUGG4a6/8KzK+jzYxNr86Ed/ViNrkqBFN5FRm/
+NxmM1hHYfyuqTs/vNUyLSw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-M6j100ElRPk5SIpva</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:52:49,648 views 6743 140120757892672 Single LogOut Service
+DEBUG 2023-10-22 00:52:49,648 views 6743 140120757892672 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 00:52:49,659 views 6743 140120757892672 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 00:52:49,659 views 6743 140120757892672 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-lfhiulRLhg14gnmyg" Version="2.0" IssueInstant="2023-10-22T00:52:49Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-lfhiulRLhg14gnmyg">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>cP2GvEvd27+ODAhv3djVcMS1M47y95yFBEfvzuHhbyk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>eaFdSXygknDmvbb0dpt1+iYx/yhdEiE0PYZRUNP0QU5/X557scRqrYODuw/b8yC9
+Jw0GX7/tSOcQWe58KMrjTIJbTNvL4/gZsRb5rqp3NnN+WoE/V3V/TegLKx5Ym8kn
+/ARhdbiMlv/bK2NF7UBrLUdX8tHCPWWD2BpLvQHQDJVTSgIH/sIxVM3gkx3Eio+3
+rdyctqaVxMuAcEueEBmfYvuw++GQ2NRrG/yJ0W+SqIcVTRgpjsiMLRBYQOCUK1bQ
+6GZLeeZDrZd92k8WMsngPL6oP/SUGG4a6/8KzK+jzYxNr86Ed/ViNrkqBFN5FRm/
+NxmM1hHYfyuqTs/vNUyLSw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-M6j100ElRPk5SIpva</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:52:49,668 views 6743 140120757892672 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-aPua0T4qEieweu68U" InResponseTo="id-lfhiulRLhg14gnmyg" Version="2.0" IssueInstant="2023-10-22T00:52:49Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-aPua0T4qEieweu68U">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>kjFssvy3TnnQQf+JBN4v09zQiyQZsroYGc+/GMCiwjc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ePxs0rwgjUam63g6ibgJa5WoCZdTE/+N39eA4GmhiX1qfPHiXLB2GNkO9u34NXji
+XkC3Y4EU+GrqF7DIptEveI1k8JrcAwbmgOpdNjere8b2YC6Uoh8Xb+7boWNwXb2V
+b0fRk1KihoM7XOOC1H+bzKSXM6emBm71mpLFsgDhU5XIrGA93XFjrW2NUDlpiwBJ
+Gd1tf5mUOVxbt/zG43wp6mWcW9LCBRon2WiETXTJMmlsOlXklc8niT4Rg/2VCaqw
+rh9YCcxqKV2bKmWpq0m3fohTxGt38iLIiecWqozS14wgEmTnxyiaKJduH8KTM0HX
+MQqnmHvg7D5fXO7tapPlqA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 00:52:49,668 views 6743 140120757892672 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-lfhiulRLhg14gnmyg|1697935969|0e6b1647eb0d49107ffb18bae44b0fc57db716ae
+WARNING 2023-10-22 00:52:49,668 views 6743 140120757892672 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 00:52:51,648 decorators 6743 140120757892672 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-EK9anRSBxisHeX25U" Version="2.0" IssueInstant="2023-10-22T00:52:51Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-EK9anRSBxisHeX25U">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>DbDFTdix1l6rVKVnZ8fEqxftbSKNAZkAVjKC+sUlSW4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Hpp2vWR4njI+zi5rVa1Lp5sgboTbV52lDhGL1YINPLHer3YpAcDbnLAQ0DcQFuJ+
+P7GW/84TT6zE5brD1wZaX3dQluOf9OZLjZqGgqKaum25HLTPcPzFs3ohcx800w9s
+BhUQxs5h6YN1T0vrtk1FuZ+iFSgEk2d0tv6pRA77oCUHEnfiwiRv6beaUPG22tqY
+o791FcdQxE1GkKz6juWXpdA52Ez6zQXpAw/cqMJsDNxIOTMy6JoEbM/7jSEK7R8u
+z2qf8uoDs040VClSFudcVAL+YmEDvLPgjOquOBXvF+4e0lkjats+4p62Csn8v3yB
+6Ej8O+k6N7DFu+CUgOHGbA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:52:51,650 views 6743 140120757892672 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:52:51,876 decorators 6743 140120757892672 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:52:59,819 decorators 6743 140120757892672 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:52:59,950 views 6743 140120757892672 wert: already logged in.
+INFO 2023-10-22 00:53:00,118 views 6743 140120757892672 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-EK9anRSBxisHeX25U]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:53:00,138 views 6743 140120757892672 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-G32ILe5adCNOPPb0q" InResponseTo="id-EK9anRSBxisHeX25U" Version="2.0" IssueInstant="2023-10-22T00:53:00Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-G32ILe5adCNOPPb0q">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>8iUzoj3tgwHXpl2+0ZQbXpgkkK7E/q/2+4vuyoqXH1A=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>C3EI0UT8+JW+pPBSfhHWw77ER6qnWl736+IhELa+6vsKdhQLYf3uO0bue4imTC9G
+ZFK3XtXNC5oGErK5QozJHwUqIJYEIxGB1XZW/plUh/aH0AnsBM/Fd7P2lvDYkxbU
++4dIrJxWWF2AkCiUfmZabxTwIqJPhMrrLBA1ZX5msZ5TEP5bXBxTOSO0G8rdJYCI
+H2KCj2titrjMl/L3NYucHL7OFoDcs2+I6n+iFtbtWofNHf/EPmvopumCbkpXO3A8
+BFP2ZC81GkmQAYM8E2Se/ibhg3rckpNb9Lwa/GY/oS22Cl3/gVevIrwzrgNDldaO
+xlcjBlpGkpMNc/y5kOgvfg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-NXjx3WQZZv2w0FGAw" IssueInstant="2023-10-22T00:53:00Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-NXjx3WQZZv2w0FGAw">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>Ec0V4axGZwRGui7HGOWlsj4yWyGEOAf0xOX5M3Lmlng=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>SeGohD1qRBRYNIow0G8M3jZnG0yhXuUlIYoerbvrwYQJaiB7XdUnA2QrG3Oe7Z/k
+aCH9aB9hQGNCfHniQ/IZDCGkITGUCzzVFdvCDe+PH9k8W6JT/sZ2jW2IM4ZXu20c
+PrNrzHqDAUvpja1Ybsk616bYyfIFd2RRHY/f3aAeumWhm3WEvSjhikAQlCnRxbZ8
+J2Xv7b+02Ca9pBL0zwOCP83wWfKWP8teEImtkwNyZo1LyZJSmQwtZpT3rdM68SiC
+uVij8u6kfaJgXqBRBzcqRMY1DehdIdSOXf6EA2msCK91Rtpx82+8tIImyQykOOI9
+A99g7CcTdcoC3TtiHHR23Q==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:08:00Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-EK9anRSBxisHeX25U"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:53:00Z" NotOnOrAfter="2023-10-22T01:08:00Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:53:00Z" SessionIndex="id-GP92SQMVvqzllgE02">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:53:00,139 views 6743 140120757892672 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:02:40,096 decorators 7219 140559784080960 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-cpMQ40EYqu5vkHEbs" Version="2.0" IssueInstant="2023-10-22T01:02:40Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-cpMQ40EYqu5vkHEbs">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>AIgYRRAg3PX1j7Fc2JRKZSTzygTVWVFWy3MG+IoiNkY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>hAVLBZ0pazbSZfWcCt2vEHoxzkxuNikmaiCLMgUGTS8vuO3jZ4dDbtmhwAwewUuD
+FC5+a+uO918v+EBMX6Vm5IVlbJFa2ANUdNgTq0WUXyEqa09ypfqhVobFTiJROVed
+nImZfPVFCbnMXDNTfNehaaffmfLxgpgzq8zneW/kcjhFU+/fyQYMzbh1xVb8y81D
+mH3ijpePTWtXc5rVn8YW50p7yXOA9Vt2rf9RZPSflYuWM8rMNzAI+xIbHdW3eKkt
+Ak/jNsH8e6BpM5J+8laCE1j4ew7aLs1yR435b2Rcrt4cqU/vRH+PKRh24iyR7R8x
+FOSMGLYM4lMGwQO9z5gu7Q==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:02:40,097 views 7219 140559784080960 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:02:40,321 decorators 7219 140559784080960 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:02:50,271 decorators 7219 140559784080960 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:02:50,427 views 7219 140559784080960 wert: already logged in.
+INFO 2023-10-22 01:02:50,612 views 7219 140559784080960 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-cpMQ40EYqu5vkHEbs]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:02:50,634 views 7219 140559784080960 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-aCQ6bYkVETZOdYCWl" InResponseTo="id-cpMQ40EYqu5vkHEbs" Version="2.0" IssueInstant="2023-10-22T01:02:50Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-aCQ6bYkVETZOdYCWl">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>CDHpI3WKm9V4iZPYUVxETxH19CSQcYkMIrD8lUbP2eQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ZXv5tpBWPhqIdCHLVXcCsxbHHdCo5nAzuY8su3JKoql8MVWGA8f1zQOmKbHF4bGD
+jK6CziY391CRm2YWpkSf2gCf6+aB1fqaTI8uoMiKXGpml/cxORvLhpg6EjjSLu72
+dSSWJRjl2d1rDPYsBkuPNClJI1i99nbDNL0sy9I3+wOhCy9vPl6cBhSgJI8/yM+Z
+lKfZGdVHpD9jc6JvPhSnNbfMnAJn7fyQl/L3aoeHAOPgPMJr4YixLYPpqSreGW2w
+S/UAJztHl0Ny0LIMcJSul2DF1HL7Y3Oo3xu3ZNMKaJCeEF/44+IzvIU99qldOz8Y
+w1Tzn4Ge1lC0znPay+v/tA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-xHi4orUEq6srfjbXV" IssueInstant="2023-10-22T01:02:50Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-xHi4orUEq6srfjbXV">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>0hnD1sUgWhjQYZeCX7uCrEwJS37Ee3FyeCRncgSLagg=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>R6baTTIB10t/1rcVL2Tbsc7hhZbNSoGL+XHsSCU29b89669EmtHxmpW6KaB8zzgx
+yDUQeFt7Bf+W8pw4C1u9/U+K2FrvTYJxhKWowULR7vTtGJSp0hxNA9DQH55Kt3NM
+/lPRaDzG905F3FPy/aAdFrqybGXQGG+ILNI7O7m43+Q1ejDV/V7yp/ZwXDwMBoju
+FC2HE+6GSNyhfZ/BmWOQNq+9i96MRt8yxlu6NXIqfJJU/UM7erbhi3sp/s2rY09s
+oERBNFzkJvye4JlhVLuLEWFZfAQGqBllzj+UfBaIxCyAvKmlYrDBeRo/UXStH9Jn
+hC6y8QMOIbqIXDe7b/n1MA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:17:50Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-cpMQ40EYqu5vkHEbs"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:02:50Z" NotOnOrAfter="2023-10-22T01:17:50Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:02:50Z" SessionIndex="id-mYa1AjZPBf0LoO6I3">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:02:50,635 views 7219 140559784080960 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:02:56,302 decorators 7219 140559784080960 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-WzzFXW1suH2WXvPAf" Version="2.0" IssueInstant="2023-10-22T01:02:56Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-WzzFXW1suH2WXvPAf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>GUCzmBtC5myqqErsBeqzSCM4Niedru6CarjonR1eRhc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>TYrAtpDBkmwCPeEw5p7Ex1kqxMmyxQ+X+YkToxFA9mx7LOCoiU7QN5SoZMO9kJ9A
+xhsmiYOFqXv9MMUcFUqCFDLipoJVq/JNYw70TaaU5OqQTiNBRmIMReN3ghP4u77I
+zgdLdH6iORAt38RTxX6Vh3IgKEQVN/xVen8AGg3K8SN4H3GAeCyFvPm1pxdQYmZQ
+Y3mAvu9I6wW8d4Nu2d3dZXNxg0KmyLhbRt8vrktBCtF5KN8tjkFKVoO8W5aIhKkQ
+VpnEv4NxEmdh+3rOOCl+ks97uq6yPSLduj5H7e1mr0gR8M0NgsTkyLh8ZLDU97EV
+f+6bN9JmbFDY4R0UYn+kmg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-mYa1AjZPBf0LoO6I3</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:02:56,303 views 7219 140559784080960 Single LogOut Service
+DEBUG 2023-10-22 01:02:56,303 views 7219 140559784080960 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:02:56,317 views 7219 140559784080960 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:02:56,318 views 7219 140559784080960 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-WzzFXW1suH2WXvPAf" Version="2.0" IssueInstant="2023-10-22T01:02:56Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-WzzFXW1suH2WXvPAf">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>GUCzmBtC5myqqErsBeqzSCM4Niedru6CarjonR1eRhc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>TYrAtpDBkmwCPeEw5p7Ex1kqxMmyxQ+X+YkToxFA9mx7LOCoiU7QN5SoZMO9kJ9A
+xhsmiYOFqXv9MMUcFUqCFDLipoJVq/JNYw70TaaU5OqQTiNBRmIMReN3ghP4u77I
+zgdLdH6iORAt38RTxX6Vh3IgKEQVN/xVen8AGg3K8SN4H3GAeCyFvPm1pxdQYmZQ
+Y3mAvu9I6wW8d4Nu2d3dZXNxg0KmyLhbRt8vrktBCtF5KN8tjkFKVoO8W5aIhKkQ
+VpnEv4NxEmdh+3rOOCl+ks97uq6yPSLduj5H7e1mr0gR8M0NgsTkyLh8ZLDU97EV
+f+6bN9JmbFDY4R0UYn+kmg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-mYa1AjZPBf0LoO6I3</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:02:56,330 views 7219 140559784080960 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-PTqZhcD5uFCTydcW0" InResponseTo="id-WzzFXW1suH2WXvPAf" Version="2.0" IssueInstant="2023-10-22T01:02:56Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-PTqZhcD5uFCTydcW0">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>VUJ8TVp4Cb2DMI12cPh4Vs7ZlAv2mSpmt4y1HV0HwbU=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>HTM/5WOGl60sVzPZVrpV9BzlCn2akaTftKgGzc2J17AwRfYeF8AoPHBwQcpbaSAX
+FE3GaT+4UFe/VccLDRxcMiVXoEGXzmGSpwPAugRh/FfoSEReLkJT2LewV8Mgh7AX
+LRPn/dRkdEDQrtT9iU6myQdJctyTzeIh78SC7sUYbedIkmPV9tcnUIEp16R9zolD
+mvZYJ/fbINEixlM70tYEc4LOI3So9yMPXzQ5K2hwinHcN4JbiOcx56yxf+Pa+up+
+pfm+GQdsj6fWeZk8N3y+Fdqzyg0lRQBzm86D/IA3uRQvvEgdbmSlt9oD6SZSAxCi
+X2ZBtxNiRk8ZoLLsoG2FGQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:02:56,330 views 7219 140559784080960 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-WzzFXW1suH2WXvPAf|1697936576|3c5f3218bc121b0de24a5ace26739ac166ba827b
+WARNING 2023-10-22 01:02:56,331 views 7219 140559784080960 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 01:02:58,799 decorators 7219 140559784080960 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BIiKlKbD6izWPsDIK" Version="2.0" IssueInstant="2023-10-22T01:02:58Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BIiKlKbD6izWPsDIK">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9K4HJ/O/3TxwmTw7+kIfCEdWcLTA8uBes00iwo920PQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>YmCq/APTWyaZDtQhgcuOtE8Ho04IplcPQNQ/QafW1303IzRbBO2QMlXxo6bPKEZJ
+pobpqs4U/p5devDD9HvknklDzzpDMrduxLuPIdaznN/Zg5YMg84y/6OFCL8DWA7N
+haTvzwhzAukE8k9OnxKsdK51UV0FhssqscCoNBjMLgd/EZpS5j7x0LXT5FKbvz30
+mgMStxwKcpoPc6C+8g+5sdeuWUWWpXkKPRFWPXPoXDBJaxYzZYqNisdTdQ807ktj
+ZnS2sWuaxI6+Nwd4FAWz2q2MIKfy+R0S2OsMbH9MSvQxHwlZdY9YjMo/vOlvI51c
+v+BZdINLBgW0R/+sX4vrvA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:02:58,801 views 7219 140559784080960 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:02:59,022 decorators 7219 140559784080960 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+DEBUG 2023-10-22 01:03:56,903 decorators 7317 140649394337344 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-krHFKYj7hOPDwrPpI" Version="2.0" IssueInstant="2023-10-22T01:03:56Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-krHFKYj7hOPDwrPpI">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>WHuc2yIMXR+HzTe3CcKQma8yGDNro3qcta0D6xpcsuc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>NA+8nKpy69VZW9+ZEJOhwcIoyScuEFLT4Gtgp6ymcOoxuLRk0apL2O8iWAqH1jkB
+m/tCNioWMRvOxTtvHL7yxKGulFyWVVcu5sSX0YxHfkMKyodT+s8abvf1DlNl/9Eh
+3r+o4qpub3F9IBc2+T4LxdqmwrUiiH35gvDh1gjilI0UCa5gTrJhLqaSS9csD9uG
+/89N9ItkOrpwsw+Rv56jyZeZ+375JZ2n4+eMB6QPPJ0a+bM/gfZ1S/JKi4YeOeYA
+EOzJblMlqybXPp+V7UXjeEdd4ro23yZoZoLnWchOsuY8ITp3AKTgqbV+iI1KJag7
+Ei/YKW26kAcpjacQezl8WA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:03:56,907 views 7317 140649394337344 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:03:57,131 decorators 7317 140649394337344 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:04:03,839 decorators 7317 140649394337344 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:04:03,929 views 7317 140649394337344 wert: already logged in.
+INFO 2023-10-22 01:04:04,086 views 7317 140649394337344 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-krHFKYj7hOPDwrPpI]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:04:04,109 views 7317 140649394337344 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-xba3ay0q7rYD3gfTW" InResponseTo="id-krHFKYj7hOPDwrPpI" Version="2.0" IssueInstant="2023-10-22T01:04:04Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-xba3ay0q7rYD3gfTW">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>LOLk7rcGDvnotdkw1jxZeBQYiLB/C/+PKvo3gl3zzJo=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Q344aEzdWzyziDLj/dNT+5kHBjrHLVMMAsSIuY9p8bXcI7WuRhcaz3VA8ZVzlynB
+UBW2G1p6VhwYuRFCAZhegmLLsV1Pcs7vcTWrzCmxH3V+KGnrlc4YEFI9CdFSSG6U
+CBb0lXfppOaR0dou3zW00x7LQcoVrIqmrWr1/0U+CW7bFempse0w0v13SlJgrI4i
+i03++WRcvtVTBYxcLGb+DV8Z+VVcnC1Bxi09flbo6cvaB05k4Rl28ICkw96lMybb
+tBJQWkUyELxfHtKJbzzyj4vQ4uquvYXHOFxE1O9905ej99fmwKT8C37bsl4tiESu
+s+m5cyXo1bJnI2xQkKf4yg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-dQn9t62xAfcxSlsCX" IssueInstant="2023-10-22T01:04:04Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-dQn9t62xAfcxSlsCX">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>nZpaajiGpNAyLtepyG38SLcOd8GcslxWaxtP3G2kz8E=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>uDbZrxMDUavcelQYlLwMZjf2mnfYDlTyNnSwVuzuCvf2KjQGf1XZBb+CNXa/p/y4
+9mjGJo0LcYM0+rTtHitzMQd6bYMiTM5tLehWRQJvOUhxjq4jRMrD0Q9GOPfLrtPE
+9RJd+43J07HgLMIJoBJg4HC5MJc7SD0KllXkCnO4R2YWMBnDNc+Xs5Rn/LVz4wC+
+gGFnLEbU06pi3NdJGG49ZcLC7W6um8+xCZ7+JEyJXEqB5TnRwZ4pYfcs/1diAxm6
+Jcf3pG4UYQoKmURB7WT186ZLI5SBLP5U5SMmfCnBiwvRET6QKQ0UtkzNQ8hq6e1T
+PHrqno+Tyc9g1r/+MnCoGQ==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:19:04Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-krHFKYj7hOPDwrPpI"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:04:04Z" NotOnOrAfter="2023-10-22T01:19:04Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:04:04Z" SessionIndex="id-DQ4tLTZ7okrIYCy7w">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:04:04,110 views 7317 140649394337344 Redirecting to process_user_agreement
+INFO 2023-10-22 01:10:40,913 decorators 7523 140387411818048 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:10:49,226 decorators 7523 140387411818048 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:10:55,654 decorators 7523 140387411818048 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:11:11,807 decorators 7523 140387411818048 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:13:51,938 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:14:45,963 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:15:34,770 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:15:50,388 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:15:51,319 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:15:54,342 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:16:00,607 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:16:08,577 decorators 7559 139653731579456 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:16:33,686 decorators 7669 139622434731584 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:21:48,744 decorators 7713 140513329018432 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:22:03,174 decorators 7725 140534325704256 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 01:22:44,940 decorators 7732 139839783564864 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 01:22:59,740 decorators 7732 139839783564864 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-asEUZFwdWimwsA9nL" Version="2.0" IssueInstant="2023-10-22T01:22:59Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-asEUZFwdWimwsA9nL">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>zPopBvlYBOgt1jZppDWneUzeYuxYrVLkQh79AJosD5g=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>NphDXqqm61Rq9mfzximjGihakJl26/okjoKCc63/gNOZg3OqLVtidYLjslRmc+HH
+/hF4qBdw9Bi/ujpT+i6Htouf29xRZq+ufc9cJyS1o4pqlY9PxjHCoqJLvqn5TC2R
+vvHxKWJp/n/zMTUv8P0NfMyVDrl6G5vyoQfioLsnYJj/tLEZ5TMXrcjE8ShA8LAF
+OyHNK8ouXeEtqHbQP4GuRI+MfoIDkFAlDp65c09stxi74XBq3LUJSJv9nEilKqBt
+31CTcFesdOAM3vVu7yW8NTJhvdE6ezDf9+g+MPsVBynW4mBm4t+k9+EDUgJUyHLP
+FOBXFqEegVuZ7eZXtrlPDw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 01:22:59,742 views 7732 139839783564864 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 01:22:59,976 decorators 7732 139839783564864 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:23:13,162 decorators 7732 139839783564864 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 01:23:13,250 views 7732 139839783564864 wert: already logged in.
+INFO 2023-10-22 01:23:13,411 views 7732 139839783564864 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-asEUZFwdWimwsA9nL]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 01:23:13,438 views 7732 139839783564864 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-QqMWIlHWqqlsuPoL6" InResponseTo="id-asEUZFwdWimwsA9nL" Version="2.0" IssueInstant="2023-10-22T01:23:13Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-QqMWIlHWqqlsuPoL6">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>2e4f6aNnnd4rsXqB2yR4W+laOV86yEuAH0n3JlsSwzg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>oYTbVzuPQkZwpe5RobWCRm6vrT/Dzl4HVGabhZAgDcs76oUiRCieV0c9sBTp5m4T
+cB8FAwWOj+E9zLIpiMatMzW5l6lGz79Q6LPg0UcFS/DWTg64zeUiIsxIVkmtt/gf
+wAZjXhWKXZnBH/azxW40i8sXCF48vVh8+YmBAcPs85wcTmfPnPPrALoab8Hsh2nZ
+QIJYk2G041I2oS4TvizwJAjtvobxd1qxTWVXmtBo0pjp6X7nZJVxtSTkgOhMbW6E
+5jj94MPefBXSG9WavyUEfkqMKK/S/qcxo+M/BHXlvbW9zirSCWfv974q/ZlolQrr
+X4FVZ5reS3Hoh5HV7qfeLQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-m8ioeTAtp9NXoEU9Y" IssueInstant="2023-10-22T01:23:13Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-m8ioeTAtp9NXoEU9Y">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>sECRjEVhQN3/iQFOSlL/H2Gqo11C4tDqCcHZARaBKrU=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>rb9f00D95et/kmgSNOmD4g/OGteIJQHTUP2YqovxAohIS1umxWvbb6Xp/JRteWdf
+1p5GkwFTsitMdTlMFnvdX4+UUr26/JVAQf4+7WpaTYMwEXQf1KzGEgcp1A0wAniv
+TuSZa0be11lAgRop0oRfQ3Q5JW9aod1dmnu07fpLUG3xUPbjedd7+NDewjCP2UIx
+0Dj6w6CETRLGGwe+WHcV14AlcGv6vtfKibu6LtzK7ScmbfEMpl9F7otJBYBPh2yi
+A95o6pDGjKuOuZsCDuxRXT1tSq/E/2xDbY8/uLso4YbV5Ksef1il6zRD7XvBgyzn
+OoWERSnmKU2VcM5Uo480BA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:38:13Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-asEUZFwdWimwsA9nL"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T01:23:13Z" NotOnOrAfter="2023-10-22T01:38:13Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T01:23:13Z" SessionIndex="id-FxH1Sx89gv1A5dpvZ">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 01:23:13,439 views 7732 139839783564864 Redirecting to process_user_agreement
+DEBUG 2023-10-22 01:23:19,691 decorators 7732 139839783564864 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-74VqMwAhLi5tSONwl" Version="2.0" IssueInstant="2023-10-22T01:23:19Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-74VqMwAhLi5tSONwl">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9QgSf172kGhBltreCLyicNvGyNDeHqpilqx/sdq6Wds=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>d4zP32afIn8zXPg0DLgEHcVKX3U6vS42B3BLs9+UWiD9d/zqa1doC1imabetXEAE
+5Dfk5jXlHdMbSc4MhlNQ6ven5tIzBEKjhGdVAqnFFdztoz4BgONkxAZNwwLNfwIF
+yLPsJkLu19klMQ6bsfsn63J/fi1fN/Ko1e1U3qb+Rb4WAjhSul6hgY419L2HuBT+
+CKZvsv8hgYFjWmuFE7h0uwTREZKTRs8wL96aYq0gOFXUatxAoeSqqz0ppIH2fBqN
+r13Vy0u/ee+km8fiF5q7f95sAu08cYYy1e0DybZKrEyHsowcKzZOldWO+qJ6GVdH
+fWt8l7jkT+Pwb5i3X8ahJQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-FxH1Sx89gv1A5dpvZ</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:23:19,692 views 7732 139839783564864 Single LogOut Service
+DEBUG 2023-10-22 01:23:19,692 views 7732 139839783564864 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 01:23:19,711 views 7732 139839783564864 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 01:23:19,711 views 7732 139839783564864 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-74VqMwAhLi5tSONwl" Version="2.0" IssueInstant="2023-10-22T01:23:19Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-74VqMwAhLi5tSONwl">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>9QgSf172kGhBltreCLyicNvGyNDeHqpilqx/sdq6Wds=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>d4zP32afIn8zXPg0DLgEHcVKX3U6vS42B3BLs9+UWiD9d/zqa1doC1imabetXEAE
+5Dfk5jXlHdMbSc4MhlNQ6ven5tIzBEKjhGdVAqnFFdztoz4BgONkxAZNwwLNfwIF
+yLPsJkLu19klMQ6bsfsn63J/fi1fN/Ko1e1U3qb+Rb4WAjhSul6hgY419L2HuBT+
+CKZvsv8hgYFjWmuFE7h0uwTREZKTRs8wL96aYq0gOFXUatxAoeSqqz0ppIH2fBqN
+r13Vy0u/ee+km8fiF5q7f95sAu08cYYy1e0DybZKrEyHsowcKzZOldWO+qJ6GVdH
+fWt8l7jkT+Pwb5i3X8ahJQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-FxH1Sx89gv1A5dpvZ</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 01:23:19,723 views 7732 139839783564864 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-q6WZmyaD1IRoG73gq" InResponseTo="id-74VqMwAhLi5tSONwl" Version="2.0" IssueInstant="2023-10-22T01:23:19Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-q6WZmyaD1IRoG73gq">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Lwm19ogvyPdS83675Q78qQCAUcBxD8aJqRKhKbHQ3zY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>aOqxolKLC2QWRPmTr5kNkTyNwsJe5GiTGtpCUPwJ1gL5qZt8q+CaBkLOBnHgesXu
+8HazQ7PrXLfAQ/frrCXlC4KKV3cDbu8iyI7Bt6plREqMTvN3ulc3RtqxQ/1Me+mu
+MFgAYNhDS+8ig8FYuIFXErgLMzGwKz3gqHv8w/mePlnzFx7mTAGSzuTZLsyfw/9p
+dZB6yiXb44Vr2jBzuJ7ynysXcZI6lsQtHTTqrQZgqlsYPWy3KqgWUd7jHDi76hiP
+mw9yMhriskLH4KxTZn02ygmhwlJce99RfBB8NQDr59ClAWksTKYKIX/a7J1eiKRg
+rZOvv1B5IwheXfVkgLY7dA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 01:23:19,723 views 7732 139839783564864 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-74VqMwAhLi5tSONwl|1697937799|4bb979a57bc40fa23d6ee06f4290f42de4d9c0a4
+WARNING 2023-10-22 01:23:19,725 views 7732 139839783564864 Single LogOut: logging out an unauthenticated user?
diff --git a/example/logs/uniauth.log.8 b/example/logs/uniauth.log.8
new file mode 100644
index 0000000..9dd728f
--- /dev/null
+++ b/example/logs/uniauth.log.8
@@ -0,0 +1,1006 @@
+DEBUG 2023-10-22 00:25:38,907 decorators 5725 139639988942400 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-BCpKd0xphptiY2Xrj" Version="2.0" IssueInstant="2023-10-22T00:25:38Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-BCpKd0xphptiY2Xrj">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>X/XOrGjZ1jOgk6lPm0jTCv5L/j9mnHrCLcwm/6LgYKQ=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>SIQtQH6N3HxDFzik/9p3/Anl+jl4qUqWFCa1RfuK35lkTrKW89VLTrW6ZC6W6NE0
+NOCZjo005TBlThyai0F+x9aKyFfF5eiWyPhGv1rE74H8c9T/e2Xe0DgIushJuUMT
+tGCo8dPfVQfU51IPvWzMhy4LNKIcIveUfJYtl5U5/cMRwQjpoHPp+QeCWCqnAz6H
+Q1wwPTJFongDuMwBmjxy4MLh0QhqJpKNlX1wCmBb0XtTJrqvEXxphXSmEz/Qof+/
+kN8ayy6ZfcQT3su360TL0HsANJymkzIRyLRMdiDFFc8pDERdoUpKM+5P2tKz+TBf
+TeC15/Fh9gNO4P0e9LQ3ow==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:25:38,910 views 5725 139639988942400 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+ERROR 2023-10-22 00:25:38,975 views 5725 139639988942400 Request was not signed correctly
+INFO 2023-10-22 00:25:49,183 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:51,652 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:52,223 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:52,439 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:52,636 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:52,825 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:53,006 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:53,184 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:25:53,344 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:26:59,454 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:27:04,059 decorators 5725 139639988942400 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:27:16,434 decorators 5725 139639979501120 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 00:27:29,090 decorators 5725 139639979501120 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-qOLQN8HrbIsDTyNax" Version="2.0" IssueInstant="2023-10-22T00:27:29Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-qOLQN8HrbIsDTyNax">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>SEbGvUjrraKZC9Q8FWqPbumSpgQUKVMbWgIlrO/ZSUk=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>MM1mevt3cLF1y1TPkOpyXY54f+vo78NRY4gj25bpTHLHm1STn9p655QvkHFfY1cS
+csxKe7/4JAKHCZllzvutePFr8kDTDUCZK3WiICzmSoAeqVTGMO1kvKOUwxuihX5+
+K9jxEy/fCetaCtT7bTYMLJippwE2GS4sc/TXTIHwv2+76NzyOfcnq4iVz5auLNNB
+jFh0s8u+N+ereI+zil7Rd3fnf0n2UEoy6X3a74V1XsIcFf1ZUYb3q4iZsOObMske
+V+9VeHGb5OoJYTLUgv1UAyRduOgPX9GkQQLSrOo5x1A26Beka9AIq50cPlB9czMS
++qPIxfNc64eqxm2AFHYgWA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:27:29,093 views 5725 139639979501120 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+ERROR 2023-10-22 00:27:29,162 views 5725 139639979501120 Request was not signed correctly
+INFO 2023-10-22 00:29:33,567 decorators 5881 140117939320384 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:30:25,389 decorators 5920 140212093056576 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/mfa/'>
+INFO 2023-10-22 00:38:38,704 decorators 6062 139798791583296 SAML Request absent from <WSGIRequest: GET '/idp/mfa-login/'>
+INFO 2023-10-22 00:38:46,861 decorators 6062 139798791583296 SAML Request absent from <WSGIRequest: POST '/idp/mfa-login/'>
+DEBUG 2023-10-22 00:38:54,116 decorators 6062 139798791583296 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-uWPMzfBJeRCeHAiIp" Version="2.0" IssueInstant="2023-10-22T00:38:54Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-uWPMzfBJeRCeHAiIp">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>QMgQEm4muvjtOmRpEbCm9BiGuKuWtlG9r+VB3HKrncA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Lin1LCU7EwOI+xIMefOWx8RZjKSe3HxVyhzql108xF5R6ls3YwAedqDOLsrJvT96
+Invyfq0yQ1sn8Ev7lO/wtxEWOuvaFKfgPGjE1sDbCriAKFm3cHWnn9qULVMn616T
+hoOgjgtcADhU4esdwuJ8FGdVbI49FyYU+6OQWBJ1ZqHx2yBLhtxiKg60LIxR0+U8
+KsCrO5XmpW1KJbWGddJ39sOOZApzlP/gTNX3ubiImRER+W529A0lthithQdZ/5ib
+8ieTAZsS38i+BSnokRGourLuW4RdpvbjVJOZS8UPmmKKj6H45DMnZ6EStA0z0dTG
+TN5srsnuoG8fpPnyl74/yA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:38:54,117 views 6062 139798791583296 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+ERROR 2023-10-22 00:38:54,180 views 6062 139798791583296 Request was not signed correctly
+INFO 2023-10-22 00:39:14,598 decorators 6097 140447691306560 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+INFO 2023-10-22 00:39:27,605 decorators 6106 139910820394560 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/admin_access/'>
+DEBUG 2023-10-22 00:40:25,087 decorators 6137 140018470352448 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-1ct1I2fXyX36ZNRDE" Version="2.0" IssueInstant="2023-10-22T00:40:25Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-1ct1I2fXyX36ZNRDE">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>Cb3D3zNZu1c260M3Ucs2fN2vHLflgzfzu9/Ncbtm95Q=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>JSqAtR8ZA8L8Io7yhtTo9mkBhDHpqjVwZdhLXI6p5+o+p/7X6I9h4nI0N1RLBHnj
+2yNNbMIa6dnBVgd5Zs71MIxf9H5W1ZZ+/rPZLsul5HpgKZU8Ec6dstb6ym1wq4Ab
+nYawL+Qa+mgw3+NwaM5ZMSh0IuChohJ1xiOof9QH+/Js1yfBWV1XQNKxkevb7Niw
+P+sC4kqmv/qK9qCXdE9lWNCtvBs6GD04p0N6QveYVEakaBIlMLeIB3Ucgen1B8Sv
+WzW4lHw6sQ0eR8p836F5ujiEMz7IvkRBvDuvu50p9i+xy4exH7YVPpPytf5rsYSZ
+iTquzEuYp3oSNojRVehn/g==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:40:25,088 views 6137 140018470352448 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+ERROR 2023-10-22 00:40:25,149 views 6137 140018470352448 Request was not signed correctly
+DEBUG 2023-10-22 00:41:26,532 decorators 6137 140018470352448 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-v8w3dPMPKnIeIgcyH" Version="2.0" IssueInstant="2023-10-22T00:41:26Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-v8w3dPMPKnIeIgcyH">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>CXhaWl3nUaBLn+jMe15QQdjEqKgOD6Lgaf20LZZBr9I=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>ocjhDgkg6I/C3lstaMLNYlS5WV2mTwh4xKEKozKvKTQCA7I2qe8aRoD4YA28Hsis
+wto7M3Xe6hHyOGT8+aVfhlDAUIBqs0H9ElK6VkDn9FVvBViefC09kWtghBrHSjrz
+XaRBPDB95e0oX0+ItornLyrBkuG8RTtt2Wv/L6oqJhk/6agrCy2NyBo3L69RgIEB
+99VMnReQAf6LKv4z1mXPh6Zwv2jDAxyMWDE+RsfwPvbx7cqAEPWB7+l9gzhRxVxa
+FSWBk3qTiOdhXbzES81NLWnSNhU18vhAVLgdVJyjb6JdyrDi3mecQ+nCByJv2jsP
+Yj/RgkZ6cyV7DL9NydhmVA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:41:26,533 views 6137 140018470352448 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+DEBUG 2023-10-22 00:41:34,853 decorators 6137 140018470352448 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-20MQVZOpXSC0OTP8V" Version="2.0" IssueInstant="2023-10-22T00:41:34Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-20MQVZOpXSC0OTP8V">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>cYRRF+iV0Yf0yAo6veLgh3y2ceZrCV26GNoBlmD2SL8=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>fZ7KFGl8oy6tx8tCEBCM80BLXx/0I9U0A9CFxB8RWkpK9bdjIS7ymJ7FNOconU3u
+zxBWaKpHBRDjl0tnDYExzftnv6hOVriN8dzxM1yS7YjOLFcZq6g39fDRRhi5A1jc
+hc5ZrtmmZvsTwVl8ft3zY3jxEnnksemPktDFq43opzqYSWc/CI/XYt/9k6uz8U8i
+tysxSSI5A2gZ2Hoo50wCMn18y7UpnJljZyK+5vbR4hAC1k9TroxJDu0+ft1LAi0b
+A2960Uyntnm0RdIrnk8enAugSpXOItQRVg0+UXOeuej2k7JYcx4FWwESv3gfqjwA
+4Yi1kviWoPcjn+bP4UO8zw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:41:34,856 views 6137 140018470352448 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+DEBUG 2023-10-22 00:43:20,344 decorators 6137 140018470352448 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-TW4vJMBaz6VXlM8fX" Version="2.0" IssueInstant="2023-10-22T00:43:20Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-TW4vJMBaz6VXlM8fX">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>UJBBfXk4zbwP742sf9r0hZbUXlRK/ccaclriqbW15Ow=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>lQDXgeX1EqCD/aCdRpERN8/JxUD8DustJw4TNgunFS2BgwSHCmzlB2Glb3p3ZfLW
+mS9Qbf4MGzHY4MHgrHtvm/8jrplsVA3LFWGqbsUl6mL8/WMnfEcVWExDZGpXBCGm
+1uewljI66THiTmyr460YiO2+H8GvOsdQESJS6EOAbQcd0chgq/phC6+MUjDkdWXW
++IlTNUSJiJMqXa9wM+8evIXTmALWr1XqsHTSR3Q15m8R83buME5YNfjOdZM3ryF0
+QKtSyPC6H9pKhNOOdjUkfZ/uarCEFwA4cwe08uW+AW5E6naeXM3EkAq1NR4LHi3d
+1lk0yNTF1WGDKZFrMLZhfQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:43:20,346 views 6137 140018470352448 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:43:20,579 decorators 6137 140018470352448 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:43:37,748 decorators 6137 140018470352448 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:43:37,838 views 6137 140018470352448 wert: already logged in.
+INFO 2023-10-22 00:43:37,994 views 6137 140018470352448 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-TW4vJMBaz6VXlM8fX]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:43:38,016 views 6137 140018470352448 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-25ft6H1JUZuL53sKH" InResponseTo="id-TW4vJMBaz6VXlM8fX" Version="2.0" IssueInstant="2023-10-22T00:43:37Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-25ft6H1JUZuL53sKH">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>r1VQnQ1OBmEcIQGXXcLhebCtfs6D7Ck6miQ2BgIwB8Y=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>C8bHMX7eSzo2eLIikgj3k4lUGVwKaUkNcInc/5zaLUbgiB1gCrvkYr1x/4/vaPbv
+ou07C6Tuk/TMMa80+G8uQx+Dc9Pv1+sO9rz1eeYi0+4IF9LHKipYej2ZHW5s+G8X
+yJxPCu4two8LN//Okpsi+NpAzcPKAaRQAW90XjM4GPMvUm4FCFYCBI3qEjCNF/AS
+vx8mZdXVsBCO+AsMW5A8BtK1emZh0hPCHBnY6CuyGwQhHHYMeXc8KhQ64w/Oicdb
+pC9Y/t07I0j3vsv8nnK584/BkPqC6OmJDITrLUe+quhmyNeil7JB8GPSd7i6zchm
+TsT+EddnfXRKZhrgqRzRJw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-wAZPzl60PDSY0sliH" IssueInstant="2023-10-22T00:43:37Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-wAZPzl60PDSY0sliH">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>YcM4ixPAPjqVhRKNmge6EvDiXrdEMJqq+EIEn4LFadk=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>o2NneRrUfdW9M19Dsx/gQVxfdBO4W4K9BHfgLwStcfGPRcSbX08AMk2iLnBv4eUh
+YMWC6Kt1kiGekX3wcexrduEewAFu5A2EJGsds0bFwo/0H3Yjg9SLoVZ9MlqBcIgl
++Wph5Veh4nXKvq66yOKs8MWamKx3HwDoHG+bP76Ql8RsmwJWCrXbQNDzu1kiW0R2
+JDQBhBTnB66MkYSURlSsLHSqRuDKK7r0tKG/lfZJ1dvb/VLMJVQ1+AHwuJIVbPrS
+04xbdEbNMcn44nSX0rNgycKI9cRP4NpVJ4AzN4KtWWqbcMnWsqh59Yk3D2ywseuJ
+MZ/Bo7qE/TlIsF/GX1jtSg==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T00:58:37Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-TW4vJMBaz6VXlM8fX"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:43:37Z" NotOnOrAfter="2023-10-22T00:58:37Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:43:37Z" SessionIndex="id-2qsxhyvDGsbyXLrjS">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:43:38,018 views 6137 140018470352448 Redirecting to process_user_agreement
+DEBUG 2023-10-22 00:44:58,384 decorators 6429 140667893315136 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-em1lNTfn2dXhIxLGk" Version="2.0" IssueInstant="2023-10-22T00:44:58Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-em1lNTfn2dXhIxLGk">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>d07f33/FZ1ohhY92QZhJx4ZFxue6jvpmxobgYK/x4gg=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>k2hnQVqY0UD3g4ID5U0/AtYc3QUbaohWmCZOSbAhqf4WP6JrjZv+aG//AQXiBVzb
+gZnlbKoi+pmgDosoTVwkFciirAnO6RVeEm0coANPBN2quZmU5GCTWbIpZ/yTMyty
+NQn6rkqdL0pYc85MdydESkJml2h/dC8t/1MAISUwstZSdZf8vatGkCeIEju+d/ez
+zCfoGoL+hlgdbHcD+0Mj9qWaK0z7v/Q+AgLzcEeu3DnLw7aj5RlgOOaWL7Psxza5
+h/RF5g2qhEFk/gGqbbulj3wFKmZa4XmHMaa36XGnbQj84WE4dPOkgSC6kGSQzMp5
+Jo7sOStg6ZA5BYUW0DbrDw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:44:58,386 views 6429 140667893315136 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+DEBUG 2023-10-22 00:45:07,497 decorators 6429 140667893315136 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-SmBXO6PmNxKAuXA8o" Version="2.0" IssueInstant="2023-10-22T00:45:07Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-SmBXO6PmNxKAuXA8o">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>sUuPXUD6ZRVQlte8N6KJThPd4JhMX7kivnXRGZ0OrBY=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>FiQhr4UTqf9oTWeZAzBVWyz+MvIKAVdruUvUxQUodSFIUO+MfCKZiSpOFOpzRWii
+qM41SSsqvgTZZSNKcuJOsymhG+OLq66zYsB4rEKPF6b1UPIGedqRVav/uGnzbAV7
+aQ3zmF7GQ2RWwOfH5xudp44CldkQBbfe8X10czCfxuTp4j0DYfb0C+R0AaR5WOuC
+MzrY3UN8FZBYF4Ooa75fOOvPS82RhBhTGpM2PiklsSP6Cqk9vMBn/L8NJsM4gQCF
+5w0IrDo7i8z13faHJBXVD4cuVnaEK8HZo8w5ABEU70sJC6nzQpAq2st+eza5Smh0
+G61eOI3cGSIFWgBBuemwtg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:45:07,499 views 6429 140667893315136 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+DEBUG 2023-10-22 00:45:53,166 decorators 6471 139752061793856 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-9MPdeDsB4Jo79d2Ol" Version="2.0" IssueInstant="2023-10-22T00:45:53Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-9MPdeDsB4Jo79d2Ol">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>YpcJjFUfMnvRpwE32CRV06CQaiPBjrFHv0G0QZ/DafA=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>hTU/sVfgGU1kRjuKnlmp9U3kHx8BUggNrzW8sKL0JB2lo2JZRC5yyW3zb9nY5m6J
+UB+9I+2gr0B6mxT4Hc2JYKw0vOYENG/rdvNUZ+n6pK/qOqewzhmElcSoRsw0Y2SY
+I74Wgt3uIwNWiXwWI4AwbfaUHc6V5QyzHnfV5KQuEiu0ylxqPJq7j/zT1rV0LwVZ
+hCujywzDeR5/zKeDQcZYjcXmd5LISOfZSVRF4gF1HdetfC+TWtet5u0OajQuVRLL
+fDzPQpqmPpkCo8ih0GY955y32jZacG3XqBAPLicFfkGq52jEXS3f7e9i62pxIa+b
+t/oSPCuTO/P0x2lW/ziYoQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:45:53,169 views 6471 139752061793856 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:47:00,544 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:47:09,826 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:47:09,921 views 6509 140277710845504 wert: already logged in.
+INFO 2023-10-22 00:47:10,093 views 6509 140277710845504 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-9MPdeDsB4Jo79d2Ol]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:47:10,119 views 6509 140277710845504 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-WkTpA6HF20O6wjKA0" InResponseTo="id-9MPdeDsB4Jo79d2Ol" Version="2.0" IssueInstant="2023-10-22T00:47:10Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-WkTpA6HF20O6wjKA0">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>b1CGfN88IdD1fHyYGxhsqHY+TT35rXhwpB8WuAuJcpE=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>f8M2c5QYu2ecv4E6I/lTZrfb9+UyIasbrkqaLNCYwJfJrVTE/qpF4Qnk2N5VGei0
+XO7wFKRoRxieSv/GUBi+f2ZoptDOhqwgy+V/DrEE+TPUpVqZF+IMbKcE3h3PY9da
+g02nekStY0X+5H7LBdT0ChfOpBj4KmqxnqhTITUrrofXDZnTYIvljdzYyVrxNh6q
+tQLpVlMwqhcKIwxsvx+sY18PDxMQ03LooB/YpLAjck2CcFPjkp4wv4F24qEg9b8b
+twSHu5EMFVhYDq3DE2GSj6bkOqjDkI0p3E5/MrE09segvQ+jzma23IuLXZj3Ou9Y
+yyvIDUykt1MQ50XN2iZysg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-3CSVJ5qUPkeX1wBd2" IssueInstant="2023-10-22T00:47:10Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-3CSVJ5qUPkeX1wBd2">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>aOYVcYihlVgsUnkF4p2l6U8Jh7m9O+PW4XGmi8K1mRY=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>SPKFTLb6FX09eZJCLwe0sCxkhug0z3lnhHAe3BMylPcGlbL+TETVLWwYHSMj9Y6s
+R7/SXMwxx4pDEAKw05B+ryLEzZQeKEFzqSCms8bl9fD/11nstSNi8dVnoDdXz/Rd
+0aE1ZTSgkJlis/lTbQ/Fqp2ocC5Ujpt6LJ/q85NUrBxPc2348d49haNtu02zQIm6
+04xgLF2O6RjffCTQgY/BT4nIRW0cBB2sPQ11UYukRXO5d40ZbRxbdEb+D1ZAwTKG
+XGugXGtgaavpCg1JxbkfPvRT2xF90kC5UL8ybpexDqvRH6WUz0PVm47jLima/LMS
+eRc9NivnmfJ+71+LD30XaQ==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:02:10Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-9MPdeDsB4Jo79d2Ol"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:47:10Z" NotOnOrAfter="2023-10-22T01:02:10Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:47:10Z" SessionIndex="id-jNZOVrSngUjOO2w0I">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:47:10,120 views 6509 140277710845504 Redirecting to process_user_agreement
+DEBUG 2023-10-22 00:47:16,574 decorators 6509 140277710845504 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-AVDeovcS2QCWfdO6n" Version="2.0" IssueInstant="2023-10-22T00:47:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-AVDeovcS2QCWfdO6n">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>twsnXWEtQAcLZc/BcQQ368u3GjuWj2vsFpAFXaRL300=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>RH0VZ4wyC+Ti07PCdNKRpgM6CsuDyhRSOr8QMpLwH4wyMbK9uvyxNSYqlwOMuFOk
+bjs64gnISM2wmPGWyceFGqj0dqbUcf8fLpglX1CjhHLCcF+lWiwY5kdOQuAnjmQz
+4sJrq0kFwKsI4pQ/aBs7bVuzsyBehz0+zAs6isK6aEqbszm2OJLkzSxR1WlGoKme
+XVLg4s4oo3r3ac90p1ob7kq+a6dKKaZHmr/N/tSLatnU0xwH7Lq4SJ/yPoCQKCQ5
+HYM18AZJHlUMAENDClNaYaatMxWugIho0JweVzIO83BdqGj4pWPK2FjDCASSYkTa
+Mh5RIARsHJFGC5MukZ6zMQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-jNZOVrSngUjOO2w0I</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:47:16,576 views 6509 140277710845504 Single LogOut Service
+DEBUG 2023-10-22 00:47:16,576 views 6509 140277710845504 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 00:47:16,590 views 6509 140277710845504 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 00:47:16,590 views 6509 140277710845504 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-AVDeovcS2QCWfdO6n" Version="2.0" IssueInstant="2023-10-22T00:47:16Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-AVDeovcS2QCWfdO6n">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>twsnXWEtQAcLZc/BcQQ368u3GjuWj2vsFpAFXaRL300=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>RH0VZ4wyC+Ti07PCdNKRpgM6CsuDyhRSOr8QMpLwH4wyMbK9uvyxNSYqlwOMuFOk
+bjs64gnISM2wmPGWyceFGqj0dqbUcf8fLpglX1CjhHLCcF+lWiwY5kdOQuAnjmQz
+4sJrq0kFwKsI4pQ/aBs7bVuzsyBehz0+zAs6isK6aEqbszm2OJLkzSxR1WlGoKme
+XVLg4s4oo3r3ac90p1ob7kq+a6dKKaZHmr/N/tSLatnU0xwH7Lq4SJ/yPoCQKCQ5
+HYM18AZJHlUMAENDClNaYaatMxWugIho0JweVzIO83BdqGj4pWPK2FjDCASSYkTa
+Mh5RIARsHJFGC5MukZ6zMQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-jNZOVrSngUjOO2w0I</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:47:16,601 views 6509 140277710845504 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-FAAlCyQWZZ7eMcVPA" InResponseTo="id-AVDeovcS2QCWfdO6n" Version="2.0" IssueInstant="2023-10-22T00:47:16Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-FAAlCyQWZZ7eMcVPA">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>ZC8gO1hKN+CalL0kry+Buk1XGkPexS1iEOJ3eyvt8No=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>UR3Vdrblsb2I6YLlNNfoD/djDteDoPqoAehC7rea72+3RucbJKleoCrdfUiYK6qC
+g3c2Bj4uGGVYXSFGRJOma9mu+4YS9B1lfbCxHTIApZ1ASqSoBA3zKPNSA1yqDylh
+XWHL8CqUECs6XUWsuyctDVSZtaHvw/Li5oFCAUDaX6akAZhI2pv0DPuqPU/+DM/V
+O8Y+piVxDmSGGIAjgSCkz+d47p77t5G2PkPqfkTOW7tATvwmumXjdAv06+NnfHY1
+CKO00vkIn939dA0+ZAElz+5YxWFhdf5YPxUIgKMUV/QwWcfCdXMPy4uba0V7qKEr
+vtqzxP4mLwMrJfNWP/Rtyg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 00:47:16,601 views 6509 140277710845504 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-AVDeovcS2QCWfdO6n|1697935636|3dc7726ff9a0f0f16ec79d5c41a8c9a02a4e4634
+WARNING 2023-10-22 00:47:16,602 views 6509 140277710845504 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 00:47:19,112 decorators 6509 140277710845504 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-JqgAsjhnnDyqT6Cu3" Version="2.0" IssueInstant="2023-10-22T00:47:19Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-JqgAsjhnnDyqT6Cu3">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>LCl75nkYQBKtO2G6RqLyM1/VWQupm4z44xV79UrZ8/Y=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Kx3sKelS1mIIpVpRdMLRb15AJ2+0tv7M5FeSphTfbAcmXxJI56/FBwDMUz7S5fwn
+8QIKhDoq0rL2nt8Ef8IJfPfcVhL599VIiRQ+f2DT6a0wRU49BYQaP1+O9JGWvKHd
+M2k3daVUv9W7tjxFAuwKZ2a0N/NCTMQmpkQdBiCVRuEZf+VciAs4GRRiV8mI+yoc
+SelBKlF2X3bK1tik5PNhUomlbwOwY8wH0rScuDzjloyXxfltNjpvCWR9uq8qclEV
+pc3l1OqWkk075CuLaQV3+xZ/jPGLmJMivxjEo9Fc4u1sH/IMIM3Y9QKEfH4e29cl
+b9u6VrAObOS0FV/FLbVMqA==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:47:19,113 views 6509 140277710845504 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:47:19,345 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:47:28,878 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:47:28,966 views 6509 140277710845504 wert: already logged in.
+INFO 2023-10-22 00:47:29,124 views 6509 140277710845504 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-JqgAsjhnnDyqT6Cu3]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:47:29,147 views 6509 140277710845504 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-5MWYUXvcmAE4ekCIk" InResponseTo="id-JqgAsjhnnDyqT6Cu3" Version="2.0" IssueInstant="2023-10-22T00:47:29Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-5MWYUXvcmAE4ekCIk">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>4KqDhTPyktG8LyzVzScrDgRUwy9ylpVf7G+b2UQDJ4A=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>KsTJVB4Mej8GguNYIHS6yD5TDFMdJ/C+R8e9RrkGRzUfSyh4eAu0GNvpFf0N/iOs
+syZLIRJIvNR6nEmbMSLuvJnCxbNu52OBGtGwhuv/snCG2R+iQIdPV+zJfY+XQi4R
+KrmBHGBp8yuh71968Fhqat8wCgf2uUcesFNrg4sVF69UxbEfAzQPNOIIJEv0n918
+YBWKxoCqT8T3EONZrF06QRk7v+WeWyxRJY9f19fgaWCIUfRrXKtxKX9ElCIcFBof
+vx8YQ8xlaq59TkpR2uzasiGCJF0CNXt4yzDAAm8bK6T3QpHhzq8Y0dpOou80xh9r
+7HxImKOaItK/BHDntofPeg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-Lpo7hBo6ubOF7JwMf" IssueInstant="2023-10-22T00:47:29Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-Lpo7hBo6ubOF7JwMf">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>DjCU+1NdpJDTPZTB3+5JXFemaozFseVZF7ZbbEPL360=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>kWxKgrPhWyZ0T27Onwi9SagRYrlKudkRg3HvsG1634KjCkSpHGH0hHlawv3DzxIO
+Y4LiGHEl/iADj2ExmzqetnoqDNeFETDc2uFQOp79VtE/6QnPTw3cUGr1wTtj4GYW
+dcUaQ38KDd7Ths8uDrWYFYz/mp3DEE/1joWaHfWsr4lrDL1Si2puNzvBjGw3oW29
+uV79EK7YtErwO08QJFlJPyqC8r3uJmBtA72TXqLDeI6183J3bbTVky0QDnsHaHKv
+4FMCwphuWpgVYnsEOUZOH+c0F/ZLJbGLBJVJ8HfMQy3f7LQddwANmiFk7PlPpnXS
+xXr/DMeAtf8+qAmYBH11Nw==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:02:29Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-JqgAsjhnnDyqT6Cu3"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:47:29Z" NotOnOrAfter="2023-10-22T01:02:29Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:47:29Z" SessionIndex="id-IJA9ylWxBzz8LtoJx">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:47:29,148 views 6509 140277710845504 Redirecting to process_user_agreement
+DEBUG 2023-10-22 00:47:33,628 decorators 6509 140277710845504 SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-KoQpQcgfDtPvg6InY" Version="2.0" IssueInstant="2023-10-22T00:47:33Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-KoQpQcgfDtPvg6InY">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>8+jJ9fF+c1yBcougxCG/Nk6dfRlBBZ4+xml0TXjyfB4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Jeo1emcvbT3IG1WrDIBvnvV2XvChsugUvj64SE0VfO3YhbJlH2xjIAgEnSq/BAYG
+DbZcacJX1Dk/pwggyVYDr2GF3p+Ybv2NPFy575ZyWuB3v1SFJqu6Y/QIprvNQQDv
+oX57Tahjk3BrdZRkW2jFyVSgOnlOZBVsyli7JIQIdxGSDHcqNF0vej2qBuASo93n
+oARLg2Y/Ac6BynYPSODL63kh/2DufU+wAncqeMuX+NJqw0Wzyr+eToy2Sx/vaAIO
+ujQGxcb35yiYV8jmeHkoxEwQdjox7lcJ7SWTYUShXwMFDn+IgJlKy14p1lBUqgza
+cXp12Gz3IlgHPH3wYcFKUw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-IJA9ylWxBzz8LtoJx</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:47:33,629 views 6509 140277710845504 Single LogOut Service
+DEBUG 2023-10-22 00:47:33,629 views 6509 140277710845504 Single LogOut requested [
+urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST] to IDP
+INFO 2023-10-22 00:47:33,644 views 6509 140277710845504 Single LogOut from http://localhost:8000/saml2/metadata/ for [75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d]
+DEBUG 2023-10-22 00:47:33,645 views 6509 140277710845504 Single LogOut SAML request [
+<?xml version="1.0" ?>
+<samlp:LogoutRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-KoQpQcgfDtPvg6InY" Version="2.0" IssueInstant="2023-10-22T00:47:33Z" Destination="http://localhost:9000/idp/slo/post" Reason="">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-KoQpQcgfDtPvg6InY">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>8+jJ9fF+c1yBcougxCG/Nk6dfRlBBZ4+xml0TXjyfB4=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>Jeo1emcvbT3IG1WrDIBvnvV2XvChsugUvj64SE0VfO3YhbJlH2xjIAgEnSq/BAYG
+DbZcacJX1Dk/pwggyVYDr2GF3p+Ybv2NPFy575ZyWuB3v1SFJqu6Y/QIprvNQQDv
+oX57Tahjk3BrdZRkW2jFyVSgOnlOZBVsyli7JIQIdxGSDHcqNF0vej2qBuASo93n
+oARLg2Y/Ac6BynYPSODL63kh/2DufU+wAncqeMuX+NJqw0Wzyr+eToy2Sx/vaAIO
+ujQGxcb35yiYV8jmeHkoxEwQdjox7lcJ7SWTYUShXwMFDn+IgJlKy14p1lBUqgza
+cXp12Gz3IlgHPH3wYcFKUw==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+	<samlp:SessionIndex>id-IJA9ylWxBzz8LtoJx</samlp:SessionIndex>
+</samlp:LogoutRequest>
+]
+DEBUG 2023-10-22 00:47:33,657 views 6509 140277710845504 Single LogOut Response [
+<?xml version="1.0" ?>
+<samlp:LogoutResponse xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-Re6GlvpDNYs0824eo" InResponseTo="id-KoQpQcgfDtPvg6InY" Version="2.0" IssueInstant="2023-10-22T00:47:33Z" Destination="http://localhost:8000/saml2/ls/post/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-Re6GlvpDNYs0824eo">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>hDb4WfX80B3o+79l5bRYXP9FiuhDVErXot1zpy3StMc=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>KSO7EkIZRTF8AjTSICQocGgWCl8YcHB6GtHK3sUTlW2YHEOgtXLVyWvL1LRdFBka
+dM/urwxaAd3cvhombxsTo+1nAmf1/TwvzDulME/IrSOl5sYt6J1fwkUPgiFzDX0y
+vtqlo+bVfEMCnwnGuH1JeJeFdR3yfYcq2WROkrfsIz6GlYRRRw1+9x6eBRlVPciO
+4JRa83OiQfcd6RJwaJcycDlhb5ALD0S+P0NKUqXOmtBkFqZCUrZ8BR9KCE7Tgf7V
+t+0CHUIKpaD3x3zrJTAfH6xhMJsMX7v7NbxMQElMU9XJ3kWBwIerYrPKuzAHmW+Y
+rXoi+0MsGiL0ZNSTc5eosg==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+</samlp:LogoutResponse>
+]
+DEBUG 2023-10-22 00:47:33,657 views 6509 140277710845504 binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST destination:http://localhost:8000/saml2/ls/post/ relay_state:id-KoQpQcgfDtPvg6InY|1697935653|f1ac23e1c390e3a110efcb14eacfc67749849e36
+WARNING 2023-10-22 00:47:33,658 views 6509 140277710845504 Single LogOut: logging out an unauthenticated user?
+DEBUG 2023-10-22 00:48:25,207 decorators 6509 140277710845504 SAML request [
+<?xml version="1.0" ?>
+<samlp:AuthnRequest xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="id-1h5EFzWHnPnnGYvkd" Version="2.0" IssueInstant="2023-10-22T00:48:25Z" Destination="http://localhost:9000/idp/sso/post" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-1h5EFzWHnPnnGYvkd">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>fvsde7En/t86NaduNtTlhHJUOPE/my6qKcjtg+g+r9g=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>TFS1ZB0faCISJdPyNJschU7S3mwEVYjWWOiQfam79TJlHJNuQR29bjQWD3PTkrf0
+49gmWBwjIFBslsDUKpUBNPKRoZc34Eb3C34pa71IuJwN7b4wz0T6PjYgi4Ad09qL
+r0wpvBATeGYJYYqV2nB+PRjE1lJz4TLHS1qRPNCbaijBVvRmxC/03yoT6yLoD9OA
+lB+oqrcedEnqpalLPDpWub4ZhHstrClsYCUXC1qFqv7VZ7Fxnq1b1owmSd/NMRXL
+lbZRatalUuM+sOFbsHfmeU3AuD0G7jHXQUoNadFFsD2BFqPNWK87U4uWqKZV3ygh
+xfvrQrM/7s9DCqnxQ2ixag==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQELBQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0yOTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBRMB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoajGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnitbpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1dS/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJaeQeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS1EX9j2GqG1yWcdGvY60GJu5Er5id</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
+</samlp:AuthnRequest>
+]
+INFO 2023-10-22 00:48:25,209 views 6509 140277710845504 SSO req from client 127.0.0.1 (Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0)
+INFO 2023-10-22 00:48:25,441 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: GET '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:48:33,746 decorators 6509 140277710845504 SAML Request absent from <WSGIRequest: POST '/idp/login/?next=/idp/login/process/'>
+INFO 2023-10-22 00:48:33,878 views 6509 140277710845504 wert: already logged in.
+INFO 2023-10-22 00:48:34,041 views 6509 140277710845504 SSO AuthnResponse [urn:oasis:names:tc:SAML:2.0:nameid-format:transient] to http://localhost:8000/saml2/metadata/ [id-1h5EFzWHnPnnGYvkd]: 3 attrs (mail,sn,givenName) on 3 filtered by policy
+DEBUG 2023-10-22 00:48:34,062 views 6509 140277710845504 SAML Authn request Response [
+<?xml version="1.0" ?>
+<samlp:Response xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-0o9QbsJxoe1nVyj97" InResponseTo="id-1h5EFzWHnPnnGYvkd" Version="2.0" IssueInstant="2023-10-22T00:48:34Z" Destination="http://localhost:8000/saml2/acs/">
+	<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+	<ds:Signature Id="Signature1">
+		<ds:SignedInfo>
+			<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+			<ds:Reference URI="#id-0o9QbsJxoe1nVyj97">
+				<ds:Transforms>
+					<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+					<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				</ds:Transforms>
+				<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+				<ds:DigestValue>oN3Iw+Y/xbBOanq2zLI0zzyjwOf1zyLMzI31PloebM0=</ds:DigestValue>
+			</ds:Reference>
+		</ds:SignedInfo>
+		<ds:SignatureValue>V76j1OpzCqX62/QX3FayBBrfW1hk8pXToRrH2dHTmTqwrBppTca8TzovKF4n8OEW
+Irt2rPKOoZUjpIQV642+aPB6idY4ruSj1SqLyQsLSF90WjUVmIcfFJ1YWq4GgYUl
+319pHcMcMszse0U3FpKB3SAWvOSDLUy3V4/JBGTbHlfbONnzI16+AMBpsVeUxz52
+jCIBD56EGqifLqqGOAYe+ZXGrUqY3njbw7QpbWBnViJBwZVPMJe3nY2tT7VKP/9/
+0uBdLyuOo2TZ0wGGg0QojjrkZSkp+bcYyUhIRxJwOY+uY4Tk2z/eKfRq2U/uvETe
+7zAT5WYQnMSrCbUUZ7dYjQ==</ds:SignatureValue>
+		<ds:KeyInfo>
+			<ds:X509Data>
+				<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+			</ds:X509Data>
+		</ds:KeyInfo>
+	</ds:Signature>
+	<samlp:Status>
+		<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+	</samlp:Status>
+	<saml:Assertion Version="2.0" ID="id-AiA0rIm4vSkYWdEZe" IssueInstant="2023-10-22T00:48:34Z">
+		<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:9000/idp/metadata</saml:Issuer>
+		<ds:Signature Id="Signature2">
+			<ds:SignedInfo>
+				<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+				<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+				<ds:Reference URI="#id-AiA0rIm4vSkYWdEZe">
+					<ds:Transforms>
+						<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					</ds:Transforms>
+					<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+					<ds:DigestValue>2AXIUlXGC9a6pKDYmAARTqzQhkM/xiByNZ3HSRrzuTk=</ds:DigestValue>
+				</ds:Reference>
+			</ds:SignedInfo>
+			<ds:SignatureValue>M2Utb5NuCjvra3WEo8IPJxtxnEdY9Fh+rhHwOsQeUH0L52+UyWwpWeztFEjSBafH
+VLueMNxmYrW+3hq9f+sWYk1CuSjzrwijkRYtHcXgpgS5TmE4N7jJ9cURJsUeYQ7j
+Qy1nJdSlxjQeI853jJ5y7UO725fJ1zkYKdRu5Nf6rWqSBEj3jsfsnFBPkiZ6/Fl8
+gkUot2Y7aKsCk1b3a+t1sB8Yf4LB325qHV/qhZ8DyPGpZB8InNMIOsbz9LBD03iQ
+U5B5kqOSzCHgyi7SrZwaLHBmYfev8+wEBtlIbxoDUYAX+xWt8qfyQmkSGpx0iZhW
+dI/dflSGvaECS7cgG4BVoA==</ds:SignatureValue>
+			<ds:KeyInfo>
+				<ds:X509Data>
+					<ds:X509Certificate>MIIFHzCCBAegAwIBAgISA+RR0oabh9vUDADDY/sj3E/QMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMzA2MTMxMzUxMDNaFw0yMzA5MTExMzUxMDJaMBgxFjAUBgNVBAMTDWRldjMuYWNzaWEuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5XS6fJsqSgwdX0JZVPGIfMHJwEwokfyZx4OSVS2ZkWA/JjUR1wmdxNw5nLnmWDia2VJK4CXGr3gZ+SST+L8QG0qH2OV52FNK14wFy4UbnTzhQusvi57KI306JTe4W/JAK2tMVk1x9+S+JgqVq97AW/DLecaUmK3DCYnlw6q3ymk1wH9LMOu6rKlCGHeJIB253P4a4vq8SQkgO0+B7Qxin2FlajIJew03hgcjv1JA5jdZryqXzjuZbUnk6ME6HZBYeDRS09ecyi7ui8oPLbyYmlq+KNJY84vJG3snX8YY6qXnZxtTKaEBY8ms3DRfdqxsswDAzBuQNbUg8TFSDaUTZAgMBAAGjggJHMIICQzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFEsfOFuWV8d2Jz5zM5/D0Mbnfrk0MB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMBgGA1UdEQQRMA+CDWRldjMuYWNzaWEuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEDBgorBgEEAdZ5AgQCBIH0BIHxAO8AdQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYi1PSesAAAEAwBGMEQCIGAdesNxZs+zMk5laA7ogaHIphRTKR6gYR7Ug1NjPodVAiABM4F+ViEB03Av5RCoNhTR52b4iMoUffRdt37O8TwW6gB2AHoyjFTYty22IOo44FIe6YQWcDIThU070ivBOlejUutSAAABiLU9J88AAAQDAEcwRQIgFzeYQlKD8KemoPXnkholaQ+29Avn++ompynAeLsZUjECIQCUnrsyW0uJQ/x4FPs92Ff/PXjG9mElq2gt+MkxtSgBNjANBgkqhkiG9w0BAQsFAAOCAQEAMtABdAT7MZfeL6/Za5GfG52hIWGmPglXXlJ0ihLbe+m0OkGDXIS8fBGAv7/MCSD8iqxaa0UnwL98CGAEMIbScep9dL2H5sfUC4oZgRp5H8LtLvnnC6IJ4pIYvUQ/GB6p66PanuyI9FDrw28OaFMDwCawDCqa7oOYLORU6Z+tyTfCDFn/PUsqZ9EN0tu8N9VT4eGEokLZX075Hr6mFo5m2aNNpmD9mZVzdcC2doTHuoegRbfbPd/lCM2aFhHj5A7/Gtb+9b4ifrKcm/HnL4LORSA7wD+uzCti81qYe2yF6akzEmjDbPvUOwkNGoQ29QVyEndxBSNciUxA26e1r/7LSQ==</ds:X509Certificate>
+				</ds:X509Data>
+			</ds:KeyInfo>
+		</ds:Signature>
+		<saml:Subject>
+			<saml:NameID SPNameQualifier="http://localhost:8000/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">75c518f1b85c0f802c34f3662a41341fff47e78269325513efa19b1538895c4d</saml:NameID>
+			<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+				<saml:SubjectConfirmationData NotOnOrAfter="2023-10-22T01:03:34Z" Recipient="http://localhost:8000/saml2/acs/" InResponseTo="id-1h5EFzWHnPnnGYvkd"/>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+		<saml:Conditions NotBefore="2023-10-22T00:48:34Z" NotOnOrAfter="2023-10-22T01:03:34Z">
+			<saml:AudienceRestriction>
+				<saml:Audience>http://localhost:8000/saml2/metadata/</saml:Audience>
+			</saml:AudienceRestriction>
+		</saml:Conditions>
+		<saml:AuthnStatement AuthnInstant="2023-10-22T00:48:34Z" SessionIndex="id-KEqSZmZ3rVHXWOAvh">
+			<saml:AuthnContext>
+				<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+			</saml:AuthnContext>
+		</saml:AuthnStatement>
+		<saml:AttributeStatement>
+			<saml:Attribute Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="mail">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao@email.com</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="sn">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">mondo</saml:AttributeValue>
+			</saml:Attribute>
+			<saml:Attribute Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="givenName">
+				<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xsi:type="xs:string">ciao</saml:AttributeValue>
+			</saml:Attribute>
+		</saml:AttributeStatement>
+	</saml:Assertion>
+</samlp:Response>
+]
+DEBUG 2023-10-22 00:48:34,063 views 6509 140277710845504 Redirecting to process_user_agreement
diff --git a/example/password_reset/__init__.py b/example/password_reset/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/password_reset/admin.py b/example/password_reset/admin.py
new file mode 100644
index 0000000..8c38f3f
--- /dev/null
+++ b/example/password_reset/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
diff --git a/example/password_reset/apps.py b/example/password_reset/apps.py
new file mode 100644
index 0000000..476148a
--- /dev/null
+++ b/example/password_reset/apps.py
@@ -0,0 +1,6 @@
+from django.apps import AppConfig
+
+
+class PasswordResetConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'password_reset'
diff --git a/example/password_reset/forms.py b/example/password_reset/forms.py
new file mode 100644
index 0000000..1f34561
--- /dev/null
+++ b/example/password_reset/forms.py
@@ -0,0 +1,5 @@
+from django_form_builder.dynamic_builder import BaseCustomField 
+from django.forms.fields import PasswordField
+
+
+
diff --git a/example/password_reset/migrations/__init__.py b/example/password_reset/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/password_reset/models.py b/example/password_reset/models.py
new file mode 100644
index 0000000..71a8362
--- /dev/null
+++ b/example/password_reset/models.py
@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.
diff --git a/example/password_reset/templates/password_reset.html b/example/password_reset/templates/password_reset.html
new file mode 100644
index 0000000..139b142
--- /dev/null
+++ b/example/password_reset/templates/password_reset.html
@@ -0,0 +1,70 @@
+{% extends 'base_clean.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block centered_container %}
+    
+    {% if form %}
+	<h1 class="">{% trans "Password reset" %}</h1>
+    
+    <p>
+        {% trans "Please insert your email and the new password" %}.
+    </p>
+    {% endif %}
+    
+    {% if form %}
+    <div class="">
+        <!-- form rendering -->
+        <form method="post" enctype="multipart/form-data">
+            {% for field in form %}
+                <!-- fields pre-text -->
+                {{ field.field.pre_text }}
+
+                {% if field.field.widget.input_type != 'hidden' %}
+                <div style="padding: 0 0 1rem">
+                    <!-- field label -->
+                    <b>{{ field.label_tag }}</b>
+                    {% if field.field.required %}*{% endif %}
+                    <!-- end field label -->
+                    <br>
+                {% endif %}
+                <!-- field rendering -->
+                {{ field }}
+
+                <!-- field help-text -->
+                {% if field.help_text %}
+                    <br>
+                    <small class="form-text text-muted">
+                        {{ field.help_text|safe }}
+                    </small>
+                {% endif %}
+                <!-- end field help-text -->
+
+                <!-- field errors -->
+                {% if field.errors and field.field.widget.input_type != 'hidden' %}
+                    <small class="text-danger">
+                        {{ field.errors }}
+                    </small>
+                {% endif %}
+                <!-- end field errors -->
+
+                {% if field.field.widget.input_type != 'hidden' %}
+                </div>
+                {% endif %}
+            {% endfor %}
+            {% csrf_token %}
+            
+            <input 
+                type="submit" 
+                name="confirm" 
+                class="btn btn-lg btn-success btn-block unical-background override" 
+                value="{% trans 'Submit' %}" 
+                style="background: #383838;"
+            />
+        
+        </form>
+        <!-- end form rendering -->
+	</div>
+    {% endif %}
+{% endblock centered_container %}
diff --git a/example/password_reset/tests.py b/example/password_reset/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/example/password_reset/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/example/password_reset/urls.py b/example/password_reset/urls.py
new file mode 100644
index 0000000..27a4dd3
--- /dev/null
+++ b/example/password_reset/urls.py
@@ -0,0 +1,10 @@
+from django.urls import path
+
+from . views import password_commit, password_reset
+
+app_name = "password_reset"
+
+urlpatterns = [
+    path("password/reset", password_reset, name="password_reset_form"),
+    path("password/commit", password_commit, name="password_commit")
+]
diff --git a/example/password_reset/views.py b/example/password_reset/views.py
new file mode 100644
index 0000000..bccf79c
--- /dev/null
+++ b/example/password_reset/views.py
@@ -0,0 +1,209 @@
+import logging
+import re
+
+from collections import OrderedDict
+
+from django.contrib.auth import get_user_model
+from django.core.mail import send_mail
+from django.conf import settings
+from django.contrib import messages
+from django_form_builder.forms import BaseDynamicForm
+from django_form_builder.utils import get_labeled_errors
+from django.core.exceptions import (
+    BadRequest,
+    ValidationError
+)
+from django.http import HttpResponse
+from django.shortcuts import render
+from django.views.decorators.csrf import csrf_exempt
+from django.urls import reverse
+from django.utils.html import strip_tags
+from django.utils.translation import gettext as _
+
+from cryptotools.tools import (
+    iat_now, 
+    exp_from_now, 
+    create_jwe, 
+    create_jws, 
+    decrypt_jwe,
+    verify_jws,
+    secparams_check
+)
+
+logger = logging.getLogger(__name__)
+
+# this is the dictionary that builds the DynamicForm
+constructor_dict = OrderedDict([
+    # CharField
+    (_('e-mail'),
+        ('CustomEmailField',
+            {},
+            ''
+        )
+    ),
+    (_('new password'),
+        ('CustomPasswordField',
+            {},
+            ''
+        )
+    ),
+    (_('confirm new password'),
+        ('CustomPasswordField',
+            {},
+            ''
+        )
+    ),
+    # Captcha
+    ('CaPTCHA',
+        ('CustomCaptchaComplexField',
+            {'label': 'CaPTCHA',
+             'pre_text': ''},
+        '')
+    ),
+])  
+
+
+@csrf_exempt
+def password_reset(request):
+    dform_data = dict(
+        constructor_dict=constructor_dict,
+        # data=request.POST,
+        # files=request.FILES,
+        remove_filefields=False,
+        remove_datafields=False
+    )
+
+    if request.method == 'GET':
+        form = BaseDynamicForm.get_form(**dform_data)
+        d = {'form': form}
+    elif request.method == 'POST':
+        dform_data['data'] = request.POST
+        form = BaseDynamicForm.get_form(**dform_data)
+        
+        if form.data['new_password'] != form.data['confirm_new_password']:
+            form.errors['confirm_new_password'] = 'Password do not match'
+        
+        if form.is_valid():
+            
+            messages.add_message(
+                request, 
+                messages.SUCCESS, 
+                _(
+                    """If the data you have provided are valid you'll 
+                    receive an email with the link to activate 
+                    your new password"""
+                )
+            )
+            _user = get_user_model().objects.filter(
+                email = form.data['e-mail'],
+                is_active = True
+            ).first()
+
+            if _user.origin:
+                _user = None
+            
+            host = getattr(
+                settings, "ENTITY_BASE_URL", "https://xdrplus-iam.acsia.org"
+            )
+            
+            if _user:
+                data = dict(
+                    user_pk = _user.pk,
+                    new_pass = form.cleaned_data['new_password'],
+                    iat = iat_now(),
+                    exp = exp_from_now(
+                        minutes= getattr(settings, "PASSWORD_RESET_EXP", 1440)
+                    ),
+                    iss = host,
+                    sub = _user.email,
+                    aud = ''.join(
+                        (
+                            request.get_host(),
+                            reverse('password_reset:password_commit')
+                        )
+                    )
+                )
+                _jws = create_jws(
+                    data, settings.PRIVATE_SIGNATURE_JWKS["keys"][0]
+                )
+                _jwe = create_jwe(
+                    _jws, settings.PUBLIC_ENCRYPTION_JWKS["keys"][0]
+                )
+                _link = f"{host.strip('/')}{reverse('password_reset:password_commit')}?token={_jwe}"
+                _msg = settings.EMAIL_MSG_PASSWD_RESET.format(
+                    **{
+                        'user': _user,
+                        'host': host,
+                        'link': _link
+                    }
+                )
+                logger.debug(_link)
+                send_mail(
+                    settings.EMAIL_SUBJECT_PASSWD_RESET,
+                    _msg,
+                    settings.EMAIL_FROM,
+                    [_user.email],
+                    fail_silently=False,
+                )
+                d = {}
+        else:
+            d = {'form': form}
+            # show all error messages
+            for k,v in get_labeled_errors(form).items():
+                messages.add_message(
+                    request, messages.ERROR,
+                    f"{k}: {strip_tags(v)}"
+                )
+    return render(request, "password_reset.html", d)
+
+
+def password_commit(request):
+    token = request.GET.get('token')
+    if not token:
+        raise BadRequest()
+    
+    data = {}
+    try:
+        _jws = decrypt_jwe(
+            token,
+            settings.PRIVATE_ENCRYPTION_JWKS['keys'][0]
+        )
+        data = verify_jws(
+            _jws,
+            settings.PUBLIC_SIGNATURE_JWKS['keys'][0]
+        )
+    except Exception as e:
+        logger.error(
+            f"Error validading password reset token {token}: {e}"
+        )
+        raise BadRequest()
+    
+    # security checks
+    if not secparams_check(
+        data, 
+        aud = request.get_raw_uri().split('?')[0],
+        allowed_clients = settings.ENTITY_BASE_URL
+    ):
+        raise ValidationError(
+            f"{data} doesn't respect the security pattern"
+        )
+    
+    _user = get_user_model().objects.filter(
+        pk = data['user_pk'],
+        is_active = True
+    ).first()
+    
+    _user.set_password(data['new_pass'])
+    _user.save()
+    
+    messages.add_message(
+        request, 
+        messages.SUCCESS, 
+        _(
+            """Password changed successfully!"""
+        )
+    )
+    
+    return render(request, "password_reset.html", {})
+    
+
diff --git a/example/socialauth/__init__.py b/example/socialauth/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/socialauth/account_adapter.py b/example/socialauth/account_adapter.py
new file mode 100644
index 0000000..80c1b15
--- /dev/null
+++ b/example/socialauth/account_adapter.py
@@ -0,0 +1,29 @@
+from allauth.account.adapter import DefaultAccountAdapter
+
+from django.contrib.auth import get_user_model
+
+
+class CustomAccountAdapter(DefaultAccountAdapter):
+
+    def is_open_for_signup(self, request):
+        """
+        Checks whether or not the site is open for signups.
+
+        Next to simply returning True/False you can also intervene the
+        regular flow by raising an ImmediateHttpResponse
+
+        (Comment reproduced from the overridden method.)
+        """
+        # allauth workaround
+        # faccio finta che il signup vada avanti eppoi filtro in seguito in .save_user()
+        return False
+
+    def clean_email(self, email):
+        """
+        Validates an email value. You can hook into this if you want to
+        (dynamically) restrict what email addresses can be chosen.
+        """
+        # RestrictedList = ['Your restricted list goes here.']
+        # if email in RestrictedList
+            # raise ValidationError('You are restricted from registering. Please contact admin.')
+        return email
diff --git a/example/socialauth/admin.py b/example/socialauth/admin.py
new file mode 100644
index 0000000..8c38f3f
--- /dev/null
+++ b/example/socialauth/admin.py
@@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
diff --git a/example/socialauth/apps.py b/example/socialauth/apps.py
new file mode 100644
index 0000000..bedeb81
--- /dev/null
+++ b/example/socialauth/apps.py
@@ -0,0 +1,22 @@
+import importlib
+
+from django.apps import AppConfig
+from django.db.models.signals import post_save
+from . import signals
+
+
+class SocialauthConfig(AppConfig):
+    default_auto_field = 'django.db.models.BigAutoField'
+    name = 'socialauth'
+
+    def ready(self):
+        
+
+        myapp_models = importlib.import_module('allauth.account.models')
+        model_a = getattr(myapp_models, 'EmailAddress')
+        
+        
+        post_save.connect(
+            signals.update_principal_email_if_none, 
+            sender = model_a
+        )
diff --git a/example/socialauth/migrations/__init__.py b/example/socialauth/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/socialauth/models.py b/example/socialauth/models.py
new file mode 100644
index 0000000..71a8362
--- /dev/null
+++ b/example/socialauth/models.py
@@ -0,0 +1,3 @@
+from django.db import models
+
+# Create your models here.
diff --git a/example/socialauth/signals.py b/example/socialauth/signals.py
new file mode 100644
index 0000000..7d63d6a
--- /dev/null
+++ b/example/socialauth/signals.py
@@ -0,0 +1,17 @@
+import logging
+
+from django.dispatch import receiver
+
+
+logger = logging.getLogger(__name__)
+
+
+def update_principal_email_if_none(sender, instance, created, **kwargs):
+    if not instance.user.email and instance.primary and instance.verified:
+        instance.user.email = instance.email
+        instance.user.save()
+        logger.info(
+            f"{instance.user} principal email updated in the user profile"
+        )
+        
+        
diff --git a/example/socialauth/socialaccount_adapter.py b/example/socialauth/socialaccount_adapter.py
new file mode 100644
index 0000000..79bfadb
--- /dev/null
+++ b/example/socialauth/socialaccount_adapter.py
@@ -0,0 +1,74 @@
+import logging
+
+
+from allauth.account.models import EmailAddress
+from allauth.core.exceptions import ImmediateHttpResponse
+from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
+
+
+from django.contrib.auth import get_user_model, login
+from django.http import HttpResponse, HttpResponseRedirect
+from django.urls import reverse
+from django.shortcuts import render
+
+logger = logging.getLogger("socialauth")
+
+
+class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
+
+    def pre_social_login(self, request, sociallogin):
+        """
+        Invoked just after a user successfully authenticates via a
+        social provider, but before the login is actually processed
+        (and before the pre_social_login signal is emitted).
+
+        You can use this hook to intervene, e.g. abort the login by
+        raising an ImmediateHttpResponse
+
+        Why both an adapter hook and the signal? Intervening in
+        e.g. the flow from within a signal handler is bad -- multiple
+        handlers may be active and are executed in undetermined order.
+        """
+        acclink = EmailAddress.objects.filter(
+            email__in = [i.email for i in sociallogin.email_addresses],
+            verified = True
+        ).first()
+        if not acclink or not acclink.user.is_active:
+            logger.warning(
+                f"Any of the sociallogin.email_addresses {sociallogin.email_addresses} "
+                "have been found in the preconfigured social login Email Addresses"
+            )
+            raise ImmediateHttpResponse(
+                render(
+                    request,
+                    "socialaccount/account_linking_failed.html",
+                )
+            )
+        else:
+            login(
+                request, 
+                acclink.user, 
+                backend="django.contrib.auth.backends.ModelBackend"
+            )
+            logger.info(
+                f"{acclink.user} authenticated via sociallogin {sociallogin.account.provider}"
+            )
+            
+            # required for SAML2 SLO
+            request.saml_session["_auth_user_id"] = acclink.user.pk
+            acclink.user.origin = f"Social login: {sociallogin.account.provider}"
+            acclink.user.save()
+            
+            raise ImmediateHttpResponse(
+                HttpResponseRedirect(
+                    reverse("uniauth_saml2_idp:saml_login_process")
+                )
+            )
+        
+        
+    def save_user(self, request, sociallogin, form=None):
+        """
+        Saves a newly signed up social login. In case of auto-signup,
+        the signup form is not available.
+        """
+        raise Exception("User creation with social login is not enabled.")
diff --git a/example/socialauth/templatetags/__init__.py b/example/socialauth/templatetags/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/socialauth/templatetags/socialauth_buttons.py b/example/socialauth/templatetags/socialauth_buttons.py
new file mode 100644
index 0000000..5ed59a2
--- /dev/null
+++ b/example/socialauth/templatetags/socialauth_buttons.py
@@ -0,0 +1,33 @@
+import logging
+
+from allauth.socialaccount.models import SocialApp
+
+from django import template
+from django.template.loader import render_to_string
+from django.utils.safestring import SafeString
+
+
+logger = logging.getLogger("socialauth")
+register = template.Library()
+
+
+@register.simple_tag
+def is_social_auth_enabled():
+    res = SocialApp.objects.count()
+    if res:
+        return True
+
+
+@register.simple_tag
+def is_google_enabled():
+    return SocialApp.objects.filter(provider="google").count()
+
+
+@register.simple_tag
+def is_azure_enabled():
+    return  SocialApp.objects.filter(provider="azure").count()
+
+
+@register.simple_tag
+def is_microsoft_enabled():
+    return  SocialApp.objects.filter(provider="microsoft").count()
diff --git a/example/socialauth/tests.py b/example/socialauth/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/example/socialauth/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/example/socialauth/views.py b/example/socialauth/views.py
new file mode 100644
index 0000000..91ea44a
--- /dev/null
+++ b/example/socialauth/views.py
@@ -0,0 +1,3 @@
+from django.shortcuts import render
+
+# Create your views here.
diff --git a/example/static/README.md b/example/static/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/example/static/css/unical-style.css b/example/static/css/unical-style.css
deleted file mode 100644
index e19c536..0000000
--- a/example/static/css/unical-style.css
+++ /dev/null
@@ -1,184 +0,0 @@
-@charset "UTF-8";
-/**
- * Università della Calabria
- * Style SCSS
- */
-/**
- * Università della Calabria COLORS
- */
-/**
- * Generic elements
- */
-a {
-  cursor: pointer;
-  color: #b71918; }
-
-a:hover, a:active {
-  color: #383838; }
-
-a.read-more {
-  color: #9d9d9c; }
-
-.badge-primary {
-  background: #b71918; }
-
-.badge-secondary {
-  background: #383838; }
-
-.btn-primary {
-  background: #383838; }
-
-.btn-primary:hover {
-  background: #9d9d9c; }
-
-.btn-outline-primary {
-  color: #383838;
-  -webkit-box-shadow: inset 0 0 0 1px #383838;
-  box-shadow: inset 0 0 0 1px #383838; }
-
-.btn-outline-primary:hover {
-  color: #9d9d9c;
-  -webkit-box-shadow: inset 0 0 0 1px #9d9d9c;
-  box-shadow: inset 0 0 0 1px #9d9d9c; }
-
-.btn-outline-primary:active,
-.btn-outline-primary:focus {
-  color: #383838 !important;
-  box-shadow: inset 0 1px 0 #9d9d9c, 0 1px 1px #9d9d9c, 0 0 0 0.2rem rgba(101, 101, 102, 0.5) !important; }
-
-.btn-secondary {
-  background: #b71918; }
-
-.btn-secondary:hover {
-  background: #383838; }
-
-.btn:not(.btn-outline-primary):not(.btn-outline-secondary):active,
-.btn:not(.btn-outline-primary):not(.btn-outline-secondary):focus {
-  box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.15), 0 1px 1px rgba(0, 0, 0, 0.075), 0 0 0 0.2rem rgba(101, 101, 102, 0.5) !important;
-  background-color: #475664 !important; }
-
-.text-primary {
-  color: #383838 !important; }
-
-.text-secondary {
-  color: #b71918 !important; }
-
-/**
- * Header Slim Wrapper
- */
-.it-header-slim-wrapper {
-  background: #b71918; }
-
-.it-header-slim-wrapper .it-header-slim-wrapper-content .header-slim-right-zone button {
-  background: #383838; }
-
-.it-header-slim-wrapper .it-header-slim-wrapper-content .header-slim-right-zone button:hover {
-  background: #9d9d9c;
-  color: #383838; }
-
-/**
- * Header Center Wrapper
- */
-@media (min-width: 992px) {
-  .it-header-center-wrapper {
-    height: 130px; } }
-
-.it-header-center-wrapper {
-  background: #ffffff; }
-
-.it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a,
-.it-header-center-wrapper .it-header-center-content-wrapper .it-right-zone {
-  color: #383838; }
-
-.it-header-center-wrapper .it-header-center-content-wrapper .it-right-zone .it-socials ul .icon,
-.it-header-center-wrapper .it-header-center-content-wrapper .it-search-wrapper a.rounded-icon svg {
-  fill: #383838; }
-
-/**
- * Logo
- */
-.it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .img {
-  width: 100%; }
-
-/**
- * Header Navbar Wrapper
- */
-/* Desktops and laptops ----------- */
-@media (min-width: 992px) {
-  .it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .logo_icon image {
-    width: 100%; } }
-
-/* Others than desktop ----------- */
-@media (max-width: 991px) {
-  .it-header-center-wrapper .it-header-center-content-wrapper .it-brand-wrapper a .logo_icon image {
-    height: 100%; } }
-
-/**
- * Header Navbar Wrapper
- */
-/* Desktops and laptops ----------- */
-@media (min-width: 992px) {
-  .it-header-navbar-wrapper {
-    background: #383838; } }
-
-/* Others than desktop ----------- */
-@media (max-width: 991px) {
-  .it-header-navbar-wrapper {
-    background: none; }
-  .custom-navbar-toggler svg {
-    fill: #383838; } }
-
-/**
- * Main Body
- */
-/**
- * Footer Main
- */
-.it-footer-main {
-  background: #383838; }
-
-/**
- * Footer Small Prints
- */
-.it-footer-small-prints {
-  background: #b71918; }
-
-/**
- * -------------------------------------------------------------
- */
-/**
- * Carousel
- */
-.it-carousel-wrapper .owl-dots .owl-dot {
-  background: #383838; }
-
-/**
- * Back to top
- */
-.back-to-top {
-  background: #9d9d9c; }
-
-.back-to-top:hover {
-  background: #383838; }
-
-/**
- * Form Bootstrap Italia
- */
-.toggles label input[type="checkbox"]:checked + .lever::after {
-  background-color: #b71918; }
-
-.form-check [type=radio]:checked + label::after,
-.form-check [type=checkbox]:checked + label::after {
-  background-color: #b71918;
-  border-color: #b71918; }
-
-.form-check [type=radio]:checked + label::before {
-  border-color: #b71918; }
-
-/**
- * Section muted
- */
-.section.section-muted {
-  background-color: #f7f7f7; }
-
-/*# sourceMappingURL=unical-style.css.map */
\ No newline at end of file
diff --git a/example/static/css/unical-style.css.map b/example/static/css/unical-style.css.map
deleted file mode 100644
index 1896773..0000000
--- a/example/static/css/unical-style.css.map
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-	"version": 3,
-	"file": "unical-style.css",
-	"sources": [
-		"unical-style.scss"
-	],
-	"names": [],
-	"mappings": ";AAAA;;;GAGG;AAEH;;GAEG;AAMH;;GAEG;AACH,AAAA,CAAC,CAAC;EACE,MAAM,EAAE,OAAO;EACf,KAAK,EAVS,OAAO,GAWxB;;AACD,AAAA,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC;EACd,KAAK,EAZU,OAAO,GAazB;;AACD,AAAA,CAAC,AAAA,UAAU,CAAA;EACP,KAAK,EAdW,OAAO,GAe1B;;AACD,AAAA,cAAc,CAAC;EACX,UAAU,EAnBI,OAAO,GAoBxB;;AACD,AAAA,gBAAgB,CAAC;EACb,UAAU,EArBK,OAAO,GAsBzB;;AACD,AAAA,YAAY,CAAC;EACT,UAAU,EAxBK,OAAO,GAyBzB;;AACD,AAAA,YAAY,CAAC,KAAK,CAAC;EACf,UAAU,EA1BM,OAAO,GA2B1B;;AACD,AAAA,oBAAoB,CAAC;EACjB,KAAK,EA9BU,OAAO;EA+BtB,kBAAkB,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CA/BpB,OAAO;EAgCtB,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAhCZ,OAAO,GAiCzB;;AACD,AAAA,oBAAoB,CAAC,KAAK,CAAC;EACvB,KAAK,EAlCW,OAAO;EAmCvB,kBAAkB,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAnCnB,OAAO;EAoCvB,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CApCX,OAAO,GAqC1B;;AACD,AAAA,oBAAoB,CAAC,MAAM;AAC3B,oBAAoB,CAAC,KAAK,CAAC;EACvB,KAAK,EAzCU,OAAO,CAyCG,UAAU;EACnC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAzCT,OAAO,EAyCuB,CAAC,CAAC,GAAG,CAAC,GAAG,CAzCvC,OAAO,EAyCqD,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,wBAAwB,CAAC,UAAU,GAC/H;;AACD,AAAA,cAAc,CAAC;EACX,UAAU,EA9CI,OAAO,GA+CxB;;AACD,AAAA,cAAc,CAAC,KAAK,CAAC;EACjB,UAAU,EAhDK,OAAO,GAiDzB;;AACD,AAAA,IAAI,CAAA,GAAK,CAAA,oBAAoB,EAAC,GAAK,CAAA,sBAAsB,EAAE,MAAM;AACjE,IAAI,CAAA,GAAK,CAAA,oBAAoB,EAAC,GAAK,CAAA,sBAAsB,EAAE,KAAK,CAAC;EAC7D,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,yBAAyB,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,wBAAwB,CAAC,UAAU;EACrI,gBAAgB,EAAC,kBAAkB,GACtC;;AACD,AAAA,aAAa,CAAC;EACV,KAAK,EAxDU,OAAO,CAwDG,UAAU,GACtC;;AACD,AAAA,eAAe,CAAC;EACZ,KAAK,EA5DS,OAAO,CA4DG,UAAU,GACrC;;AAED;;GAEG;AACH,AAAA,uBAAuB,CAAA;EACnB,UAAU,EAnEI,OAAO,GAoEvB;;AACF,AAAA,uBAAuB,CAAC,+BAA+B,CAAC,uBAAuB,CAAC,MAAM,CAAA;EAClF,UAAU,EArEK,OAAO,GAsEzB;;AACD,AAAA,uBAAuB,CAAC,+BAA+B,CAAC,uBAAuB,CAAC,MAAM,CAAC,KAAK,CAAA;EACxF,UAAU,EAvEM,OAAO;EAwEvB,KAAK,EAzEU,OAAO,GA0EzB;;AAED;;GAEG;AACH,MAAM,mBACF;EAAA,AAAA,yBAAyB,CAAC;IACtB,MAAM,EAAE,KAAK,GAChB,EAAA;;AAEL,AAAA,yBAAyB,CAAA;EACrB,UAAU,EAnFN,OAAO,GAoFd;;AAED,AAAA,yBAAyB,CAAC,iCAAiC,CAAC,iBAAiB,CAAC,CAAC;AAC/E,yBAAyB,CAAC,iCAAiC,CAAC,cAAc,CAAA;EACtE,KAAK,EA1FU,OAAO,GA2FzB;;AACD,AAAA,yBAAyB,CAAC,iCAAiC,CAAC,cAAc,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK;AAC/F,yBAAyB,CAAC,iCAAiC,CAAC,kBAAkB,CAAC,CAAC,AAAA,aAAa,CAAC,GAAG,CAAA;EAC7F,IAAI,EA9FW,OAAO,GA+FzB;;AAGD;;GAEG;AACH,AAAA,yBAAyB,CAAC,iCAAiC,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC;EACjF,KAAK,EAAE,IAAI,GACd;;AACD;;GAEG;AAEH,sCAAsC;AACtC,MAAM,mBACF;EAAA,AAAA,yBAAyB,CAAC,iCAAiC,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAA;IAC5F,KAAK,EAAE,IAAI,GACd,EAAA;;AAEL,qCAAqC;AACrC,MAAM,mBACF;EAAA,AAAA,yBAAyB,CAAC,iCAAiC,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAA;IAC5F,MAAM,EAAE,IAAI,GACf,EAAA;;AAIL;;GAEG;AAEH,sCAAsC;AACtC,MAAM,mBACF;EAAA,AAAA,yBAAyB,CAAC;IACtB,UAAU,EAjIC,OAAO,GAkIrB,EAAA;;AAEL,qCAAqC;AACrC,MAAM,mBACF;EAAA,AAAA,yBAAyB,CAAC;IACtB,UAAU,EAAE,IAAI,GACnB;EACD,AAAA,sBAAsB,CAAC,GAAG,CAAA;IACtB,IAAI,EA1IO,OAAO,GA2IrB,EAHA;;AAML;;GAEG;AAEH;;GAEG;AACH,AAAA,eAAe,CAAA;EACX,UAAU,EAtJK,OAAO,GAuJzB;;AAED;;GAEG;AACH,AAAA,uBAAuB,CAAA;EACnB,UAAU,EA9JI,OAAO,GA+JxB;;AAED;;GAEG;AAGH;;GAEG;AACH,AAAA,oBAAoB,CAAC,SAAS,CAAC,QAAQ,CAAA;EACnC,UAAU,EAzKK,OAAO,GA0KzB;;AAED;;GAEG;AACH,AAAA,YAAY,CAAC;EACT,UAAU,EA/KM,OAAO,GAgL1B;;AACD,AAAA,YAAY,CAAC,KAAK,CAAC;EACf,UAAU,EAnLK,OAAO,GAoLzB;;AAED;;GAEG;AACF,AAAA,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAA,AAAA,IAAC,CAAK,UAAU,AAAf,EAAiB,OAAO,GAAG,MAAM,EAAE,KAAK,CAAC;EAC3D,gBAAgB,EA3LF,OAAO,GA4LxB;;AACD,AAAA,WAAW,EAAC,AAAA,IAAC,CAAD,KAAC,AAAA,EAAY,OAAO,GAAC,KAAK,EAAE,KAAK;AAC7C,WAAW,EAAC,AAAA,IAAC,CAAD,QAAC,AAAA,EAAe,OAAO,GAAC,KAAK,EAAE,KAAK,CAAC;EAC7C,gBAAgB,EA/LF,OAAO;EAgMrB,YAAY,EAhME,OAAO,GAiMxB;;AACD,AAAA,WAAW,EAAC,AAAA,IAAC,CAAD,KAAC,AAAA,EAAY,OAAO,GAAC,KAAK,EAAE,MAAM,CAAC;EAC3C,YAAY,EAnME,OAAO,GAoMxB;;AAED;;GAEG;AACH,AAAA,QAAQ,AAAA,cAAc,CAAC;EACnB,gBAAgB,EAAE,OAAO,GAC5B"
-}
\ No newline at end of file
diff --git a/example/templates/account/signup_closed.html b/example/templates/account/signup_closed.html
new file mode 100644
index 0000000..e7aff5c
--- /dev/null
+++ b/example/templates/account/signup_closed.html
@@ -0,0 +1,19 @@
+{% extends 'error.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block centered_container %}
+
+	<div class="">
+		<div class="callout-title">
+			<svg class="icon">
+				<use xlink:href="{% static 'images/svg/sprite.svg' %}#it-close-circle"></use>
+			</svg>
+			{% trans "Access denied" %}</div>
+		<p>
+			{% trans "La tua autenticazione non è riconoscibile." %}
+		</p>
+	</div>
+
+{% endblock %}
diff --git a/example/templates/mfa/auth_FIDO2.html b/example/templates/mfa/auth_FIDO2.html
new file mode 100644
index 0000000..bf97983
--- /dev/null
+++ b/example/templates/mfa/auth_FIDO2.html
@@ -0,0 +1,26 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+<p>When you are ready to authenticate with FIDO2, press the button below.</p>
+
+<form data-fido2-auth="{{ mfa_data }}" method="POST">
+    {% csrf_token %}
+    {% for error in form.errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    {{ form.code.as_hidden }}
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Verify' %}" 
+        style="background: #383838;"
+    />
+</form>
+
+<script src="{% static 'cbor-js/cbor.js' %}"></script>
+<script src="{% static 'mfa/fido2.js' %}"></script>
+{% endblock %}
diff --git a/example/templates/mfa/auth_TOTP.html b/example/templates/mfa/auth_TOTP.html
new file mode 100644
index 0000000..51abfe7
--- /dev/null
+++ b/example/templates/mfa/auth_TOTP.html
@@ -0,0 +1,26 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+<p>{% trans 'Open your TOTP app to get an authentication code' %}.</p>
+
+<form method="POST">
+    {% csrf_token %}
+    {% for error in form.non_field_errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    <label>
+        {{ form.code.label }}
+        {{ form.code }}
+    </label>
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Verify' %}" 
+        style="background: #383838;"
+    />
+</form>
+{% endblock %}
diff --git a/example/templates/mfa/auth_base.html b/example/templates/mfa/auth_base.html
new file mode 100644
index 0000000..f69b172
--- /dev/null
+++ b/example/templates/mfa/auth_base.html
@@ -0,0 +1,17 @@
+{% extends 'base_clean.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block centered_container %}
+
+<h1>{% trans 'Two-factor authentication' %}</h1>
+
+{% block mfa_form %}
+{% endblock %}
+
+<br>
+<a href="{% url 'mfa:auth' 'FIDO2' %}">{% trans 'Use FIDO2 instead' %}</a>
+<br>
+<a href="{% url 'mfa:auth' 'recovery' %}">{% trans 'Use recovery code instead' %}</a>
+{% endblock %}
diff --git a/example/templates/mfa/auth_recovery.html b/example/templates/mfa/auth_recovery.html
new file mode 100644
index 0000000..deea35d
--- /dev/null
+++ b/example/templates/mfa/auth_recovery.html
@@ -0,0 +1,30 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+<p>
+    <strong>{% trans 'WARNING' %}</strong>:
+    {% trans 'The recovery code will be removed after it has been used. Make sure to create a new one after login!' %}
+</p>
+
+<form method="POST">
+    {% csrf_token %}
+    {% for error in form.non_field_errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    <label>
+        {{ form.code.label }}
+        {{ form.code }}
+    </label>
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Verify' %}" 
+        style="background: #383838;"
+    />
+</form>
+{% endblock %}
diff --git a/example/templates/mfa/create_FIDO2.html b/example/templates/mfa/create_FIDO2.html
new file mode 100644
index 0000000..f1c06f6
--- /dev/null
+++ b/example/templates/mfa/create_FIDO2.html
@@ -0,0 +1,31 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+<p>{% trans 'You will be prompted to activate the device once you click "create"' %}.</p>
+
+<form data-fido2-create="{{ mfa_data }}" method="POST">
+    {% csrf_token %}
+    {% for error in form.non_field_errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    <label>
+        {{ form.name.label }}
+        {{ form.name }}
+    </label>
+    {{ form.code.as_hidden }}
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Create' %}" 
+        style="background: #383838;"
+    />
+</form>
+
+<script src="{% static 'cbor-js/cbor.js' %}"></script>
+<script src="{% static 'mfa/fido2.js' %}"></script>
+{% endblock %}
diff --git a/example/templates/mfa/create_TOTP.html b/example/templates/mfa/create_TOTP.html
new file mode 100644
index 0000000..8a1659d
--- /dev/null
+++ b/example/templates/mfa/create_TOTP.html
@@ -0,0 +1,35 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+{% load static mfa %}
+
+<p>{% trans 'Scan the code with your TOTP app and enter a valid code to finish registration' %}.</p>
+
+{{ mfa_data.url|qrcode }}
+{{ mfa_data.secret }}
+
+<form method="POST">
+    {% csrf_token %}
+    {% for error in form.non_field_errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    <label>
+        {{ form.name.label }}
+        {{ form.name }}
+    </label>
+    <label>
+        {{ form.code.label }}
+        {{ form.code }}
+    </label>
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Create' %}" 
+        style="background: #383838;"
+    /></form>
+{% endblock %}
diff --git a/example/templates/mfa/create_recovery.html b/example/templates/mfa/create_recovery.html
new file mode 100644
index 0000000..d8344e5
--- /dev/null
+++ b/example/templates/mfa/create_recovery.html
@@ -0,0 +1,39 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+{% load static mfa %}
+
+<p>{% trans 'A recovery code can be used when you lose access to your other two-factor authentication options. Each recovery code can only be used once' %}.</p>
+<p>{% trans 'Make sure to store it in a safe place! If you lose your login keys and don’t have the recovery codes you will lose access to your account' %}.</p>
+
+<form method="POST">
+    {% csrf_token %}
+    {% for error in form.non_field_errors %}
+        <p>{{ error }}</p>
+    {% endfor %}
+    <label>
+        {{ form.name.label }}
+        {{ form.name }}
+    </label>
+    <label>
+        {{ form.code.label }}
+        <input name="code" value="{{ mfa_data.code }}" readonly>
+    </label>
+    <label>
+        <input type="checkbox" required>
+        I have safely stored the code
+    </label>
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Create' %}" 
+        style="background: #383838;"
+    />
+</form>
+
+{% endblock %}
diff --git a/example/templates/mfa/login_failed_subject.txt b/example/templates/mfa/login_failed_subject.txt
new file mode 100644
index 0000000..172ae8a
--- /dev/null
+++ b/example/templates/mfa/login_failed_subject.txt
@@ -0,0 +1,3 @@
+{% load i18n %}{% autoescape off %}
+{% blocktranslate %}Attempted login to {{ site_name }} using a wrong two-factor authentication code{% endblocktranslate %}
+{% endautoescape %}
\ No newline at end of file
diff --git a/example/templates/mfa/mfakey_confirm_delete.html b/example/templates/mfa/mfakey_confirm_delete.html
new file mode 100644
index 0000000..1b18321
--- /dev/null
+++ b/example/templates/mfa/mfakey_confirm_delete.html
@@ -0,0 +1,20 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+<p>Are you sure you want to delete the key {{ object.name }}?</p>
+<form method="POST">
+    {% csrf_token %}
+    <input 
+        type="submit" 
+        name="confirm" 
+        class="btn btn-success ml-2 unical-background override" 
+        value="{% trans 'Delete' %}" 
+        style="background: #383838;"
+    />
+</form>
+
+{% endblock %}
diff --git a/example/templates/mfa/mfakey_list.html b/example/templates/mfa/mfakey_list.html
new file mode 100644
index 0000000..64b2ab1
--- /dev/null
+++ b/example/templates/mfa/mfakey_list.html
@@ -0,0 +1,35 @@
+{% extends 'mfa/auth_base.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block mfa_form %}
+
+<h1> {% if object_list %}Login keys configured{% else %}No login keys configured{% endif %}</h1>
+<p>Two-factor authentication adds an additional layer of security to your account by requiring more than just a password to log in.</p>
+
+{% if object_list|length == 1 %}
+    <p>
+        <strong>{% trans 'WARNING' %}</strong>:
+        {% trans "You have registered only a single key. If you lose access to that key you won't be able log into your account again." %}
+        <a href="{% url 'mfa:create' 'recovery' %}">{% trans 'Create recovery code' %}</a>
+    </p>
+{% endif %}
+
+<ul>
+    {% for key in object_list %}
+        <li>
+            {{ key.name }} ({{ key.method }})
+            <a href="{% url 'mfa:delete' key.id %}">{% trans 'Delete' %}</a>
+        </li>
+    {% endfor %}
+</ul>
+
+<br>
+<a href="{% url 'mfa:create' 'TOTP' %}">{% trans 'Create TOTP key' %}</a>
+<br>
+<a href="{% url 'mfa:create' 'FIDO2' %}">{% trans 'Create FIDO2 key' %}</a>
+<br>
+<a href="{% url 'mfa:create' 'recovery' %}">{% trans 'Create recovery code' %}</a>
+
+{% endblock %}
diff --git a/example/templates/socialaccount/account_linking_failed.html b/example/templates/socialaccount/account_linking_failed.html
new file mode 100644
index 0000000..97d2de2
--- /dev/null
+++ b/example/templates/socialaccount/account_linking_failed.html
@@ -0,0 +1,19 @@
+{% extends 'error.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block centered_container %}
+
+	<div class="">
+		<div class="callout-title">
+			<svg class="icon">
+				<use xlink:href="{% static 'images/svg/sprite.svg' %}#it-close-circle"></use>
+			</svg>
+			{% trans "Social Network Unallowed Login" %}</div>
+		<p>
+			{% trans "Your profile is not recognizable, please contact our technical assistance for any further information." %}
+		</p>
+	</div>
+
+{% endblock %}
diff --git a/example/templates/socialaccount/authentication_error.html b/example/templates/socialaccount/authentication_error.html
new file mode 100644
index 0000000..ca5619b
--- /dev/null
+++ b/example/templates/socialaccount/authentication_error.html
@@ -0,0 +1,19 @@
+{% extends 'error.html' %}
+
+{% load i18n %}
+{% load static %}
+
+{% block centered_container %}
+
+	<div class="">
+		<div class="callout-title">
+			<svg class="icon">
+				<use xlink:href="{% static 'images/svg/sprite.svg' %}#it-close-circle"></use>
+			</svg>
+			{% trans "Social Network Login Failure" %}</div>
+		<p>
+			{% trans "An error occurred while attempting to login via your social network account, please retry." %}
+		</p>
+	</div>
+
+{% endblock %}
diff --git a/example/tests/base.py b/example/tests/base.py
deleted file mode 100644
index 3b22e3d..0000000
--- a/example/tests/base.py
+++ /dev/null
@@ -1,162 +0,0 @@
-import copy
-import os
-import logging
-import re
-import requests
-import sys
-import subprocess
-
-
-from django.contrib.auth import get_user_model
-from django.test import TestCase, Client
-from django.urls import reverse
-from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
-from saml2.config import SPConfig, IdPConfig
-from saml2.client import Saml2Client
-from saml2.metadata import entity_descriptor
-from saml2.response import AuthnResponse
-from saml2.s_utils import (UnknownPrincipal,
-                           UnsupportedBinding,
-                           UnknownSystemEntity)
-
-sys.path.append(os.getcwd())
-from .idp_pysaml2 import SAML_IDP_CONFIG, IDP_SP_METADATA_PATH
-
-from .sp.sp_pysaml2 import (SAML_CONFIG as SAML_SP_CONFIG,
-                            BASE_URL,
-                            BASE_DIR)
-from uniauth_saml2_idp.views import *
-from uniauth_saml2_idp.utils import (get_idp_config,
-                           get_idp_sp_config,
-                           get_client_id,
-                           repr_saml)
-
-
-logger = logging.getLogger('django_test')
-
-
-# clean up sp metadata folder
-idp_md_path = 'tests/data/metadata'
-sp_md_path = 'tests/sp/metadata'
-mds = [sp_md_path+'/idp.xml', idp_md_path+'/sp.xml']
-for md_path in (idp_md_path, sp_md_path):
-    if not os.path.exists(md_path):
-        os.mkdir(md_path)
-
-
-def cleanup_metadata():
-    for md in mds:
-        if os.path.exists(md):
-            os.remove(md)
-
-idp_eid = SAML_IDP_CONFIG['entityid']
-sp_eid = SAML_SP_CONFIG['entityid']
-
-action_post_regexp =('(?P<name>action)='
-                     '"(?P<value>[a-zA-Z0-9\.\:\/\_\?\=]*)"')
-samlrequest_form_regexp = ('.*name="SAMLRequest" '
-                           'value="(?P<value>[a-zA-Z0-9=+]*)"[\s\n.]*')
-
-samlresponse_form_regexp = 'name="SAMLResponse" value="(?P<value>[a-zA-Z0-9+=]*)"'
-login_process_url = reverse('uniauth_saml2_idp:saml_login_process')
-login_url = reverse('uniauth_saml2_idp:login')+'?next={}'.format(login_process_url)
-logout_url = reverse('uniauth_saml2_idp:saml_logout_binding', kwargs={'binding': 'POST'})
-
-
-def extract_saml_authn_data(result):
-    url = reverse('uniauth_saml2_idp:saml_login_binding', kwargs={'binding': 'POST'})
-    logging.info('IdP Target is: {}'.format(url))
-    # url = re.search(action_post_regexp, result.get('data', '')).groupdict()['value']
-
-    # IF HTTP-POST
-    if result.get('data'):
-        authn_req = result.get('data', '')
-        data = {'SAMLRequest': re.search(samlrequest_form_regexp, authn_req)\
-                                  .groupdict()['value']}
-    # ELSE HTTP-REDIRECT
-    else:
-        authn_req = result['headers'][0][1]
-        url, data = authn_req, authn_req
-    return url, data
-
-
-class BaseTestRP(TestCase):
-    def setUp(self):
-        # put idp metadata in sp metadata store
-        # self.IDP = IdPConfig()
-        # self.IDP.load(copy.deepcopy(SAML_IDP_CONFIG))
-        # idp_metadata = entity_descriptor(self.IDP)
-        cleanup_metadata()
-        idp_md_url = reverse('uniauth_saml2_idp:saml2_idp_metadata')
-        client = Client()
-        idp_metadata = client.get(idp_md_url)
-
-        # idp metadata into sp md store
-        with open(mds[0], 'wb') as fd:
-            fd.write(idp_metadata.content)
-
-        # create a pysaml SP
-        self.sp_conf = SPConfig()
-        self.sp_conf.load(copy.deepcopy(SAML_SP_CONFIG))
-
-        self.sp_client = Saml2Client(self.sp_conf)
-        logger.info('{} SP: {}'.format(self.__class__.__name__,
-                                       self.client))
-
-    def _get_superuser_user(self):
-        data = dict(username='admin',
-                    email='test@test.org',
-                    is_superuser=1,
-                    is_staff=1)
-        user = get_user_model().objects.get_or_create(**data)[0]
-        user.set_password('admin')
-        user.save()
-        return user
-
-    def _superuser_login(self):
-        user = self._get_superuser_user()
-        self.client.force_login(user)
-
-    def _add_sp_md(self):
-        self._superuser_login()
-        # put md store through admin UI
-        create_url = reverse('admin:uniauth_saml2_idp_metadatastore_add')
-        data = dict(name='sptest',
-                    type='local',
-                    url=idp_md_path,
-                    kwargs='{}',
-                    is_active=1)
-        response = self.client.post(create_url, data, follow=True)
-        assert 'was added successfully' in response.content.decode()
-
-        # put sp metadata into IDP md store
-        sp_metadata = entity_descriptor(self.sp_conf)
-        with open(IDP_SP_METADATA_PATH+'/sp.xml', 'wb') as fd:
-            fd.write(sp_metadata.to_string())
-
-    def _add_sp(self):
-        self._superuser_login()
-        create_url = reverse('admin:uniauth_saml2_idp_serviceprovider_add')
-        data = dict(entity_id = SAML_SP_CONFIG['entityid'],
-                    display_name = 'That SP display name',
-                    signing_algorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
-                    digest_algorithm = "http://www.w3.org/2001/04/xmlenc#sha256",
-                    disable_encrypted_assertions=1,
-                    is_active=1)
-        response = self.client.post(create_url, data, follow=True)
-        assert 'was added successfully' in response.content.decode()
-
-    def _get_sp_authn_request(self):
-        session_id, result = self.sp_client.prepare_for_authenticate(
-                                             entityid=idp_eid,
-                                             relay_state='/',
-                                             binding=BINDING_HTTP_POST)
-        url, data = extract_saml_authn_data(result)
-        return url, data, session_id
-
-    def _run_ldapd(self):
-        self.ldapd = subprocess.Popen(
-            ["python3", "tests/ldapd.py"],
-             stdout=subprocess.PIPE,
-             stderr=subprocess.PIPE
-             )
diff --git a/example/tests/data/metadata/sp.xml b/example/tests/data/metadata/sp.xml
deleted file mode 100644
index 47376e5..0000000
--- a/example/tests/data/metadata/sp.xml
+++ /dev/null
@@ -1,35 +0,0 @@
-<md:EntityDescriptor xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://sp1.testunical.it/saml2/metadata/"><md:Extensions><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></md:Extensions><md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQEL
-BQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0y
-OTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7c
-jrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXI
-R8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejj
-XKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInr
-FIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYz
-SSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBR
-MB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoa
-jGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
-A4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnit
-bpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1d
-S/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA
-+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJae
-QeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS
-1EX9j2GqG1yWcdGvY60GJu5Er5id
-</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:KeyDescriptor use="encryption"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQEL
-BQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0y
-OTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7c
-jrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXI
-R8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejj
-XKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInr
-FIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYz
-SSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBR
-MB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoa
-jGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
-A4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnit
-bpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1d
-S/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA
-+VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJae
-QeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS
-1EX9j2GqG1yWcdGvY60GJu5Er5id
-</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp1.testunical.it/saml2/ls/post/" /><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://sp1.testunical.it/saml2/ls/" /><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sp1.testunical.it/saml2/acs/" index="1" /></md:SPSSODescriptor><md:Organization><md:OrganizationName xml:lang="it">Unical</md:OrganizationName><md:OrganizationName xml:lang="en">Unical</md:OrganizationName><md:OrganizationDisplayName xml:lang="it">Unical</md:OrganizationDisplayName><md:OrganizationDisplayName xml:lang="en">Unical</md:OrganizationDisplayName><md:OrganizationURL xml:lang="it">http://www.unical.it</md:OrganizationURL><md:OrganizationURL xml:lang="en">http://www.unical.it</md:OrganizationURL></md:Organization><md:ContactPerson contactType="administrative"><md:Company>Universita della Calabria</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>De Marco</md:SurName><md:EmailAddress>giuseppe.demarco@unical.it</md:EmailAddress></md:ContactPerson><md:ContactPerson contactType="technical"><md:Company>Universita della Calabria</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>De Marco</md:SurName><md:EmailAddress>giuseppe.demarco@unical.it</md:EmailAddress></md:ContactPerson></md:EntityDescriptor>
\ No newline at end of file
diff --git a/example/tests/idp_pysaml2.py b/example/tests/idp_pysaml2.py
deleted file mode 100644
index bafadc5..0000000
--- a/example/tests/idp_pysaml2.py
+++ /dev/null
@@ -1,305 +0,0 @@
-import os
-import saml2
-from django.utils.translation import gettext as _
-from saml2 import (BINDING_HTTP_POST,
-                   BINDING_SOAP,
-                   BINDING_HTTP_ARTIFACT,
-                   BINDING_HTTP_REDIRECT,
-                   BINDING_PAOS)
-from saml2.entity_category import refeds, edugain
-from saml2.saml import (NAMEID_FORMAT_TRANSIENT,
-                        NAMEID_FORMAT_PERSISTENT)
-from saml2.saml import (NAME_FORMAT_URI,
-                        NAME_FORMAT_UNSPECIFIED,
-                        NAME_FORMAT_BASIC)
-
-from saml2.sigver import get_xmlsec_binary
-
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-LOGIN_URL = '/idp/login/'
-
-# idp protocol:fqdn:port
-HOST = 'idp1.testunical.it'
-PORT = None #None if 80 or 443...
-HTTPS = False
-
-BASE = "https://{}".format(HOST) if HTTPS else "http://{}".format(HOST)
-if PORT:
-    BASE += ':{}'.format(PORT)
-
-BASE_URL = '{}/idp'.format(BASE)
-# end
-
-IDP_SP_METADATA_PATH = 'tests/data/metadata'
-
-# please check [Refactor datetime](https://github.com/IdentityPython/pysaml2/pull/518)
-# only used to parse issue_instant in a try...
-SAML2_DATETIME_FORMATS = ['%Y-%m-%dT%H:%M:%SZ','%Y%m%d%H%M%SZ']
-
-SAML_IDP_CONFIG = {
-    'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin/xmlsec1']),
-    'entityid': '%s/metadata' % BASE_URL,
-
-    'entity_category_support': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                                refeds.RESEARCH_AND_SCHOLARSHIP],
-
-    'attribute_map_dir': 'data/attribute-maps',
-    'description': 'SAML2 IDP',
-
-    'service': {
-        'idp': {
-            'name': 'Django testunical SAML IdP',
-
-            'ui_info': {
-                'display_name': [{'lang': 'en', 'text': 'Unical IdP'}, {'lang': 'it', 'text': 'Unical IdP'}],
-                'description': [{'lang': 'en', 'text': 'University of Calabria Identity Provider'},
-                                {'lang': 'it', 'text': 'Identity Provider della Università della Calabria'}],
-                'information_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/strutture/centri/centroict/schdeserviziict/idem/'},
-                'privacy_statement_url': {'lang': 'it', 'text': 'https://www.unical.it/portale/ateneo/privacy/'},
-                'logo': {'width': '80',
-                         'height': '60',
-                         'text': "https://{}/static/img/logo.svg".format(HOST)},
-                },
-
-            'endpoints': {
-                'single_sign_on_service': [
-                    ('%s/sso/post' % BASE_URL, BINDING_HTTP_POST),
-
-                    # HTTP-REDIRECT could introduce troubles with signing verifications ...
-                    ('%s/sso/redirect' % BASE_URL, BINDING_HTTP_REDIRECT),
-
-                    # TODO
-                    # ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT),
-                ],
-                "single_logout_service": [
-                    ("%s/slo/post" % BASE, BINDING_HTTP_POST),
-
-                    #("%s/slo/redirect" % BASE, BINDING_HTTP_REDIRECT)
-                    # ("%s/slo/soap" % BASE, BINDING_SOAP),
-                ],
-            },
-            # transient per default, persistent if asked by sp
-            'name_id_format': [NAMEID_FORMAT_TRANSIENT,
-                               NAMEID_FORMAT_PERSISTENT],
-
-            'validate_certificate': True,
-            # this is default
-            'only_use_keys_in_metadata': True,
-
-            # these needs to change a standard shibboleth sp configuration
-            # because in GET binding the signature is in the url and not in the XML ...
-            # solution: disable HTTP-REDIRECT bind
-            "want_authn_requests_only_with_valid_cert": True,
-            'want_authn_requests_signed': True,
-            'logout_requests_signed': True,
-
-            'sign_response': True,
-            'sign_assertion': True,
-
-            # the following if set should be a cert filename, not a boolean
-            # 'verify_ssl_cert': None,
-            # 'verify_encrypt_cert_assertion': None,
-            # 'verify_encrypt_cert_advice': None,
-
-            # this works if pysaml2 is installed from peppelinux's fork
-            # 'signing_algorithm':  saml2.xmldsig.SIG_RSA_SHA256,
-            # 'digest_algorithm':  saml2.xmldsig.DIGEST_SHA256,
-
-            "policy": {
-                "default": {
-                    "lifetime": {"minutes": 15},
-
-                    # if the sp are not conform to entity_categories (in our metadata) the attributes will not be released
-                    # "entity_categories": ["refeds", "edugain"],
-                    # "entity_categories": ["refeds",],
-
-                    "name_form": NAME_FORMAT_URI,
-
-                    # global pysaml2 restrictions, useless with custom AttributeProcessors
-                    # "attribute_restrictions": {
-                        # 'username': None,
-                        # 'first_name': None,
-                        # 'last_name': None,
-                        #
-                        ## Here only mail addresses that end with ".umu.se" will be returned.
-                        # 'email': None,
-                        # #'email': [".*\.umu\.se$"],
-                        # "mail": [".*\.umu\.se$"],
-                    # },
-                },
-
-                # attributes will be released only if this SP have refeds in out entity_categories in its metadata.
-                # "https://sp1.testunical.it/saml2/metadata/": {
-                    # "entity_categories": ["refeds",]
-                # }
-
-
-                # "https://example.com/sp": {
-                    # "lifetime": {"minutes": 5},
-                    # "nameid_format": NAMEID_FORMAT_PERSISTENT,
-                    # "name_form": NAME_FORMAT_BASIC
-                # }
-            },
-
-        },
-
-        # TODO
-        # AttributeAuthorityDescriptor is needed for legacy SP
-        # this adds the needed attributes in metadata ...!
-        #'aq': {
-        #
-        #    }
-
-    },
-
-    # Quite useless, you can even configure metadata store through admin backend!
-    'metadata': {
-        # 'local': [
-                 # IDP_SP_METADATA_PATH,
-                 # ],
-        #
-        # "remote": [{
-            # "url": 'https://satosa.testunical.it/Saml2/metadata',
-            # "cert": "/opt/satosa-saml2/pki/frontend.cert",
-
-            # working only with pplx-dev fork:
-            # "disable_ssl_certificate_validation": True,
-             # }],
-
-        # "mdq": [{
-            # "url": "http://localhost:8001",
-            ## "url": "https://ds.testunical.it",
-            # "cert": "certficates/others/ds.testunical.it.cert",
-
-            # working only with pplx-dev fork:
-            # "disable_ssl_certificate_validation": True,
-            # }]
-
-    },
-
-    # Signing
-    'key_file': BASE_DIR + '/tests/data/certificates/private.pem',
-    'cert_file': BASE_DIR + '/tests/data/certificates/public.pem',
-    # Encryption
-    'encryption_keypairs': [{
-        'key_file': BASE_DIR + '/tests/data/certificates/private.pem',
-        'cert_file': BASE_DIR + '/tests/data/certificates/public.pem',
-    }],
-
-    # How many hours this configuration is expected to be accurate as eposed in metadata
-    #'valid_for': 24 * 10,
-
-    # own metadata settings
-    'contact_person': [
-      {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
-       'contact_type': 'administrative'},
-      {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
-       'contact_type': 'technical'},
-      ],
-    # you can set multilanguage information here
-    'organization': {
-      'name': [('Unical', 'it'), ('Unical', 'en')],
-      'display_name': [('Unical', 'it'), ('Unical', 'en')],
-      'url': [('http://www.unical.it', 'it'),
-              ('http://www.unical.it', 'en')],
-      },
-
-    # TODO: put idp logs in a separate file too
-    # "logger": {
-        # "rotating": {
-            # "filename": "idp.log",
-            # "maxBytes": 500000,
-            # "backupCount": 5,
-        # },
-        # "loglevel": "debug",
-    # }
-
-}
-
-SAML_IDP_SHOW_USER_AGREEMENT_SCREEN = True
-SAML_IDP_SHOW_CONSENT_FORM = False
-SAML_IDP_USER_AGREEMENT_ATTR_EXCLUDE = []
-# User agreements will be valid for 1 year unless overriden. If this attribute is not used, user agreements will not expire
-SAML_IDP_USER_AGREEMENT_VALID_FOR = 24 * 365
-
-SAML_IDP_DJANGO_USERNAME_FIELD = 'username'
-# alg, salt and arguments used for computed user identifier used in opaque, transient and persistent nameid_format
-SAML_COMPUTEDID_HASHALG = 'sha256'
-SAML_COMPUTEDID_SALT = b'87sdfybDSFDSFsdf__7yb'
-
-SAML_AUTHN_SIGN_ALG = saml2.xmldsig.SIG_RSA_SHA256
-SAML_AUTHN_DIGEST_ALG = saml2.xmldsig.DIGEST_SHA256
-
-# Encrypt authn response by default (will not work with SP that doesn't have enc keys in their metadata)
-SAML_FORCE_ENCRYPTED_ASSERTION = False
-
-# if enabled and nameid format is persistent the nameid related to user:recipient_id will be stored in PersistentId model
-SAML_ALLOWCREATE = True
-
-# SP configurations
-SAML_IDP_SPCONFIG = {}
-
-# Disable unconfigured SP even if they are in MetadataStore
-SAML_DISALLOW_UNDEFINED_SP = False
-
-# This coniguration will be used by default for each newly created SP through admin backend.
-DEFAULT_SPCONFIG = {
-    'processor': 'uniauth_saml2_idp.processors.base.BaseProcessor',
-    'attribute_mapping': {
-
-        'uid': 'uid',
-        'persistent_ids': 'persistent_ids',
-        'email': 'email',
-        'first_name': 'first_name',
-        'last_name': 'last_name',
-        'username': 'username',
-        # 'is_staff': 'is_staff',
-        # 'is_superuser':  'is_superuser',
-
-        # refeds + edugain Entities
-        # "cn": "cn",
-        # "eduPersonEntitlement": "eduPersonEntitlement",
-        # "eduPersonPrincipalName": "eduPersonPrincipalName",
-        # "schacHomeOrganization": "schacHomeOrganization",
-        # "eduPersonHomeOrganization": "eduPersonHomeOrganization",
-        # "eduPersonAffiliation": "eduPersonAffiliation",
-        # "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
-        # "eduPersonTargetedID": "eduPersonTargetedID",
-        # "mail": ["mail", "email"],
-        # "email": ["mail", "email"],
-        # "schacPersonalUniqueCode": "schacPersonalUniqueCode",
-        # "schacPersonalUniqueID": "schacPersonalUniqueID",
-        # "sn": "sn",
-        # "givenName": ["givenName", "another_possible_occourrence"],
-        # "displayName": "displayName",
-
-        # custom attributes
-        # "codice_fiscale": "codice_fiscale",
-        # "matricola_studente": "matricola_studente",
-        # "matricola_dipendente": "matricola_dipendente"
-    },
-    'display_name': 'Unical SP',
-    'display_description': 'This is for test purpose',
-    'display_agreement_message': 'Some information about you has been requested', # Only for SP externals to our organization
-    'signing_algorithm': saml2.xmldsig.SIG_RSA_SHA256,
-    'digest_algorithm': saml2.xmldsig.DIGEST_SHA256,
-    'disable_encrypted_assertions': True,
-    # 'show_user_agreement_screen': SAML_IDP_SHOW_USER_AGREEMENT_SCREEN
-}
-
-# Quite useless, you can even configure SP through admin backend!
-# shibboleth test SP
-# SAML_IDP_SPCONFIG['https://sp.testunical.it/shibboleth'] = DEFAULT_SPCONFIG
-# SAML_IDP_SPCONFIG['https://sp1.testunical.it/saml2/metadata/'] = DEFAULT_SPCONFIG
-
-# satosa frontend
-# SAML_IDP_SPCONFIG['https://satosa.testunical.it/Saml2/metadata'] = DEFAULT_SPCONFIG
diff --git a/example/tests/settings.py b/example/tests/settings.py
deleted file mode 100644
index 957e411..0000000
--- a/example/tests/settings.py
+++ /dev/null
@@ -1,176 +0,0 @@
-"""
-Django settings for django_idp project.
-
-Generated by 'django-admin startproject' using Django 2.0.5.
-
-For more information on this file, see
-https://docs.djangoproject.com/en/2.0/topics/settings/
-
-For the full list of settings and their values, see
-https://docs.djangoproject.com/en/2.0/ref/settings/
-"""
-import ldap
-import os
-
-from .settingslocal import *
-
-# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
-BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-
-# Quick-start development settings - unsuitable for production
-# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
-
-# use settingslocal
-#DEBUG = True
-#SESSION_EXPIRE_AT_BROWSER_CLOSE=True
-#SESSION_COOKIE_AGE = 60 * 10 # minutes
-#SECRET_KEY = settingslocal.SECRET_KEY
-#ALLOWED_HOSTS = settingslocal.ALLOWED_HOSTS
-
-if not DEBUG:
-    SESSION_COOKIE_SECURE = True
-    CSRF_COOKIE_SECURE = True
-    # CSRF_USE_SESSIONS = True
-
-# Application definition
-
-MIDDLEWARE = [
-    'django.middleware.security.SecurityMiddleware',
-    'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
-
-    # SameSite Cookie workaround
-    'djangosaml2.middleware.SamlSessionMiddleware'
-]
-
-# GETTEXT LOCALIZATION
-MIDDLEWARE.append('django.middleware.locale.LocaleMiddleware')
-LOCALE_PATHS = (
-    os.path.join(BASE_DIR, "locale"),
-)
-#
-
-ROOT_URLCONF = 'django_idp.urls'
-
-TEMPLATES = [
-    {
-        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
-        'APP_DIRS': True,
-        'OPTIONS': {
-            'context_processors': [
-                'django.template.context_processors.debug',
-                'django.template.context_processors.request',
-                'django.contrib.auth.context_processors.auth',
-                'django.contrib.messages.context_processors.messages',
-            ],
-        },
-    },
-]
-
-STATICFILES_FINDERS = [
-    'django.contrib.staticfiles.finders.FileSystemFinder',
-    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
-    'sass_processor.finders.CssFinder',
-]
-
-WSGI_APPLICATION = 'django_idp.wsgi.application'
-
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
-    }
-}
-
-AUTHENTICATION_BACKENDS = [
-                            'django.contrib.auth.backends.ModelBackend',
-                            # TODO
-                            # 'unical_ict.auth.SessionUniqueBackend',
-                          ]
-
-#################
-# LDAP, optional
-#################
-if 'ldap_peoples' in INSTALLED_APPS:
-    # load default and overrides as you prefer
-    from ldap_peoples.settings import *
-    DEFAULT_EDUPERSON_ENTITLEMENT = ['urn:mace:terena.org:tcs:personal-user',
-                                     'urn:mace:terena.org:tcs:escience-user']
-    SCHAC_HOMEORGANIZATIONTYPE_DEFAULT = ['educationInstitution',
-                                          'university']
-    SCHAC_HOMEORGANIZATION_DEFAULT = LDAP_BASE_DOMAIN
-
-    LDAP_CONNECTION_OPTIONS = {ldap.OPT_PROTOCOL_VERSION: 3,
-                               ldap.OPT_NETWORK_TIMEOUT: 5,
-                               # ldap.OPT_DEBUG_LEVEL: 255,
-                               # ldap.OPT_X_TLS_CACERTFILE: LDAP_CACERT,
-                               # force /etc/ldap.conf configuration.
-                               # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
-                               # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_DEMAND,
-                               # ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
-                               # ldap.OPT_X_TLS_DEMAND: True,
-                               # ldap.OPT_X_TLS: ldap.OPT_X_TLS_NEVER,
-                               # ldap.OPT_X_TLS_DEMAND: False,
-                              }
-
-    DATABASES['ldap'] = {
-        'ENGINE': 'ldapdb.backends.ldap',
-        # only in localhost
-        #'NAME': 'ldapi://',
-        'NAME': LDAP_DB_URL,
-        'USER': LDAP_CONNECTION_USER,
-        'PASSWORD': LDAP_CONNECTION_PASSWD,
-        'RETRY_DELAY': 8,
-        'RETRY_MAX': 3,
-        'CONNECTION_OPTIONS': LDAP_CONNECTION_OPTIONS
-     }
-
-    DATABASE_ROUTERS = ['ldapdb.router.Router']
-    AUTHENTICATION_BACKENDS.append('uniauth_saml2_idp.auth.ldap_peoples.LdapAcademiaAuthBackend')
-
-if 'multildap' in INSTALLED_APPS:
-    AUTHENTICATION_BACKENDS.append('uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend')
-
-
-# Password validation
-# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
-
-AUTH_PASSWORD_VALIDATORS = [
-    {
-        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
-    },
-]
-
-
-# Internationalization
-# https://docs.djangoproject.com/en/2.0/topics/i18n/
-
-LANGUAGE_CODE = 'en-us'
-TIME_ZONE = 'UTC'
-USE_I18N = True
-USE_L10N = True
-USE_TZ = True
-
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/2.0/howto/static-files/
-STATIC_ROOT = os.path.join(BASE_DIR, 'static')
-STATIC_URL = '/static/'
-
-MEDIA_ROOT = os.path.join(BASE_DIR, 'data/media')
-
-if 'uniauth_saml2_idp' in INSTALLED_APPS:
-    from . idp_pysaml2 import *
diff --git a/example/tests/settingsldap.py b/example/tests/settingsldap.py
deleted file mode 100644
index 0b02dae..0000000
--- a/example/tests/settingsldap.py
+++ /dev/null
@@ -1,60 +0,0 @@
-import ldap3
-from multildap.client import LdapClient
-
-LDAPTEST = dict(server =
-                   dict(host = 'ldap://localhost:3899',
-                        connect_timeout = 5,
-                        # TLS...
-                        ),
-               connection =
-                   dict(user = 'uid=mario,ou=people,dc=testunical,dc=it',
-                        password = 'cimpa12',
-                        read_only = True,
-                        version = 3,
-                        # see ldap3 client_strategies
-                        client_strategy = ldap3.RESTARTABLE,
-                        auto_bind = True,
-                        pool_size = 1,
-                        pool_keepalive = 1),
-                search =
-                    dict(search_base = 'ou=people,dc=testunical,dc=it',
-                         search_filter = '(objectclass=person)',
-                         search_scope = ldap3.SUBTREE,
-
-                         # general purpose for huge resultsets
-                         # TODO: implement paged resultset, see: examples/paged_resultset.py
-                         # size_limit = 500,
-                         # paged_size = 1000, # up to 500000 results
-                         # paged_criticality = True, # check if the server supports paged results
-                         # paged_cookie = True, # must be sent back while requesting subsequent entries
-
-                         # to get all = # '*'
-                         attributes = ['eduPersonPrincipalName',
-                                       'schacHomeOrganization',
-                                       'mail',
-                                       'uid',
-                                       'givenName',
-                                       'sn',
-                                       'eduPersonScopedAffiliation',
-                                       'schacPersonalUniqueID',
-                                       'schacPersonalUniqueCode'
-                                       ]
-
-                        ),
-                  encoding = 'utf-8',
-                  #rewrite_rules =
-                        #[{'package': 'attr_rewrite',
-                         #'name': 'replace',
-                         #'kwargs': {'from_str': 'testunical', 'to_str': 'unical',}},
-
-                         #{'package': 'attr_rewrite',
-                          #'name': 'regexp_replace',
-                          #'kwargs': {'regexp': '', 'sub': '',}},
-
-                        #],
-                  #rewrite_dn_to = _REWRITE_DN_TO,
-                  allow_authentication = True
-            )
-
-LDAP_CONNECTIONS = {'DEFAULT' : LDAPTEST}
-LDAP_CONNECTIONS = [LdapClient(conf) for conf in LDAP_CONNECTIONS.values()]
diff --git a/example/tests/settingslocal.py b/example/tests/settingslocal.py
deleted file mode 100644
index c3e0251..0000000
--- a/example/tests/settingslocal.py
+++ /dev/null
@@ -1,89 +0,0 @@
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'lrx(fg&+2e=$l=y8$!+l68_=-lm3*n+myg%r3z!yjm(lg*l%-z'
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-SESSION_EXPIRE_AT_BROWSER_CLOSE=True
-SESSION_COOKIE_AGE = 60 * 10 # minutes
-
-ALLOWED_HOSTS = ['*']
-
-INSTALLED_APPS = [
-    'accounts',
-    'django.contrib.admin',
-    'django.contrib.auth',
-    'django.contrib.contenttypes',
-    'django.contrib.sessions',
-    'django.contrib.messages',
-    'django.contrib.staticfiles',
-    'sass_processor',
-    'bootstrap_italia_template',
-    'django_unical_bootstrap_italia',
-    'uniauth_saml2_idp',
-    'uniauth_unical_template',
-    # 'ldap_peoples',
-    # 'multildap',
-    'rangefilter']
-
-AUTH_USER_MODEL = "accounts.User"
-
-# ldap_peoples related
-# LDAP_CONNECTION_USER = 'cn=thatuser,dc=unical,dc=it'
-# LDAP_CONNECTION_PASSWD = 'Thatpassword'
-# LDAP_DB_URL = 'ldap://localhost:389/'
-#LDAP_BASE_DOMAIN = 'unical.it'
-# LDAP_PEOPLE_DN = 'dc=proxy'
-
-# needed for ldap admin forms
-DATETIME_INPUT_FORMATS = ['%Y-%m-%d %H:%M:%S',
-                          '%d/%m/%Y %H:%M:%S']
-
-DATE_INPUT_FORMATS = ['%Y-%m-%d', '%d/%m/%Y']
-
-ADMINS = [('name surname', 'user1@DOMAIN'),
-          ('name surnale', 'user2@DOMAIN'),]
-
-# LOGGING
-LOGGING = {
-    'version': 1,
-    'disable_existing_loggers': False,
-    'formatters': {
-        'default': {
-            # exact format is not important, this is the minimum information
-            'format': '%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
-        },
-        'detailed': {
-            'format': '[%(asctime)s] %(message)s [(%(levelname)s)]' # %(name)s.%(funcName)s:%(lineno)s]'
-        },
-    },
-    'filters': {
-        'require_debug_false': {
-            '()': 'django.utils.log.RequireDebugFalse'
-        }
-    },
-    'handlers': {
-        'mail_admins': {
-            'formatter': 'detailed',
-            'level': 'ERROR',
-            'filters': ['require_debug_false'],
-            'class': 'django.utils.log.AdminEmailHandler'
-        },
-        'console': {
-            'formatter': 'detailed',
-            'level': 'INFO',
-            'class': 'logging.StreamHandler',
-        },
-    },
-    'loggers': {
-        'django': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'ERROR',
-            'propagate': False,
-        },
-        'uniauth_saml2_idp': {
-            'handlers': ['console', 'mail_admins'],
-            'level': 'DEBUG',
-            'propagate': False,
-        },
-    }
-}
diff --git a/example/tests/sp/attribute-maps/shibboleth_uri.py b/example/tests/sp/attribute-maps/shibboleth_uri.py
deleted file mode 100644
index d26bf00..0000000
--- a/example/tests/sp/attribute-maps/shibboleth_uri.py
+++ /dev/null
@@ -1,190 +0,0 @@
-EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
-X500ATTR = "urn:oid:2.5.4."
-NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
-NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
-UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
-PKCS_9 = "urn:oid:1.2.840.113549.1.9."
-UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
-
-MAP = {
-    "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri",
-    "fro": {
-        EDUPERSON_OID+'2': 'eduPersonNickname',
-        EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
-        EDUPERSON_OID+'11': 'eduPersonAssurance',
-        EDUPERSON_OID+'10': 'eduPersonTargetedID',
-        EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
-        NOREDUPERSON_OID+'6': 'norEduOrgAcronym',
-        NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier',
-        NOREDUPERSON_OID+'4': 'norEduPersonLIN',
-        EDUPERSON_OID+'1': 'eduPersonAffiliation',
-        NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber',
-        NETSCAPE_LDAP+'40': 'userSMIMECertificate',
-        NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber',
-        NETSCAPE_LDAP+'241': 'displayName',
-        UCL_DIR_PILOT+'37': 'associatedDomain',
-        EDUPERSON_OID+'6': 'eduPersonPrincipalName',
-        NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier',
-        NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion',
-        X500ATTR+'53': 'deltaRevocationList',
-        X500ATTR+'52': 'supportedAlgorithms',
-        X500ATTR+'51': 'houseIdentifier',
-        X500ATTR+'50': 'uniqueMember',
-        X500ATTR+'19': 'physicalDeliveryOfficeName',
-        X500ATTR+'18': 'postOfficeBox',
-        X500ATTR+'17': 'postalCode',
-        X500ATTR+'16': 'postalAddress',
-        X500ATTR+'15': 'businessCategory',
-        X500ATTR+'14': 'searchGuide',
-        EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation',
-        X500ATTR+'12': 'title',
-        X500ATTR+'11': 'ou',
-        X500ATTR+'10': 'o',
-        X500ATTR+'37': 'cACertificate',
-        X500ATTR+'36': 'userCertificate',
-        X500ATTR+'31': 'member',
-        X500ATTR+'30': 'supportedApplicationContext',
-        X500ATTR+'33': 'roleOccupant',
-        X500ATTR+'32': 'owner',
-        NETSCAPE_LDAP+'1': 'carLicense',
-        PKCS_9+'1': 'email',
-        NETSCAPE_LDAP+'3': 'employeeNumber',
-        NETSCAPE_LDAP+'2': 'departmentNumber',
-        X500ATTR+'39': 'certificateRevocationList',
-        X500ATTR+'38': 'authorityRevocationList',
-        NETSCAPE_LDAP+'216': 'userPKCS12',
-        EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
-        X500ATTR+'9': 'street',
-        X500ATTR+'8': 'st',
-        NETSCAPE_LDAP+'39': 'preferredLanguage',
-        EDUPERSON_OID+'7': 'eduPersonEntitlement',
-        X500ATTR+'2': 'knowledgeInformation',
-        X500ATTR+'7': 'l',
-        X500ATTR+'6': 'c',
-        X500ATTR+'5': 'serialNumber',
-        X500ATTR+'4': 'sn',
-        UCL_DIR_PILOT+'60': 'jpegPhoto',
-        X500ATTR+'65': 'pseudonym',
-        NOREDUPERSON_OID+'5': 'norEduPersonNIN',
-        UCL_DIR_PILOT+'3': 'mail',
-        UCL_DIR_PILOT+'25': 'dc',
-        X500ATTR+'40': 'crossCertificatePair',
-        X500ATTR+'42': 'givenName',
-        X500ATTR+'43': 'initials',
-        X500ATTR+'44': 'generationQualifier',
-        X500ATTR+'45': 'x500UniqueIdentifier',
-        X500ATTR+'46': 'dnQualifier',
-        X500ATTR+'47': 'enhancedSearchGuide',
-        X500ATTR+'48': 'protocolInformation',
-        X500ATTR+'54': 'dmdName',
-        NETSCAPE_LDAP+'4': 'employeeType',
-        X500ATTR+'22': 'teletexTerminalIdentifier',
-        X500ATTR+'23': 'facsimileTelephoneNumber',
-        X500ATTR+'20': 'telephoneNumber',
-        X500ATTR+'21': 'telexNumber',
-        X500ATTR+'26': 'registeredAddress',
-        X500ATTR+'27': 'destinationIndicator',
-        X500ATTR+'24': 'x121Address',
-        X500ATTR+'25': 'internationaliSDNNumber',
-        X500ATTR+'28': 'preferredDeliveryMethod',
-        X500ATTR+'29': 'presentationAddress',
-        EDUPERSON_OID+'3': 'eduPersonOrgDN',
-        NOREDUPERSON_OID+'3': 'norEduPersonBirthDate',
-    },
-    "to":{
-        'roleOccupant': X500ATTR+'33',
-        'gn': X500ATTR+'42',
-        'norEduPersonNIN': NOREDUPERSON_OID+'5',
-        'title': X500ATTR+'12',
-        'facsimileTelephoneNumber': X500ATTR+'23',
-        'mail': UCL_DIR_PILOT+'3',
-        'postOfficeBox': X500ATTR+'18',
-        'fax': X500ATTR+'23',
-        'telephoneNumber': X500ATTR+'20',
-        'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
-        'rfc822Mailbox': UCL_DIR_PILOT+'3',
-        'dc': UCL_DIR_PILOT+'25',
-        'countryName': X500ATTR+'6',
-        'emailAddress': PKCS_9+'1',
-        'employeeNumber': NETSCAPE_LDAP+'3',
-        'organizationName': X500ATTR+'10',
-        'eduPersonAssurance': EDUPERSON_OID+'11',
-        'norEduOrgAcronym': NOREDUPERSON_OID+'6',
-        'registeredAddress': X500ATTR+'26',
-        'physicalDeliveryOfficeName': X500ATTR+'19',
-        'associatedDomain': UCL_DIR_PILOT+'37',
-        'l': X500ATTR+'7',
-        'stateOrProvinceName': X500ATTR+'8',
-        'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
-        'pkcs9email': PKCS_9+'1',
-        'givenName': X500ATTR+'42',
-        'x500UniqueIdentifier': X500ATTR+'45',
-        'eduPersonNickname': EDUPERSON_OID+'2',
-        'houseIdentifier': X500ATTR+'51',
-        'street': X500ATTR+'9',
-        'supportedAlgorithms': X500ATTR+'52',
-        'preferredLanguage': NETSCAPE_LDAP+'39',
-        'postalAddress': X500ATTR+'16',
-        'email': PKCS_9+'1',
-        'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
-        'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
-        'c': X500ATTR+'6',
-        'teletexTerminalIdentifier': X500ATTR+'22',
-        'o': X500ATTR+'10',
-        'cACertificate': X500ATTR+'37',
-        'telexNumber': X500ATTR+'21',
-        'ou': X500ATTR+'11',
-        'initials': X500ATTR+'43',
-        'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
-        'deltaRevocationList': X500ATTR+'53',
-        'norEduPersonLIN': NOREDUPERSON_OID+'4',
-        'supportedApplicationContext': X500ATTR+'30',
-        'eduPersonEntitlement': EDUPERSON_OID+'7',
-        'generationQualifier': X500ATTR+'44',
-        'eduPersonAffiliation': EDUPERSON_OID+'1',
-        'eduPersonPrincipalName': EDUPERSON_OID+'6',
-        'localityName': X500ATTR+'7',
-        'owner': X500ATTR+'32',
-        'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
-        'searchGuide': X500ATTR+'14',
-        'certificateRevocationList': X500ATTR+'39',
-        'organizationalUnitName': X500ATTR+'11',
-        'userCertificate': X500ATTR+'36',
-        'preferredDeliveryMethod': X500ATTR+'28',
-        'internationaliSDNNumber': X500ATTR+'25',
-        'uniqueMember': X500ATTR+'50',
-        'departmentNumber': NETSCAPE_LDAP+'2',
-        'enhancedSearchGuide': X500ATTR+'47',
-        'userPKCS12': NETSCAPE_LDAP+'216',
-        'eduPersonTargetedID': EDUPERSON_OID+'10',
-        'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
-        'x121Address': X500ATTR+'24',
-        'destinationIndicator': X500ATTR+'27',
-        'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
-        'surname': X500ATTR+'4',
-        'jpegPhoto': UCL_DIR_PILOT+'60',
-        'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
-        'protocolInformation': X500ATTR+'48',
-        'knowledgeInformation': X500ATTR+'2',
-        'employeeType': NETSCAPE_LDAP+'4',
-        'userSMIMECertificate': NETSCAPE_LDAP+'40',
-        'member': X500ATTR+'31',
-        'streetAddress': X500ATTR+'9',
-        'dmdName': X500ATTR+'54',
-        'postalCode': X500ATTR+'17',
-        'pseudonym': X500ATTR+'65',
-        'dnQualifier': X500ATTR+'46',
-        'crossCertificatePair': X500ATTR+'40',
-        'eduPersonOrgDN': EDUPERSON_OID+'3',
-        'authorityRevocationList': X500ATTR+'38',
-        'displayName': NETSCAPE_LDAP+'241',
-        'businessCategory': X500ATTR+'15',
-        'serialNumber': X500ATTR+'5',
-        'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
-        'st': X500ATTR+'8',
-        'carLicense': NETSCAPE_LDAP+'1',
-        'presentationAddress': X500ATTR+'29',
-        'sn': X500ATTR+'4',
-        'domainComponent': UCL_DIR_PILOT+'25',
-    }
-}
\ No newline at end of file
diff --git a/example/tests/sp/metadata/idp.xml b/example/tests/sp/metadata/idp.xml
deleted file mode 100644
index 1c14397..0000000
--- a/example/tests/sp/metadata/idp.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<md:EntityDescriptor xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" entityID="http://idp1.testunical.it/idp/metadata"><md:Extensions><mdattr:EntityAttributes><saml:Attribute Name="http://macedir.org/entity-category-support" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema">http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema">http://refeds.org/category/research-and-scholarship</saml:AttributeValue></saml:Attribute></mdattr:EntityAttributes><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#md5" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#ripemd160" /><alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" /><alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-md5" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" /><alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" /><alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" /></md:Extensions><md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" WantAuthnRequestsSigned="true"><md:Extensions><mdui:UIInfo><mdui:DisplayName xml:lang="en">Unical IdP</mdui:DisplayName><mdui:DisplayName xml:lang="it">Unical IdP</mdui:DisplayName><mdui:Description xml:lang="en">University of Calabria Identity Provider</mdui:Description><mdui:Description xml:lang="it">Identity Provider della Università della Calabria</mdui:Description><mdui:Logo height="60" width="80">https://idp1.testunical.it/static/img/logo.svg</mdui:Logo><mdui:InformationURL xml:lang="it">https://www.unical.it/portale/strutture/centri/centroict/schdeserviziict/idem/</mdui:InformationURL><mdui:PrivacyStatementURL xml:lang="it">https://www.unical.it/portale/ateneo/privacy/</mdui:PrivacyStatementURL></mdui:UIInfo></md:Extensions><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDgzCCAmugAwIBAgIQSeYzhdkMjG/8jtR/zOIM8jANBgkqhkiG9w0BAQsFADAY
-MRYwFAYDVQQDDA10ZXN0dW5pY2FsLml0MB4XDTE5MDMxMjEwMDQ0MVoXDTIyMDIy
-NDEwMDQ0MVowHTEbMBkGA1UEAwwSaWRwMS50ZXN0dW5pY2FsLml0MIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvTAtU0ynpD3smari2N33QXmpdmQAKYh
-f1VY5Unup2CSjasjPWGmnDOjeYIM5aWxhAMSbT6X4xION3MByR3LZ+xn7emWvCS/
-pSk/PNpIqSxg5BhK9Xt+HoX4l3uH5XW4I3pyM5rSeC1QBhCaAoRwVC+15rD0aypz
-ZSsbJ2nVklGzJ2i0S4vmIDeDY6As7KnmfPUixvgt1eRuM2HGjULi0E9HNbDAyFU+
-mIa1aEn1GQ2VQfmas3ONSSN3QpXgZvEdsDghYOLobCz+gwjCu7PJC82m4TYjYw75
-vCSth+HKBm58JlkMBXYZKeb+GXnGBDRQ6qaHy3J+9y4N7X1cXj4WTQIDAQABo4HD
-MIHAMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDE4vnw0DlJTW+DMwZSFg307Wr0XMFMG
-A1UdIwRMMEqAFKnCMSPICIZrTktMu038vaz50ub6oRykGjAYMRYwFAYDVQQDDA10
-ZXN0dW5pY2FsLml0ghQkONLvgouiuVdJxz77uR6/hp0krzATBgNVHSUEDDAKBggr
-BgEFBQcDATALBgNVHQ8EBAMCBaAwHQYDVR0RBBYwFIISaWRwMS50ZXN0dW5pY2Fs
-Lml0MA0GCSqGSIb3DQEBCwUAA4IBAQCP/excCMYIg9elqDf+cv+K/ShkfRBXSKct
-boWrPtAelsYLSgCk8iQVNadznWgEobu+gszzLn0wGP2eVnXtQRFqLe6dtA2FVrQk
-DhT9rClWVmYCgLpYmcjDvBxZ7xgHE2X0f4N1q0IRwP7lTxPKzlIefTCoymfBh8cZ
-KPeZWdSEZRn1u2Hip9p2K9DDILE7QVdhJRDvo0r6w9UT8V/LIz+9ZD9O3pDEMKfS
-i73m3d9zWFP1/U6FIOBcMvp6holAqa7JaX56BjC/x0po0vPDljoNrQo2PSmq/UrF
-9ZclHY/6RJTYieKJh4gST88kNOY4k1xNSLdvngTVipNd3zA3dyb3
-</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:KeyDescriptor use="encryption"><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDgzCCAmugAwIBAgIQSeYzhdkMjG/8jtR/zOIM8jANBgkqhkiG9w0BAQsFADAY
-MRYwFAYDVQQDDA10ZXN0dW5pY2FsLml0MB4XDTE5MDMxMjEwMDQ0MVoXDTIyMDIy
-NDEwMDQ0MVowHTEbMBkGA1UEAwwSaWRwMS50ZXN0dW5pY2FsLml0MIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvTAtU0ynpD3smari2N33QXmpdmQAKYh
-f1VY5Unup2CSjasjPWGmnDOjeYIM5aWxhAMSbT6X4xION3MByR3LZ+xn7emWvCS/
-pSk/PNpIqSxg5BhK9Xt+HoX4l3uH5XW4I3pyM5rSeC1QBhCaAoRwVC+15rD0aypz
-ZSsbJ2nVklGzJ2i0S4vmIDeDY6As7KnmfPUixvgt1eRuM2HGjULi0E9HNbDAyFU+
-mIa1aEn1GQ2VQfmas3ONSSN3QpXgZvEdsDghYOLobCz+gwjCu7PJC82m4TYjYw75
-vCSth+HKBm58JlkMBXYZKeb+GXnGBDRQ6qaHy3J+9y4N7X1cXj4WTQIDAQABo4HD
-MIHAMAkGA1UdEwQCMAAwHQYDVR0OBBYEFDE4vnw0DlJTW+DMwZSFg307Wr0XMFMG
-A1UdIwRMMEqAFKnCMSPICIZrTktMu038vaz50ub6oRykGjAYMRYwFAYDVQQDDA10
-ZXN0dW5pY2FsLml0ghQkONLvgouiuVdJxz77uR6/hp0krzATBgNVHSUEDDAKBggr
-BgEFBQcDATALBgNVHQ8EBAMCBaAwHQYDVR0RBBYwFIISaWRwMS50ZXN0dW5pY2Fs
-Lml0MA0GCSqGSIb3DQEBCwUAA4IBAQCP/excCMYIg9elqDf+cv+K/ShkfRBXSKct
-boWrPtAelsYLSgCk8iQVNadznWgEobu+gszzLn0wGP2eVnXtQRFqLe6dtA2FVrQk
-DhT9rClWVmYCgLpYmcjDvBxZ7xgHE2X0f4N1q0IRwP7lTxPKzlIefTCoymfBh8cZ
-KPeZWdSEZRn1u2Hip9p2K9DDILE7QVdhJRDvo0r6w9UT8V/LIz+9ZD9O3pDEMKfS
-i73m3d9zWFP1/U6FIOBcMvp6holAqa7JaX56BjC/x0po0vPDljoNrQo2PSmq/UrF
-9ZclHY/6RJTYieKJh4gST88kNOY4k1xNSLdvngTVipNd3zA3dyb3
-</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://idp1.testunical.it/slo/post" /><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://idp1.testunical.it/idp/sso/post" /><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://idp1.testunical.it/idp/sso/redirect" /></md:IDPSSODescriptor><md:Organization><md:OrganizationName xml:lang="it">Unical</md:OrganizationName><md:OrganizationName xml:lang="en">Unical</md:OrganizationName><md:OrganizationDisplayName xml:lang="it">Unical</md:OrganizationDisplayName><md:OrganizationDisplayName xml:lang="en">Unical</md:OrganizationDisplayName><md:OrganizationURL xml:lang="it">http://www.unical.it</md:OrganizationURL><md:OrganizationURL xml:lang="en">http://www.unical.it</md:OrganizationURL></md:Organization><md:ContactPerson contactType="administrative"><md:Company>Universita della Calabria</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>De Marco</md:SurName><md:EmailAddress>giuseppe.demarco@unical.it</md:EmailAddress></md:ContactPerson><md:ContactPerson contactType="technical"><md:Company>Universita della Calabria</md:Company><md:GivenName>Giuseppe</md:GivenName><md:SurName>De Marco</md:SurName><md:EmailAddress>giuseppe.demarco@unical.it</md:EmailAddress></md:ContactPerson></md:EntityDescriptor>
\ No newline at end of file
diff --git a/example/tests/test_01_undefined_sp.py b/example/tests/test_01_undefined_sp.py
deleted file mode 100644
index d0bbf11..0000000
--- a/example/tests/test_01_undefined_sp.py
+++ /dev/null
@@ -1,14 +0,0 @@
-from . base import *
-
-
-class TestUnknowRP(BaseTestRP):
-
-    def test_authn_request(self):
-        url, data, session_id = self._get_sp_authn_request()
-
-        # client = Client()
-        response = self.client.post(url, data)
-
-        assert response.status_code == 403 and \
-               'Incorrectly signed' in response.content.decode()
-        logging.info('IdP do not accept SP with unknow metadata -> OK')
diff --git a/example/tests/test_02_sp.py b/example/tests/test_02_sp.py
deleted file mode 100644
index c19cdd7..0000000
--- a/example/tests/test_02_sp.py
+++ /dev/null
@@ -1,41 +0,0 @@
-from django.conf import settings
-from django.urls import reverse
-from saml2 import BINDING_HTTP_REDIRECT
-
-from . base import *
-
-
-class TestRP(BaseTestRP):
-    def setUp(self):
-        super().setUp()
-        self._superuser_login()
-        self._add_sp_md()
-
-    def test_unsigned_authn_request(self):
-        """
-        a UNsigned saml request from a well know SP
-        """
-        session_id, result = self.sp_client.prepare_for_authenticate(
-                                             entityid=idp_eid,
-                                             relay_state='/',
-                                             binding=BINDING_HTTP_POST,
-                                             sign=False,
-                                             sigalg=None)
-        url, data = extract_saml_authn_data(result)
-        response = self.client.post(url, data)
-        # forbidden !
-        assert response.status_code == 403 and \
-               'Incorrectly signed' in response.content.decode()
-
-
-    def test_authn_request(self):
-        """
-        a signed saml request from a well know SP
-        """
-        url, data, session_id = self._get_sp_authn_request()
-
-        response = self.client.post(url, data)
-
-        login_url = reverse('uniauth_saml2_idp:saml_login_process')
-        assert response.status_code == 302 and \
-               response.url == login_url
diff --git a/example/tests/test_05_ldap_datastore.py b/example/tests/test_05_ldap_datastore.py
deleted file mode 100644
index 54889e9..0000000
--- a/example/tests/test_05_ldap_datastore.py
+++ /dev/null
@@ -1,168 +0,0 @@
-import base64
-import json
-import re
-
-from django.conf import settings
-from django.urls import reverse
-
-from saml2.config import SPConfig
-from saml2.metadata import entity_descriptor
-from uniauth_saml2_idp.models import ServiceProvider
-
-from .base import *
-from .idp_pysaml2 import IDP_SP_METADATA_PATH
-from .settingsldap import LDAP_CONNECTIONS
-
-
-class TestEnabledRP(BaseTestRP):
-    def setUp(self):
-        super().setUp()
-        self._add_sp_md()
-        settings.SAML_DISALLOW_UNDEFINED_SP = True
-        self._add_sp()
-        self.sp = ServiceProvider.objects.first()
-        self.login_data = dict(username='mario',
-                               password='cimpa12')
-        # add LDAP in settings
-        settings.INSTALLED_APPS.append('multildap')
-        settings.LDAP_CONNECTIONS = LDAP_CONNECTIONS
-        settings.AUTHENTICATION_BACKENDS.append('uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend')
-
-        # disable agreement screen
-        self.sp.agreement_screen = 0
-
-        # configure sp processors
-        self.sp.attribute_processor = 'uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor'
-        self.sp.attribute_mapping = json.dumps({
-            # refeds + edugain Entities
-            "cn": "cn",
-            "eduPersonEntitlement": "eduPersonEntitlement",
-            "eduPersonPrincipalName": "eduPersonPrincipalName",
-            "schacHomeOrganization": "schacHomeOrganization",
-            "eduPersonHomeOrganization": "eduPersonHomeOrganization",
-            "eduPersonAffiliation": "eduPersonAffiliation",
-            "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
-            "eduPersonTargetedID": "eduPersonTargetedID",
-            "mail": ["mail", "email"],
-            "email": ["mail", "email"],
-            "schacPersonalUniqueCode": "schacPersonalUniqueCode",
-            "schacPersonalUniqueID": "schacPersonalUniqueID",
-            "sn": "sn",
-            "givenName": ["givenName", "another_possible_occourrence"],
-            "displayName": "displayName",
-
-            # custom attributes
-            "codice_fiscale": "codice_fiscale",
-            "matricola_studente": "matricola_studente",
-            "matricola_dipendente": "matricola_dipendente"
-        })
-        self.sp.save()
-
-        # run ldapd
-        self._run_ldapd()
-
-    def test_valid_form(self):
-        url, data, session_id = self._get_sp_authn_request()
-        response = self.client.post(url, data, follow=True)
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
-        # is there a SAML response?
-        saml_resp = re.findall(samlresponse_form_regexp,
-                               login_response.content.decode())
-        assert saml_resp
-
-        # login again to update existing user on db
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
-
-        # test a disabled user
-        #user = get_user_model().objects.last()
-        #user.is_active = 0
-        #user.save()
-        #login_response = self.client.post(login_url,
-                                          #data=self.login_data, follow=True)
-
-    def test_invalid_form(self):
-        url, data, session_id = self._get_sp_authn_request()
-        response = self.client.post(url, data, follow=True)
-        login_data = {'username':'mario', 'password':'erewr'}
-        login_response = self.client.post(login_url,
-                                          data=login_data,
-                                          follow=True)
-        assert 'is invalid' in login_response.content.decode()
-
-        login_data = {'username':'dsfhdsjkfh', 'password':'erewr'}
-        login_response = self.client.post(login_url,
-                                          data=login_data,
-                                          follow=True)
-        assert 'is invalid' in login_response.content.decode()
-
-
-    def test_sp_attr_policy(self):
-        # create a pysaml SP
-        self.sp_conf = SPConfig()
-        _sp_conf = copy.deepcopy(SAML_SP_CONFIG)
-        _sp_conf['service']['sp']['required_attributes'] = ['email',
-                                                            'givenName',
-                                                            'eduPersonPrincipalName',
-                                                            'sn',
-                                                            'displayName']
-        self.sp_conf.load(_sp_conf)
-        # put sp metadata into IDP md store
-        sp_metadata = entity_descriptor(self.sp_conf)
-        with open(IDP_SP_METADATA_PATH+'/sp.xml', 'wb') as fd:
-            fd.write(sp_metadata.to_string())
-
-        sp_client = Saml2Client(self.sp_conf)
-        session_id, result = sp_client.prepare_for_authenticate(
-                                             entityid=idp_eid,
-                                             relay_state='/',
-                                             binding=BINDING_HTTP_POST)
-        url, data = extract_saml_authn_data(result)
-        response = self.client.post(url, data, follow=True)
-        # login again to update existing user on db
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
-        # is there a SAML response?
-        saml_resp = re.findall(samlresponse_form_regexp,
-                               login_response.content.decode())
-        assert saml_resp
-        saml_assrt = base64.b64decode(saml_resp[0]).decode()
-        assert 'sn' in saml_assrt
-
-    def test_sp_attr_policy2(self):
-        # create a pysaml SP
-        self.sp_conf = SPConfig()
-        _sp_conf = copy.deepcopy(SAML_SP_CONFIG)
-        _sp_conf['service']['sp']['required_attributes'] = ['email',
-                                                            'givenName',
-                                                            'eduPersonPrincipalName',
-                                                            'sn',
-                                                            'telexNumber']
-        self.sp_conf.load(_sp_conf)
-        # put sp metadata into IDP md store
-        sp_metadata = entity_descriptor(self.sp_conf)
-        with open(IDP_SP_METADATA_PATH+'/sp.xml', 'wb') as fd:
-            fd.write(sp_metadata.to_string())
-
-        sp_client = Saml2Client(self.sp_conf)
-        session_id, result = sp_client.prepare_for_authenticate(
-                                             entityid=idp_eid,
-                                             relay_state='/',
-                                             binding=BINDING_HTTP_POST)
-        url, data = extract_saml_authn_data(result)
-        response = self.client.post(url, data, follow=True)
-        # login again to update existing user on db
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
-        # is there a SAML response?
-        saml_resp = re.findall(samlresponse_form_regexp,
-                               login_response.content.decode())
-        # assert saml_resp
-        # saml_assrt = base64.b64decode(saml_resp[0]).decode()
-        # assert 'telexNumber' not in saml_assrt
-
-    def tearDown(self):
-        """Kill ldapd test server
-        """
-        self.ldapd.kill()
diff --git a/example/tests/test_06_sp_faulty.py b/example/tests/test_06_sp_faulty.py
deleted file mode 100644
index d14a399..0000000
--- a/example/tests/test_06_sp_faulty.py
+++ /dev/null
@@ -1,34 +0,0 @@
-import re
-
-from django.conf import settings
-from django.urls import reverse
-from djangosaml2.cache import (IdentityCache,
-                               OutstandingQueriesCache,
-                               StateCache)
-from uniauth_saml2_idp.models import ServiceProvider
-from .base import *
-from .idp_pysaml2 import IDP_SP_METADATA_PATH
-
-
-class TestEnabledRP(BaseTestRP):
-    def setUp(self):
-        super().setUp()
-        self._add_sp_md()
-        settings.SAML_DISALLOW_UNDEFINED_SP = True
-        self._add_sp()
-        self.sp = ServiceProvider.objects.first()
-        self.login_data = dict(username='admin',
-                               password='admin')
-        # create a dummy user
-        self.user = self._get_superuser_user()
-
-    def test_faulty_attr_processor(self):
-        self.sp.attribute_processor = 'uniauth_saml2_idp.processors.base.UNKNOW'
-        self.sp.save()
-
-        url, data, session_id = self._get_sp_authn_request()
-
-        response = self.client.post(url, data, follow=True)
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
-        assert b'AttributeError' in login_response.content
diff --git a/example/tests/test_07_sp_httpredirect.py b/example/tests/test_07_sp_httpredirect.py
deleted file mode 100644
index 8d65494..0000000
--- a/example/tests/test_07_sp_httpredirect.py
+++ /dev/null
@@ -1,54 +0,0 @@
-import saml2
-
-from django.conf import settings
-from django.urls import reverse
-from saml2 import BINDING_HTTP_REDIRECT
-
-from . base import *
-
-
-class TestRP(BaseTestRP):
-    def setUp(self):
-        super().setUp()
-        self._superuser_login()
-        self._add_sp_md()
-
-    def test_authn_request_redirect(self):
-        """
-        HTTP-REDIRECT login
-        """
-
-        # pySAML2 TODO
-        # HTTP-REDIRECT Signed AuthnRequest are faulty
-        return None
-        # end pySAML2 TODO
-
-        session_id, result = self.sp_client.prepare_for_authenticate(
-                                     entityid=idp_eid,
-                                     relay_state='/',
-                                     binding=BINDING_HTTP_REDIRECT)
-        url, data = extract_saml_authn_data(result)
-
-        response = self.client.get(url, follow=True)
-        assert response.status_code == 200
-
-        login_process_url = reverse('uniauth_saml2_idp:saml_login_process')
-        login_url = reverse('uniauth_saml2_idp:login')+'?next={}'.format(login_process_url)
-
-        # test a login
-        login_data = dict(username='admin',
-                          password='admin')
-        # create a dummy user
-        self.user = self._get_superuser_user()
-
-        # agreement screen
-        self._add_sp()
-        self.sp = ServiceProvider.objects.first()
-        self.sp.agreement_screen = 1
-        self.sp.save()
-
-        login_response = self.client.post(login_url, data=login_data, follow=True)
-        assert 'has requested the following informations' in login_response.content.decode()
-
-        self.sp.delete()
-        self.user.delete()
diff --git a/example/uniauth_saml2_idp b/example/uniauth_saml2_idp
deleted file mode 120000
index 8222114..0000000
--- a/example/uniauth_saml2_idp
+++ /dev/null
@@ -1 +0,0 @@
-../uniauth_saml2_idp
\ No newline at end of file
diff --git a/example/uniauth_unical_template/static/css/idp_style.css b/example/uniauth_unical_template/static/css/idp_style.css
deleted file mode 100644
index 05f0de1..0000000
--- a/example/uniauth_unical_template/static/css/idp_style.css
+++ /dev/null
@@ -1,27 +0,0 @@
-body {
-    background-image: url("/static/images/logo_back.svg");
-    background-repeat: no-repeat;
-    background-position: right bottom;
-    background-attachment: fixed;
-    height: 100vh;
-}
-
-.grey-color {
-    color:#435a70;
-}
-.unical-background {
-    background:#b71e24;
-}
-
-.password-icon {
-    padding: 0 15px;
-}
-
-.input-password.is-invalid, .was-validated .input-password:invalid {
-    background-image: none;
-}
-
-.form-check [type=checkbox]:checked+label::after {
-    border-color: #b71e24;
-    background-color: #b71e24;
-}
diff --git a/example/uniauth_unical_template/static/img/logo.png b/example/uniauth_unical_template/static/img/logo.png
deleted file mode 100644
index 53169d4ffec728fd7abcde832a07f403c1664f89..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 855
zcmV-d1E~CoP)<h;3K|Lk000e1NJLTq002+`001=z1^@s6)+lU500006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY4c7nw4c7reD4Tcy000McNliru;|dlAH3M98JkS6D0^~_V
zK~#9!?V3Gn6j2n0pK~*-D1u;<k3vXeWg`{=5h9v^QBm<T8iGH-LLr5Pt+m+L#oa~(
z5u;I)SP7<5k*I|bh>eKGgn%KsNpyGSSnP<StYMwqnJ_o^g(;@kJ<P*7_rCAUmB+0u
z?TBmvlnhH%ecunJ4$aOkrdiih<eI7;Ci@DEF&)6mG>aNw2|M%^@Y618aB=`0KnKtP
zbc$<ZBK|MPx{X;KfU4Iqj9CD%r09D$6LqRkxRGi-8EI|34B8EpvkXq4D53*BpJv__
z3O9DD(yyB6RC&heL(jktg-#2aZ&3r;T*<|32QG*toxjZ&ll9Jvu7QztJgrDqb~eWO
zKnKtPbO7y4SZOHdRV<VhlHbpw&qNqVI9+)l<JPraK0oM2xUM!#d7fmXt-0F-vdw~*
z2|rYI_`uA}T%j=74!S$xXKM0&COo6&yow&Np!v!mZ-6;f*#nYKe0+^uF~G7V(_4&0
zxKdhO?|h)!L>xc|aIFJeZ^^T41e$(XjI<)77pUgN=nGciTuDQvd^gC4@McO?ZYBIo
z>qMAvQO;?VqvL2>%T1KN6wPN+T2SaZIQ{uGm5*ej;ksC_P5^iRxd@6%PAi8Kav2Ah
z6aB+g)O+G~5$FT%ueghl@uR(e0n-NkPXL?+hMf<Lv8(}SYJukfRv+7Az#W%F{(o!%
z`hj~c%EePJFcc@sHCX~6N4yVYOTbCscC0L?FbOhYfe$QVv>4-e=T`E0YgL`Vw}`c=
zc9p`;tM6^XSX*<42C@|kPN<5=c+d3od<}kZIW);bbpu4rMMQha`r8;-P}P0Fs~Sx8
zY2ZO4ibhW+WPLNKCB`iQr+`O|D(YdUf+`S8z;R%#k%eppSZ##&15c7{dmEDlz&y~E
z1U#ENupDlR0dN#}np7cM0hYpR7w|mELLRWe5@?$uPGSz&3%pIbsAohj`Knj5Zlp!=
hMRhW~{TN<}>nHr<=r(9)enbEO002ovPDHLkV1l4ycKHAR

diff --git a/example/uniauth_unical_template/static/img/logo.svg b/example/uniauth_unical_template/static/img/logo.svg
deleted file mode 100644
index 07f46df..0000000
--- a/example/uniauth_unical_template/static/img/logo.svg
+++ /dev/null
@@ -1,49 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   viewBox="0 0 115.2 115.2"
-   height="115.2"
-   width="115.2"
-   version="1.1"
-   id="svg2">
-  <metadata
-     id="metadata8">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title></dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <defs
-     id="defs6" />
-  <path
-     style="fill:#b61918"
-     d="m 5.39492,80.275424 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.85 0,-5.4 34.65,0 34.65,0 0,5.4 0,5.4 -34.65,0 -34.65,0 0,-5.4 z m 0,-14.85 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z"
-     id="path4142" />
-  <path
-     style="fill:#000000"
-     d="m 78.29492,72.625424 0,-12.6 12.81294,0 12.81295,0 -12.57589,12.6 c -6.91674,6.93 -12.68256,12.6 -12.81295,12.6 -0.13038,0 -0.23705,-5.67 -0.23705,-12.6 z"
-     id="path4140" />
-  <rect
-     y="45.680759"
-     x="78.02034"
-     height="10.922033"
-     width="35.389828"
-     id="rect4149"
-     style="opacity:1;fill:#9e9e9d;fill-opacity:1;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
-  <rect
-     style="opacity:1;fill:#9e9e9d;fill-opacity:1;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-     id="rect4151"
-     width="35.389828"
-     height="10.922033"
-     x="78.02034"
-     y="30.513073" />
-</svg>
diff --git a/example/uniauth_unical_template/static/img/logo_back.inkscape.svg b/example/uniauth_unical_template/static/img/logo_back.inkscape.svg
deleted file mode 100644
index 3e14f9a..0000000
--- a/example/uniauth_unical_template/static/img/logo_back.inkscape.svg
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   width="170mm"
-   height="112mm"
-   viewBox="0 0 602.36209 396.85016"
-   version="1.1"
-   id="svg2"
-   inkscape:version="0.91 r13725"
-   sodipodi:docname="logo_back.inkscape.svg">
-  <metadata
-     id="metadata16">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title>button-icon</dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <sodipodi:namedview
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1"
-     objecttolerance="10"
-     gridtolerance="10"
-     guidetolerance="10"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:window-width="1920"
-     inkscape:window-height="1004"
-     id="namedview14"
-     showgrid="false"
-     showguides="true"
-     inkscape:guide-bbox="true"
-     inkscape:zoom="0.42354619"
-     inkscape:cx="-531.2532"
-     inkscape:cy="239.25693"
-     inkscape:window-x="0"
-     inkscape:window-y="24"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg2"
-     units="mm"
-     width="209mm">
-    <sodipodi:guide
-       position="-300.50847,395.66949"
-       orientation="0,1"
-       id="guide4225" />
-  </sodipodi:namedview>
-  <!-- Generator: Sketch 48.2 (47327) - http://www.bohemiancoding.com/sketch -->
-  <title
-     id="title4">button-icon</title>
-  <desc
-     id="desc6">Created with Sketch.</desc>
-  <defs
-     id="defs8" />
-  <g
-     id="g4219"
-     transform="matrix(5.5661307,0,0,5.5661307,-30.612731,-84.164119)"
-     style="fill:#f4f6f6;fill-opacity:0.45490196">
-    <path
-       id="path4142"
-       d="m 5.39492,80.275424 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.85 0,-5.4 34.65,0 34.65,0 0,5.4 0,5.4 -34.65,0 -34.65,0 0,-5.4 z m 0,-14.85 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z"
-       style="fill:#f4f6f6;fill-opacity:0.45490196"
-       inkscape:connector-curvature="0" />
-    <path
-       id="path4140"
-       d="m 78.29492,72.625424 0,-12.6 12.81294,0 12.81295,0 -12.57589,12.6 c -6.91674,6.93 -12.68256,12.6 -12.81295,12.6 -0.13038,0 -0.23705,-5.67 -0.23705,-12.6 z"
-       style="fill:#f4f6f6;fill-opacity:0.45490196"
-       inkscape:connector-curvature="0" />
-    <rect
-       style="opacity:1;fill:#f4f6f6;fill-opacity:0.45490196;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       id="rect4149"
-       width="35.389828"
-       height="10.922033"
-       x="78.02034"
-       y="45.680759" />
-    <rect
-       y="30.513073"
-       x="78.02034"
-       height="10.922033"
-       width="35.389828"
-       id="rect4151"
-       style="opacity:1;fill:#f4f6f6;fill-opacity:0.45490196;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
-  </g>
-</svg>
diff --git a/example/uniauth_unical_template/static/img/logo_back.svg b/example/uniauth_unical_template/static/img/logo_back.svg
deleted file mode 100644
index f857e0f..0000000
--- a/example/uniauth_unical_template/static/img/logo_back.svg
+++ /dev/null
@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   width="170mm"
-   height="112mm"
-   viewBox="0 0 602.36209 396.85016"
-   version="1.1"
-   id="svg2"
-   inkscape:version="0.91 r13725"
-   sodipodi:docname="logo_back.svg">
-  <metadata
-     id="metadata16">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title>button-icon</dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <sodipodi:namedview
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1"
-     objecttolerance="10"
-     gridtolerance="10"
-     guidetolerance="10"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:window-width="1920"
-     inkscape:window-height="1004"
-     id="namedview14"
-     showgrid="false"
-     showguides="true"
-     inkscape:guide-bbox="true"
-     inkscape:zoom="0.42354619"
-     inkscape:cx="-531.2532"
-     inkscape:cy="239.25693"
-     inkscape:window-x="0"
-     inkscape:window-y="24"
-     inkscape:window-maximized="1"
-     inkscape:current-layer="svg2"
-     units="mm"
-     width="209mm">
-    <sodipodi:guide
-       position="-300.50847,395.66949"
-       orientation="0,1"
-       id="guide4225" />
-  </sodipodi:namedview>
-  <!-- Generator: Sketch 48.2 (47327) - http://www.bohemiancoding.com/sketch -->
-  <title
-     id="title4">button-icon</title>
-  <desc
-     id="desc6">Created with Sketch.</desc>
-  <defs
-     id="defs8" />
-  <g
-     id="g4219"
-     transform="matrix(5.5661307,0,0,5.5661307,-30.612731,-84.164119)"
-     style="fill:#f4f6f6;fill-opacity:0.45490196">
-    <path
-       id="path4142"
-       d="m 5.39492,80.275424 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.85 0,-5.4 34.65,0 34.65,0 0,5.4 0,5.4 -34.65,0 -34.65,0 0,-5.4 z m 0,-14.85 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z m 0,-14.4 0,-5.85 34.65,0 34.65,0 0,5.85 0,5.85 -34.65,0 -34.65,0 0,-5.85 z"
-       style="fill:#f4f6f6;fill-opacity:0.45490196"
-       inkscape:connector-curvature="0" />
-    <path
-       id="path4140"
-       d="m 78.29492,72.625424 0,-12.6 12.81294,0 12.81295,0 -12.57589,12.6 c -6.91674,6.93 -12.68256,12.6 -12.81295,12.6 -0.13038,0 -0.23705,-5.67 -0.23705,-12.6 z"
-       style="fill:#f4f6f6;fill-opacity:0.45490196"
-       inkscape:connector-curvature="0" />
-    <rect
-       style="opacity:1;fill:#f4f6f6;fill-opacity:0.45490196;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       id="rect4149"
-       width="35.389828"
-       height="10.922033"
-       x="78.02034"
-       y="45.680759" />
-    <rect
-       y="30.513073"
-       x="78.02034"
-       height="10.922033"
-       width="35.389828"
-       id="rect4151"
-       style="opacity:1;fill:#f4f6f6;fill-opacity:0.45490196;stroke:none;stroke-width:4;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
-  </g>
-</svg>
diff --git a/example/uniauth_unical_template/static/img/logo_header_tracciato.svg b/example/uniauth_unical_template/static/img/logo_header_tracciato.svg
deleted file mode 100644
index 0009031..0000000
--- a/example/uniauth_unical_template/static/img/logo_header_tracciato.svg
+++ /dev/null
@@ -1,98 +0,0 @@
-<?xml version="1.0" encoding="utf-8" standalone="no"?>
-<svg xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:cc="http://creativecommons.org/ns#" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" id="svg6480" version="1.1" inkscape:version="0.91 r13725" width="335.94623" height="65.021263" viewBox="0 0 335.94623 65.02127">
-<metadata id="metadata6486"/>
-<defs id="defs6484">
-<clipPath id="clipPath6512">
-<path d="m 0,168.017 423.157,0 L 423.157,0 0,0 0,168.017 Z" id="path6514"/>
-</clipPath>
-</defs>
-<g id="g6488" inkscape:label="marchi Unical" transform="matrix(1.25,0,0,-1.25,0,65.021155)">
-<path d="m 3.1592453,22.054807 32.1179997,0 0,-5.353 -32.1179997,0 0,5.353 z" style="fill:#b71e24;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6490"/>
-<path d="m 3.1592453,28.740807 32.1179997,0 0,-5.356 -32.1179997,0 0,5.356 z" style="fill:#b71e24;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6492"/>
-<path d="m 3.1592453,35.431807 32.1179997,0 0,-5.353 -32.1179997,0 0,5.353 z" style="fill:#b71e24;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6494"/>
-<path d="m 3.1592453,42.125807 32.1179997,0 0,-5.352 -32.1179997,0 0,5.352 z" style="fill:#b71e24;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6496"/>
-<path d="m 3.1592453,48.814807 32.1179997,0 0,-5.352 -32.1179997,0 0,5.352 z" style="fill:#b71e24;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6498"/>
-<g id="g6500" transform="translate(36.616645,16.701407)">
-<path d="M 0,0 12.047,12.04 0,12.04 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6502"/>
-</g>
-<path d="m 36.616245,35.431807 16.02,0 0,-5.353 -16.02,0 0,5.353 z" style="fill:#918f90;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6504"/>
-<path d="m 36.616245,42.125807 16.02,0 0,-5.352 -16.02,0 0,5.352 z" style="fill:#918f90;fill-opacity:1;fill-rule:evenodd;stroke:none" id="path6506"/>
-<g id="g6508" transform="translate(-76.562755,-60.502193)">
-<g id="g6510" clip-path="url(#clipPath6512)">
-<g id="g6516" transform="translate(151.4195,83.9639)">
-<path d="m 0,0 c -1.215,0 -2.308,0.189 -3.246,0.562 -0.95,0.377 -1.724,0.928 -2.3,1.637 -0.405,0.516 -0.699,1.143 -0.875,1.865 -0.171,0.707 -0.258,1.824 -0.258,3.321 l 0,8.261 c 0,0.729 -0.079,1.25 -0.235,1.547 -0.134,0.256 -0.341,0.381 -0.651,0.394 l -0.24,0.01 0,0.957 5.301,0 0,-0.957 -0.239,-0.01 C -3.056,17.574 -3.262,17.453 -3.395,17.205 -3.55,16.915 -3.629,16.39 -3.629,15.646 l 0,-8.751 c 0,-1.982 0.331,-3.387 0.984,-4.175 0.642,-0.774 1.769,-1.166 3.351,-1.166 0.749,0 1.398,0.079 1.93,0.235 C 3.16,1.942 3.631,2.183 4.035,2.504 4.549,2.923 4.918,3.508 5.129,4.24 5.35,5.001 5.461,6.333 5.461,8.199 l 0,5.83 c 0,1.172 -0.132,2.06 -0.392,2.64 -0.24,0.538 -0.603,0.839 -1.11,0.921 l -0.21,0.034 0,0.93 4.642,0 0,-0.902 -0.177,-0.054 C 7.71,17.443 7.364,17.125 7.157,16.623 6.936,16.085 6.823,15.172 6.823,13.91 l 0,-5.735 C 6.823,6.505 6.734,5.23 6.561,4.383 6.382,3.518 6.083,2.801 5.672,2.254 5.076,1.492 4.301,0.92 3.366,0.55 2.442,0.185 1.311,0 0,0" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6518"/>
-</g>
-<g id="g6520" transform="translate(175.4449,84.167)">
-<path d="m 0,0 -1.385,0 -0.074,0.104 -10.681,14.954 0,-10.821 c 0,-0.937 0.138,-1.678 0.409,-2.202 0.257,-0.495 0.622,-0.784 1.114,-0.882 l 0.201,-0.04 0,-0.922 -4.75,0 0,0.891 0.163,0.061 c 0.528,0.195 0.902,0.508 1.142,0.956 0.246,0.459 0.371,1.114 0.371,1.946 l 0,11.254 c 0,0.722 -0.108,1.255 -0.319,1.583 -0.197,0.304 -0.499,0.469 -0.922,0.503 l -0.231,0.018 0,0.948 4.102,0 0.074,-0.105 9.424,-13.227 0,7.921 c 0,1.605 -0.131,2.746 -0.39,3.392 -0.239,0.599 -0.637,0.944 -1.216,1.056 l -0.202,0.039 0,0.924 4.439,0 0,-0.857 L 1.148,17.42 C 0.727,17.163 0.438,16.791 0.269,16.285 0.09,15.754 0,14.689 0,13.12 L 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6522"/>
-</g>
-<g id="g6524" transform="translate(183.6324,84.3584)">
-<path d="m 0,0 -5.301,0 0,0.94 0.236,0.015 c 0.32,0.019 0.53,0.146 0.661,0.398 0.152,0.294 0.229,0.805 0.229,1.519 l 0,12.379 c 0,0.73 -0.079,1.25 -0.235,1.548 -0.134,0.256 -0.341,0.381 -0.652,0.393 l -0.239,0.011 0,0.956 5.301,0 0,-0.956 -0.239,-0.011 C -0.552,17.18 -0.758,17.058 -0.891,16.81 -1.046,16.52 -1.125,15.996 -1.125,15.251 l 0,-12.379 c 0,-0.729 0.077,-1.244 0.229,-1.529 0.128,-0.244 0.337,-0.364 0.656,-0.376 L 0,0.957 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6526"/>
-</g>
-<g id="g6528" transform="translate(193.1558,83.9639)">
-<path d="m 0,0 -1.859,0 -5.278,15.421 c -0.23,0.677 -0.468,1.196 -0.706,1.544 -0.22,0.322 -0.47,0.537 -0.738,0.638 l -0.162,0.061 0,0.89 5.229,0 0,-0.921 -0.2,-0.041 c -0.217,-0.045 -0.382,-0.126 -0.489,-0.242 -0.1,-0.108 -0.149,-0.254 -0.149,-0.447 0,-0.054 0.007,-0.151 0.042,-0.304 0.031,-0.141 0.078,-0.314 0.139,-0.522 L -0.146,4.056 3.301,15.109 c 0.042,0.151 0.076,0.313 0.097,0.479 0.024,0.17 0.035,0.336 0.035,0.501 0,0.371 -0.103,0.714 -0.305,1.016 -0.192,0.289 -0.406,0.447 -0.655,0.485 l -0.213,0.032 0,0.932 4.642,0 0,-0.882 -0.151,-0.065 C 6.237,17.388 5.802,17.029 5.455,16.542 5.098,16.041 4.763,15.303 4.46,14.349 L 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6530"/>
-</g>
-<g id="g6532" transform="translate(213.9312,84.3584)">
-<path d="m 0,0 -13.213,0 0,0.962 0.245,0.005 c 0.308,0.006 0.513,0.127 0.645,0.381 0.156,0.298 0.235,0.81 0.235,1.524 l 0,12.379 c 0,0.745 -0.079,1.269 -0.234,1.559 -0.133,0.248 -0.339,0.37 -0.652,0.382 l -0.239,0.011 0,0.956 12.812,0 0.325,-3.9 -0.948,-0.133 -0.07,0.189 c -0.343,0.934 -0.852,1.585 -1.51,1.937 -0.679,0.362 -2.062,0.545 -4.11,0.545 l -0.754,0 c -1.141,0 -1.387,-0.127 -1.436,-0.166 -0.042,-0.034 -0.182,-0.206 -0.182,-0.961 l 0,-4.778 2.301,0 c 1.298,0 2.215,0.119 2.726,0.355 0.487,0.223 0.817,0.607 1.012,1.176 l 0.058,0.169 0.836,0 0,-4.702 -0.861,0 -0.057,0.168 c -0.194,0.56 -0.481,0.949 -0.855,1.156 -0.269,0.15 -0.924,0.328 -2.512,0.328 l -2.648,0 0,-6.741 c 0,-0.943 0.194,-1.18 0.277,-1.239 0.12,-0.084 0.518,-0.224 1.856,-0.224 1.275,0 2.197,0.028 2.74,0.082 0.531,0.054 1.003,0.143 1.4,0.266 0.49,0.164 0.973,0.448 1.431,0.843 0.471,0.405 0.977,0.984 1.505,1.722 L 0.251,4.43 1.137,3.955 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6534"/>
-</g>
-<g id="g6536" transform="translate(220.3365,93.7232)">
-<path d="m 0,0 c 0.164,-0.026 0.345,-0.046 0.539,-0.06 0.286,-0.019 0.635,-0.029 1.043,-0.029 1.94,0 3.389,0.327 4.303,0.972 0.9,0.635 1.338,1.59 1.338,2.92 0,1.299 -0.404,2.316 -1.198,3.022 C 5.222,7.538 4.058,7.899 2.563,7.899 1.56,7.899 0.867,7.77 0.506,7.514 0.17,7.277 0,6.807 0,6.114 L 0,0 Z m 10.859,-11.502 -0.347,0.146 C 8.767,-10.618 7.171,-9.357 5.769,-7.607 4.406,-5.906 3.254,-3.768 2.341,-1.25 2.238,-1.251 2.111,-1.254 1.961,-1.259 1.701,-1.267 1.512,-1.271 1.391,-1.271 1.076,-1.271 0.612,-1.258 0,-1.231 l 0,-5.262 c 0,-0.729 0.079,-1.245 0.234,-1.534 0.133,-0.247 0.338,-0.365 0.647,-0.371 l 0.245,-0.005 0,-0.962 -5.253,0 0,0.962 0.245,0.005 c 0.308,0.006 0.513,0.127 0.645,0.381 0.156,0.298 0.235,0.81 0.235,1.524 l 0,12.379 c 0,0.745 -0.079,1.269 -0.234,1.559 -0.133,0.248 -0.339,0.37 -0.652,0.383 l -0.239,0.01 0,0.945 4.236,0.202 C 0.703,9.01 1.188,9.028 1.568,9.04 1.95,9.052 2.234,9.058 2.42,9.058 4.829,9.058 6.78,8.577 8.221,7.628 9.693,6.656 10.44,5.345 10.44,3.732 10.44,2.539 9.975,1.501 9.055,0.646 8.209,-0.142 7.057,-0.693 5.625,-0.996 c 0.831,-2.339 1.682,-4.316 2.528,-5.88 0.871,-1.611 1.752,-2.803 2.618,-3.545 l 0.088,-0.075 0,-1.006 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6538"/>
-</g>
-<g id="g6540" transform="translate(238.775,83.9639)">
-<path d="M 0,0 C -1.189,0 -2.349,0.202 -3.444,0.601 -4.543,1.002 -5.55,1.589 -6.436,2.346 l -0.122,0.104 1.062,3.772 0.927,-0.164 0.036,-0.163 c 0.33,-1.5 0.925,-2.669 1.766,-3.477 0.83,-0.796 1.849,-1.2 3.03,-1.2 1.055,0 1.92,0.298 2.568,0.887 0.649,0.59 0.965,1.338 0.965,2.287 0,0.888 -0.258,1.614 -0.765,2.158 -0.526,0.565 -1.67,1.199 -3.398,1.884 l -0.671,0.263 c -1.702,0.658 -2.824,1.289 -3.43,1.928 -0.441,0.466 -0.78,0.981 -1.008,1.532 -0.226,0.549 -0.341,1.139 -0.341,1.753 0,1.432 0.537,2.643 1.597,3.598 1.053,0.948 2.388,1.429 3.968,1.429 0.86,0 1.759,-0.151 2.67,-0.449 0.905,-0.297 1.836,-0.743 2.767,-1.325 L 5.34,17.066 4.444,13.62 3.567,13.791 3.528,13.943 c -0.305,1.184 -0.822,2.116 -1.537,2.77 -0.703,0.643 -1.539,0.97 -2.482,0.97 -0.946,0 -1.709,-0.247 -2.266,-0.734 -0.555,-0.486 -0.824,-1.112 -0.824,-1.914 0,-0.722 0.227,-1.306 0.695,-1.788 0.484,-0.499 1.47,-1.057 2.933,-1.656 0.158,-0.063 0.39,-0.159 0.696,-0.288 C 2.857,10.453 4.188,9.743 4.809,9.131 5.276,8.68 5.633,8.151 5.865,7.56 6.096,6.973 6.212,6.306 6.212,5.577 6.212,3.97 5.62,2.623 4.453,1.572 3.293,0.529 1.794,0 0,0" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6542"/>
-</g>
-<g id="g6544" transform="translate(252.0845,84.3584)">
-<path d="m 0,0 -5.301,0 0,0.94 0.236,0.015 c 0.32,0.019 0.53,0.146 0.661,0.398 0.152,0.294 0.229,0.805 0.229,1.519 l 0,12.379 c 0,0.73 -0.079,1.25 -0.235,1.548 -0.134,0.256 -0.341,0.381 -0.652,0.393 l -0.239,0.011 0,0.956 5.301,0 0,-0.956 -0.239,-0.011 C -0.552,17.18 -0.758,17.058 -0.891,16.81 -1.046,16.52 -1.125,15.996 -1.125,15.251 l 0,-12.379 c 0,-0.729 0.077,-1.244 0.229,-1.529 0.128,-0.244 0.337,-0.364 0.656,-0.376 L 0,0.957 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6546"/>
-</g>
-<g id="g6548" transform="translate(263.6197,84.3584)">
-<path d="m 0,0 -5.35,0 0.025,0.957 0.233,0.01 c 0.311,0.012 0.515,0.135 0.644,0.386 0.153,0.294 0.23,0.805 0.23,1.519 l 0,13.457 c 0,0.337 -0.056,0.413 -0.058,0.416 0,0 -0.07,0.052 -0.35,0.052 -1.314,0 -2.324,-0.206 -3.003,-0.611 -0.68,-0.406 -1.32,-1.14 -1.903,-2.182 l -0.109,-0.195 -0.945,0.399 1.038,3.951 13.722,0 1.039,-3.951 -0.945,-0.4 -0.11,0.197 c -0.581,1.048 -1.219,1.784 -1.896,2.186 -0.675,0.402 -1.68,0.606 -2.986,0.606 -0.311,0 -0.378,-0.062 -0.379,-0.063 -0.001,-0.003 -0.065,-0.075 -0.065,-0.405 l 0,-13.457 c 0,-0.72 0.082,-1.233 0.244,-1.525 0.141,-0.253 0.351,-0.374 0.66,-0.38 L -0.024,0.962 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6550"/>
-</g>
-<g id="g6552" transform="translate(272.1655,91.4551)">
-<path d="M 0,0 4.813,0 2.496,7.645 0,0 Z m 10.854,-7.097 -5.284,0 0,0.919 0.198,0.042 c 0.206,0.045 0.366,0.13 0.489,0.259 0.11,0.116 0.164,0.249 0.164,0.407 0,0.097 -0.033,0.32 -0.193,0.837 l -1.011,3.272 -5.667,0 -0.711,-2.187 c -0.067,-0.22 -0.118,-0.439 -0.153,-0.646 -0.034,-0.207 -0.05,-0.386 -0.05,-0.545 0,-0.4 0.087,-0.72 0.258,-0.954 0.167,-0.23 0.408,-0.374 0.739,-0.442 l 0.2,-0.041 0,-0.921 -4.81,0 0,0.896 0.169,0.057 c 0.555,0.191 1.027,0.553 1.405,1.078 0.393,0.546 0.806,1.491 1.227,2.809 l 4.475,13.702 1.907,0 0.056,-0.173 4.884,-15.048 c 0.272,-0.846 0.538,-1.465 0.792,-1.842 0.219,-0.328 0.442,-0.5 0.662,-0.512 l 0.23,-0.013 0.024,-0.954 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6554"/>
-</g>
-<g id="g6556" transform="translate(278.1323,103.7295)">
-<path d="m 0,0 -1.463,0 -4.011,2.492 c -0.281,0.181 -0.484,0.362 -0.627,0.555 -0.154,0.21 -0.233,0.433 -0.233,0.663 0,0.308 0.107,0.57 0.32,0.777 0.354,0.345 0.913,0.424 1.418,0.134 0.191,-0.108 0.428,-0.31 0.726,-0.617 L 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6558"/>
-</g>
-<g id="g6560" transform="translate(150.6529,79.9551)">
-<path d="M 0,0 C -1.61,0 -2.257,-0.199 -2.516,-0.366 -2.857,-0.588 -3.03,-1.064 -3.03,-1.785 l 0,-12.666 c 0,-0.54 0.109,-0.902 0.325,-1.074 0.131,-0.105 0.525,-0.281 1.7,-0.281 2.579,0 4.412,0.577 5.448,1.714 1.041,1.145 1.569,3.158 1.569,5.986 0,2.741 -0.505,4.805 -1.5,6.136 C 3.532,-0.663 2.014,0 0,0 m -0.383,-17.036 -6.774,0 0,0.962 0.245,0.005 c 0.308,0.006 0.513,0.127 0.644,0.381 0.157,0.297 0.236,0.81 0.236,1.524 l 0,12.379 c 0,0.744 -0.079,1.268 -0.235,1.558 -0.132,0.248 -0.338,0.371 -0.651,0.383 l -0.239,0.01 0,0.949 4.169,0.128 c 0.297,0.008 0.591,0.014 0.884,0.018 0.292,0.004 0.659,0.006 1.099,0.006 1.284,0 2.361,-0.08 3.2,-0.238 C 3.039,0.87 3.817,0.611 4.508,0.258 5.959,-0.48 7.122,-1.62 7.965,-3.129 8.804,-4.633 9.229,-6.34 9.229,-8.202 c 0,-2.75 -0.861,-4.935 -2.559,-6.493 -1.691,-1.553 -4.065,-2.341 -7.053,-2.341" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6562"/>
-</g>
-<g id="g6564" transform="translate(174.9527,62.919)">
-<path d="m 0,0 -13.213,0 0,0.962 0.245,0.005 c 0.308,0.006 0.513,0.127 0.645,0.381 0.156,0.298 0.235,0.81 0.235,1.524 l 0,12.379 c 0,0.744 -0.079,1.269 -0.234,1.559 -0.133,0.248 -0.339,0.37 -0.652,0.382 l -0.239,0.01 0,0.957 12.812,0 0.325,-3.9 -0.948,-0.133 -0.07,0.189 c -0.343,0.934 -0.852,1.585 -1.51,1.937 -0.679,0.361 -2.062,0.545 -4.11,0.545 l -0.754,0 c -1.141,0 -1.387,-0.127 -1.436,-0.166 -0.042,-0.034 -0.182,-0.205 -0.182,-0.961 l 0,-4.778 2.301,0 c 1.298,0 2.215,0.119 2.726,0.355 0.487,0.223 0.817,0.607 1.012,1.176 l 0.058,0.169 0.836,0 0,-4.702 -0.861,0 -0.057,0.169 C -3.265,8.618 -3.552,9.007 -3.926,9.214 -4.195,9.363 -4.85,9.542 -6.438,9.542 l -2.648,0 0,-6.741 c 0,-0.943 0.194,-1.181 0.277,-1.239 0.12,-0.083 0.518,-0.224 1.856,-0.224 1.275,0 2.197,0.027 2.74,0.083 0.531,0.054 1.003,0.142 1.4,0.266 0.49,0.163 0.973,0.447 1.431,0.842 0.471,0.405 0.977,0.984 1.505,1.722 L 0.251,4.43 1.137,3.955 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6566"/>
-</g>
-<g id="g6568" transform="translate(189.7095,62.919)">
-<path d="m 0,0 -12.359,0 0,0.94 0.235,0.015 c 0.32,0.019 0.53,0.146 0.661,0.399 0.152,0.293 0.23,0.804 0.23,1.518 l 0,12.379 c 0,0.729 -0.08,1.251 -0.236,1.548 -0.134,0.256 -0.341,0.381 -0.651,0.393 l -0.239,0.01 0,0.957 5.3,0 0,-0.957 -0.239,-0.01 C -7.61,17.18 -7.816,17.058 -7.949,16.81 -8.104,16.52 -8.184,15.995 -8.184,15.251 l 0,-12.45 c 0,-0.925 0.182,-1.16 0.26,-1.219 0.109,-0.082 0.449,-0.22 1.502,-0.22 1.256,0 2.189,0.057 2.773,0.169 0.572,0.11 1.091,0.296 1.545,0.553 0.289,0.162 0.605,0.425 0.942,0.78 0.342,0.362 0.723,0.836 1.134,1.41 L 0.079,4.425 1.011,4.113 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6570"/>
-</g>
-<g id="g6572" transform="translate(204.2545,62.919)">
-<path d="m 0,0 -12.359,0 0,0.94 0.235,0.015 c 0.32,0.019 0.53,0.146 0.661,0.399 0.152,0.293 0.23,0.804 0.23,1.518 l 0,12.379 c 0,0.729 -0.08,1.251 -0.236,1.548 -0.134,0.256 -0.341,0.381 -0.651,0.393 l -0.239,0.01 0,0.957 5.3,0 0,-0.957 -0.239,-0.01 C -7.61,17.18 -7.816,17.058 -7.949,16.81 -8.104,16.52 -8.184,15.995 -8.184,15.251 l 0,-12.45 c 0,-0.925 0.182,-1.16 0.26,-1.219 0.109,-0.082 0.449,-0.22 1.502,-0.22 1.256,0 2.189,0.057 2.773,0.169 0.572,0.11 1.091,0.296 1.545,0.553 0.289,0.162 0.605,0.425 0.942,0.78 0.342,0.362 0.723,0.836 1.134,1.41 L 0.079,4.425 1.011,4.113 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6574"/>
-</g>
-<g id="g6576" transform="translate(210.5074,70.0156)">
-<path d="M 0,0 4.813,0 2.496,7.645 0,0 Z m 10.854,-7.097 -5.284,0 0,0.918 0.198,0.043 c 0.206,0.045 0.366,0.13 0.489,0.259 0.11,0.116 0.164,0.249 0.164,0.407 0,0.097 -0.033,0.321 -0.193,0.836 l -1.011,3.273 -5.667,0 -0.711,-2.187 c -0.067,-0.221 -0.118,-0.439 -0.153,-0.645 -0.034,-0.208 -0.05,-0.387 -0.05,-0.546 0,-0.4 0.087,-0.721 0.258,-0.954 0.167,-0.23 0.408,-0.374 0.739,-0.442 l 0.2,-0.041 0,-0.921 -4.81,0 0,0.896 0.169,0.057 c 0.555,0.191 1.027,0.553 1.405,1.079 0.393,0.545 0.806,1.49 1.227,2.808 l 4.475,13.702 1.907,0 0.056,-0.173 4.884,-15.048 C 9.418,-4.621 9.684,-5.24 9.938,-5.617 10.157,-5.945 10.38,-6.118 10.6,-6.13 l 0.23,-0.013 0.024,-0.954 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6578"/>
-</g>
-<g id="g6580" transform="translate(237.6002,62.5244)">
-<path d="m 0,0 c -2.441,0 -4.427,0.827 -5.902,2.458 -1.469,1.624 -2.213,3.809 -2.213,6.495 0,1.685 0.282,3.236 0.838,4.613 0.557,1.381 1.39,2.582 2.476,3.57 0.619,0.57 1.39,1.018 2.288,1.332 1.76,0.613 3.761,0.65 5.822,-0.06 1.005,-0.346 2.065,-0.884 3.15,-1.596 L 6.616,16.709 5.574,13.355 4.646,13.494 4.599,13.642 c -0.431,1.329 -1.063,2.351 -1.88,3.04 -0.808,0.679 -1.795,1.024 -2.935,1.024 -1.491,0 -2.664,-0.641 -3.584,-1.958 -0.928,-1.327 -1.397,-3.126 -1.397,-5.346 0,-2.504 0.601,-4.574 1.788,-6.153 1.185,-1.58 2.653,-2.349 4.487,-2.349 1.051,0 2.026,0.263 2.901,0.78 0.884,0.522 1.72,1.328 2.487,2.396 L 6.61,5.277 7.447,4.688 7.324,4.488 C 6.39,2.961 5.318,1.819 4.142,1.097 2.959,0.369 1.565,0 0,0" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6582"/>
-</g>
-<g id="g6584" transform="translate(248.9478,70.0156)">
-<path d="M 0,0 4.813,0 2.496,7.645 0,0 Z m 10.854,-7.097 -5.284,0 0,0.918 0.198,0.043 c 0.206,0.045 0.366,0.13 0.489,0.259 0.11,0.116 0.164,0.249 0.164,0.407 0,0.097 -0.033,0.321 -0.193,0.836 l -1.011,3.273 -5.667,0 -0.711,-2.187 c -0.067,-0.221 -0.118,-0.439 -0.153,-0.645 -0.034,-0.208 -0.05,-0.387 -0.05,-0.546 0,-0.4 0.087,-0.721 0.258,-0.954 0.167,-0.23 0.408,-0.374 0.739,-0.442 l 0.2,-0.041 0,-0.921 -4.81,0 0,0.896 0.169,0.057 c 0.555,0.191 1.027,0.553 1.405,1.079 0.393,0.545 0.806,1.49 1.227,2.808 l 4.475,13.702 1.907,0 0.056,-0.173 4.884,-15.048 C 9.418,-4.621 9.684,-5.24 9.938,-5.617 10.157,-5.945 10.38,-6.118 10.6,-6.13 l 0.23,-0.013 0.024,-0.954 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6586"/>
-</g>
-<g id="g6588" transform="translate(272.7798,62.919)">
-<path d="m 0,0 -12.359,0 0,0.94 0.235,0.015 c 0.32,0.019 0.53,0.146 0.661,0.399 0.152,0.293 0.23,0.804 0.23,1.518 l 0,12.379 c 0,0.729 -0.08,1.251 -0.236,1.548 -0.134,0.256 -0.341,0.381 -0.651,0.393 l -0.239,0.01 0,0.957 5.3,0 0,-0.957 -0.239,-0.01 C -7.61,17.18 -7.816,17.058 -7.949,16.81 -8.104,16.52 -8.184,15.995 -8.184,15.251 l 0,-12.45 c 0,-0.925 0.182,-1.16 0.26,-1.219 0.109,-0.082 0.449,-0.22 1.502,-0.22 1.256,0 2.189,0.057 2.773,0.169 0.572,0.11 1.091,0.296 1.545,0.553 0.289,0.162 0.605,0.425 0.942,0.78 0.342,0.362 0.723,0.836 1.134,1.41 L 0.079,4.425 1.011,4.113 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6590"/>
-</g>
-<g id="g6592" transform="translate(278.567,70.0156)">
-<path d="M 0,0 4.813,0 2.496,7.645 0,0 Z m 10.854,-7.097 -5.284,0 0,0.918 0.198,0.043 c 0.206,0.045 0.366,0.13 0.489,0.259 0.11,0.116 0.164,0.249 0.164,0.407 0,0.097 -0.033,0.321 -0.193,0.836 l -1.011,3.273 -5.667,0 -0.711,-2.187 c -0.067,-0.221 -0.118,-0.439 -0.153,-0.645 -0.034,-0.208 -0.05,-0.387 -0.05,-0.546 0,-0.4 0.087,-0.721 0.258,-0.954 0.167,-0.23 0.408,-0.374 0.739,-0.442 l 0.2,-0.041 0,-0.921 -4.81,0 0,0.896 0.169,0.057 c 0.555,0.191 1.027,0.553 1.405,1.079 0.393,0.545 0.806,1.49 1.227,2.808 l 4.475,13.702 1.907,0 0.056,-0.173 4.884,-15.048 C 9.418,-4.621 9.684,-5.24 9.938,-5.617 10.157,-5.945 10.38,-6.118 10.6,-6.13 l 0.23,-0.013 0.024,-0.954 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6594"/>
-</g>
-<g id="g6596" transform="translate(294.0474,73.2246)">
-<path d="M 0,0 1.318,0 C 3.279,0 4.684,0.265 5.493,0.786 6.278,1.293 6.66,2.117 6.66,3.306 6.66,4.426 6.308,5.259 5.584,5.854 4.854,6.451 3.79,6.755 2.42,6.755 1.131,6.755 0.615,6.581 0.41,6.436 0.142,6.246 0,5.739 0,4.97 L 0,0 Z m 0,-1.23 0,-6.227 c 0,-0.973 0.205,-1.266 0.327,-1.354 0.138,-0.099 0.574,-0.264 1.974,-0.264 1.705,0 2.969,0.322 3.757,0.956 0.784,0.631 1.165,1.595 1.165,2.948 0,1.329 -0.38,2.326 -1.128,2.964 -0.76,0.648 -1.956,0.977 -3.555,0.977 l -2.54,0 z m 2.647,-9.076 -6.774,0 0,0.962 0.245,0.005 c 0.308,0.006 0.513,0.127 0.645,0.381 0.156,0.298 0.235,0.811 0.235,1.524 l 0,12.379 c 0,0.744 -0.079,1.269 -0.234,1.559 -0.133,0.248 -0.339,0.37 -0.652,0.383 l -0.239,0.009 0,0.952 4.099,0.101 c 0.44,0.008 0.902,0.018 1.387,0.03 0.493,0.012 0.766,0.018 0.822,0.018 2.16,0 3.948,-0.432 5.315,-1.283 C 8.901,5.839 9.614,4.7 9.614,3.329 9.614,2.317 9.203,1.442 8.392,0.729 7.781,0.193 6.949,-0.242 5.911,-0.57 c 1.185,-0.344 2.161,-0.874 2.912,-1.581 0.962,-0.908 1.449,-2.008 1.449,-3.271 0,-1.585 -0.675,-2.814 -2.008,-3.654 -1.296,-0.816 -3.186,-1.23 -5.617,-1.23" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6598"/>
-</g>
-<g id="g6600" transform="translate(309.7193,72.2842)">
-<path d="m 0,0 c 0.164,-0.027 0.345,-0.047 0.539,-0.061 0.286,-0.018 0.635,-0.029 1.043,-0.029 1.94,0 3.389,0.327 4.303,0.973 0.9,0.635 1.338,1.589 1.338,2.92 0,1.299 -0.404,2.315 -1.198,3.022 C 5.222,7.537 4.058,7.898 2.563,7.898 1.56,7.898 0.867,7.769 0.506,7.514 0.17,7.277 0,6.806 0,6.113 L 0,0 Z m 10.859,-11.503 -0.347,0.147 C 8.767,-10.618 7.171,-9.357 5.769,-7.607 4.406,-5.906 3.254,-3.769 2.341,-1.25 2.238,-1.252 2.111,-1.255 1.961,-1.26 1.701,-1.268 1.512,-1.271 1.391,-1.271 1.076,-1.271 0.612,-1.259 0,-1.231 l 0,-5.262 c 0,-0.73 0.079,-1.245 0.234,-1.534 0.133,-0.247 0.338,-0.366 0.647,-0.371 l 0.245,-0.005 0,-0.962 -5.253,0 0,0.962 0.245,0.005 c 0.308,0.005 0.513,0.127 0.645,0.38 0.156,0.298 0.235,0.811 0.235,1.525 l 0,12.379 c 0,0.744 -0.079,1.268 -0.234,1.558 -0.133,0.248 -0.339,0.37 -0.652,0.383 l -0.239,0.01 0,0.945 4.236,0.203 C 0.703,9.01 1.188,9.027 1.568,9.039 1.95,9.052 2.234,9.058 2.42,9.058 4.829,9.058 6.78,8.576 8.221,7.628 9.693,6.655 10.44,5.345 10.44,3.731 10.44,2.539 9.975,1.5 9.055,0.646 8.209,-0.143 7.057,-0.694 5.625,-0.996 c 0.831,-2.339 1.682,-4.316 2.528,-5.881 0.871,-1.61 1.752,-2.803 2.618,-3.545 l 0.088,-0.074 0,-1.007 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6602"/>
-</g>
-<g id="g6604" transform="translate(326.6363,62.919)">
-<path d="m 0,0 -5.301,0 0,0.94 0.236,0.015 c 0.32,0.019 0.53,0.146 0.661,0.399 0.152,0.293 0.229,0.804 0.229,1.518 l 0,12.379 c 0,0.729 -0.079,1.251 -0.235,1.548 -0.134,0.256 -0.341,0.381 -0.652,0.393 l -0.239,0.01 0,0.957 5.301,0 0,-0.957 -0.239,-0.01 C -0.552,17.18 -0.758,17.058 -0.891,16.81 -1.046,16.52 -1.125,15.995 -1.125,15.251 l 0,-12.379 c 0,-0.729 0.077,-1.244 0.229,-1.529 0.128,-0.244 0.337,-0.364 0.656,-0.376 L 0,0.957 0,0 Z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6606"/>
-</g>
-<g id="g6608" transform="translate(332.5807,70.0156)">
-<path d="M 0,0 4.813,0 2.496,7.645 0,0 Z m 10.854,-7.097 -5.284,0 0,0.918 0.198,0.043 c 0.206,0.045 0.366,0.13 0.489,0.259 0.11,0.116 0.164,0.249 0.164,0.407 0,0.097 -0.033,0.321 -0.193,0.836 l -1.011,3.273 -5.667,0 -0.711,-2.187 c -0.067,-0.221 -0.118,-0.439 -0.153,-0.645 -0.034,-0.208 -0.05,-0.387 -0.05,-0.546 0,-0.4 0.087,-0.721 0.258,-0.954 0.167,-0.23 0.408,-0.374 0.739,-0.442 l 0.2,-0.041 0,-0.921 -4.81,0 0,0.896 0.169,0.057 c 0.555,0.191 1.027,0.553 1.405,1.079 0.393,0.545 0.806,1.49 1.227,2.808 l 4.475,13.702 1.907,0 0.056,-0.173 4.884,-15.048 C 9.418,-4.621 9.684,-5.24 9.938,-5.617 10.157,-5.945 10.38,-6.118 10.6,-6.13 l 0.23,-0.013 0.024,-0.954 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6610"/>
-</g>
-<path d="m 137.46,58.7 -0.5,0 0,50.616 0.5,0 0,-50.616 z" style="fill:#231f20;fill-opacity:1;fill-rule:nonzero;stroke:none" id="path6612"/>
-</g>
-</g>
-</g>
-</svg>
diff --git a/example/uniauth_unical_template/templates/500.html b/example/uniauth_unical_template/templates/500.html
deleted file mode 100644
index b232ea6..0000000
--- a/example/uniauth_unical_template/templates/500.html
+++ /dev/null
@@ -1,633 +0,0 @@
-<!-- Extends default Bootstrap Unical Italia template -->
-<!-- Extends default Bootstrap Unical Italia template -->
-<!-- Extends default Bootstrap Unical Italia template -->
-<!-- Extends default Bootstrap Italia template -->
-<!DOCTYPE html>
-<html lang="it"><head>
-<meta http-equiv="content-type" content="text/html; charset=UTF-8">
-        <!-- Required meta tags -->
-        <meta charset="utf-8">
-        <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-        <!-- Page details -->
-        <title>
-
-Unical
-
-        </title>
-        <meta name="description" content="Bootstrap Italia">
-        <!-- CSS -->
-        <link rel="stylesheet" href="/static/css/bootstrap-italia.min.css">
-        <!-- Extra CSS/Javascript -->
-
-
-<link rel="shortcut icon" href="/static/images/favicon/favicon-32x32.png">
-<link rel="stylesheet" href="/static/css/unical-style.css" type="text/css">
-
-
-    <link type="text/css" rel="stylesheet" href="/static/css/unical.css">
-
-
-
-
-    <style>
-/* Titillium+Web:300,400,600,700 */
-
-/* latin-ext */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 300;
-  src: local('Titillium Web Light'), local('TitilliumWeb-Light'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 300;
-  src: local('Titillium Web Light'), local('TitilliumWeb-Light'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Light.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-/* latin-ext */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Titillium Web Regular'), local('TitilliumWeb-Regular'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Regular.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-/* latin-ext */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 600;
-  src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 600;
-  src: local('Titillium Web SemiBold'), local('TitilliumWeb-SemiBold'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-SemiBold.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-/* latin-ext */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Titillium Web';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Titillium Web Bold'), local('TitilliumWeb-Bold'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff2) format('woff2'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.woff) format('woff'),
-  url(/static/fonts/Titillium_Web/TitilliumWeb-Bold.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-
-/* Lora:400,700 */
-
-/* latin-ext */
-@font-face {
-  font-family: 'Lora';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Lora Regular'), local('Lora-Regular'),
-  url(/static/fonts/Lora/Lora-Regular.woff2) format('woff2'),
-  url(/static/fonts/Lora/Lora-Regular.woff) format('woff'),
-  url(/static/fonts/Lora/Lora-Regular.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Lora';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Lora Regular'), local('Lora-Regular'),
-  url(/static/fonts/Lora/Lora-Regular.woff2) format('woff2'),
-  url(/static/fonts/Lora/Lora-Regular.woff) format('woff'),
-  url(/static/fonts/Lora/Lora-Regular.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-/* latin-ext */
-@font-face {
-  font-family: 'Lora';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Lora Bold'), local('Lora-Bold'),
-  url(/static/fonts/Lora/Lora-Bold.woff2) format('woff2'),
-  url(/static/fonts/Lora/Lora-Bold.woff) format('woff'),
-  url(/static/fonts/Lora/Lora-Bold.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Lora';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Lora Bold'), local('Lora-Bold'),
-  url(/static/fonts/Lora/Lora-Bold.woff2) format('woff2'),
-  url(/static/fonts/Lora/Lora-Bold.woff) format('woff'),
-  url(/static/fonts/Lora/Lora-Bold.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-
-/* Roboto+Mono:400,700 */
-
-/* latin-ext */
-@font-face {
-  font-family: 'Roboto Mono';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Roboto Mono'), local('RobotoMono-Regular'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2) format('woff2'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.woff) format('woff'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Roboto Mono';
-  font-style: normal;
-  font-weight: 400;
-  src: local('Roboto Mono'), local('RobotoMono-Regular'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.woff2) format('woff2'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.woff) format('woff'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Regular.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-/* latin-ext */
-@font-face {
-  font-family: 'Roboto Mono';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Roboto Mono Bold'), local('RobotoMono-Bold'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2) format('woff2'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.woff) format('woff'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf) format('truetype');
-  unicode-range: U+0100-024F, U+0259, U+1E00-1EFF, U+2020, U+20A0-20AB, U+20AD-20CF, U+2113, U+2C60-2C7F, U+A720-A7FF;
-}
-/* latin */
-@font-face {
-  font-family: 'Roboto Mono';
-  font-style: normal;
-  font-weight: 700;
-  src: local('Roboto Mono Bold'), local('RobotoMono-Bold'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.woff2) format('woff2'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.woff) format('woff'),
-  url(/static/fonts/Roboto_Mono/RobotoMono-Bold.ttf) format('truetype');
-  unicode-range: U+0000-00FF, U+0131, U+0152-0153, U+02BB-02BC, U+02C6, U+02DA, U+02DC, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;
-}
-</style>
-<!--
-<script src="/static/js/prompt.js"></script>
--->
-</head>
-    <body>
-
-        <div class="it-header-wrapper">
-
-            <!-- Top row in header -->
-
-            <div class="it-header-slim-wrapper">
-                <div class="container">
-                    <div class="row">
-                        <div class="col-12">
-                            <div class="it-header-slim-wrapper-content">
-                                <a class="d-none d-lg-block navbar-brand" href="https://www.unical.it/">
-
-                                Università della Calabria
-
-                                </a>
-                                <div class="nav-mobile">
-                                    <nav>
-                                        <a class="it-opener d-lg-none" data-toggle="collapse" href="#menu-principale" role="button" aria-expanded="false" aria-controls="menu-principale">
-                                            <span>
-
-                                             Università della Calabria
-
-                                            </span>
-
-                                        </a>
-
-                                    </nav>
-                                </div>
-
-<div class="header-slim-right-zone">
-    <div class="nav-item dropdown">
-        <a class="nav-link dropdown-toggle" href="#" data-toggle="dropdown" aria-expanded="false">
-            <span>ITA</span>
-            <svg class="icon d-none d-lg-block">
-                <use xlink:href="/static/svg/sprite.svg#it-expand"></use>
-            </svg>
-        </a>
-        <div class="dropdown-menu" x-placement="bottom-start" style="position: absolute; will-change: transform; top: 0px; left: 0px; transform: translate3d(0px, 46px, 0px);">
-            <div class="row">
-                <div class="col-12">
-                    <div class="link-list-wrapper">
-                        <ul class="link-list">
-                            <li><a class="list-item" href="#"><span>ITA</span></a></li>
-<!--
-                            <li><a class="list-item" href="#"><span>ENG</span></a></li>
--->
-                        </ul>
-                    </div>
-                </div>
-            </div>
-        </div>
-    </div>
-
-<!--
-    <div class="it-access-top-wrapper">
-        <button class="btn btn-primary btn-sm" onclick="window.location='/logout/'" type="button">Annulla l'accesso</button>
-    </div>
--->
-</div>
-
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-
-
-            <div class="it-nav-wrapper">
-                <div class="it-header-center-wrapper">
-                    <div class="container">
-                        <div class="row">
-                            <div class="col-12">
-                                <div class="it-header-center-content-wrapper">
-                                    <!-- Logo -->
-                                    <div class="it-brand-wrapper">
-                                        <a href="">
-                                            <img src="/static/images/unical_logo.svg" style="width: 100%;">
-
-                                            <div class="it-brand-text">
-                                                <h2 class="no_toc">
-                                                </h2>
-                                                <h3 class="no_toc d-none d-md-block">
-                                                </h3>
-                                            </div>
-                                        </a>
-                                    </div>
-
-                                    <!-- Social and Search -->
-
-                                    <div class="it-right-zone">
-
-<div class="it-socials d-none d-md-flex">
-    <span>Seguici su</span>
-<!--
-    <ul>
-        <li>
-            <a href="https://it-it.facebook.com/pages/Universit%C3%A0-della-Calabria/166678814380" aria-label="Facebook" target="_blank">
-                <svg class="icon">
-                    <use xlink:href="/static/svg/sprite.svg#it-facebook"></use>
-                </svg>
-            </a>
-        </li>
-        <li>
-            <a href="https://twitter.com/UnicalPortale" aria-label="Twitter" target="_blank">
-                <svg class="icon">
-                <use xlink:href="/static/svg/sprite.svg#it-twitter"></use>
-                </svg>
-            </a>
-        </li>
-        <li>
-            <a href="https://www.instagram.com/unical_official/" target="_blank" aria-label="Instagram">
-                <svg class="icon">
-                <use xlink:href="/static/svg/sprite.svg#it-instagram"></use>
-                </svg>
-            </a>
-        </li>
-        <li>
-            <a href="https://www.youtube.com/channel/UCnd5Oen95TMO9aLfVRUAABQ" target="_blank" aria-label="YouTube">
-                <svg class="icon">
-                <use xlink:href="/static/svg/sprite.svg#it-youtube"></use>
-                </svg>
-            </a>
-        </li>
-    </ul>
--->
-</div>
-
-
-
-
-                                    </div>
-
-                                </div>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-
-                <!-- Main menu -->
-
-<div class="it-header-navbar-wrapper">
-    <div class="container">
-        <div class="row">
-            <div class="col-12">
-                <nav class="navbar navbar-expand-lg has-megamenu">
-                    <button class="custom-navbar-toggler" type="button" aria-controls="nav10" aria-expanded="false" aria-label="Toggle navigation" data-target="#nav10">
-<!--
-                        <svg class="icon">
-                            <use xlink:href="/static/images/svg/sprite.svg#it-burger"></use>
-                        </svg>
--->
-                    </button>
-                    <div class="navbar-collapsable" id="nav10">
-                        <div class="overlay"></div>
-                        <div class="close-div sr-only">
-                            <button class="btn close-menu" type="button"><span class="it-close"></span>close</button>
-                        </div>
-                        <div class="menu-wrapper">
-                            <ul class="navbar-nav">
-
-                                <li class="nav-item active"><a class="nav-link active" href="#">
-                                    <span>Pagina di Errore</span>
-                                    <span class="sr-only">current</span></a></li>
-
-                            </ul>
-                        </div>
-                        </div>
-
-
-                        </nav></div>
-                    </div>
-
-            </div>
-        </div>
-    </div>
-</div>
-
-
-
-
-
-
-
-        <!-- Container - Body of page-->
-        <div class="main-body">
-
-            <div class="container">
-                <div class="col-12 py-md-5 bd-content">
-
-    <h4 class="">Sei incorso in un errore interno</h4>
-
-
-    <p class="mb-lg-5 mb-2">
-            Ci dispiace, dovrai riprovare o contattare l'assistenza.
-    </p>
-
-<!--
-
--->
-
-
-    <div class="card-wrapper card-space">
-
-
-
-        <!-- Pagina di Errore -->
-<!--
-        <div class="my-3 p-3 bg-white rounded shadow-sm">
-                <div class="media pt-3 pb-3 border-bottom border-gray ">
-                </div>
-        </div>
--->
-        <!-- end if sessioni_adesioni -->
-
-
-    <!-- end if things -->
-    </div>
-
-
-
-
-                </div>
-            </div>
-
-        </div>
-
-        <!-- Footer -->
-
-        <footer class="it-footer">
-            <div class="it-footer-main">
-                <div class="container">
-
-                    <section>
-                        <div class="row clearfix">
-                            <div class="col-sm-12">
-                                <div class="it-brand-wrapper">
-                                    <a href="#">
-
-<img class="icon" src="/static/images/logo_white.png">
-
-
-                                        <div class="it-brand-text">
-                                            <h2 class="no_toc">
-
-Università della Calabria
-
-                                            </h2>
-                                            <h3 class="no_toc d-none d-md-block">
-
-Il Campus per eccellenza
-
-                                            </h3>
-                                        </div>
-
-                                    </a>
-                                </div>
-                            </div>
-                        </div>
-                    </section>
-
-
-                    <!-- Footer middle section with menu blocks -->
-
-
-
-                    <!-- Footer bottom section with contacts -->
-
-<section class="py-4 border-white border-top">
-    <div class="row">
-        <div class="col-lg-4 col-md-4 pb-2">
-            <h4><a href="#" title="Vai alla pagina: Contatti">Contatti</a></h4>
-            <p>
-                <strong>Università della Calabria</strong>
-                <br>
-                via Pietro Bucci 87036 Arcavacata di Rende, CS
-                <br>
-                Codice Fiscale 80003950781 - Tel. (+39) 0984 4911
-            </p>
-            <div class="link-list-wrapper">
-                <ul class="footer-list link-list clearfix">
-                    <li>
-                        <a class="list-item" href="https://www.unical.it/portale/servizi/contacts/" title="Vai alla pagina: Posta Elettronica Certificata">
-                           Posta Elettronica Certificata
-                        </a>
-                    </li>
-                    <li>
-                        <a class="list-item" href="https://www.unical.it/portale/servizi/contacts/index-fe.cfm" title="Vai alla pagina: Fatturazione elettronica">
-                           Fatturazione Elettronica
-                        </a>
-                    </li>
-                </ul>
-            </div>
-        </div>
-        <div class="col-lg-4 col-md-4 pb-2">
-            <h4><a href="#" title="Vai alla pagina: Lorem Ipsum">Link Utili</a></h4>
-            <div class="link-list-wrapper">
-                <ul class="footer-list link-list clearfix">
-                    <li>
-                        <a class="list-item" href="https://www.unical.it/portale/portaltemplates/view/search_phone.cfm" title="Vai alla pagina: Contatti/cerca persone">
-                           Contatti/cerca persone
-                        </a>
-                    </li>
-                    <li>
-                        <a class="list-item" href="https://www.unical.it/portale/ateneo/amministrazione/" title="Vai alla pagina: Contatti amministrazione">
-                           Contatti amministrazione
-                        </a>
-                    </li>
-                    <li>
-                        <a class="list-item" href="https://www.unical.it/portale/ateneo/amministrazione/aree/uocsdfpl/sdfpl/" title="Vai alla pagina: Contatti servizi didattici">
-                           Contatti servizi didattici
-                        </a>
-                    </li>
-                    <li>
-                        <a class="list-item" href="https://unical.portaleamministrazionetrasparente.it/" title="Vai alla pagina: PAT - Portale amministrazione trasparente">
-                           PAT - Portale amministrazione trasparente
-                        </a>
-                    </li>
-                </ul>
-            </div>
-        </div>
-        <div class="col-lg-4 col-md-4 pb-2">
-            <div class="pb-2">
-                <h4><a href="#" title="Vai alla pagina: Seguici su">Seguici su</a></h4>
-                <ul class="list-inline text-left social">
-                    <li class="list-inline-item">
-                        <a class="p-2 text-white" href="https://it-it.facebook.com/pages/Universit%C3%A0-della-Calabria/166678814380" target="_blank">
-                            <svg class="icon icon-sm icon-white align-top">
-                                <use xlink:href="/static/svg/sprite.svg#it-facebook"></use>
-                            </svg><span class="sr-only">Facebook</span>
-                        </a>
-                    </li>
-                    <li class="list-inline-item">
-                        <a class="p-2 text-white" href="https://twitter.com/UnicalPortale" target="_blank">
-                            <svg class="icon icon-sm icon-white align-top">
-                                <use xlink:href="/static/svg/sprite.svg#it-twitter"></use>
-                            </svg><span class="sr-only">Twitter</span>
-                        </a>
-                    </li>
-                    <li class="list-inline-item">
-                        <a class="p-2 text-white" href="https://www.instagram.com/unical_official/" target="_blank">
-                            <svg class="icon icon-sm icon-white align-top">
-                                <use xlink:href="/static/svg/sprite.svg#it-instagram"></use>
-                            </svg><span class="sr-only">Instagram</span>
-                        </a>
-                    </li>
-                    <li class="list-inline-item">
-                        <a class="p-2 text-white" href="https://www.youtube.com/channel/UCnd5Oen95TMO9aLfVRUAABQ" target="_blank">
-                            <svg class="icon icon-sm icon-white align-top">
-                                <use xlink:href="/static/svg/sprite.svg#it-youtube"></use>
-                            </svg><span class="sr-only">YouTube</span>
-                        </a>
-                    </li>
-                </ul>
-            </div>
-            <div class="pb-2">
-                <h4><a href="#" title="Vai alla pagina: Newsletter">Newsletter</a></h4>
-                <p>Form Newsletter</p>
-                  <!--<form action="#" method="post">
-                    <label for="input-newsletter" class="active">Iscriviti per riceverla</label>
-                    <div class="input-group">
-                      <div class="input-group-prepend">
-                        <div class="input-group-text">@</div>
-                      </div>
-                      <input type="text" class="form-control" id="input-newsletter" name="input-newsletter" placeholder="Scrivi il tuo indirizzo email" >
-                      <div class="input-group-append">
-                        <button class="btn btn-outline-secondary" type="button" id="button-addon2">Button</button>
-                      </div>
-                    </div>
-                    <button class="btn btn-default pull-right" type="submit">Iscriviti</button>
-                  </form>-->
-            </div>
-        </div>
-    </div>
-</section>
-
-                </div>
-            </div>
-
-
-            <div class="it-footer-small-prints clearfix">
-                <div class="container">
-
-<h3 class="sr-only">Sezione Link Utili</h3>
-<ul class="it-footer-small-prints-list list-inline mb-0 d-flex flex-column flex-md-row">
-    <li class="list-inline-item">
-        <a href="https://www.unical.it/portale/ateneo/amministrazione/aree/arrisumane/trasparenza/ammtrasparente/notelegali/" title="Note Legali">
-           Note legali
-        </a>
-    </li>
-    <li class="list-inline-item">
-        <a href="https://www.unical.it/portale/ateneo/privacy/" title="Protezione dei dati">
-           Protezione dei dati
-        </a>
-    </li>
-</ul>
-
-                </div>
-            </div>
-
-        </footer>
-
-
-
-        <script>window.__PUBLIC_PATH__ = "/static/fonts"</script>
-        <script src="/static/js/bootstrap-italia.min.js"></script>
-
-
-
-
-
-</body></html>
diff --git a/example/uniauth_unical_template/templates/data_consent.html b/example/uniauth_unical_template/templates/data_consent.html
deleted file mode 100644
index 8b13789..0000000
--- a/example/uniauth_unical_template/templates/data_consent.html
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/example/uniauth_unical_template/templates/error.html b/example/uniauth_unical_template/templates/error.html
deleted file mode 100644
index 29d1680..0000000
--- a/example/uniauth_unical_template/templates/error.html
+++ /dev/null
@@ -1,39 +0,0 @@
-<!-- Extends default Bootstrap Italia template -->
-{% extends 'idp_base.html' %}
-
-{% load i18n %}
-{% load static %}
-
-{% block page_title %}
-    {% trans "Error" %}
-{% endblock page_title %}
-
-{% block header_center_search %}{% endblock header_center_search %}
-{% block header_slim_right_zone %}{% endblock header_slim_right_zone %}
-{% block main_menu %}{% endblock main_menu %}
-
-{% block centered_container %}
-    <div class="callout danger">
-        <div class="callout-title">
-            <svg class="icon">
-                <use xlink:href="{% static 'images/svg/sprite.svg' %}#it-close-circle"></use>
-            </svg>{% trans "Error during SAML2 authentication" %}</div>
-        <p>
-            {% if exception_type %}
-                <p class="mb-2">
-                    <strong>{{exception_type}}</strong>
-                    <br>
-                </p>
-                {% if exception_msg %}
-                    <p>{{exception_msg}}</p>
-                {% endif %}
-            {% endif %}
-            {% if extra_message %}
-                <p>{{extra_message}}</p>
-            {% endif %}
-        </p>
-    </div>
-</html>
-{% endblock centered_container %}
-
-{% block bootstrap_italia_validation %}{% endblock bootstrap_italia_validation %}
diff --git a/example/uniauth_unical_template/templates/idp_base.html b/example/uniauth_unical_template/templates/idp_base.html
deleted file mode 100644
index 4c4cd6f..0000000
--- a/example/uniauth_unical_template/templates/idp_base.html
+++ /dev/null
@@ -1,34 +0,0 @@
-<!-- Extends default Bootstrap Unical Italia template -->
-{% extends 'base-setup.html' %}
-
-{% load static %}
-
-{% block extra_head %}
-{{ block.super }}
-<link rel="stylesheet" href="{% static 'css/idp_style.css' %}">
-{% endblock extra_head %}
-
-{% block extra_scripts %}
-{% block bootstrap_italia_validation %}
-<script>
-(function() {
-  'use strict';
-  window.addEventListener('load', function() {
-    var forms = document.getElementsByClassName('needs-validation');
-    var validation = Array.prototype.filter.call(forms, function(form) {
-      form.addEventListener('submit', function(event) {
-        if (form.checkValidity() === false) {
-          event.preventDefault();
-          event.stopPropagation();
-        }
-      }, false);
-      form.classList.add('was-validated');
-    });
-  }, false);
-})();
-</script>
-{% endblock bootstrap_italia_validation %}
-{% endblock extra_scripts %}
-
-{% block footer_menu_section %}
-{% endblock footer_menu_section %}
diff --git a/example/uniauth_unical_template/templates/saml_login.html b/example/uniauth_unical_template/templates/saml_login.html
deleted file mode 100644
index fff5692..0000000
--- a/example/uniauth_unical_template/templates/saml_login.html
+++ /dev/null
@@ -1,151 +0,0 @@
-<!-- Extends default Bootstrap Unical Italia template -->
-{% extends 'idp_base.html' %}
-
-{% load i18n %}
-{% load static %}
-
-{% block page_title %}
-IDP: {% trans "Auth login" %}
-{% endblock page_title %}
-
-{% block header_wrapper %}{% endblock header_wrapper %}
-{% block footer %}{% endblock footer %}
-
-{% block container %}
-<div class="container">
-    <div class="row">
-        <div class="col-lg-6 p-5 offset-md-3 align-self-center">
-            <image class="mb-5" src="{% static 'images/unical_logo.svg' %}" style="width:100%;"/>
-
-            <p class="mb-4">{% trans "Single Sign-On" %}</p>
-
-            <form class="needs-validation" name="login" method="post" action="{{ acs_url }}">
-                {% csrf_token %}
-                {% for form_field in form %}
-
-                    {% if form_field.field.widget.input_type == "checkbox" %}
-                    <div class="form-check">
-                        <input name="{{ form_field.name }}"
-                               type="checkbox"
-                               id="id_{{ form_field.html_name }}"
-                               {% if form_field.field.required %}
-                               class="form-check-input"
-                               required
-                               {% endif %}>
-                        <label class="form-check-label"
-                               for="id_{{ form_field.html_name }}">
-                            {{ form_field.label }}
-                        </label>
-                    </div>
-                    {% elif form_field.field.widget.input_type == "password" %}
-                    <div class="form-row">
-                        <div class="col-12 form-group my-3">
-                            <input type="{{ form_field.field.widget.input_type }}"
-                                   class="form-control input-password"
-                                   id="id_{{ form_field.html_name }}"
-                                   name="{{ form_field.name }}"
-                                   aria-labelledby="infoPassword"
-                                   minlength="{{ form_field.field.min_length }}"
-                                   {% comment %}
-                                   {% if forloop.first %} autofocus {% endif %}
-                                   {% endcomment %}
-                                   {% if form_field.field.required %}required{% endif %}>
-                            <span class="password-icon" aria-hidden="true">
-                                <svg class="password-icon-visible icon icon-sm">
-                                    <use xlink:href="{% static 'svg/sprite.svg' %}#it-password-visible"></use>
-                                </svg>
-                                <svg class="password-icon-invisible icon icon-sm d-none">
-                                    <use xlink:href="{% static 'svg/sprite.svg' %}#it-password-invisible"></use>
-                                </svg>
-                            </span>
-                            <label for="id_{{ form_field.html_name }}">
-                                <span class="form-label-content">
-                                    {{ form_field.label }}
-                                </span>
-                            </label>
-                            {% comment %}
-                            <div class="valid-feedback">{% trans "Validated" %}!</div>
-                            {% endcomment %}
-                        </div>
-                    </div>
-                    {% else %}
-                    <div class="form-row">
-                        <div class="col-12 form-group my-3">
-                            <input type="{{ form_field.field.widget.input_type }}"
-                                   class="form-control"
-                                   id="id_{{ form_field.html_name }}"
-                                   name="{{ form_field.name }}"
-                                   minlength="{{ form_field.field.min_length }}"
-                                   {% comment %}
-                                   {% if forloop.first %} autofocus {% endif %}
-                                   {% endcomment %}
-                                   {% if form_field.field.required %}required{% endif %}>
-                            <label for="id_{{ form_field.html_name }}">
-                                <span class="form-label-content">
-                                    {{ form_field.label }}
-                                </span>
-                            </label>
-                            {% comment %}
-                            <div class="valid-feedback">{% trans "Validated" %}!</div>
-                            {% endcomment %}
-                        </div>
-                    </div>
-                    {% endif %}
-                {% endfor %}
-                <div class="py-3">
-                    <ul style="list-style: none; padding-inline-start: 37px;">
-                        <li>
-                <p style="margin-bottom: 5px;">
-                                {% trans "Forgot your password?" %} (
-                            <a href="https://unical.esse3.cineca.it/Anagrafica/PasswordDimenticata.do" class="grey-color">
-                {% trans "Students" %}
-                            </a>
-                |
-                            <a href="https://soldi.unical.it/dipendenti/login/login.php" class="grey-color">
-                {% trans "Employees" %}
-                            </a>
-                )
-                        </li>
-                        <li>
-                            <a href="https://ds.auth.unical.it/info_page/federazione-di-identita-delluniversita-della-calabria/" class="grey-color">
-                                {% trans "Additional informations" %}
-                            </a>
-                        </li>
-                    </ul>
-
-                </div>
-                <input type="submit"
-                       name="confirm"
-                       class="btn btn-lg btn-success btn-block unical-background"
-                       value="{% trans 'Submit' %}"/>
-            </form>
-        </div>
-    </div>
-    <!-- SP logo or description -->
-    <div class="row">
-
-            {% if request.saml_session.SAML.sp_logo  %}
-            <div class="col-lg-2 px-5 pb-2 pb-lg-4 pr-lg-0 offset-lg-3 align-self-center text-center text-lg-left">
-                <p>{% trans "Requested by" %}:</p>
-                <div class="mx-5 mx-lg-0">
-                    <div class="mx-md-5 mx-lg-0">
-                        <img src="{{ request.saml_session.SAML.sp_logo }}"
-                             alt="{{ request.saml_session.SAML.sp_display_name }}" width="70%">
-                    </div>
-                </div>
-            </div>
-            <div class="col-lg-4 px-5 pb-5 pl-lg-0 pb-lg-4 align-self-center small text-center text-lg-left">
-                {{ request.saml_session.SAML.sp_display_description }}
-            </div>
-           {% else %}
-           <div class="col-lg-2 px-5 pb-2 pb-lg-4 pr-lg-0 offset-lg-3 align-self-center text-center text-lg-left">
-                 <p>{% trans "Requested by" %}:</p>
-                 <p>{{ request.saml_session.SAML.sp_display_description }}</p>
-       </div>
-           {% endif %}
-
-
-
-    </div>
-</div>
-{% endblock container %}
diff --git a/example/uniauth_unical_template/templates/saml_post.html b/example/uniauth_unical_template/templates/saml_post.html
deleted file mode 100644
index 1d72f4e..0000000
--- a/example/uniauth_unical_template/templates/saml_post.html
+++ /dev/null
@@ -1,30 +0,0 @@
-{% extends 'idp_base.html' %}
-
-{% load i18n %}
-{% load static %}
-
-{% block page_title %}
-    SAML POST
-{% endblock page_title %}
-
-{% block header_wrapper %}{% endblock header_wrapper %}
-{% block footer %}{% endblock footer %}
-
-{% block centered_container %}
-    <form method="post" action="{{ acs_url }}">
-        {% csrf_token %}
-        <div>
-        <input type="hidden" name="RelayState" value="{{ relay_state }}" />
-        <input type="hidden" name="SAMLResponse" value="{{ saml_response }}" />
-        </div>
-    </form>
-    {% if saml_response %}
-    <script type="text/javascript">
-        window.onload = function () {
-            document.forms[0].submit();
-        }
-    </script>
-    {% endif %}
-{% endblock centered_container %}
-
-{% block bootstrap_italia_validation %}{% endblock bootstrap_italia_validation %}
diff --git a/example/uniauth_unical_template/templates/user_agreement.html b/example/uniauth_unical_template/templates/user_agreement.html
deleted file mode 100644
index fe49c04..0000000
--- a/example/uniauth_unical_template/templates/user_agreement.html
+++ /dev/null
@@ -1,169 +0,0 @@
-<!-- Extends default Bootstrap Italia template -->
-{% extends 'idp_base.html' %}
-
-{% load i18n %}
-{% load static %}
-
-{% block page_title %}
-    {% trans "User Agreement" %}
-{% endblock page_title %}
-
-{% block header_center_search %}{% endblock header_center_search %}
-{% block header_slim_right_zone %}{% endblock header_slim_right_zone %}
-{% block main_menu %}{% endblock main_menu %}
-
-{% block centered_container %}
-<div class="mb-2">
-    <p>
-        <b>{% trans "Welcome" %} {{ request.user.username }}</b>,
-    </p>
-    <p class="text-justify">
-        <b>{{sp_display_name}}</b>,
-        {% trans "the web service you are coming from, has requested the following informations. We therefore ask you to read these informations and give your consent if you agree." %}
-    </p>
-
-    {% if sp_display_description %}
-    <p class="text-justify pt-3">
-        <b>{% trans "Display description" %}:</b> {{sp_display_description}}
-    </p>
-    {% endif %}
-</div>
-
-<div class="mb-4">
-<!--
-    <h3>
-        {% trans "Data consent" %}
-    </h3>
--->
-    <p class="text-justify text-justify pt-3">
-        {% if sp_display_agreement_message %}
-            {{ sp_display_agreement_message }}
-        {% else %}
-            {% include "data_consent.html" %}
-        {% endif %}
-    </p>
-</div>
-
-<div class="mb-4">
-<!--
-    <p>
-        {{sp_display_name}} {% trans "requested the following informations" %}:
-    </p>
--->
-
-    <div style="overflow-x:auto;">
-        <table class="table table-hover">
-            <thead>
-                <tr>
-                    <th scope="col">{% trans "attribute name" %}</th>
-                    <th scope="col">{% trans "value" %}</th>
-                </tr>
-            </thead>
-            <tbody>
-            {% for attr, value in attrs_passed_to_sp.items %}
-            <tr>
-                <td>{{ attr }}</td>
-                <td>
-                {% if value.capitalize %}
-                    {{ value }}
-                {% else %}
-                    <ul class="list-unstyled">
-                    {% for ele in value %}
-                        <li>{{ ele }}</li>
-                    {% endfor %}
-                    </ul>
-                {% endif %}
-                </td>
-            </tr>
-            {% endfor %}
-            </tbody>
-        </table>
-    </div>
-
-    {% if sp_display_agreement_consent_form  %}
-    <div class="pt-4">
-        <p>{% trans "Do you agree to transmit to " %}
-            <b>{{ sp_display_name }}</b>
-           {% trans "the previous personal attributes" %}?<
-        /p>
-    </div>
-    {% endif %}
-
-    <form class="pt-4 needs-validation" method="post" action="" class="pb-4">
-        {% csrf_token %}
-        {% for form_field in form %}
-            {% if form_field.field.widget.input_type == "checkbox"%}
-            <div class="form-check">
-                <input name="{{ form_field.name }}"
-                       type="checkbox"
-                       id="id_{{ form_field.html_name }}"
-                       {% if form_field.field.required %}
-                       class="form-check-input"
-                       required
-                       {% endif %}>
-                <label class="form-check-label"
-                       for="id_{{ form_field.html_name }}">
-                    {{ form_field.label }}
-                </label>
-            </div>
-
-            {% elif form_field.field.widget.input_type == 'radio' %}
-            <div>
-<!--
-                <p class="pt-3">
-                    {{form_field.name|title}}
-                </p>
--->
-                {% if sp_display_agreement_consent_form %}
-                    {% for k,v in form_field.field.widget.choices %}
-                        <div class="form-check">
-                            <input type="radio"
-                                   name="{{ form_field.name}}"
-                                   value="{{k}}"
-                                   {% if form_field.field.required %}required{% endif %}
-                                   id="id_{{ form_field.html_name }}_{{ forloop.counter0}}"
-                                   {% if forloop.first %}checked{% endif %}>
-                            {% if sp_display_agreement_consent_form  %}
-                            <label for="id_{{ form_field.html_name }}_{{ forloop.counter0}}">
-                                <p style="font-size: 1.8rem;">{{ v }}</p>
-                            </label>
-                            {% endif %}
-                        </div>
-                    {% endfor %}
-                {% else %}
-                    <input type="hidden" name="confirm" value="1">
-                {% endif %}
-            </div>
-
-            {% else %}
-            <div class="form-row">
-                <div class="col-12 form-group my-3">
-                    <input type="{{ form_field.field.widget.input_type }}"
-                           class="form-control"
-                           id="id_{{ form_field.html_name }}"
-                           name="{{ form_field.name }}"
-                           minlength="{{ form_field.field.min_length }}"
-                           {% comment %}
-                           {% if forloop.first %} autofocus {% endif %}
-                           {% endcomment %}
-                           {% if form_field.field.required %}required{% endif %}>
-                    <label for="id_{{ form_field.html_name }}">
-                        <span class="form-label-content">
-                            {{ form_field.label }}
-                        </span>
-                    </label>
-                    {% comment %}
-                    <div class="valid-feedback">{% trans "Validated" %}!</div>
-                    {% endcomment %}
-                </div>
-            </div>
-            {% endif %}
-        {% endfor %}
-
-        <input type="submit"
-               name="submit"
-               class="mt-5 btn btn-lg btn-success btn-block unical-background"
-               value="{% trans 'Submit' %}"/>
-    </form>
-</div>
-{% endblock centered_container %}
diff --git a/example/uwsgi.ini b/example/uwsgi.ini
new file mode 100644
index 0000000..50008a2
--- /dev/null
+++ b/example/uwsgi.ini
@@ -0,0 +1,32 @@
+[uwsgi]
+project     = uniauth
+base        = /opt
+chdir       = %(base)/%(project)
+
+socket      = 0.0.0.0:3000
+master      = true
+processes   = 4
+
+env         = DJANGO_SETTINGS_MODULE = %(project).settings
+
+logto           = %(base)/%(project)/logs/uwsgi.log
+log-maxsize     = 350000
+log-backupname  = %(base)/%(project)/logs/uwsgi.log.old
+
+module      = django_idp.wsgi:application
+vacuum      = True
+listen      = 1024
+
+# respawn processes after serving ... requests
+max-requests    = 1000
+
+# respawn processes taking more than takes more then ... seconds (12 minutes!!)
+harakiri = 20
+
+# SAML over https needs a greater buffersize, instead: "invalid request block size: 5843 (max 4096)...skip"
+buffer-size=32768
+
+pidfile         = %(base)/%(project)/%(project).pid
+touch-reload    = %(base)/%(project)/django_idp/settings.py
+stats           = 0.0.0.0:9191
+stats-http      = True
diff --git a/example_sp/djangosaml2_sp/README.md b/example_sp/djangosaml2_sp/README.md
new file mode 100644
index 0000000..bc7d617
--- /dev/null
+++ b/example_sp/djangosaml2_sp/README.md
@@ -0,0 +1,27 @@
+### djangosaml2-sp (SP server)
+````
+sudo apt install xmlsec1 python3-dev python3-pip libssl-dev
+pip3 install virtualenv
+
+virtualenv -ppython3 env
+source env/bin/activate
+
+cd djangosaml2_sp
+# download idp metadata to sp, not needed if remote options is enabled
+wget https://localhost:10000/Saml2IDP/metadata/ -O saml2_sp/saml2_config/satosa-saml2spid.xml --no-check-certificate
+
+# install prerequisite
+pip install -r requirements.txt
+
+# migrate django DB
+python manage.py migrate
+
+# run the sp test
+./manage.py runserver 0.0.0.0:8000
+````
+
+### Add SP metadata to Satosa server
+```
+# put sp metadata to satosa 
+wget http://localhost:8000/saml2/metadata -O #{Satosa root}/metadata/sp/djangosaml2_sp
+```
diff --git a/example_sp/djangosaml2_sp/certificates/private.key b/example_sp/djangosaml2_sp/certificates/private.key
new file mode 100644
index 0000000..0679842
--- /dev/null
+++ b/example_sp/djangosaml2_sp/certificates/private.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCj0BzOt58ECsSw
+T049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3
+gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQ
+NEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99f
+F3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7W
+OXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5
+AC6CuPnrAgMBAAECggEASyECZUhPtMHfjWEB6CfjsrMmnOtjbykSQANya+7RLjNK
+xN1e3tu/hurXlb3aheaYSQ9IjkvCAOTpngXbhjhHJ3o0QAJEJ8dTsPRCc9E7/yIi
+JtKNE2uyhM1G5YzPSNpszKwf64G3ooWiMWeZPqTdPcrHvj6hIvXMLqJtBMlretz2
+yuK5CstZJg7uhBGfK+uqO0YvPc65nmN+v7EVHQCw7YbBAK+j3x4L4j2wU4DYU8+o
+7gDs3wUZ0yccCjNqe2WnZEdnqUFJfBQS4hweoncJ0guaQHEt+cmU+9/RiDD8SM5l
+v8qftREQuRNQicvNfUCCkfDqAQygqNAqdAFMFgufEQKBgQDQdniGevawT+/dtFe3
+qYfjnKZIEx5wSinKfh8TO8JeIhCA3gZikyMcNM1Yf0YdQayv8EmdqeTjXQnOMWR5
+AsuRvkEsI2Xd7CaUVyAMTPgol9sI5pbmG5eyKoVnlbZRj2uLLvnpASqlwKX45WX4
+JB/uFSHGFSQoLLfOiieSU0mBCQKBgQDJKxjmmTJR2dd2XS5dkyThi1y2v3AvY/JZ
+miJ3tTgUWBr1QhAL19jQLSWqlonq9yrYXu0aG068Ze/QG1luo3UvL0Dp2xqVxYOv
+NfQyI9HucsyDUZ6RWuUCueW/JgHxEEXQVKbZTaSoJBjqqIRWSv46/jBM36oJtlZ0
+vY4k1OAEUwKBgDjPUGE1uWyrHC9LKmx+4u2Aj0AtFap8S49Hd6iCLKICnoS//PV4
+K6VQLnXjmXP3pdv8m9M/rYTYogdzJnJj9J4vPwuMSgKEjK74X196ylYlrCdsz8q9
+0kVXmSt1fU4Uy7YOg0SgcMLjEVgXDAbnsVvsnlug/02DgkPjGo2h7PIhAoGAIrK0
+UNILw+J3L4tS/ADtU5neHAdZKlNq8dmMKGmxipDH1ZXXfrN0SjP/UzU0BLstQLTe
+4KnlIsnSW2rcOiEnjUPxRmTsaPjwhcAgpqVXCHH0pJHnb9rltVqrLhU4MIRGBnET
+dlfWFspjIdZ/PQMiZrqBSkEp6xLwRqKLaf7txNECgYAEDbnTCzavjgQghASm3s22
+k4Wukd408kKuCkHJY/fn8MiDBxu9Y/RtiTAa2J6cy8HQ5sgnx1HMPCsS6DyyBkoG
+3MZI2q0RkMNGaSDwLVo61GPinVv0ylECMKHCKLxZsU9mmunzhMhIUra2nSn0zUpm
+I+aV3a2hnizaY23PtO97Hw==
+-----END PRIVATE KEY-----
diff --git a/example_sp/djangosaml2_sp/certificates/private_key.pem b/example_sp/djangosaml2_sp/certificates/private_key.pem
new file mode 100644
index 0000000..95fa69e
--- /dev/null
+++ b/example_sp/djangosaml2_sp/certificates/private_key.pem
@@ -0,0 +1,117 @@
+RSA Private-Key: (2048 bit, 2 primes)
+modulus:
+    00:c1:25:69:dc:c8:60:5a:02:e2:03:35:2c:be:81:
+    f4:7d:d0:5a:93:33:31:69:7b:5c:61:b7:62:c1:df:
+    e1:d1:b6:d4:f1:f4:06:30:f7:9d:a5:50:58:90:10:
+    e9:bf:6b:74:2a:ea:d2:be:32:d9:01:91:15:18:b0:
+    54:d3:d0:93:7e:cd:0c:00:08:b0:57:b6:4e:1d:2b:
+    8b:2a:aa:58:0f:40:97:a7:ae:1a:51:5b:9b:b9:f8:
+    af:ff:06:76:3d:bd:1d:70:83:ea:38:3a:49:9d:87:
+    72:55:a2:96:f1:26:32:45:e4:aa:9c:77:ab:a0:1d:
+    1d:05:27:df:49:f2:ac:f6:a9:b4:9c:e9:6b:b2:30:
+    66:04:b5:f1:25:86:81:ec:e1:05:f0:55:a3:b5:55:
+    a7:5e:b6:89:79:53:ca:af:23:bd:5a:fc:75:de:50:
+    88:27:ad:97:6d:de:66:ef:64:9a:73:ee:21:e3:10:
+    99:37:48:5e:af:20:80:8a:ae:a4:e8:84:95:a8:ae:
+    52:bc:7a:f8:98:dc:4b:eb:63:8e:f2:3d:c0:f0:56:
+    f7:43:a9:e7:bf:ae:ab:1f:fe:2c:1c:69:5e:1d:82:
+    fa:b4:fa:56:a0:4a:2f:d3:15:bc:17:1c:bb:66:ca:
+    2e:19:38:12:67:19:6e:b2:6b:74:ca:87:d3:b4:8e:
+    fa:d5
+publicExponent: 65537 (0x10001)
+privateExponent:
+    10:2c:81:e0:eb:26:a6:62:f7:6a:2d:59:c1:da:40:
+    0f:09:13:8c:a0:0c:d3:38:71:53:fd:77:57:a4:d7:
+    d4:27:eb:4d:17:92:2d:27:8f:1b:f8:ce:71:c1:f8:
+    d0:fe:be:8b:99:7e:6c:4e:f5:bd:1b:d9:18:68:2b:
+    b2:51:15:08:d9:42:d7:fd:e2:46:76:0d:b4:83:a0:
+    f3:c1:af:fe:16:fa:9c:20:08:34:27:e7:b2:7b:10:
+    c1:da:58:ac:72:d9:b4:42:57:aa:bd:b6:cc:6a:3b:
+    38:d0:94:b3:3c:ef:98:ca:bd:3e:bd:06:b2:31:bd:
+    ec:60:9a:62:26:e0:35:07:7b:9d:f4:af:00:f5:e8:
+    2b:b1:39:78:7b:8b:74:6f:e0:ac:45:da:cc:29:78:
+    99:64:55:25:04:e5:41:27:d5:68:bd:b6:df:c5:e4:
+    f4:9f:c4:23:2a:17:de:ce:a7:36:06:05:5f:56:f2:
+    a0:e6:19:18:ab:9a:35:3c:a1:36:0f:95:3b:9b:93:
+    d7:9f:62:b1:15:50:53:28:02:a8:cd:81:ef:24:73:
+    81:9d:ff:90:3e:f8:3a:54:6a:5f:64:1b:e8:bc:52:
+    ed:80:5d:4c:87:df:c4:70:c6:40:48:f0:b4:02:bd:
+    e1:56:c4:f6:17:df:74:ee:45:ee:c4:5c:c9:e3:05:
+    41
+prime1:
+    00:f4:f1:c1:41:06:fa:49:96:64:01:7e:c9:39:61:
+    39:78:5e:ff:49:9c:e7:5f:38:e4:c6:19:12:d5:c0:
+    1b:3a:aa:64:c3:b2:17:5e:9a:f3:33:e5:1c:49:c1:
+    52:9e:b2:a0:ba:25:70:d3:02:9c:7b:dd:95:60:59:
+    37:8e:f3:e7:70:76:8b:c4:fc:8e:4a:fd:b1:ac:ec:
+    b5:d7:e3:ae:8e:4c:9c:70:f1:0c:06:fb:6f:8d:66:
+    72:6f:90:c1:a9:a1:43:ee:92:fa:34:0f:be:c3:db:
+    d2:ae:95:d5:bd:54:0e:ec:34:b2:e7:6d:47:34:e1:
+    3b:02:ae:63:2c:f1:bf:a8:d7
+prime2:
+    00:c9:dd:26:11:c6:98:f3:4e:88:ec:f5:9e:7f:c6:
+    d5:96:b4:1c:8d:7f:f9:a0:d4:9c:18:06:39:03:94:
+    1d:1a:2c:57:87:00:56:cb:c3:bc:f7:2d:09:fe:e9:
+    19:e9:9f:d8:71:31:7b:1c:6a:bf:92:45:02:68:8c:
+    f2:ae:16:29:ae:00:d6:73:7a:5c:e5:8f:99:04:1a:
+    a6:ba:01:1d:ff:4c:1b:6d:68:ef:ec:0b:38:00:ed:
+    f2:83:a5:1a:1d:de:61:95:01:01:de:ca:84:e0:91:
+    bb:76:b1:14:f0:c7:ef:6a:01:69:42:42:5d:89:14:
+    77:96:d1:c6:12:51:5f:68:33
+exponent1:
+    00:dc:44:02:5b:2d:a1:29:47:7a:4a:f5:ee:92:10:
+    e2:13:62:aa:03:52:7b:a5:df:8d:aa:ae:a5:87:5e:
+    27:9e:4b:d8:2d:3b:1b:54:d1:d6:5e:16:6b:a7:cf:
+    97:32:6a:c3:aa:61:3c:e2:23:f9:00:52:34:9f:dd:
+    da:de:4c:6b:15:71:25:23:51:51:cc:11:f3:12:e4:
+    12:6a:3f:ae:9a:fc:3d:ba:3a:a9:6c:25:f3:1c:9e:
+    c1:cd:9d:c8:e9:77:c1:94:ea:ca:e0:c2:3f:f3:f4:
+    db:b2:6f:bf:33:70:41:b3:1b:78:be:30:40:d6:46:
+    ac:40:2e:fd:b4:4e:f8:e1:25
+exponent2:
+    60:f9:b8:dc:39:48:29:3a:c5:54:f0:fa:5f:f0:29:
+    93:e8:9a:fe:ef:48:01:17:a2:95:78:07:d3:cc:47:
+    de:d7:06:85:78:88:3a:03:a2:b8:2c:0e:ed:43:16:
+    8b:c1:9a:bd:66:43:fa:76:dd:e9:6a:f5:a9:3c:6d:
+    29:6c:c4:41:2f:6d:d6:b4:26:04:b2:63:94:31:29:
+    7f:9a:21:cb:0f:c8:ed:5a:c8:47:e1:6b:da:26:75:
+    a7:00:9d:f7:53:6a:15:a7:12:3a:f1:97:bc:3a:c6:
+    90:52:a9:f8:b2:54:35:dc:cf:b0:61:29:86:3d:2a:
+    e6:6d:88:76:2c:59:65:39
+coefficient:
+    3d:3b:72:b9:7c:53:94:82:e3:91:a8:df:a9:ff:ed:
+    36:bd:18:e9:d3:d4:84:db:5b:8c:af:10:4f:ed:f2:
+    40:03:40:75:0a:f9:16:58:47:ed:d5:b4:c0:8f:7a:
+    57:b2:40:a8:ee:37:15:47:bd:8e:78:9f:40:11:a2:
+    be:ad:d9:54:aa:29:4c:e1:99:e3:92:71:a3:e3:1f:
+    ee:43:77:1d:b7:73:b1:97:e7:04:0a:55:e3:84:5f:
+    96:03:09:6a:86:9e:6d:c1:cb:a1:03:ed:9d:2e:73:
+    4e:b4:a2:45:df:64:c8:fd:c7:b8:3e:32:87:16:cd:
+    5c:8f:b7:b3:66:b0:08:62
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwSVp3MhgWgLiAzUsvoH0fdBakzMxaXtcYbdiwd/h0bbU8fQG
+MPedpVBYkBDpv2t0KurSvjLZAZEVGLBU09CTfs0MAAiwV7ZOHSuLKqpYD0CXp64a
+UVubufiv/wZ2Pb0dcIPqODpJnYdyVaKW8SYyReSqnHeroB0dBSffSfKs9qm0nOlr
+sjBmBLXxJYaB7OEF8FWjtVWnXraJeVPKryO9Wvx13lCIJ62Xbd5m72Sac+4h4xCZ
+N0heryCAiq6k6ISVqK5SvHr4mNxL62OO8j3A8Fb3Q6nnv66rH/4sHGleHYL6tPpW
+oEov0xW8Fxy7ZsouGTgSZxlusmt0yofTtI761QIDAQABAoIBABAsgeDrJqZi92ot
+WcHaQA8JE4ygDNM4cVP9d1ek19Qn600Xki0njxv4znHB+ND+vouZfmxO9b0b2Rho
+K7JRFQjZQtf94kZ2DbSDoPPBr/4W+pwgCDQn57J7EMHaWKxy2bRCV6q9tsxqOzjQ
+lLM875jKvT69BrIxvexgmmIm4DUHe530rwD16CuxOXh7i3Rv4KxF2swpeJlkVSUE
+5UEn1Wi9tt/F5PSfxCMqF97OpzYGBV9W8qDmGRirmjU8oTYPlTubk9efYrEVUFMo
+AqjNge8kc4Gd/5A++DpUal9kG+i8Uu2AXUyH38RwxkBI8LQCveFWxPYX33TuRe7E
+XMnjBUECgYEA9PHBQQb6SZZkAX7JOWE5eF7/SZznXzjkxhkS1cAbOqpkw7IXXprz
+M+UcScFSnrKguiVw0wKce92VYFk3jvPncHaLxPyOSv2xrOy11+OujkyccPEMBvtv
+jWZyb5DBqaFD7pL6NA++w9vSrpXVvVQO7DSy521HNOE7Aq5jLPG/qNcCgYEAyd0m
+EcaY806I7PWef8bVlrQcjX/5oNScGAY5A5QdGixXhwBWy8O89y0J/ukZ6Z/YcTF7
+HGq/kkUCaIzyrhYprgDWc3pc5Y+ZBBqmugEd/0wbbWjv7As4AO3yg6UaHd5hlQEB
+3sqE4JG7drEU8MfvagFpQkJdiRR3ltHGElFfaDMCgYEA3EQCWy2hKUd6SvXukhDi
+E2KqA1J7pd+Nqq6lh14nnkvYLTsbVNHWXhZrp8+XMmrDqmE84iP5AFI0n93a3kxr
+FXElI1FRzBHzEuQSaj+umvw9ujqpbCXzHJ7BzZ3I6XfBlOrK4MI/8/Tbsm+/M3BB
+sxt4vjBA1kasQC79tE744SUCgYBg+bjcOUgpOsVU8Ppf8CmT6Jr+70gBF6KVeAfT
+zEfe1waFeIg6A6K4LA7tQxaLwZq9ZkP6dt3pavWpPG0pbMRBL23WtCYEsmOUMSl/
+miHLD8jtWshH4WvaJnWnAJ33U2oVpxI68Ze8OsaQUqn4slQ13M+wYSmGPSrmbYh2
+LFllOQKBgD07crl8U5SC45Go36n/7Ta9GOnT1ITbW4yvEE/t8kADQHUK+RZYR+3V
+tMCPeleyQKjuNxVHvY54n0ARor6t2VSqKUzhmeOScaPjH+5Ddx23c7GX5wQKVeOE
+X5YDCWqGnm3By6ED7Z0uc060okXfZMj9x7g+MocWzVyPt7NmsAhi
+-----END RSA PRIVATE KEY-----
diff --git a/example/tests/sp/certificates/public.cert b/example_sp/djangosaml2_sp/certificates/public.cert
similarity index 100%
rename from example/tests/sp/certificates/public.cert
rename to example_sp/djangosaml2_sp/certificates/public.cert
diff --git a/example_sp/djangosaml2_sp/certificates/public_key.pem b/example_sp/djangosaml2_sp/certificates/public_key.pem
new file mode 100644
index 0000000..b9af210
--- /dev/null
+++ b/example_sp/djangosaml2_sp/certificates/public_key.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgTCCAmmgAwIBAgIQMRnLuhd2NBn9BfrOZOWO6TANBgkqhkiG9w0BAQsFADAY
+MRYwFAYDVQQDDA10ZXN0dW5pY2FsLml0MB4XDTE5MDMxMjEwMDQyOFoXDTIyMDIy
+NDEwMDQyOFowHDEaMBgGA1UEAwwRc3AxLnRlc3R1bmljYWwuaXQwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBJWncyGBaAuIDNSy+gfR90FqTMzFpe1xh
+t2LB3+HRttTx9AYw952lUFiQEOm/a3Qq6tK+MtkBkRUYsFTT0JN+zQwACLBXtk4d
+K4sqqlgPQJenrhpRW5u5+K//BnY9vR1wg+o4Okmdh3JVopbxJjJF5Kqcd6ugHR0F
+J99J8qz2qbSc6WuyMGYEtfElhoHs4QXwVaO1Vadetol5U8qvI71a/HXeUIgnrZdt
+3mbvZJpz7iHjEJk3SF6vIICKrqTohJWorlK8eviY3EvrY47yPcDwVvdDqee/rqsf
+/iwcaV4dgvq0+lagSi/TFbwXHLtmyi4ZOBJnGW6ya3TKh9O0jvrVAgMBAAGjgcIw
+gb8wCQYDVR0TBAIwADAdBgNVHQ4EFgQU9H7yL25sJZBEUINeNscO/xXS9lgwUwYD
+VR0jBEwwSoAUqcIxI8gIhmtOS0y7Tfy9rPnS5vqhHKQaMBgxFjAUBgNVBAMMDXRl
+c3R1bmljYWwuaXSCFCQ40u+Ci6K5V0nHPvu5Hr+GnSSvMBMGA1UdJQQMMAoGCCsG
+AQUFBwMBMAsGA1UdDwQEAwIFoDAcBgNVHREEFTATghFzcDEudGVzdHVuaWNhbC5p
+dDANBgkqhkiG9w0BAQsFAAOCAQEAFrG52wjUDaZuJ7qYS4XXaaJI8Dyj5E9MdxP9
+53XAdS/RYZ1oMbt96Dg9eFHERh4Y+NfOptJDjd04Qk013xbPk33iz3GRAzQEzvfb
+rU+Calx+EadszUitr3aLpOMFWBkJQjvS7o8OXLmcnWOTndd+z1bEsSuzssb9BdVs
+qhWVSruMJmkqBd3P9F62QJYpY70D+3nw/E8IHzT70AhJ3tEs22wASw1c1xdvdqdL
+05diuf0Rkw3eaXnPROlRHqZlASPWsa01XG1uV6lR9+qrEDvOt+xwaBTmErw1q7Po
+HQhTvIXadhvWqRFS1bZ1L2qfQLNqLtWJCOGq6Dyhw8nLTDyHJg==
+-----END CERTIFICATE-----
diff --git a/example_sp/djangosaml2_sp/custom_accounts/__init__.py b/example_sp/djangosaml2_sp/custom_accounts/__init__.py
new file mode 100644
index 0000000..577d775
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/__init__.py
@@ -0,0 +1 @@
+default_app_config = 'custom_accounts.apps.Custom_AccountsConfig'
diff --git a/example_sp/djangosaml2_sp/custom_accounts/admin.py b/example_sp/djangosaml2_sp/custom_accounts/admin.py
new file mode 100644
index 0000000..cd7095e
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/admin.py
@@ -0,0 +1,46 @@
+from django.contrib import admin
+from django.utils.translation import gettext_lazy as _
+from django.contrib.auth.admin import UserAdmin
+
+from .models import User
+
+@admin.register(User)
+class CustomUserAdmin(UserAdmin):
+    ordering = ('username',)
+    readonly_fields = ('date_joined', 'last_login',)
+    list_display = ('username', 'matricola', 'email',
+                    'is_active', 'is_staff', 'is_superuser', )
+    list_editable = ('is_active', 'is_staff', 'is_superuser',)
+    fieldsets = (
+        (None, {'fields': (('username', 'is_active',
+                            'is_staff', 'is_superuser'),
+                           ('password'),
+                           )
+               }
+        ),
+        (_('Angrafica'), {'fields': (( 'first_name', 'last_name'),
+                                     ( 'matricola', 'email'),
+                                     ('codice_fiscale',),
+                                     ('gender', 'location', 'birth_date'),
+                                    )
+                         }
+        ),
+        (_('Permissions'), {'fields': ('groups', 'user_permissions'),
+                            'classes':('collapse',)
+                           }
+        ),
+        (_('Date accessi'), {'fields': (('date_joined',
+                                         'last_login'),
+                                       )
+                            }
+        ),
+    )
+    add_fieldsets = (
+        (None, {
+            'classes': ('wide',),
+            'fields': ('username', 'password1', 'password2'),
+        }),
+    )
+
+admin.site.unregister(User)
+admin.site.register(User, CustomUserAdmin)
diff --git a/example_sp/djangosaml2_sp/custom_accounts/apps.py b/example_sp/djangosaml2_sp/custom_accounts/apps.py
new file mode 100644
index 0000000..c135c37
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/apps.py
@@ -0,0 +1,7 @@
+from django.apps import AppConfig
+from django.utils.translation import gettext_lazy as _
+
+
+class Custom_AccountsConfig(AppConfig):
+    name = 'custom_accounts'
+    verbose_name = _("Autenticazione e Autorizzazione Utenti")
diff --git a/example_sp/djangosaml2_sp/custom_accounts/migrations/0001_initial.py b/example_sp/djangosaml2_sp/custom_accounts/migrations/0001_initial.py
new file mode 100644
index 0000000..5e21e56
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/migrations/0001_initial.py
@@ -0,0 +1,48 @@
+# Generated by Django 2.1.7 on 2019-03-12 15:32
+
+import django.contrib.auth.models
+from django.db import migrations, models
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('auth', '0009_alter_user_last_name_max_length'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='User',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('password', models.CharField(max_length=128, verbose_name='password')),
+                ('last_login', models.DateTimeField(blank=True, null=True, verbose_name='last login')),
+                ('is_superuser', models.BooleanField(default=False, help_text='Designates that this user has all permissions without explicitly assigning them.', verbose_name='superuser status')),
+                ('is_staff', models.BooleanField(default=False, help_text='Designates whether the user can log into this admin site.', verbose_name='staff status')),
+                ('date_joined', models.DateTimeField(default=django.utils.timezone.now, verbose_name='date joined')),
+                ('username', models.CharField(max_length=254, unique=True, verbose_name='Username')),
+                ('is_active', models.BooleanField(default=True, verbose_name='attivo')),
+                ('email', models.EmailField(blank=True, max_length=254, null=True, verbose_name='email address')),
+                ('matricola', models.CharField(blank=True, help_text='come rappresentata su CSA', max_length=254, null=True, verbose_name='Matricola')),
+                ('first_name', models.CharField(blank=True, max_length=30, null=True, verbose_name='Nome')),
+                ('last_name', models.CharField(blank=True, max_length=30, null=True, verbose_name='Cognome')),
+                ('codice_fiscale', models.CharField(blank=True, max_length=16, null=True, verbose_name='Codice Fiscale')),
+                ('gender', models.CharField(blank=True, choices=[('male', 'Maschio'), ('female', 'Femmina'), ('other', 'Altro')], max_length=12, null=True, verbose_name='Genere')),
+                ('location', models.CharField(blank=True, max_length=30, null=True, verbose_name='Luogo di nascita')),
+                ('birth_date', models.DateField(blank=True, null=True, verbose_name='Data di nascita')),
+                ('groups', models.ManyToManyField(blank=True, help_text='The groups this user belongs to. A user will get all permissions granted to each of their groups.', related_name='user_set', related_query_name='user', to='auth.Group', verbose_name='groups')),
+                ('user_permissions', models.ManyToManyField(blank=True, help_text='Specific permissions for this user.', related_name='user_set', related_query_name='user', to='auth.Permission', verbose_name='user permissions')),
+            ],
+            options={
+                'verbose_name_plural': 'Accounts',
+                'ordering': ['username'],
+                'permissions': (('can_view', 'Permesso in lettura'), ('can_view_his_own', 'Permesso in lettura esclusivamente dei propri inserimenti'), ('can_change', 'Permesso in modifica'), ('can_change_his_own', 'Permesso in modifica esclusivamente dei propri inserimenti'), ('can_delete', 'Permesso in cancellazione'), ('can_delete_his_own', 'Permesso in cancellazione esclusivamente dei propri inserimenti')),
+            },
+            managers=[
+                ('objects', django.contrib.auth.models.UserManager()),
+            ],
+        ),
+    ]
diff --git a/example_sp/djangosaml2_sp/custom_accounts/migrations/0002_auto_20190402_0836.py b/example_sp/djangosaml2_sp/custom_accounts/migrations/0002_auto_20190402_0836.py
new file mode 100644
index 0000000..8682563
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/migrations/0002_auto_20190402_0836.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.13 on 2019-04-02 08:36
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('custom_accounts', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='user',
+            old_name='location',
+            new_name='place_of_birth',
+        ),
+    ]
diff --git a/example_sp/djangosaml2_sp/custom_accounts/migrations/0003_alter_user_options.py b/example_sp/djangosaml2_sp/custom_accounts/migrations/0003_alter_user_options.py
new file mode 100644
index 0000000..9264a0d
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/migrations/0003_alter_user_options.py
@@ -0,0 +1,17 @@
+# Generated by Django 3.2.5 on 2021-07-23 11:34
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('custom_accounts', '0002_auto_20190402_0836'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='user',
+            options={'ordering': ['username'], 'verbose_name_plural': 'Accounts'},
+        ),
+    ]
diff --git a/example_sp/djangosaml2_sp/custom_accounts/migrations/__init__.py b/example_sp/djangosaml2_sp/custom_accounts/migrations/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example_sp/djangosaml2_sp/custom_accounts/models.py b/example_sp/djangosaml2_sp/custom_accounts/models.py
new file mode 100644
index 0000000..6481497
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/models.py
@@ -0,0 +1,41 @@
+from django.conf import settings
+from django.contrib.auth.models import AbstractUser
+from django.contrib.contenttypes.models import ContentType
+from django.db import models
+from django.utils.translation import gettext_lazy as _
+
+
+class User(AbstractUser):
+    GENDER= (
+                ( 'male', _('Maschio')),
+                ( 'female', _('Femmina')),
+                ( 'other', _('Altro')),
+            )
+
+    # for NameID extreme lenghtness
+    USERNAME_FIELD = 'username'
+    username = models.CharField(_('Username'), max_length=254,
+                                  blank=False, null=False, unique=True)
+    is_active = models.BooleanField(_('attivo'), default=True)
+    email = models.EmailField(_('email address'), blank=True, null=True)
+    matricola = models.CharField(_('Matricola'), max_length=254,
+                                 blank=True, null=True,
+                                 help_text="come rappresentata su CSA")
+    first_name = models.CharField(_('Nome'), max_length=30, blank=True, null=True)
+    last_name = models.CharField(_('Cognome'), max_length=30,
+                                 blank=True, null=True)
+    codice_fiscale = models.CharField(_('Codice Fiscale'), max_length=16,
+                                      blank=True, null=True)
+    gender    = models.CharField(_('Genere'), choices=GENDER,
+                                 max_length=12, blank=True, null=True)
+    place_of_birth = models.CharField(_('Luogo di nascita'), max_length=30,
+                                blank=True, null=True)
+    birth_date = models.DateField(_('Data di nascita'), null=True, blank=True)
+
+    class Meta:
+        ordering = ['username']
+        verbose_name_plural = _("Accounts")
+
+    def __str__(self):
+        return '{} - {} {}'.format(self.matricola,
+                                   self.first_name, self.last_name)
diff --git a/example_sp/djangosaml2_sp/custom_accounts/templatetags/__init__.py b/example_sp/djangosaml2_sp/custom_accounts/templatetags/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example_sp/djangosaml2_sp/custom_accounts/templatetags/has_group.py b/example_sp/djangosaml2_sp/custom_accounts/templatetags/has_group.py
new file mode 100644
index 0000000..aa402da
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/templatetags/has_group.py
@@ -0,0 +1,9 @@
+from django import template
+from django.contrib.auth.models import Group 
+
+register = template.Library() 
+
+@register.filter(name='has_group') 
+def has_group(user, group_name):
+    group =  Group.objects.get(name=group_name) 
+    return group in user.groups.all() 
diff --git a/example_sp/djangosaml2_sp/custom_accounts/tests.py b/example_sp/djangosaml2_sp/custom_accounts/tests.py
new file mode 100644
index 0000000..7ce503c
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/example_sp/djangosaml2_sp/custom_accounts/urls.py b/example_sp/djangosaml2_sp/custom_accounts/urls.py
new file mode 100644
index 0000000..bf7b4d3
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/urls.py
@@ -0,0 +1,23 @@
+"""URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+    https://docs.djangoproject.com/en/1.10/topics/http/urls/
+Examples:
+Function views
+    1. Add an import:  from my_app import views
+    2. Add a URL to urlpatterns:  url(r'^$', views.home, name='home')
+Class-based views
+    1. Add an import:  from other_app.views import Home
+    2. Add a URL to urlpatterns:  url(r'^$', Home.as_view(), name='home')
+Including another URLconf
+    1. Import the include() function: from django.conf.urls import url, include
+    2. Add a URL to urlpatterns:  url(r'^blog/', include('blog.urls'))
+"""
+from django.urls import path
+from .views import *
+
+app_name="custom_accounts"
+urlpatterns = [
+    # path(r'^login/$', Login, name='login'),
+    # path('logout', Logout, name='logout'),    
+]
diff --git a/example_sp/djangosaml2_sp/custom_accounts/views.py b/example_sp/djangosaml2_sp/custom_accounts/views.py
new file mode 100644
index 0000000..fe5db1c
--- /dev/null
+++ b/example_sp/djangosaml2_sp/custom_accounts/views.py
@@ -0,0 +1,16 @@
+from django.http import HttpResponse, Http404, HttpResponseRedirect, HttpResponseNotFound
+
+from django.shortcuts import render
+from django.contrib.auth.decorators import login_required
+from django.shortcuts import get_object_or_404
+from .models import *
+from .forms import *
+
+from django.utils.translation import gettext_lazy as _
+from django.core.exceptions import ValidationError
+
+from django.template import RequestContext
+from django.core.urlresolvers import reverse
+from .functions import Form_save, Form_update
+
+from django.contrib.auth import authenticate, login, logout
diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/__init__.py b/example_sp/djangosaml2_sp/djangosaml2_sp/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/settings.py b/example_sp/djangosaml2_sp/djangosaml2_sp/settings.py
new file mode 100644
index 0000000..c7f016f
--- /dev/null
+++ b/example_sp/djangosaml2_sp/djangosaml2_sp/settings.py
@@ -0,0 +1,126 @@
+"""
+Django settings for djangosaml2_sp project.
+
+Generated by 'django-admin startproject' using Django 2.0.5.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/2.0/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/2.0/ref/settings/
+"""
+
+import os
+
+from . settingslocal import *
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+
+    # SAML session with SameSite = None
+    'djangosaml2.middleware.SamlSessionMiddleware'
+]
+
+SAML_SESSION_COOKIE_NAME = 'saml_session'
+
+ROOT_URLCONF = 'djangosaml2_sp.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'djangosaml2_sp.wsgi.application'
+
+# Database
+# https://docs.djangoproject.com/en/2.0/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': 'sqlite3.db',
+    }
+}
+
+DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
+
+# Password validation
+# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+    },
+    {
+        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+    },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/2.0/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/2.0/howto/static-files/
+
+STATIC_URL = '/static/'
+
+#
+SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+SESSION_COOKIE_AGE = 60 * 60  # an hour
+
+LOGIN_REDIRECT_URL = '/'
+LOGOUT_REDIRECT_URL = '/'
+
+
+if 'saml2_sp' in INSTALLED_APPS or \
+   'djangosaml2_spid' in INSTALLED_APPS:
+
+    AUTHENTICATION_BACKENDS = (
+        'django.contrib.auth.backends.ModelBackend',
+        'djangosaml2.backends.Saml2Backend',
+    )
+
+
+# SPID SP
+if 'djangosaml2_spid' in INSTALLED_APPS:
+    from . spid_settingslocal import *
+elif 'saml2_sp' in INSTALLED_APPS:
+    from . sp_pysaml2_satosa import *
diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/settingslocal.py b/example_sp/djangosaml2_sp/djangosaml2_sp/settingslocal.py
new file mode 100644
index 0000000..36ea904
--- /dev/null
+++ b/example_sp/djangosaml2_sp/djangosaml2_sp/settingslocal.py
@@ -0,0 +1,63 @@
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'btl-x0ja09$zqer3h^n^_ic!9h+1q0g!-wqzj&&zio@(@5p*no'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = ['*']
+
+# Application definition
+
+INSTALLED_APPS = [
+    # custom user model
+    'custom_accounts',
+
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+
+    # SAML2 SP
+    'djangosaml2',
+    'saml2_sp',
+    'djangosaml2_sp'
+]
+
+AUTH_USER_MODEL = 'custom_accounts.User'
+
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'filters': {
+        'require_debug_false': {
+            '()': 'django.utils.log.RequireDebugFalse'
+        }
+    },
+    'handlers': {
+        'mail_admins': {
+            'level': 'ERROR',
+            'filters': ['require_debug_false'],
+            'class': 'django.utils.log.AdminEmailHandler'
+        },
+        'console': {
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+        },
+    },
+    'loggers': {
+        'django.request': {
+            'handlers': ['mail_admins'],
+            'level': 'ERROR',
+            'propagate': True,
+        },
+        'djangosaml2': {
+            'handlers': ['console'],
+            'level': 'DEBUG',
+        },
+    }
+}
diff --git a/example/tests/sp/sp_pysaml2.py b/example_sp/djangosaml2_sp/djangosaml2_sp/sp_pysaml2_satosa.py
similarity index 57%
rename from example/tests/sp/sp_pysaml2.py
rename to example_sp/djangosaml2_sp/djangosaml2_sp/sp_pysaml2_satosa.py
index 52c8497..a19e1f1 100644
--- a/example/tests/sp/sp_pysaml2.py
+++ b/example_sp/djangosaml2_sp/djangosaml2_sp/sp_pysaml2_satosa.py
@@ -1,51 +1,52 @@
 import os
 import saml2
-
 from saml2.entity_category import refeds, edugain
 from saml2.saml import (NAMEID_FORMAT_PERSISTENT,
                         NAMEID_FORMAT_TRANSIENT,
-                        NAMEID_FORMAT_UNSPECIFIED)
+                        NAMEID_FORMAT_UNSPECIFIED,
+                        NAMEID_FORMAT_EMAILADDRESS)
 from saml2.sigver import get_xmlsec_binary
 
-
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
-BASE = 'http://sp1.testunical.it'
+BASE = 'http://localhost:8000'
 BASE_URL = '{}/saml2'.format(BASE)
 
 LOGIN_URL = '/saml2/login/'
 LOGOUT_URL = '/saml2/logout/'
 LOGIN_REDIRECT_URL = '/saml2/echo_attributes'
 
-# needed only if metadata are downloaded remotely
-# IDP_URL = 'http://idp1.testunical.it:9000/idp'
-
+SAML2_DEFAULT_BINDING = saml2.BINDING_HTTP_POST
 SAML_CONFIG = {
     'debug' : True,
-    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin',
-                                        '/usr/bin/xmlsec1']),
-    'entityid': '%s/metadata/' % BASE_URL,
+    'xmlsec_binary': get_xmlsec_binary(
+        ['/opt/local/bin', '/usr/bin/xmlsec1']
+    ),
+    'entityid': f'{BASE_URL}/metadata/',
+    'attribute_map_dir': 'saml2_sp/saml2_config/attribute-maps/',
+    'service': {
 
-    # 'entity_category': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
-                        # refeds.RESEARCH_AND_SCHOLARSHIP],
 
-    'attribute_map_dir': os.path.join(BASE_DIR, 'sp/attribute-maps'),
-    'service': {
         'sp': {
             'name': '%s/metadata/' % BASE_URL,
 
-            # SPID needs NAMEID_FORMAT_TRANSIENT
-            'name_id_format': [NAMEID_FORMAT_PERSISTENT,
-                               NAMEID_FORMAT_TRANSIENT],
+            # that's for metadata
+            'name_id_format': [
+                               #  NAMEID_FORMAT_EMAILADDRESS,
+                               NAMEID_FORMAT_PERSISTENT,
+                               NAMEID_FORMAT_TRANSIENT
+                               ],
+            # that's for authn request
+            'name_id_policy_format': NAMEID_FORMAT_TRANSIENT,
 
             'endpoints': {
                 'assertion_consumer_service': [
-                    ('%s/acs/' % BASE_URL, saml2.BINDING_HTTP_POST),
+                    (f'{BASE_URL}/acs/', saml2.BINDING_HTTP_POST, 1),
                     ],
                 "single_logout_service": [
-                    ("%s/ls/post/" % BASE_URL, saml2.BINDING_HTTP_POST),
-                    ("%s/ls/" % BASE_URL, saml2.BINDING_HTTP_REDIRECT),
+                    (f"{BASE_URL}/ls/post/", saml2.BINDING_HTTP_POST),
+                    (f"{BASE_URL}/ls/", saml2.BINDING_HTTP_REDIRECT),
                 ],
                 }, # end endpoints
 
@@ -56,17 +57,16 @@
 
             # Mandates that the identity provider MUST authenticate the
             # presenter directly rather than rely on a previous security context.
-            "force_authn": True,
-            'name_id_format_allow_create': False,
+            "force_authn": False,
+            #'name_id_format_allow_create': False,
 
             # attributes that this project need to identify a user
-            # 'required_attributes': ['email', 'givenName',
-                                    # 'eduPersonaPrincipalName', 'sn',
-                                    # 'displayName'],
-            #'required_attributes': ['email'],
+            'required_attributes': [
+                'givenName', 'sn', 'mail'
+            ],
 
             # attributes that may be useful to have but not required
-            # 'optional_attributes': ['eduPersonAffiliation'],
+            'optional_attributes': ['eduPersonAffiliation', "displayName"],
 
             'want_response_signed': True,
             'authn_requests_signed': True,
@@ -93,10 +93,15 @@
 
     # many metadata, many idp...
     'metadata': {
-        'local': [
-                  os.path.join(BASE_DIR, 'sp/metadata'),
-                  ],
-        #
+         'local': [
+
+                   os.path.join(os.path.join(os.path.join(BASE_DIR, 'saml2_sp'),
+                   'saml2_config')),
+
+                  # os.path.join(os.path.join(os.path.join(BASE_DIR, 'saml2_sp'),
+                  # 'saml2_config'), 'satosa_metadata.xml'),
+                   ],
+        #  #
 
         "remote": [
             # {
@@ -104,57 +109,74 @@
             #"cert": "/opt/satosa-saml2/pki/frontend.cert",
             #"disable_ssl_certificate_validation": True,
             # },
+            {
+            "url": "http://localhost:9000/idp/metadata/",
+              "disable_ssl_certificate_validation": True,
+              "check_validity": False,
+            },
+            #  {
+             #  "url": "https://idp.testunical.it/idp/shibboleth",
+             #  "disable_ssl_certificate_validation": True,
+             #  },
+             #  {
+              #  "url": "http://idp1.testunical.it:9000/idp/metadata/",
+              #  },
+             #  {
+              #  "url": "http://idp1.testunical.it:9000/idp/aa/metadata/",
+              #  },
             # {
-             # "url": "https://auth.unical.it/idp/metadata/",
-             #"disable_ssl_certificate_validation": True,
+             # 'url': 'https://localhost:10000/Saml2IDP/metadata',
+             # only for test purpose !
+             # "disable_ssl_certificate_validation": True,
              # }
             ],
 
-
-
         # "mdq": [{
             # "url": "https://ds.testunical.it",
-            # "cert": "certficates/others/ds.testunical.it.cert",
+            # "cert": "certificates/others/ds.testunical.it.cert",
             # "disable_ssl_certificate_validation": True,
             # }]
 
     },
-    # avoids exception: HTTPSConnectionPool(host='satosa.testunical.it', port=443): Max retries exceeded with url: /idp/shibboleth (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
+    # avoids exception: HTTPSConnectionPool(host='satosa.testunical.it', port=443):
+    # Max retries exceeded with url: /idp/shibboleth (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
     #'ca_certs' : "/opt/satosa-saml2/pki/http_certificates/ca.crt",
 
     # Signing
-    'key_file': BASE_DIR + '/sp/certificates/private.key',
-    'cert_file': BASE_DIR + '/sp/certificates/public.cert',
+    'key_file': BASE_DIR + '/certificates/private.key',
+    'cert_file': BASE_DIR + '/certificates/public.cert',
 
     # Encryption
     'encryption_keypairs': [{
-        'key_file': BASE_DIR + '/sp/certificates/private.key',
-        'cert_file': BASE_DIR + '/sp/certificates/public.cert',
+        'key_file': BASE_DIR + '/certificates/private.key',
+        'cert_file': BASE_DIR + '/certificates/public.cert',
     }],
 
     # own metadata settings
     'contact_person': [
       {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
+       'sur_name': 'That',
+       'company': 'ACSIA',
+       'email_address': 'giuseppe@that.it',
        'contact_type': 'administrative'},
       {'given_name': 'Giuseppe',
-       'sur_name': 'De Marco',
-       'company': 'Universita della Calabria',
-       'email_address': 'giuseppe.demarco@unical.it',
+       'sur_name': 'That',
+       'company': 'ACSIA',
+       'email_address': 'giuseppe@that.it',
        'contact_type': 'technical'},
       ],
     # you can set multilanguage information here
     'organization': {
-      'name': [('Unical', 'it'), ('Unical', 'en')],
-      'display_name': [('Unical', 'it'), ('Unical', 'en')],
-      'url': [('http://www.unical.it', 'it'), ('http://www.unical.it', 'en')],
+      'name': [('ACSIA', 'it'), ('ACSIA', 'en')],
+      'display_name': [('ACSIA', 'it'), ('ACSIA', 'en')],
+      'url': [('http://www.ACSIA.com', 'it'), ('http://www.ACSIA.com', 'en')],
       },
 
     #'valid_for': 24 * 10,
 }
 
+CONFIG = SAML_CONFIG
+
 # OR NAME_ID or MAIN_ATTRIBUTE (not together!)
 SAML_USE_NAME_ID_AS_USERNAME = True
 # SAML_DJANGO_USER_MAIN_ATTRIBUTE = 'email'
diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/sqlite3.db b/example_sp/djangosaml2_sp/djangosaml2_sp/sqlite3.db
new file mode 100644
index 0000000000000000000000000000000000000000..cf143609816f903e06c7ad7122bcc720a886db63
GIT binary patch
literal 208896
zcmeIbdu$`wnja>1OWo7cEpgtO`<S_!o;&y6-oD*aPm-mZ>${@J;-gi?X0aZuaxR2=
zP%74gq{MeEHcro8>@F6LlfZTsYa_N{=Y{M)&SK*P2sViA0K4%9Uc`x=*Z~40i>z(H
zhLLsP09iZ8cZ!rmNmMtxTRpd@`)EdNvFg;RbAIRfJ<ji|Rd<@b#>QUzFf@A`^wL{P
ziNw;+Zfq<qUHNlMOG`BT67YKkepB$f48KP|iK9O*{ulDN|INR;0tphyKSIggpZs(2
z6Zj5B03(1AzzARjFaj6>i~vReBY+XW2w(&-0+)@zd+V!^<-0f6my*Ao{Q2Zg^2*w8
zt^M3udiDQa{f}37S3kJ*4{rS@w;H#;e)I3%{L?pgAQ}F_2w(&-0vG{|07d{KfDyn5
zyow0W@2)I;^x0Oo(d{<dtu8?j<ZiRo>^04RA}Hb>k-kS08zi+!)0=eWKE-eZk;=cb
zvUK+cTXw(OYlpk0ZMXZa9(tDAHT%8xE=7<W!N4~nL#O6uL(??L{p{N-OYax9;1L&I
zOYZhNj@fJMb`IO4@ouMa7&a$`nwtYbrMdL>TabfrlmoGA2EE4N?*3uB-`Q=MVPiKm
zN4r6zwcm5+WkP0XGR2gVD@*Izmg$7e7Sw^>4chySR_}1UYdQ|pt_Q&E?gi%luI;v)
zcB4BtD<(s5?A97&1vQ#xMV(}I*a+K$#snV7c5W6Fpp_z4A&bwBvv_Q4kVJ}M=*?Tu
z8lTN+jmJJqWT0i}!c72BnF2^~Qvmy2Krt}8y+uGIQW+wX=HG;jYDXDmW-~&$EzlSQ
zOOX`);0EOL<D-1i(|iVI(1gCxKJ3PA(l|V9AMS?GXU+Zj%|TEpf=O+?0hyJKGE40q
zHV*pD!^W=NZuOvrd*e={yNkN*`Q}L9=eTr+;<DEviw8$pu(S1w0fN5LZ0)xC!JOd&
zd1P2Nlls|fkjGI!Cz#nhj<IQXdUN^}<d9-g6tleoIUMzK=%JH-9ye1XG@HR=`#EGn
z(;S;FE<+~J&*R~ShH5-mPR7}j8yj*WQdBDa`BlgX`sgI5$8@vw{Y*NOVpGK{D@&gh
zwq|jUXN&2mm|ovS4HB1PUVCJi49$}11mpyreWnE=r^gq8qB0q7HTiEWT}xJ$lK)lm
zA10g0|0wyZ@CE;11TX>^0gM1f03(1AzzARjFaj6>i~vReBk(u`K78XUn>eEY+(inB
zm3Nn~-c2CYz>Es-<K*92`r6#=R<B?E<c&CWthIah+SPk+IG)+sZ-b@>6mm#|_I~2(
z=ZWdXu(^L|B8^=4UC8hKb9t^`y-FXYomDGbdlQmgOa7Zn$-kTYjpScX{@LU|f-m?7
zBY+XW2w(&-0vG{|07d{KfDyn5U<5D%7=cSg;JxLKzL7X`Gn)Q;?VHP=eVUlH<<I=R
zvbOyGdaOu@H3Q4<F2Dat{Po0R;p#if>mMazJ;9OB&Xx7$yYJsPqnJQ?3FQBOE%_&w
z!216`CI6e`f0q0+@CE;11TX>^0gM1f03(1AzzARjFaj6>i~vReBXF4rynAhV>7#F)
zk^jH3vb^-!r!z8tcjoWa<>jUK*O6;LEdRfA6~2CgzMjbcZ(mtnTL0*j{J)-9Ub_4K
z9QhyF|36;+^`+!LPyVUoAi0+mlfRk#3(5Z@`9CE8M)C*A&yvZtKU({PwZFag*Vg{h
z+P|~*^K0IkzP7#gGiz_J{=cjLX!U<w{jcF+{DTp|2w(&-0vG{|07d{KfDyn5U<5D%
zmx;hT%Zbkt*9OhTaCa&&e*E5Y;!fh4(+C<s5HY>@(d44-g17kb#c#g7ocJ_x4KX)N
zlYQfZ<;1<jN}Sz{c=`1YmlI@SWt!#8jjv5^OtYQ2@!|W+iMxpvl=aNj^|zK2pCp#!
z>|;UogShz1(~RRw?@umGvy3mjmt0PKE3u3+i@(1cXMQ!#=0w1KXMH*GdE)9cuaoO<
zPp(fhJh}c>49QiL>&eCByUU61Ca%O;ADPM5;@4f7W_)yYb#ir@?a|d+ap|w1Oph+z
zTwlIHCTz2{JI%puc6Zyu)|<)Y8=uTvzj2&yn&&j#8^`G;*RQ|7eB)mHTwKa&s%xvu
zH$FPP3jP2$zLkjYBYXbxTgx{-O-x^pE?kW-Oy7epT)730-$2Davj4B#`t7CU57vHT
z^`EXf@F)Jk2w(&-0vG{|07d{KfDyn5U<5D%FEav<zP|GI((2Y5Z*2YO#*dah{Tc~{
zov@{G_lVR62`r7NO@_VC(i{zZdNGCL@f~uLX71C#8JNn1=3%pa|F8`Vi$B|IbbI|)
z(>8<q&EDg0Y{XCO1Kr)<{7c)FTxmPcmulNvJNfvrN7t6$nH28P>J8*@jeaI&$lN2y
z4T{<%(}+eA2m@0TedZ3k$#VBIY$~1RNYk`4T#8}|*2$zYEKu~NGERnJ_E;)yGAx&3
z8x0}@6p*w@q=A!;W%q2;+M^ht%X3)gQTFOdLFU86aGNA^KLt6X{}I#WQ4xs@DhQb&
z365c`v}0#%JC#avsYZ%U6VzVXGR-v2W-@!}G(~bG#RB&uX<8he;vo5+naR+OW!t91
zJ^|(@p?T$`5~tAwQciM%AT~*MlStjqK)G0MQi&tFPL@Dzou;@HO<NXcIt{L2nNT5S
zuaR+VmgMY)nX#bMP<+a?%#35QOgfb!&D371!DiTW+99A$B)#`2n>Z=RX*7>9BR3i5
zKF4NAa@wp%1%d8Ju=g40i_qebADu~CR*EI}7>Y}CCJn9WkPf>?07)M~XBrg2a2Y5C
zLpZ?NmrgkiyMc<9*|Uh}>6^&@zq0nbOKbla7yv&{_Tf+bgAu?8U<5D%7y*m`MgSv#
z5x@vw1TX>^ftMM9kFNeGaiJ)@l3#wbns{CX%5t2`^J+h?#<@JN`r%3rYINgybqBEm
z<*k>wS#jAg0vG{|07d{KfDyn5U<5D%7y*m`MgSv#5qMq%;`9GWZ7KOLlmAch50n2C
z`2T-D`M)LqKCl7)Uh=<7{>|iXCI1Ux1^o5of0+D>$zMzU>Eyqa{H5fh<j*Dh$u`6b
zw39!Ehw%?a03(1AzzARjFaj6>i~vReBY+XW2w((WPXt!3CKA^^jz2$&Kff7&egl23
zd_DgBTKxH8{JD-kmp_O<-;Y1vi$C8*pI6_BKi`f&--<tz=<~{2{J9!`-ikkOE?>Qo
zcoTixKp$_QkL&2;8v0m4AIs?DD*Cu`_3DiqE6_g6$$x@ciA?@c@?RwXugRC!v)OR1
zF#;F?i~vReBY+XW2w(&-0vG{|07d{K@Jb-?Gao=TzVj}8+<qHAK3PTf|0V4Ik5Irr
z7y*m`MgSv#5x@vw1TX>^0gM1f03(1Acx4g5^8YK_w76mz0gM1f03(1AzzARjFaj6>
zi~vReBY+V&MgYtI$57xuFaj6>i~vReBY+XW2w(&-0vG{|07d{K@X8{9`2RnC^ADGj
z|7Y^QP5zbSFD9Mjdu#t}?a!|rtbMrp&sTqE_1|9|tct4}xBl?f@7(%NZ~fve>sI#G
z`prMM`JdnX<(qpq|JcnB;9>lO5x@vw1TX>^0gM1f03(1Acxe&1{qf3D;<J0#2F=EB
zx7&b7@9oyM+1fzgH>Tge^AV)ELtb+lL8I50O*Of4obH>Gbhc}@_D`joTsca&@eN4#
z>D_Cl<IH9TUyoAU{W_$$mtKiWWw%?sMyuBwcN)hfn_k;M7eD_RBqo2bGA-Vj<kKRa
zdf>y!1JiPzd0<-B*$3{d!vlBO6;$9esZpV4lYaaGB>m*ha$NHL!*;)OT;}-O?f2pS
zXZMz;g*{F&E#@T6dy_QN@*Ss{mMs4M&37Tqx4yfKigcU+6(;`jy?5a5UHWQVicaG&
zY@Tk|lS|)!8&ZCrzB(<>$qiKOX`xOoe*djW>S@VNZlKiD;+<UlP7+ezA+Mq`o?Jyq
zQ9)0xe6|MZzDr(-OB=NJp|KCg$FRYLjrhu)RY-Q1y)rH8Y{F?lPm<o6B%PLXHtDpK
z$4NiE2}wWu{0b`MY&ulL<3!q<*OqROk8av#Yj^s3x7poo4_glbTo^U&jV1tKw(Ld_
zm=TPj#zv!S2mNkyV1`io24LCT=p42?hfPS@Z5%ey<>vQ*a_+__KRU_x!u+H+;vyta
z(rLBk6d`Oo&Ap~=F820MucNoKCt1$E{U|H(8YH^+Cs3lef#$pwriEVraKV>utU!Jr
z(MS2szH*w+H<lsAx4s*{tq)LbAI(ST%eSt=%}?)6TjA*Tv;)KmuEYtZ7#$^;Haq(I
zwFD}_XQ;uC?xMy<f4{l*_m|dI|K8Htze)zl+sS`-%}f5TYrnacU)xyyd&$DuzrFfL
z$-nl}PUW~@7y*m`MgSv#5x@vw1TX>^0gM1f;I&8K+gF7|FTHP$_S;;~Y`5BnT;O{n
zlE`#SCm8na40-S&N;FRQdjUJPy@Nxt(@V4Ib~FYlzH6ljhaL6Jb(H9^dB7eF*-^%K
zeU3WpTLIM|n|`m?CWqsUfA9fHbl?s$UApZJ$xf8v2K}hfbh@pBz0PPaO%6JTt0+;E
z*&hwU9z_f|D%By{4BI1yDRSg-!-m!CQfnyDh{zD^A=@6C(VmlLM^tDJ4%*%QM$mFN
zlJak&L}8j~bocBG9l2?O+qXC-+;3a#DC#zY@X#iZU;DS8)DKWbq-h=WBkmyM49V0W
zLy>{)du@tgM+fZ`cQ|?<CE7bA$uT!(1K*|ssFE3u{evKEH%9}fX^zM5p+tkQG3fS#
z0n->n1kDaZ$M;8_Zp-QS+JsN`-$jY6(A&#|eZtE0*+H5NGd*Iz;jr{xufcSgJ^CG#
zX#c>mn^elPDW4m-sUhJXWV}wt8@AZCW2Q%MqeKzY8aBpmG;9wXZqOWeT#K-v4N}8_
zGj!ShTPRWB?T!2}YMYkjIAekinS;n}5<VS}4z+JFNo4=W{C`jCDEK}`03(1AzzARj
zFaj6>i~vReBY+XW2w()h+6Z9z|Et}8xbzqSi~vReBY+XW2w(&-0vG{|07d{KfDu>(
z0nGom2ue5&MgSv#5x@vw1TX>^0gM1f03(1AzzARjzS;<^Uj3D&TUYKbCBMD)ch;`0
z{@~{AH`yD%^v2)1{+F-)_t!qVa`))JrT<`lJ%3^O!|UssmiWnj&$NPu-S76=;jU@h
z?S8A*jp+s^ADv@Pj_$>Y=D%ZU>DvEy(H(sKOGDs`e|`P>`u29>CqKHlsbemd`3*d|
z_4c-u-;(ni@>X^yzj1qRSD2){z45)<P3Janhx8izjl&JGB5#Pw&d$a|sU&Pk`o@F2
zzOkjqm68Z~3VBif{>E)YX|X%^DJjqArM$SEug!n!^mTVOawwq`7q29i<kHs8jy}DZ
z&%rC=(mnYdX20i7cxo2Q`OdBGl|TQbwIzNLMqqIS9)0`0>+3(hn|LHNTTWvXckPq;
z{D>fG7g1Bez}Thsm~^VaSZC6`IUV{XF_*7z+&**n!dz}|RK#<s(U_W&P#wMY_MJzy
zcdxIH?<T%TE>ujr?KE1zRkTaM89+MCn!Ej0^WaReu1yQAh^4BM-&nBh^Rr&KCNRq!
z<#7AX7oWXzef{p;#7`3Ow0ov}XTBy+Pp@b0KGT$X7UuI4^6b>=c)*0#KGm3u&406X
z-WZsNKwotDJ(3{q98dg^0yWp|<GU2gp4`3jX!Gss>-${dk$KYklezk&t9EBtxlm8d
zFg9y*R3paeT;jDk9rj$J3v!%k>vNAFKu*epmXbS<?!E;h3<^Ip!p=Q6Sx!*7Es`Q^
zYmb{>?$w3LJ;{D1vnLh#=m99LmwaRW(N!+-#ix(M`sjf(5D~URQ>;at47YPNy>;=Z
zJD2tZl~b7Ro_fu~b%RcJDjOJo;;rlJ9GCb>`egi_E5!VUxG`rmo_q9}2IVA|CvJ33
zinZ_{JYD<85B50wlLr=i#~oOAerNHu=jBcLsQAY9^){V&^mFkbm^1V3nw`#WU|Nk}
z7r5o%Go7*=+M%tu>(6;$d2YX-lko95PkQ^D$50C$m+3b2^|)9tpi9@UuhVqm3t$TX
zDQ?b_b1to%?%i`zJX6;`Dc|u#e|8y|lzRT{I}fj1L(8Qe*Q9$8G-CqKgMI_33eSAK
zda4FzZhj9fHs9|y4(>eC6W7;2|2*-9Ig3u%+&?sXKz!Jp*8Jqcl~eiNK6n3Fak*gW
zd;G!(cLCC%*#KF}F?)?3@Gu^)sdte7|JzG{eQ9mH`YX47_tuR!fB(k6ym95)zqs~b
z<-c6{_VPcw@~c<G#Gg&nA<4`6^XR?%*Vk)z5|6mqQ8?vs-EE9I&BMkns`swR+9@iP
zqNmL<O|mg<tLe_}^v$`?pBi1$Tu_V7yzBOzAKbgPUb&N4iVHRESukC;<L|p?-a?-K
z{??<^_ph(txs&+fyR#i``l{1uZ_e#%Go_mTx$8H^C*6mc*;dWU)6iFr(gS4X?Tubz
z)I07haCf$jb9z(Z?zQzl&R$gOxxzj<@9G;rQGVw7I?E=0S%?vsmuB9z>!;C}m*kno
zUdQZqhwVccLB~5&Ds!^;1YiQQ+e2)s&DQKF19b)51K!kbAC^g^oVdMVwcEigr08zX
z+}k^UC+@W#beXwB7cxc}p4}2NC&k*B2rZKmn0Bu@fX(yS*Ed458JyIMVo?T@a))N`
zuxYmg=m$sDp1r--JcK%*em{*m*5v6JkqhsFeABcWyL-*9Z3Z)YdNOsK0kGma2(Y7f
zlhpAot9c086@<?O?W1>g0uwTA@9oA3P98lf)*brJwe`X$7j@8+?b0rJ^7pqMz5TuG
z>z{m*cofE+@#N0QUmu_DcqccWsk@y<jbvv>>!eNZJbLT9*Vile5|7B)Y0q@RW(#%0
ziOv-^_cohi8kU)w&Kk!FzBw)M>1pry_POUzO?t=4Q0<OXZg(Di?>pDmccDnt`9(S-
zNbcH<Wj8Vn>uk}!@r0sXl+VRQJoCiuJ3qPc+4c2%_Y%L9pPgWjt97<SADwR9v$vnA
zjnQ~)w|3ELJUe4dm7FkU+m_d`dq_H*&cc&nHNAY;=*$ca>WrK`r2<Ag&E`Jje|8!_
z3&_bfA6~L?S@Qf*&p65bNQFE5hR00OPgcfGQQQm6{o5Pe&<p}l7jN`i-R3^bn#a@Z
z#&$8k{Qzx#C#X--|FIu#5O?l88h#AI?24B7;-k3V&MVJ36UG^lHq}VeR)bi~{PFeE
z{rh>|H|g>V<$yZriKsSFIyfJJz6>h9@)Q-HHtH@xrI<8HIt#u0YtK^Uvu}FJ${zK;
zJ70YIO=#e6K|TNYGt~1GX1k<g+797Ru>iMF)jyn8{j>scp+}D=;m4HW89{;h<y591
z0{-Y5pg!9^QlHH&V61iMo+w;cj!QLcmU&F#^#xk~qHG^ix5*=@PakVS?mYU}zJ7hZ
z0X6vX#mzi@)lt`?DU!4aI`x<ee6V;0&gQyM`H#Elqu^`MO%vORFTS;K`Hw2UYr;Sz
zh%|X|zns+k-Nk$38K~yJ>Zz&-o$e@?+jlP4aD394yYEb^_&5t=4EoG7&$NOcwcHC_
z-cE`b?*q=6LTA^}c+YwAz_dzFSVHe$|Noa$t$|C05x@vw1TX>^0gM1f03(1AzzARj
zFaj8X%R~Un|Cfm-&I==e5x@vw1TX>^0gM1f03(1AzzARjFaj?p0$BckIok!73L}6K
zzzARjFaj6>i~vReBY+XW2w(&-0+)#Zmj5pkO`I1-03(1AzzARjFaj6>i~vReBY+XW
z2w((WP6V+0|8lkqE)_-qBY+XW2w(&-0vG{|07d{KfDyn5U<57`0WAMtCYm@ei~vRe
zBY+XW2w(&-0vG{|07d{KfDyn5yqpMN`Tyl?7hEcg07d{KfDyn5U<5D%7y*m`MgSv#
z5x@vsCIYJ{v$rlYN1PW%03(1AzzARjFaj6>i~vReBY+XW2w(&-0xuf^SpI+6S_GE|
zBY+XW2w(&-0vG{|07d{KfDyn5U<5D%myZDU|G#`pagG=Pi~vReBY+XW2w(&-0vG{|
z07d{KfDw4v5J2+(+M2kO{2R%?lKkJ3jU=D^N%FgE|2X-^+TU9H^|e2_7Q#*ZgAu?8
zU<5D%7y*m`MgSv#5x@vw1TX>^fl~;4e03{95fpKc;O-Hr4U*YpxJ{C|pQ31vAV0kD
zHc8Pev3~Y8y-72hboxHQQ6xitaOyULGN;H*lDwaR+zI0S^S4QAlP2zSY=%j5@15Mv
z+#|>hirysCn=E;sV$u}BzB}i3W|L&^vl*6PnRm|KCN`POCQICBD28R|x6j-r;U2X~
zQupZ$OOwo7=WjD<sM~!uMR6G_dHy!bY_i;aB2A@eZtdiD`W{Vg5acG!ZW8SM49Aiw
zdiCsWC>p&<F!wnk!)4NMp1mDEO{MR1WQHZVo5=tFYU0<H*8V}_*KYKdx~H1+MSV$p
z=SAiG>g4--J2$ThkN(1ETO%Svu!n4WY({%dnjKN0JveB0_ZvaW;YiA_<VtKsu2LdZ
z9g5LDtw&p<O3oh&9$d?*o=^~I(W{Qd$d7cY#E7!%30@~%3b;tu$gU7@1E(%UPJ!<m
zg`jVc+{n??v8kz138f1Ie@B))QFFVF><^W?&D2!&VU1TyC9mDwp+(oyhT|Pd^~?gd
zr`ILI4udA-8Q9}eH-27Gn~gwnwY-}%3whR-UDc$@<igKG{-z>%vQHM&f=EhQkQID?
zwD9w)7z(-lk*1Ay>|(iD^HpBXxd#hBFY{ED;=C$BGIG6qAS;GjrAF;1KVRl{w#$1q
z#rLdSdC%0Oz-mbyrw|})QjKwG^iXpNr??deM1BBR4uu*UGzxsrE{uYmFd)jZn62ct
zhQju=y_#Ils7tO<;0e8!=?Wf6+93na^8>vucI>edRW%mcM2*n1PC-ET<f=jn=)2Hl
zhUi}_<a>q&ZL1jrJ0x9a8=k9Y1G@!z(5Rf%u9zbt-SZ;>^{cQ%i83FG(BH%;a0Mz)
zh+1`I<W#`6#6TINN<kS5xhh-9=_6gP4vpMCQ;}`TD5##HNv<eY86zwWC;cj}cWP(M
zb&TTHXr~4Jg_cMw3_M*M_RV@VRgvR*qx%D>51~UIP9fi{1l^G+`;;Inl<4Kzonp7C
z*9~`)uh@rwtrFA;`r)8dEDvm2?34lm`l9MPYFx*G<*R*Y2f`|-fCEd!&$QIB<#l?x
zCI%H$o>1-UH5Tx(Q%*sQDy`|WA>ZAptC3MJHKBbG{wYi2JwxsgM!g(ZVZLwC<rd`O
z*-<C3DX|0Z@QfO?6{U_#%^{4Ba=!v))F~we<8EAmcg>ck5{gh~a$q&duBnxJP65hR
z7n=3junAa_3VgRIuCEl!9V>)3EAU+zwP~%C(#GYUUWe;M7Rn<Mj>dL$3d#)q=^PG$
z=vj0&F!Fq8gaN#ZCrpi-VAv7?b0e%4&$SJzH{eD#p}t#Cw#X@}eN%(EV4LkY+i2XA
zfu)rL+t0dIQ5sv61oa6ZO$N2?v>v2uYD3hXO~4Q4oJ`*ixyYu1i}H-ybf-0G(|P5J
z@u30=@UFo87M$t}s1LM6n5THJR)BG&aASkwp*$VvR{>xhV>chO>2pW8>)J?#zKZ6`
z9Mo;{o=N|KdDeCHs51m?B8!5t$OATYo-`D3U=);8O|3$II)hoR<C`%4tT3J<f{K?P
z3z1C-IpMgEK|gBinvk-mZGW~56+ckoetTvdp>YLc5c-#r668`O!t-%IxVTPbX*<Ru
z?%R)fZ&}K9%4)8Yle|t&CZuwePzyCx%vF^UKW)>vt!;{l+u5MiuEmc?A(st=?Xm;?
z$OHVKf2w=X{{TC_JMF`d&2M%Ls0AL{Q6=EowA`f^Gj9bXn$P>FU)8C=NAtfRlWnIc
z#d9jmWs#lB_l>&iTJ<c{1C0fkSLOYoklPyA6l_pF`xSe2Mffwy)`2_7bm_J?Bs)=t
z8}y?_)9JPj_Bx}zG&$%T3Uc7;VSXscjw?i}Z^+dVv|Lb;OXEt8_XT;M5Oa=SDZuLN
z1-?;$oj~p>S9aCt8g;%V6ibX%cO#u3U8UGbJ$Yq2TG@lprkrg<5hyDc43w}ZJ9+7F
z;pb(CmlQv$27yx31X?LLy5T#`g`cmB4`KE*ENY*!@~md7Zc0*}?!wP&(sqUC%VOxW
z8Xqu<@A!(+$u0c6vQJ8KuwxM;rRwE}CN&zGc|%(GdD%HsT6}1=_@I_I@|G+Xg+k9;
z_<5zQ35pb2Q8uh;BwNWlYE2m}{(i-0(LO<ljGP^ck)U-tW}(b3{(k;Jm5^vj<9and
ztEd#I*5nek@bhXXFtkz1(K@0XO1jY!`<mY?Ed0D8wHz{AutG9a2(evL`MO<{7Jt6Z
zn}S;IYb}?wWt)V(Ww{mvi{md#OtmFZitN+`I?LEZxn$M(#rvPE)+;$zukiVinGYVQ
zMV+ZCVr}92*LhE;e8$wubd_|s<($|tH4=92i|))jy+&RtD_XD6C<H^J==cI<7z;nI
zDr7}bX_GLjVj$J5JgiwtSy=danO9&1J+NC6s|JQ&QPrwIZY>}gl)1g?4}Un(Hp~-@
zzxedc72y|@tuW0rx_fqpj@&fC?OPlZ?zb&=6m^?HcxV%_Z-u>To)L2Skx(cHFxv*Y
ztVE)$(}GqS3k3rZ7AP1SgzhP<9vQyyw6m-R`zqg1Mcz5I)e`IjINwl=orO`-oKQvc
ztS@D4-{mFM9SK2@ee(0?Q97+3K=S``BDHk$U%m0G*BkK1!{-*E|KPcEc<D3vC*OP<
zg!BJ7zqNnh*i9<s*_6)>+|-cp4>De-;|*JE+cDE4Sek>1CWaMx9|R@G6CyDX3p`va
zfpBCr^+*^Q9`A#2PK&Y=Rtf?sM2j!sdms$drvf<IkRU<EtV<mO1cgeg`;?m#B&3#R
z1+BqOuEZfhB^DSdJ~HdEFd1)vVnMSmdFY-(@S+@VbV_{z{W}prJH|E{f*=IKNEHd8
z@rKw0fdrLvCs*YJs>BMBz=%}2DS8TEQ5}Q8$m+7_g7U%_v?^(MTd>`M4OHX?g11Eg
zmXx67387F0p%ZX}4Kr*WeHgSvrC>A#*tj;v<#<z8X=Vl>bR(hq+@`+bfszC^W$6A6
zMFyY%@j-ckgh&enOIGxRk>KTNu{HuF2v6xCSV6wtR7jWzSmW&2qQ%Ip#T(hcD5}-z
zrk|e(`Xdm6VB<ZrnSP9*cp@-t&lePt5D3`0J0S=zQHOvjDg^?b2g;g02$DUgE(UfJ
zwq~<}Y$$bXuQOFVOv{t&z^0q*SrpT=3PE!RDQiMlHqHvkK^BBE)&s%Bh3yq66_goa
zjhiE+ox?%aDQ*ZG^Q;jX9eCHQpoNr9q2bRFQb9ll+<JPbj^_z^v%)6`L7;Hre5ely
z!ogrh$OS<@fTj3E8Sps45#<>R&0}`brplah#rQZKn2!7Bgza%$_lfXFxM&<bv_r>*
zGNqtjbpY!ayK{oyL<pKZN1iAcR1n(jx*CAu$)5^DPZGvrLG&Ua5R?qi4s1L}7;+o>
zHYf%`X>+WMm<oflN{&-ykYhpb{5S$7fiqETO@&tIOU)T9=G3XCR3}&<CCFpm3+ZBE
zxk~7%D#7JzipWcTAXf=qkhH0SXCl;3l|Bw>6-KrLiX%hbiUm*Te?BNCKwvXEAjrB_
zVbX^mo8PRW2o#sljxax{{!zIXpSNHw`}B*?--4}3xD_$2VPot@!}h@82F-EDwFnDj
zz|?Ty3|+RbdtzXCpwf~{ga~R<n1NvS12r0qAtP5B>PY1l<!M2NSuhtgLH#xsC#qZ*
z)UEA0jZ{)d%?Ri=OC!{>b&4mQg1Z;b3<1{!)z%^E1!(JF6rcp517c}B^Y`_T_e@Id
z8%3e7OjMTJ$LY`K)dqEAtO6B1SkZDND5K7T;7{qY8|vN`l-(vo5MrUclvq$eWmg)3
z`VeMp(bt=0ZnAlc?J;LeCckJWSA;*QYz5xl$Pc5oX<3dlCg_kkh}<UO(*fyF`xXOh
zf-iawtf{K2Yp{Og@~}~ZO<d%7x+j3ryGrV46X)3@(F0T|m~WnT^QJgERbMPBuxS%W
zk+(H&WE1YgCvU!{BC?wG8=BO13caGkyLv6)L1ZJfg`bxLL!{e7xiBijyLSZIr|rlA
zCF+7(d{u{i2y9;qY{kquO-VIK`DsK1)n*ks8;P_eR9jBX@VS~2IS&?pf13f367<g!
zZGn<j(R@aijlsgtgZe`&x{;bQ7=_v&Yl_3byf|L?c_m0WN@gtky}l_+RV@HzB;kX?
zcR~DQhXA!eAdxUS3dT^T^R$^0)y1EeSV`u049$1|>WPw~iZvrF(+fXe&lVbWm9_I7
zr4hKiNgCUVT3tXypWXZ)jj~zG<8SxYU>p0V`ddwAe>4bt6fxkaREKCYY>ybG$dShl
z8&<Cy4_=UuNZ5J}^(a5oWsqUKJd&LVJyJ+fR$;g~p;4#~L1rRh*o}>+wK1uZSJir=
z4f#|GovIVLEluH`qMN`Z6P1UcF{42fu~W<MGY;u4uF0wgJ=5Ed4AmG{LA_Uzb+D(E
zo<fr5>4wi2R84#U!#$Gt@&Ggw;=;|W@m<I7^c|u%s%Y$}8u3NFB|U{E!3`R+v?CV-
zvyxY7m2hd8ZnhVGe_bc!NK|U!sALs%y1_e5C!bk-nA8K>kX2LQMOtWe@<uTm>1t>3
zX;P8YiZU8k2~h;ysp0seEG&Od(SBu6{^Us~-)1z~W|Ul(cL-^5O@yYV<eVzWEnd+H
zV=O90w-!BxCQ%kURp0eZzYLl*Zcqz5S%+9;n)+$k2w`jTUHJXp(}-4O2Z@}q?N9}~
z9f&n0FVC4pu=ygfua*H@8`$zfl>r_35Vl&#)`M)DpkLV<p4f^{#I2q2aQqOabE}EO
zM$QG>Pi(i0-!Tz42_4xqRWU0oLzLHe$3yl~J{Ch^v(qy`90IW_wv|q7BLRpONbDLC
z4`s1g0sUqLmOkCnNkP*I!Sm^gmXE+jNgAL@7d0L1<@-=ZfidLLP|W!ZY-&IR&4PV>
zAMBk5Y@1<oR>+fLF5cWAn+(_~ksZJQ+ZKT~Tt^$J0i<nPB<F%%0K}&<Y{0;ljzpS}
zBkEwYgWoZ1%tE-1ma&N~GXi@LXdofqcr#}O9EdY$ne13#&zsm7Cn9)iiVfJ1gj6hg
z=h_I96tWHJ)W`*UX8?A`Ds0dq2i^tk)YV9^eR(CQ=T;AF;qc2Vg6yZnoSlOC+bqGB
z3f>JHNDybi{s-y=@CQ&CG=CtB)zBbBB||krF(vt<x*Cq8TCmmJQ%UZW8iE!{J?sQJ
zEgf$}UrQS|+AtrfW@xaZf`|=mIq|1Z`IeHCvSQsm)Kz_Kw2YCY<pFDSAKB>wqH#37
z!e_UWLwgR;csLe6n`K$fXHegrr~`@t@<~8`9$+tj_V*y0E1na!5U!w};lbt$qJA^>
z4FEp?X%B3`d!Po}16w+X&!uK1WI;?FB3pFFKxtdj7_{KXwun?_bd7Q~2X<Ccp{Lg(
zQPhy{#6<lx({4z}dk!@hnvcNlZ-+<r{&rI#Mi0?Eh17GPMr4sn5&5aW{PXPUv{+>l
z`=h+}^8xsi!1{)KE85UIE?N&@52%g0&=+7Hc92?wuv=<?=2$cjH`H>s2KHuK-XDW7
zO3Q?+Hd+&P?`*rp^EO(SbM3(nYDch3qjl(%pGL0D#_KY=zdh?$ghW?R+tpz$n)*eQ
z0#T4-f3BJNsR-`{-;H?vf2Q}uYNF?`r@t~PYnThl0j$@t4@wECa6@+B@Z13Q0RubW
zTm$(dfq#nC0{@BaVH5UAEu@Neie=KMBi|<Q<x<2-1uW`9exHzdw{0mbsgO3B-|@Nv
zs{OC<Uh^{670rPCsO+m$)$eGMHl!q3XY|+)adtm|*Ojl7FD0xam$9y>^{ftldX&~u
z1*?@U*aT;aD)?H084<55;G6r^G=)B4T|uVyS5h{=jQR3F;ia5Tb(#%rNUN%<8*-Me
z!I}$ZV7w3is`{Q^(tKH^)U1#*;OvA;N)+2Ql_6_UU|PiUCGydKMd!-}_u+NXm-4~T
z3E7fD^dcGDT58k~Og?xYj$CYB_&!`KH!B(s9@9Yp_8?@GCX7&F4CG!V2XGc8&w#NT
z^ul1P%9W9qHQYnGU2qUUdfyNX?y>@BrEJ>BWs&}PBvAS#>30Z9P|7=6&h=!<c~A=(
z(9w=S3y9a1uk@Lw%UV}_(zimFl3Ha~^}EBGnq^f5><f5Z!Rt!hF>Aa*Sd;@crxJK2
zyOnASG|G5giCs5e_`34qY>Ag4uONpm&CnFW4qQ)B__6|yVl`|x_-db(ecpAYPEH-|
zW==^Q699nt|Ls>uhaRG{=x~k@&WBpi?@P_&Gt=NA?he4_4ri^)9lZr-1;IrgY%KHb
za~|?_(!nkdCqHB#bnCGb<-{f)X29mrv!*WAlQY**XW|l%T(YB1eAc?+fh&BjgU*3^
zR)L2zt!h*WvdA`1gDuc6HAfb*n}R)lENl})aZE&l3jR~MHk>_ak1A@rSy$ups&Fn^
z1ovSU>}TM<Ti-`^KV&C_Q@~kIP)k&;(2+%g>sl=*tZkRMI<g16?0y+9XpfHeNzZPN
z0$XQv)b<LTz16#*>v5g%NDq2)UK!c%z-Qt)&x3yXV-L>pvv7_cj-aSbUH0JwsT3Nr
z>w_O3_??Mx_Q?e&VK|oILH$8Sg75Ls3K1OC;n)Rbct#+~`{3gTC&l2zsSxEOBeqvv
z_Sl=?|0Rz-81wC+7(8+8g*A%oD<MPLd5Nfo2FP%kp%#z5xKA8&KG?L{G(*(`Ti)yL
zFExV+;&GVh%8*T4*4p47Bc?>s28VW^sI`1bCBaVu%RE@-(SW@saCkA#i85_d64~ii
z)bf<;W5yQ&`651t4-@PKu&)#x<@*x-Coe<hX-hocRtVr)QNTx%1pmci_951#eZ~2K
zo>%6X`bz0={KqOdsajqnonnVD{f;Z;Y`m^ac$8jm8x3MCQLAIiXC+ORY7+18Rj}K<
zUb-}N{{PC-?=3C;-nGAtd;z}VKfl{~2TnBod*PN9dV86$Pgt2gJ4lmZrbp~I9G2ee
zHJC25M+-U87vPi<oK%A2h-x5&r7@grBJ>cxNBRhkERwp64xr~rum!nrx+!>i)(3-;
zs2~q3R7qCL+jiu33}DAWo|z{nAs)w?*C{y!Id0TDp6bJ?9%TfcIOGDXbJK%|T2K>!
zO$*rMBvWyFHP9CuAsc)2KmPqctrID)32R*xpTZz8YaM2-n=&0v*zhoG-6{6Rr(>;y
zmFx50`0l$a!teihYY;XD-F`4&8iR<S*<t7aS!k!*a{9eC;gfx!3<*WA46JJVtdaA9
zpRx*PzmPtx3VL6)DQIv`+siif5K)r=?@t70$DV?gCHBRxJ9#@#9!PnTFn~s*Q3PTp
z#ceG-`>P=5=2SQp>*OR^)K$_QHVXTTAA8n14EPlcO*-3c_#+AS!G{L_6vv)5!&H5-
zW)&n8j;tGv&@DFdy{9-2>P9u%)eJi5Hh7+{!O?jEOj1v-|1+&V=V&PqEzM7nHx;;|
z9MGw{o(_6bp!WfP5<L>5EjSkqeMtinhe%;6aLyLa7>_D)evG(L;Y=R%J3j(8zotk@
zp)SLjL`rHx4z7_?rsu<+{hZb@Zz`-nKrRvC73e8fpea?!Q*(!&q7!-b_*N(UpyCnr
z(OJIJg{WR)nwyI#W)OuDoaa5oVH$z044p@MKF(Ei9%_~nCqAEt>~a^^DS#b3oR@s!
zdxLyT#p8>GiZ4C{f54oi7-e87%*uJ7HbVToQ_7$zrBn-@`>Gd}p-@nU6Dp?1QVqQb
z-qaT}Z!KsiJ9j?q6nE;EZz~fEB^rDNnVA32vsp1zDBw373ZV{s*x)A^2_&#L0&k`b
zXSaQzR00Yz#3zXCXOYgLHNXJh!U{;6I_x-fpfjt)+{l+|D~rH}4CNA@(oPLKrn~Ta
z=XH^~wn(778sRnXDc8JLeC;x@)b$)vSImEoxx(kgI9PDayO=Bd%U|ynr?q<;&KRVP
zyyW#R2XQ8%{8O%X&*qm^0pBd}%NmJM8`ck?O?<Ln*2oCOs>Vw~O=F7!?>?+5M$G`i
zyE^#dft`8A4+8s!08t?F!<)h6v~NfympyFM-If(Obww#l0-VQF^N2G8pG$r1&shQU
zJ#ekn6t&#5^Su;sb3fG8nDQ0#9ef$*tX^(^_)xB^J)s!1%y7ill)yB#p4Pzr@UOQ&
z{M0u@Cg7Bx769L)RB!khN(uK_m4aAAuhqH&^8dX>&$LQ?rR9h+K@O`jZ>j_btVBNM
zmYLGVzvgF;A}8O=o3vCEL$+@fV80gf1qaWyc&<g9Wqcqzn#fc`(38?7)&?dbJ;ZzX
zX*|Q%+z-!Y)WXP@s3BVm)CkU_j2a5!9mZS<UkX>k%e{w(vsa{S7s!H{&yz~AG^`PZ
zs7yk<U=E(woP)<GFj1Ar3~TugoWgPl*>^=D-+s;Z@Suy0V@tk5`r=FB!c-%PQ0PWp
zm1?r8nq*nBARH`SS0-VuUUPXRlnVmz>$+XD(5b+A?7pQKa^tn*b_4l;3C|yMxpZal
z*w4G5^N=bKk+T5&yM6G<1OH3BFU9*(lF>c)Ko22ut;dg?qDyNbzk~d^FgGMm=&$>}
z)X$6?q4A&!KIRI=nkGbkwL{F&j`bagqg@hBur-LhkyYj3p+h?*Gcb6(uHb#Cu}we-
z+s?pHJ2{niAmknoF@Q3WjrAQ^j}CftUG)iB>oQK>RUp<~(I!R$glxw84t$>7-;v8X
zldqC+PK>VQol4DTQ`Nu?@w)PQuPb|X;)iDf?J}Dzcb`a8DVjs)|F7N@mu`w{e{S_R
zm;T|>&mfJ!1wX%a!S%1g<u~`g3Z=wl#0X#nFaj6>i~vReBY+Y3N+IwQ`@I$6mzAx(
zLy{bGV-})nQo&wlWQJq^APC#d(ZFe%<FTLt*F&@qai-y4h({vIKG^Wfflv?w!2|wX
z4>(9XWS8?9T{eJ2B5)04cM7I_)({iYsY?*!nujy-5T}{sMi4(1VogJw>DWF6dPY@x
zsA^r-CVGWN&h045kTkTQ^JM;wDSMR68^B%5>VZS5Eq$oSN@S@{;VGVX8=fmkTDc%o
zL$aoHBRH$EIDd)4*3`h!DvH~z<oU6vIUUP$iVMGAWBUz=U+*X+uzUf53DGf~DEk!g
z=-q-97!O5%qzfKjRa<;sC)nn~?^peCO_m-A5D&W=RvC*51c)OJ?eiq|uQIn+{ozz*
z<L(j62FYxa)Fw^b=hzIB<{sG}tO#EyTZhd9_F%}4G7xp1qYnF4KsCsw-|Mx>;W*<T
zK<{BI@;)#;mt9~Nfz#;%ZODc%Qowu@Gd(*lM8X-vDR<KFpch72NcWVz4EWK+ysHa*
zFj9$;=qOxM(|QZE(wSPOHb{DtW;W^ceS)J%hWx^Qe?|C-vPGKKK|kUSGR}}p4KfrN
z*uK}M7<P2fPH~4LJ=CF=L11{UCwdAETq!V~6ku<&;oLnR8eS=?XeAo%0k==KX~@tb
zPs`<_^4n4|KU93RFVjJ<N@d83mKi>|EvI8i8R=@v^_83`N}7?ic!3dAn_T#L%}wdP
z+SZA(AQyUpOqU|X?<~M1cLwFSFHz(sN#4(-D4HP9^!i-qBFAtha#+d1*+}w<oY{4U
z=oFODd7!tPnq8<yX5D3Kwa4()qnNj}G<!Zd5Qv{<yh7mT(F6u!0{~yo7HQ=6sY(v`
zI&vkd0vu9^OI?&p^n^!Bhxt|kY)W)R7F{7{1LqFJo6=xD*UF*bRVgtCqfvu+tCz!B
z4?GZg;4iOU3TOSx#>EkHasgi#!VtK+{7O!T_*`2<!P6ON2SP09a6Z>@#he0Z)WDFp
z7y&pt1S&rS-X#jSIY>B{3$ebS?Q%Mt{;8723*q9Jw859bTR%OUjK&~3pB#z&6USf{
zsLh6&FVIp!h5d(EwJ8_QX*}cE<kw_;KJI)noHqq_PmwYx_dr!eSE@U%l=ok0o6O5L
zH@q;Op3Cq<l_82?=n4>vose>3Q}YB?rpv}FZI^j{=7me(uqOyXbs{A)Xi?<}tM0Q(
zu|rl~?Xz<)8($-EcJW>XxIkf_FoZoBBYOL=&)9-^BrfbVAbzN)j72I>fUHi58ZbuZ
z_Cc=nBVFDCHfgjUR3U08-voJsfQS{80ech_Bj_?>vx}NAlw1B-&Ifsw21%IcY@5Yb
zJJ#^aw#K}${pV$@F`B5#1)b1|PPvk2jf(0L5+#6q`3n0g<27av&MoZenh|qWRzenH
zT?~N_Q|uTNI$JA^K_|$avHw%_CYj!3$@>(OrU(|v|K+w*l!ldNW?*X4P^huz=H`lr
z^pjih{T<N2fZj2Vw>jacjQIm0HXX>Z&C=+h7W300Ieh>u^K<iiCAoPoX|8tyY2f6C
zBU2*?MPnZbd{z)NEKfjON8;K2hx2`*rbJaO?yD$vVhCdgI9RLDPx-*oz|S%d@xqH`
z&^HNPF-K1MS=q4#+CsAivFM8DbWxWS51h<{Z#ZRxuGv(AP$&#ZNiH!4-v9Ls;4pgT
znBX;LgytFGq3D6#!{5=2fgO^rgE(b1;NR7PZdH?f*q;G=>yUV;k**yEgB^$+isEgS
z<?8VK9t80Xmjj4ZH$Z1SN^#snb^x*c1{T<4>|jAI71fn%a`sRpvtwJ8h7g;S7RWN<
z6@GPjt6uziJ=*c|XgtTUSW#R-Bjm;~wh7b^AaaUpYNM=Ckj6$`jCOKW4(@@?EYr6k
zN{UVSftbslTl+3+53jd6ik1sfmMSp@sgAY4=_%x^eJ14m_<^w}e`)6p2|MKbV1Wgm
zfGW)C#Eap!zNB?u_8<}vZBU9Q2C6b*l^{P-)K}ZL8}|=x3^A!gzyX~r?IZqo&^5!k
zWTy|`2^$!;_NIJg0#WWtb)((z%6SRma@1twP|0m!J@a$z3n4~#ydRjmFZ@c)9~RNe
zYKr6AL3!XPfn19O*7jd*K07>rEHHln=kUb;AACu`%YxZtxJ{C|pCT!mjqU$nL*1VG
z6*al%+jBRW;e~tddN!~@Hv#tiqxCpKv2MT*3SudgC{gA^F;`;2SH}gLEde^%5$I4u
zu&sk1$5vD+0OxbA%7Wc@1orhI*nGhbZ$s=R)idDy4~m~-gr(tS?boU(c2U5)l>(^>
z^=#h^#lwd3YVX%x3oi0Yk>6miMmVe;_>=@^|INI!BM~a~O3QDd%IF$7v<gb!jP)iz
zO+Os5S&@aPl7m=U9{7D|Iw5#IUD5Jjj{(1q91ngqI{1b_{H&b77&64W0$)negP1M3
zEZB3vk0df6?vEH41@K^l7%o#D^2@O2kyd2%Or8&Ac)zT;he|<Ya7^mw(B-^B>xx0y
zV*@w<D#a3Mx7?DHXB9ib>&mn1b|1Tk9~yO#r|KeMXe@zrJ})fB#bvB38UyhfMM5SB
zMpwZ*i!awy-`U3N%IkfG7jy#1W}(#lPPI{###(;FHhifd%VplcoI}rUBY1_@6`?40
z8;VFvE%(3-xow>wo2G)fFkkO=g`7D{lDS8a8x*n0WHwpiJ_AQ67#i9CvHU+z-zxe7
z=oy@v6FHJ7OF<3JKRNaNS6bhS<^Kikw+jD2)Z7QE7LaD0XKQt-Y?9e7-lySx8gO_q
zCd8+6NSkn4L0jUhte7WFd5pOspV^n=722nP>u}c&0`UE)MuOU@D=OcT2rU1<-upBH
zVp)QZQr!t;)qP+RZo5j2ssiPv)WC%^*RQZ&5Y{U{(T8^`|CdZY@I}SYoua`=bSJ8k
zouU0|`w0e(0^hR>qhKctVm~gh1!8;U9RCp0%krvbbgdjO$%@L>6i2PqUv2*oEU!FC
zUO6xSga3bKlVtC+8J1uf5dZJv7~U8965tr#z(;H}g%@&8ehc|?e3>!4W3CE8ZW9Zf
zlW!Y=x>K!p#<m}9TmEQZ=Xg_p)^qZ&#~$ax7~XJ}g{-!mk=f!~b{=A>hbn7Fd8|vr
zyv4wWFG_MQOPd9^XhcET$~zsI3SRB=@vp~xa0$LNq;C@pT?>tE3m7(PL3?ESy>12b
z;bWU8obQndmR4n(ZWKG3k~dhTF10is>(a0;4aHe8Qc|8j5O`IPLbfLaz&WOIJ*-Q^
zHX7th184qrB*o|hr(Vs;Wpk#YkmhUWOM~qH@RNXFD*g+9U<5D%7y*m`MgSv#5x@vw
z1TX>^0gM1f03-0qA%NolUAa<Nx;lmr{DTpAHUz%-{KFOD7s9Pxdfy!Fx4E9#ZnY1&
z!1qQZk%7P~!LV;<$O8y`!@^;TW<^syA*zmr&<G$n2dRewYsfYUBo1(RJ5N>$h~#0P
zHas85{o{}%E(E-3*J(9^1D!`?lMy0&00JG-DY$!1T?~MLt*L9`AsqJfQE&~T&~dHM
z8Q2uxgFv}`J>)%;Qu{_x=qvHH^7e81^Le#_=&g<NfrH}#1abgUU!8@ZJ(MoT2gV_6
ziVcLoKv*GfQDQ-X;0vV@kXX=SDEfM{JfC=jqB(;6Uq<WKghzk%=eNe`elK9hws&wy
zc6w<x-HyiKAl$W5Krk@so4|tsu?pZUiihG$0C$$>Lev(W1V1?7B#wD6C_x68WQZw2
z0WUEWX$n~c=k>e7La~B?Nrf1dYrOQ(EJ&mil_?=_#1I09r)z1$@eT!?2L*0VuS>v-
z6EvYY0(*QE-^7UwS@Lx`OR4#htNZ&yEyxZQj&D*I4{F7rZRAI^krT^SOA;!O!NSjL
z!br+@9;!vRAW<Zsu+KQO3+HB^6l-T%{(82q5ZqA98MUgc6Nc;-tE9L<te)xfvMboW
zLa2mKfbVVzx>&cuJBycJA?ZfT?N(%WB+I;FtHuK*rveAmqUG1&jI$J4VXx`r%3{?I
z>Z)1=K8gjO*QA_64GC4_HCqu|6-7L#6pg2N-jQlWNve`guBzCKS$B3Ix{0vx`_*7v
zRoHBecdKS0@GOW%q!hD@KQD`{R4g-2$WU^=6B>RwS0j25`*^|n*Rw`Vkp>X4#V|ah
zFZ+%nkXwt#s;ZZPL!w;PA^NhWNuErVTUEt5eDeFt+-z(K;NJyq9I4|J0yMT#jqz*D
zryKjc$6UgxoiW!jid&<d^Bj_?3W@=<9p4|!aKtt%K^LZDpA{nDYloOIJH>8OuN&^f
z{wE@SHLC=CposIcRGe^rPWX)B#Jw7G6%8zi_XKT0SOpb0L|Gz!rlpQ8uLJy{VgMY=
z0q}?R^%@J@qISwDh*70AeKzE~J9V^Nl@L!XX@^V-_$EC=?f}PRIk3WfA2?`RkcVeS
zoxrAmw^?I7qehZ81$=O@969xJzXD~{DJ2DQ-o_Pp*KBzzA@GoDByf?ET~jOd5RaTy
z7n*h8i~~+2Qi1O_#r2h9xnqUEy;R`4GU7u8pK)!B_;2AlF^BUqK<5!=a0o=tqO*aK
zhj?0H0Po@nQ{yHWwnX6NHNxtAeq6wfY(jmv&U1C4xswF$UEtjHv#tf_+AT_g`UHK%
z$q5`Y(|RD@PT(;My3Nykoxw$Up5k$xSFRWzDxd)G3apXAslI^f-V$N0<Goq|_^=di
zY*0Lur{e<lG4Cs2cb+G7=D8!>b#0_tVeDU<gSt)LGwDAOaK5^F)QR~iEDHGNcop8k
zlZGM=jDnJ?sa5DtYUC8*x&~|THrsJ>9p3~VEh~)YiJ;=;$3kQiz;Scj$DkjzAx2fo
zp0@qjGF1FPiTmy8xLPR`XA8KrpnoYTK`uoi;v{^0oyrpU;Q$tK-+s({%TlgWR&$-4
z<aKf~A(g9yTBrfPMO7K`(>9IU+D5$P(9Q;}b}fDc@fWgzuw8aw{CI$0N2k<1=zoA6
z-<|g1$L2RX2Gjx%?Wh6|h%_yC>BaDYF6c9Su5A$y;g`padX5+6g~iZ;m|HL}?-{_W
zY{9%!Y94dV1uzB%uze>Sn4k0(v<=K%(AF?7N_#LSPV?J)AQs4e1hLmpjE*nIZ@5Mb
z#Q;T4gxFegdn~F?jIYJ$5l<P#fRuev&<Z`@2s)BA{;9^eyMPxNM7{X@|FemF_$iD4
zMgSv#5x@vw1TX>^0gM1f03(1AzzARjzCs9m|2g9$U6P(&M7$mm==iao9_#6~;fekq
z>*-0bA$a-(lUGkqUq`m4mmr4di;5R`x%zLg^=w5#F8}4~za!9pdu@nQ{zUz^Y8FaV
z)ytY{QLW1mk+@NCx8?1hs{VVt<856S7Z7X@u7zUePWj<qkR1eU`Ogt&7i`sntgsb`
zdjqaUq);0{oJgM1C){5iibZ*B&mCu{F-v2+Szr{^D&oKgdkR1CEf|5#73_R7w!6pJ
zrBCdW+w<+x$mR^#xjPVR(TF;PP75iBujrZZ4zOGIVz(?5Cv(<r9!eeC>r8zersc_X
zz{W@REQ;w_g`l~E{EI>|I%ks)vJkV8^}r75T6r{YKpgaA+b}oBCVUPDupn_mumfg|
z(CEOsX6?EW#5M;1kvTSTu*U;#Jv~&%^K8msw>q|UgUuCuq&Oey19o?aDGJ<W(|W{l
zM`!KLNAX54$}_gnkEd~Hl{w{#ZS_va0pEagw*7Hj_ld2UaFKt+LpyZ9B`!#TA6Eyk
zj<Gv$i=26mJn?5xHMV2d)u2jo{?z{ZB-?Ln_rA#H3_cCe4lKlBftb^B8|-WX4g0{@
ztuOX{nA+iIeJW0sL5}Up=WOv6@JVnczBE%CIrOFG<LgvYAbvIUqbI!=(#5v<Dxs&U
z1edQVA}{%YTqSrxn#Pcw+RdjvCJw~q9@!4~sTlHBZ0Cml=Yvf@s8dD<?B*`S)QR8y
z*!)iUV@TlR;6NO1)julti<!5|4vIe*$Iw;5#|Gw%l9%VqBKQCzdvz@Xv2y47<)HZA
z5PN59c;Y{J5;uHjJRCo)gRe>x#p2~$h|w7x#|^6sXs#yoG2BzdtgH-CUN6HO4r}hE
z+OlCS&ksfUOJB>03L0xqUdtayyflzQ=b_2#tfTBR4REEcJu3&+dEc#9vyTK*{|5LM
j))HbG#~a1(;AO%oJAC#*MOGieye`{nbzJ+Y@^}9KM5}r|

literal 0
HcmV?d00001

diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/urls.py b/example_sp/djangosaml2_sp/djangosaml2_sp/urls.py
new file mode 100644
index 0000000..21a985e
--- /dev/null
+++ b/example_sp/djangosaml2_sp/djangosaml2_sp/urls.py
@@ -0,0 +1,32 @@
+from djangosaml2 import views
+from django.conf import settings
+from django.contrib import admin
+from django.contrib.auth.views import LogoutView
+from django.urls import include, path
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+]
+
+if 'saml2_sp' in settings.INSTALLED_APPS:
+    import saml2_sp.urls
+    SAML2_URL_PREFIX = 'saml2'
+
+    urlpatterns.extend([
+        path('', include((saml2_sp.urls, 'sp',))),
+        path(f'{SAML2_URL_PREFIX}/login/', views.LoginView.as_view(), name='saml2_login'),
+        path(f'{SAML2_URL_PREFIX}/acs/', views.AssertionConsumerServiceView.as_view(), name='saml2_acs'),
+        path(f'{SAML2_URL_PREFIX}/logout/', views.LogoutInitView.as_view(), name='saml2_logout'),
+        path(f'{SAML2_URL_PREFIX}/ls/', views.LogoutView.as_view(), name='saml2_ls'),
+        path(f'{SAML2_URL_PREFIX}/ls/post/', views.LogoutView.as_view(), name='saml2_ls_post'),
+        path(f'{SAML2_URL_PREFIX}/metadata/', views.MetadataView.as_view(), name='saml2_metadata'),
+        path(f'{SAML2_URL_PREFIX}/echo_attributes', views.EchoAttributesView.as_view(), name='saml2_echo_attributes'),
+        path('logout/', LogoutView.as_view(), {'next_page': settings.LOGOUT_REDIRECT_URL}, name='logout')
+    ])
+
+if 'djangosaml2_spid' in settings.INSTALLED_APPS:
+    import djangosaml2_spid.urls
+
+    urlpatterns.extend([
+        path('', include((djangosaml2_spid.urls, 'djangosaml2_spid',)))
+    ])
diff --git a/example_sp/djangosaml2_sp/djangosaml2_sp/wsgi.py b/example_sp/djangosaml2_sp/djangosaml2_sp/wsgi.py
new file mode 100644
index 0000000..85af338
--- /dev/null
+++ b/example_sp/djangosaml2_sp/djangosaml2_sp/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for djangosaml2_sp project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/2.0/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "djangosaml2_sp.settings")
+
+application = get_wsgi_application()
diff --git a/example_sp/djangosaml2_sp/manage.py b/example_sp/djangosaml2_sp/manage.py
new file mode 100755
index 0000000..c8be98c
--- /dev/null
+++ b/example_sp/djangosaml2_sp/manage.py
@@ -0,0 +1,15 @@
+#!/usr/bin/env python
+import os
+import sys
+
+if __name__ == "__main__":
+    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "djangosaml2_sp.settings")
+    try:
+        from django.core.management import execute_from_command_line
+    except ImportError as exc:
+        raise ImportError(
+            "Couldn't import Django. Are you sure it's installed and "
+            "available on your PYTHONPATH environment variable? Did you "
+            "forget to activate a virtual environment?"
+        ) from exc
+    execute_from_command_line(sys.argv)
diff --git a/example_sp/djangosaml2_sp/requirements.txt b/example_sp/djangosaml2_sp/requirements.txt
new file mode 100644
index 0000000..0ae9bdb
--- /dev/null
+++ b/example_sp/djangosaml2_sp/requirements.txt
@@ -0,0 +1,7 @@
+django>3.0,<4.0
+
+git+https://github.com/peppelinux/pysaml2.git@pplnx-7.0.1
+cffi
+
+# django saml2 SP
+djangosaml2>=1.0.0
diff --git a/example_sp/djangosaml2_sp/run.sh b/example_sp/djangosaml2_sp/run.sh
new file mode 100755
index 0000000..f84aac3
--- /dev/null
+++ b/example_sp/djangosaml2_sp/run.sh
@@ -0,0 +1,2 @@
+python -B ./manage.py migrate
+python -B ./manage.py runserver 0.0.0.0:8000
diff --git a/example_sp/djangosaml2_sp/saml2_sp/__init__.py b/example_sp/djangosaml2_sp/saml2_sp/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/__init__.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/example/tests/sp/attribute-maps/adfs_v1x.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/adfs_v1x.py
similarity index 100%
rename from example/tests/sp/attribute-maps/adfs_v1x.py
rename to example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/adfs_v1x.py
diff --git a/example/tests/sp/attribute-maps/adfs_v20.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/adfs_v20.py
similarity index 100%
rename from example/tests/sp/attribute-maps/adfs_v20.py
rename to example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/adfs_v20.py
diff --git a/example/tests/sp/attribute-maps/basic.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/basic.py
similarity index 100%
rename from example/tests/sp/attribute-maps/basic.py
rename to example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/basic.py
diff --git a/example/tests/sp/attribute-maps/django_saml_uri.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/django_saml_uri.py
similarity index 100%
rename from example/tests/sp/attribute-maps/django_saml_uri.py
rename to example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/others/django_saml_uri.py
diff --git a/example/tests/sp/attribute-maps/saml_uri.py b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/saml_uri.py
similarity index 51%
rename from example/tests/sp/attribute-maps/saml_uri.py
rename to example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/saml_uri.py
index 40f7b77..732ec00 100644
--- a/example/tests/sp/attribute-maps/saml_uri.py
+++ b/example_sp/djangosaml2_sp/saml2_sp/saml2_config/attribute-maps/saml_uri.py
@@ -12,7 +12,7 @@
 LDAPGVAT_X500ATTR_OID = X500ATTR_OID
 NETSCAPE_LDAP = 'urn:oid:2.16.840.1.113730.3.1.'
 NOREDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.2428.90.1.'
-PKCS_9 = 'urn:oid:1.2.840.113549.1.9.1.'
+PKCS_9 = 'urn:oid:1.2.840.113549.1.9.'
 SCHAC = 'urn:oid:1.3.6.1.4.1.25178.1.2.'
 SIS = 'urn:oid:1.2.752.194.10.2.'
 UMICH = 'urn:oid:1.3.6.1.4.1.250.1.57.'
@@ -23,9 +23,7 @@
 EIDAS_NATURALPERSON = 'http://eidas.europa.eu/attributes/naturalperson/'
 EIDAS_LEGALPERSON = 'http://eidas.europa.eu/attributes/legalperson/'
 
-MAP = {
-    'identifier': 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
-    'fro': {
+__FROM = {
         EIDAS_LEGALPERSON+'LegalPersonIdentifier': 'LegalPersonIdentifier',
         EIDAS_LEGALPERSON+'LegalAddress': 'LegalAddress',
         EIDAS_LEGALPERSON+'LegalName': 'LegalName',
@@ -48,7 +46,7 @@
         EDUCOURSE_OID+'1': 'eduCourseOffering',
         EDUCOURSE_OID+'2': 'eduCourseMember',
         EDUMEMBER1_OID+'1': 'isMemberOf',
-        EDUPERSON_OID+'1': 'eduPersonAffiliation',
+        "urn:oid:1.3.6.1.4.1.5923.1.1.1.1": 'eduPersonAffiliation',
         EDUPERSON_OID+'2': 'eduPersonNickname',
         EDUPERSON_OID+'3': 'eduPersonOrgDN',
         EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
@@ -56,7 +54,7 @@
         EDUPERSON_OID+'6': 'eduPersonPrincipalName',
         EDUPERSON_OID+'7': 'eduPersonEntitlement',
         EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
-        EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
+        "urn:oid:1.3.6.1.4.1.5923.1.1.1.9": 'eduPersonScopedAffiliation',
         EDUPERSON_OID+'10': 'eduPersonTargetedID',
         EDUPERSON_OID+'11': 'eduPersonAssurance',
         EDUPERSON_OID+'12': 'eduPersonPrincipalNamePrior',
@@ -108,7 +106,8 @@
         OPENOSI_OID+'107': 'osiOtherEmail',
         OPENOSI_OID+'109': 'osiOtherHomePhone',
         OPENOSI_OID+'120': 'osiWorkURL',
-        PKCS_9+'1': 'email',
+        "urn:oid:0.9.2342.19200300.100.1.3": 'email',
+        "urn:oid:0.9.2342.19200300.100.1.3": 'mail',
         SCHAC+'1': 'schacMotherTongue',
         SCHAC+'2': 'schacGender',
         SCHAC+'3': 'schacDateOfBirth',
@@ -131,7 +130,7 @@
         SCHAC+'21': 'schacProjectSpecificRole',
         SIS+'1': 'sisLegalGuardianFor',
         SIS+'2': 'sisSchoolGrade',
-        UCL_DIR_PILOT+'1': 'uid',
+        "urn:oid:0.9.2342.19200300.100.1.1": 'uid',
         UCL_DIR_PILOT+'3': 'mail',
         UCL_DIR_PILOT+'25': 'dc',
         UCL_DIR_PILOT+'37': 'associatedDomain',
@@ -187,168 +186,10 @@
         X500ATTR_OID+'53': 'deltaRevocationList',
         X500ATTR_OID+'54': 'dmdName',
         X500ATTR_OID+'65': 'pseudonym',
-    },
-    'to': {
-        'LegalPersonIdentifier': EIDAS_LEGALPERSON+'LegalPersonIdentifier',
-        'LegalAddress': EIDAS_LEGALPERSON+'LegalAddress',
-        'LegalName': EIDAS_LEGALPERSON+'LegalName',
-        'VATRegistration': EIDAS_LEGALPERSON+'VATRegistration',
-        'TaxReference': EIDAS_LEGALPERSON+'TaxReference',
-        'BusinessCodes': EIDAS_LEGALPERSON+'BusinessCodes',
-        'LEI': EIDAS_LEGALPERSON+'LEI',
-        'EORI': EIDAS_LEGALPERSON+'EORI',
-        'SEED': EIDAS_LEGALPERSON+'SEED',
-        'SIC': EIDAS_LEGALPERSON+'SIC',
-        'D-2012-17-EUIdentifier': EIDAS_LEGALPERSON+'D-2012-17-EUIdentifier',
-        'PersonIdentifier': EIDAS_NATURALPERSON+'PersonIdentifier',
-        'FamilyName': EIDAS_NATURALPERSON+'CurrentFamilyName',
-        'FirstName': EIDAS_NATURALPERSON+'CurrentGivenName',
-        'DateOfBirth': EIDAS_NATURALPERSON+'DateOfBirth',
-        'BirthName': EIDAS_NATURALPERSON+'BirthName',
-        'PlaceOfBirth': EIDAS_NATURALPERSON+'PlaceOfBirth',
-        'CurrentAddress': EIDAS_NATURALPERSON+'CurrentAddress',
-        'Gender': EIDAS_NATURALPERSON+'Gender',
-        'associatedDomain': UCL_DIR_PILOT+'37',
-        'authorityRevocationList': X500ATTR_OID+'38',
-        'businessCategory': X500ATTR_OID+'15',
-        'c': X500ATTR_OID+'6',
-        'cACertificate': X500ATTR_OID+'37',
-        'carLicense': NETSCAPE_LDAP+'1',
-        'certificateRevocationList': X500ATTR_OID+'39',
-        'cn': X500ATTR_OID+'3',
-        'co': UCL_DIR_PILOT+'43',
-        'crossCertificatePair': X500ATTR_OID+'40',
-        'dc': UCL_DIR_PILOT+'25',
-        'deltaRevocationList': X500ATTR_OID+'53',
-        'departmentNumber': NETSCAPE_LDAP+'2',
-        'destinationIndicator': X500ATTR_OID+'27',
-        'displayName': NETSCAPE_LDAP+'241',
-        'dmdName': X500ATTR_OID+'54',
-        'dnQualifier': X500ATTR_OID+'46',
-        'eduCourseMember': EDUCOURSE_OID+'2',
-        'eduCourseOffering': EDUCOURSE_OID+'1',
-        'eduPersonAffiliation': EDUPERSON_OID+'1',
-        'eduPersonEntitlement': EDUPERSON_OID+'7',
-        'eduPersonNickname': EDUPERSON_OID+'2',
-        'eduPersonOrgDN': EDUPERSON_OID+'3',
-        'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
-        'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
-        'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
-        'eduPersonPrincipalName': EDUPERSON_OID+'6',
-        'eduPersonPrincipalNamePrior': EDUPERSON_OID+'12',
-        'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
-        'eduPersonTargetedID': EDUPERSON_OID+'10',
-        'eduPersonAssurance': EDUPERSON_OID+'11',
-        'eduPersonUniqueId': EDUPERSON_OID+'13',
-        'eduPersonOrcid': EDUPERSON_OID+'16',
-        'email': PKCS_9+'1',
-        'employeeNumber': NETSCAPE_LDAP+'3',
-        'employeeType': NETSCAPE_LDAP+'4',
-        'enhancedSearchGuide': X500ATTR_OID+'47',
-        'facsimileTelephoneNumber': X500ATTR_OID+'23',
-        'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
-        'generationQualifier': X500ATTR_OID+'44',
-        'givenName': X500ATTR_OID+'42',
-        'houseIdentifier': X500ATTR_OID+'51',
-        'initials': X500ATTR_OID+'43',
-        'internationaliSDNNumber': X500ATTR_OID+'25',
-        'isMemberOf': EDUMEMBER1_OID+'1',
-        'jpegPhoto': UCL_DIR_PILOT+'60',
-        'knowledgeInformation': X500ATTR_OID+'2',
-        'l': X500ATTR_OID+'7',
-        'labeledURI': UMICH+'57',
-        'mail': UCL_DIR_PILOT+'3',
-        'member': X500ATTR_OID+'31',
-        'norEduOrgAcronym': NOREDUPERSON_OID+'6',
-        'norEduOrgNIN': NOREDUPERSON_OID+'12',
-        'norEduOrgSchemaVersion': NOREDUPERSON_OID+'11',
-        'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
-        'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
-        'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
-        'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
-        'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
-        'norEduPersonLIN': NOREDUPERSON_OID+'4',
-        'norEduPersonLegalName': NOREDUPERSON_OID+'10',
-        'norEduPersonNIN': NOREDUPERSON_OID+'5',
-        'o': X500ATTR_OID+'10',
-        'osiHomeUrl': OPENOSI_OID+'17',
-        'osiPreferredTZ': OPENOSI_OID+'19',
-        'osiICardTimeLastUpdated': OPENOSI_OID+'72',
-        'osiMiddleName': OPENOSI_OID+'104',
-        'osiOtherEmail': OPENOSI_OID+'107',
-        'osiOtherHomePhone': OPENOSI_OID+'109',
-        'osiWorkURL': OPENOSI_OID+'120',
-        'ou': X500ATTR_OID+'11',
-        'owner': X500ATTR_OID+'32',
-        'physicalDeliveryOfficeName': X500ATTR_OID+'19',
-        'postOfficeBox': X500ATTR_OID+'18',
-        'postalAddress': X500ATTR_OID+'16',
-        'postalCode': X500ATTR_OID+'17',
-        'preferredDeliveryMethod': X500ATTR_OID+'28',
-        'preferredLanguage': NETSCAPE_LDAP+'39',
-        'presentationAddress': X500ATTR_OID+'29',
-        'protocolInformation': X500ATTR_OID+'48',
-        'pseudonym': X500ATTR_OID+'65',
-        'PVP-USERID': LDAPGVAT_UCL_DIR_PILOT+'1',
-        'PVP-MAIL': LDAPGVAT_UCL_DIR_PILOT+'3',
-        'PVP-GID': LDAPGVAT_OID+'1',
-        'PVP-BPK': LDAPGVAT_OID+'149',
-        'PVP-OU-OKZ': LDAPGVAT_OID+'153',
-        'PVP-VERSION': LDAPGVAT_OID+'261.10',
-        'PVP-PRINCIPAL-NAME': LDAPGVAT_OID+'261.20',
-        'PVP-PARTICIPANT-OKZ': LDAPGVAT_OID+'261.24',
-        'PVP-ROLES': LDAPGVAT_OID+'261.30',
-        'PVP-INVOICE-RECPT-ID': LDAPGVAT_OID+'261.40',
-        'PVP-COST-CENTER-ID': LDAPGVAT_OID+'261.50',
-        'PVP-CHARGE-CODE': LDAPGVAT_OID+'261.60',
-        'PVP-OU-GV-OU-ID': LDAPGVAT_OID+'3',
-        'PVP-FUNCTION': LDAPGVAT_OID+'33',
-        'PVP-BIRTHDATE': LDAPGVAT_OID+'55',
-        'PVP-PARTICIPANT-ID': LDAPGVAT_OID+'71',
-        'PVP-OU': LDAPGVAT_X500ATTR_OID+'11',
-        'PVP-TEL': LDAPGVAT_X500ATTR_OID+'20',
-        'PVP-GIVENNAME': LDAPGVAT_X500ATTR_OID+'42',
-        'registeredAddress': X500ATTR_OID+'26',
-        'roleOccupant': X500ATTR_OID+'33',
-        'schacCountryOfCitizenship': SCHAC+'5',
-        'schacCountryOfResidence': SCHAC+'11',
-        'schacDateOfBirth': SCHAC+'3',
-        'schacExpiryDate': SCHAC+'17',
-        'schacGender': SCHAC+'2',
-        'schacHomeOrganization': SCHAC+'9',
-        'schacHomeOrganizationType': SCHAC+'10',
-        'schacMotherTongue': SCHAC+'1',
-        'schacPersonalPosition': SCHAC+'13',
-        'schacPersonalTitle': SCHAC+'8',
-        'schacPersonalUniqueCode': SCHAC+'14',
-        'schacPersonalUniqueID': SCHAC+'15',
-        'schacPlaceOfBirth': SCHAC+'4',
-        'schacProjectMembership': SCHAC+'20',
-        'schacProjectSpecificRole': SCHAC+'21',
-        'schacSn1': SCHAC+'6',
-        'schacSn2': SCHAC+'7',
-        'schacUserPresenceID': SCHAC+'12',
-        'schacUserPrivateAttribute': SCHAC+'18',
-        'schacUserStatus': SCHAC+'19',
-        'searchGuide': X500ATTR_OID+'14',
-        'serialNumber': X500ATTR_OID+'5',
-        'sisLegalGuardianFor': SIS+'1',
-        'sisSchoolGrade': SIS+'2',
-        'sn': X500ATTR_OID+'4',
-        'st': X500ATTR_OID+'8',
-        'street': X500ATTR_OID+'9',
-        'supportedAlgorithms': X500ATTR_OID+'52',
-        'supportedApplicationContext': X500ATTR_OID+'30',
-        'telephoneNumber': X500ATTR_OID+'20',
-        'teletexTerminalIdentifier': X500ATTR_OID+'22',
-        'telexNumber': X500ATTR_OID+'21',
-        'title': X500ATTR_OID+'12',
-        'uid': UCL_DIR_PILOT+'1',
-        'uniqueMember': X500ATTR_OID+'50',
-        'userCertificate': X500ATTR_OID+'36',
-        'userPKCS12': NETSCAPE_LDAP+'216',
-        'userSMIMECertificate': NETSCAPE_LDAP+'40',
-        'x121Address': X500ATTR_OID+'24',
-        'x500UniqueIdentifier': X500ATTR_OID+'45',
-    }
+}
+
+MAP = {
+    'identifier': 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+    'fro': __FROM,
+    'to': {v:k for k,v in __FROM.items()}
 }
diff --git a/example_sp/djangosaml2_sp/saml2_sp/urls.py b/example_sp/djangosaml2_sp/saml2_sp/urls.py
new file mode 100644
index 0000000..d480b46
--- /dev/null
+++ b/example_sp/djangosaml2_sp/saml2_sp/urls.py
@@ -0,0 +1,9 @@
+from django.conf import settings
+from django.contrib import admin
+from django.urls import include, path
+
+from . import views
+
+urlpatterns = [
+    path('', views.index),
+]
diff --git a/example_sp/djangosaml2_sp/saml2_sp/utils.py b/example_sp/djangosaml2_sp/saml2_sp/utils.py
new file mode 100644
index 0000000..8137f64
--- /dev/null
+++ b/example_sp/djangosaml2_sp/saml2_sp/utils.py
@@ -0,0 +1,24 @@
+import base64
+import xml.dom.minidom
+import zlib
+
+from xml.parsers.expat import ExpatError
+
+
+def repr_saml(saml_str, b64=False):
+    """ Decode SAML from b64 and b64 deflated and
+        return a pretty printed representation
+    """
+    try:
+        msg = base64.b64decode(saml_str).decode() if b64 else saml_str
+        dom = xml.dom.minidom.parseString(msg)
+    except (UnicodeDecodeError, ExpatError):
+        # in HTTP-REDIRECT the base64 must be inflated
+        msg = base64.b64decode(saml_str)
+        inflated = zlib.decompress(msg, -15)
+        dom = xml.dom.minidom.parseString(inflated.decode())
+    return dom.toprettyxml()
+
+
+def encode_http_redirect_saml(saml_envelope):
+    return base64.b64encode(zlib.compress(saml_envelope.encode()))
diff --git a/example_sp/djangosaml2_sp/saml2_sp/views.py b/example_sp/djangosaml2_sp/saml2_sp/views.py
new file mode 100644
index 0000000..a1826cf
--- /dev/null
+++ b/example_sp/djangosaml2_sp/saml2_sp/views.py
@@ -0,0 +1,54 @@
+import base64
+import logging
+import saml2
+
+from django.conf import settings
+from django.contrib.auth.models import User
+from django.dispatch import receiver
+from django.http import HttpResponse
+from django.shortcuts import render
+from django.template import TemplateDoesNotExist
+from djangosaml2.conf import get_config
+from djangosaml2.cache import IdentityCache, OutstandingQueriesCache
+from djangosaml2.cache import StateCache
+from djangosaml2.conf import get_config
+from djangosaml2.overrides import Saml2Client
+from djangosaml2.signals import post_authenticated, pre_user_save
+from djangosaml2.utils import (
+    available_idps, get_custom_setting,
+    get_idp_sso_supported_bindings, get_location
+)
+from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
+from saml2.authn_context import requested_authn_context
+from saml2.metadata import entity_descriptor
+
+from .utils import repr_saml
+
+
+logger = logging.getLogger('djangosaml2')
+
+
+def index(request):
+    """ Barebone 'diagnostics' view, print user attributes if logged in + login/logout links.
+    """
+    if request.user.is_authenticated:
+        out = "LOGGED IN: <a href={0}>LOGOUT</a><br>".format(settings.LOGOUT_URL)
+        out += "".join(['%s: %s</br>' % (field.name, getattr(request.user, field.name))
+                    for field in request.user._meta.get_fields()
+                    if field.concrete])
+        return HttpResponse(out)
+    else:
+        return HttpResponse("LOGGED OUT: <a href={0}>LOGIN</a>".format(settings.LOGIN_URL))
+
+
+# TODO fix this in IdP side?
+@receiver(pre_user_save, sender=User)
+def custom_update_user(sender, instance, attributes, user_modified, **kargs):
+    """ Default behaviour does not play nice with booleans encoded in SAML as u'true'/u'false'.
+        This will convert those attributes to real booleans when saving.
+    """
+    for k, v in attributes.items():
+        u = set.intersection(set(v), set([u'true', u'false']))
+        if u:
+            setattr(instance, k, u.pop() == u'true')
+    return True  # I modified the user object
diff --git a/example_sp/djangosaml2_sp/tests/request_saml_auth.py b/example_sp/djangosaml2_sp/tests/request_saml_auth.py
new file mode 100644
index 0000000..2f09b59
--- /dev/null
+++ b/example_sp/djangosaml2_sp/tests/request_saml_auth.py
@@ -0,0 +1,175 @@
+import copy
+import os
+import sys
+
+sys.path.append(os.getcwd())
+
+from djangosaml2_sp.sp_pysaml2_shibidp import (SAML_CONFIG,
+                                               BASE_URL,
+                                               BASE_DIR,
+                                               IDP_URL)
+
+from pprint import pprint
+
+from saml2.config import SPConfig
+from saml2.response import AuthnResponse
+from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
+from saml2.client import Saml2Client
+
+
+# OutStanding Queries
+# outstanding = {'id-R3qGBIK1FKbybkEOo': '/', 'id-vV5JVaBZCuC2LHP9Y': '/', 'id-TH9lfrLJL4KtNuEZJ': '/', 'id-KeYf8iMkonCWaqGrd': '/', 'id-S8lzm7lkEYIwokDVZ': '/', 'id-1naCBqIuGqm31mFnC': '/', 'id-D5bhbXLDxt6nS2QtZ': '/', 'id-UCjbQ7AS1nGG5wSN5': '/', 'id-EdrCM5hBIDix23Bf5': '/', 'id-p3yvaSmx6TJPZ0qK7': '/', 'id-DgwqMaGwOJYRxnzQe': '/'} 
+
+outstanding = None
+outstanding_certs = None
+conv_info = None
+
+conf = SPConfig()
+
+conf.load(copy.deepcopy(SAML_CONFIG))
+client = Saml2Client(conf)
+
+# client arguments
+selected_idp = None
+came_from = '/'
+# conf['sp']['authn_requests_signed'] determines if saml2.BINDING_HTTP_POST or saml2.BINDING_HTTP_REDIRECT
+binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' # saml2.BINDING_HTTP_REDIRECT
+sign=False
+sigalg=None
+nsprefix = {'ds': 'http://www.w3.org/2000/09/xmldsig#', 'md': 'urn:oasis:names:tc:SAML:2.0:metadata', 'samlp': 'urn:oasis:names:tc:SAML:2.0:protocol', 'xenc': 'http://www.w3.org/2001/04/xmlenc#', 'saml': 'urn:oasis:names:tc:SAML:2.0:assertion'}
+
+# craft SAML Request
+session_id, result = client.prepare_for_authenticate(
+                                                     entityid=selected_idp,
+                                                     relay_state=came_from,
+                                                     binding=binding,
+                                                     sign=sign,
+                                                     sigalg=sigalg,
+                                                     nsprefix=nsprefix
+                                                     )
+
+target = result.get('headers')[0][1]
+
+# browser init
+import requests
+
+r = requests.Session()
+# SAMLRequest is in target URL
+sp_saml_request = r.get(target, verify=False)
+if not sp_saml_request.ok: raise ('SP SAML Request Failed')
+
+
+# fetch post ACTION url from form then POST
+import re
+action_post_regexp ='(?P<name>action)="(?P<value>[a-zA-Z0-9\.\:\/\_\?\=]*)"'
+s = re.search(action_post_regexp, sp_saml_request.text)
+if not s: raise ('IDP Login POST doesn\'t returns correctly')
+
+post_target = target.split('?')[0]+'?'+s.groupdict()['value'].split('?')[1]
+
+payload = {
+'j_username': 'mario',
+'j_password': 'cimpa12',
+'donotcache': 1,
+'_shib_idp_revokeConsent': True,
+'_eventId_proceed': ''
+}
+
+# post target is in one of the but we already fetched it in the previous FORM.
+# IDP supports all those defined in its Metadata
+# <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.testunical.it/idp/profile/Shibboleth/SSO"/>
+# <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.testunical.it/idp/profile/SAML2/POST/SSO"/>
+# <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.testunical.it/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+# <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.testunical.it/idp/profile/SAML2/Redirect/SSO"/>
+
+idp_login_response = r.post(post_target, data=payload, verify=False)
+if not idp_login_response.ok: raise ('IDP Login response Failed')
+
+# Response
+# extract SAML2 authn response from IDP response
+saml2_response_regexp ='name="(?P<name>SAMLResponse)" value="(?P<value>[a-zA-Z0-9\.\:\/\_\?\=\+\-]*)"'
+sr = re.search(saml2_response_regexp, idp_login_response.text)
+if not sr:
+    print(idp_login_response.text)
+    raise ('IDP Response doesn\'t contain a valid SAML value')
+
+
+# Decode SAML2 base64 String
+import base64
+
+saml_auth_response_b64 = sr.groupdict().get('value')
+saml_auth_response = base64.b64decode(saml_auth_response_b64)
+xmlstr = saml_auth_response.decode('ascii')
+
+# Fancy SAML print
+# from lxml import etree
+# root = etree.XML(xmlstr.encode('ascii'))
+# print(etree.tostring(root, pretty_print=True).decode('utf-8'))
+
+# pySAML2 parse authn response (sign and decrypt features included)
+
+kwargs = {
+            "outstanding_queries": outstanding,
+            "outstanding_certs": outstanding_certs,
+            "allow_unsolicited": conf._sp_allow_unsolicited,
+            "want_assertions_signed": conf._sp_want_assertions_signed,
+            "want_response_signed": conf._sp_want_response_signed,
+            "return_addrs": conf.endpoint("assertion_consumer_service", binding, "sp"),
+            "entity_id": conf.entityid,
+            "attribute_converters": conf.attribute_converters,
+            "allow_unknown_attributes": conf.allow_unknown_attributes,
+            'conv_info': conv_info
+            }
+
+# xml unravel fails bacause of b64 inflate method
+# pr = client.parse_authn_request_response(saml_auth_response_b64,
+                                     # binding,
+                                     # outstanding=outstanding,
+                                     # outstanding_certs=None,
+                                     # conv_info=None)
+
+authn_response = AuthnResponse(client.sec, **kwargs)
+
+# response.loads(xmlstr, False, origxml=origxml)
+# authn_response.loads(xmlstr, False, origxml=xmlstr)
+
+# response.py -> AuthnResponse
+# in response.loads -> ._loads ->
+# authn_response.signature_check(xmldata, origdoc=origxml, must=self.require_signature,
+# require_response_signature=self.require_response_signature,
+# **args)
+
+# HERE err=18;msg=self signed certificate !
+#samlp_response = authn_response.signature_check(xmlstr, must=0, require_response_signature=0)
+
+# ea = samlp_response.encrypted_assertion[0]
+# ea.encrypted_data.cipher_data.cipher_value.text
+
+# consulta python-xmlsec
+# https://github.com/mehcode/python-xmlsec/issues/22
+
+from lxml import etree
+import xmlsec
+
+xmlsec.enable_debug_trace(True)
+km = xmlsec.KeysManager()
+
+km.add_key(xmlsec.Key.from_file(conf.key_file,
+                                xmlsec.KeyFormat.PEM))
+enc_ctx = xmlsec.EncryptionContext(km)
+
+# root = etree.parse("response.xml").getroot()
+root = etree.XML(xmlstr.encode('ascii'))
+node = root.xpath(
+    "//enc:EncryptedData",
+    namespaces={'enc': 'http://www.w3.org/2001/04/xmlenc#'},
+)
+enc_data = node[0]
+
+print()
+print(etree.tostring(enc_data))
+print()
+decrypted = enc_ctx.decrypt(enc_data)
+
+print()
+print(etree.tostring(decrypted))
diff --git a/linting.sh b/linting.sh
new file mode 100644
index 0000000..64c69ca
--- /dev/null
+++ b/linting.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+autopep8 -r --in-place uniauth_saml2_idp
+autoflake -r --in-place  --remove-unused-variables --expand-star-imports --remove-all-unused-imports uniauth_saml2_idp
+
+flake8 uniauth_saml2_idp --count --select=E9,F63,F7,F82 --show-source --statistics
+flake8 uniauth_saml2_idp --count --statistics  --max-line-length 160 --exclude=*migrations*,*tests*
diff --git a/requirements-customizations.txt b/requirements-customizations.txt
index 45d1da9..f16ac8f 100644
--- a/requirements-customizations.txt
+++ b/requirements-customizations.txt
@@ -1,4 +1,4 @@
-git+https://github.com/peppelinux/pysaml2.git@pplnx-7.0.1
+git+https://github.com/peppelinux/pysaml2.git@pplnx-v7.4.2
 
 #Bootstrap Italia + Unical template
 git+https://github.com/italia/design-django-theme.git
@@ -21,3 +21,24 @@ ldap3
 
 # custom maccounts in example project
 pycountry
+
+# oas3
+djangorestframework
+# Markdown support for the browsable API.
+markdown     
+django-filter
+uritemplate
+django-cors-headers # for rest api
+
+# proxy
+django-allauth
+
+cryptojwt>=1.8,<=1.9
+
+django-cleanup>=8.0,<9.0
+
+# password_reset
+django-form-builder>=1.0.1 ,<1.1.0
+
+# MFA
+django-mfa3>=0.11.0
diff --git a/requirements-dev.txt b/requirements-dev.txt
index 48877ab..da045a9 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -1,11 +1,8 @@
-# django saml2 idp
-djangosaml2>=1.0.0
-
-pytest==5.4.1
-pytest-django==3.8.0
-pytest-pythonpath==0.7.3
-python-dateutil==2.7.5
-pytest-cov==2.10.1
+pytest>=5.4.1
+pytest-django>=3.8.0
+pytest-pythonpath>=0.7.3
+python-dateutil>=2.7.5
+pytest-cov>=2.10.1
 
 bandit
 flake8
@@ -14,3 +11,6 @@ coverage
 # LDAP tests
 ldaptor
 twisted[tls]
+
+autoflake
+autopep8
diff --git a/requirements.txt b/requirements.txt
index 8359191..750a8b8 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
-django>=3.1.1,<4.0
-djangosaml2>=1.0.0
-pysaml2>=6.5.1
+django>=3.2.18,<4.2
+djangosaml2>=1.5
+pysaml2>=7.3
 cffi
 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/setup.py b/setup.py
index a4957cf..9192497 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,7 @@ def get_requirements(fname='requirements.txt'):
 
 setup(
     name="uniauth_saml2_idp",
-    version='2.0.1',
+    version='2.2.0',
     description="uniAuth is a Django SAML2 Identity Provider",
     long_description=readme(),
     long_description_content_type='text/markdown',
@@ -55,7 +55,7 @@ def get_requirements(fname='requirements.txt'):
         "Topic :: Internet :: WWW/HTTP :: WSGI",
         "Topic :: Security",
         "Topic :: Software Development :: Libraries :: Application Frameworks",
-        ],
+    ],
     install_requires=get_requirements(),
     zip_safe=False,
     )
diff --git a/uniauth_saml2_idp/admin.py b/uniauth_saml2_idp/admin.py
index 906e1ea..d12e49e 100644
--- a/uniauth_saml2_idp/admin.py
+++ b/uniauth_saml2_idp/admin.py
@@ -5,20 +5,19 @@
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
 
-from . models import (AgreementRecord,
-                      MetadataStore,
-                      ServiceProvider)
+from .models import AgreementRecord, MetadataStore, ServiceProvider
 
 
 def valida_elemento(modeladmin, request, queryset):  # pragma: no cover
     for i in queryset:
         try:
             i.validate()
-            messages.add_message(request, messages.SUCCESS,
-                                 '{} succesfully validated'.format(i))
+            messages.add_message(
+                request, messages.SUCCESS, "{} succesfully validated".format(i)
+            )
         except Exception as e:
             messages.add_message(request, messages.ERROR,
-                                 '{} : {}'.format(i, e))
+                                 "{} : {}".format(i, e))
 
 
 valida_elemento.short_description = _("Validate")
@@ -26,54 +25,55 @@ def valida_elemento(modeladmin, request, queryset):  # pragma: no cover
 
 @admin.register(AgreementRecord)
 class AgreementRecordAdmin(admin.ModelAdmin):
-    list_display = ('user',
-                    'sp_entity_id',
-                    'created')
-    readonly_fields = ('attrs', 'sp_entity_id', 'user')
+    list_display = ("user", "sp_entity_id", "created")
+    readonly_fields = ("attrs", "sp_entity_id", "user")
 
 
 @admin.register(MetadataStore)
 class MetadataStoreAdmin(admin.ModelAdmin):
-    list_display = ('name',
-                    'type',
-                    'is_valid',
-                    'is_active',
-                    'updated')
-    list_filter = ('is_valid',
-                   'is_active',
-                   'updated')
-    search_fields = ('name', 'url')
-    readonly_fields = ('created', 'updated', 'is_valid',
-                       'metadata_element_preview')
+    list_display = ("name", "type", "is_valid", "is_active", "updated")
+    list_filter = ("is_valid", "is_active", "updated")
+    search_fields = ("name", "url")
+    readonly_fields = ("created", "updated", "is_valid",
+                       "metadata_element_preview")
     actions = (valida_elemento,)
-    list_editable = ('is_active',)
+    list_editable = ("is_active",)
     fieldsets = (
-                (None, {'fields': (('name', 'type'),
-                                   ('url', 'file'),
-                                   'kwargs',
-                                   ('is_active', ),
-                                   'is_valid',
-                                   ('created', 'updated'),
-                                   'metadata_element_preview'
-                                   )}),
+        (
+            None,
+            {
+                "fields": (
+                    ("name", "type"),
+                    ("url", "file"),
+                    "kwargs",
+                    ("is_active",),
+                    "is_valid",
+                    ("created", "updated"),
+                    "metadata_element_preview",
+                )
+            },
+        ),
     )
 
     class Media:
-        js = ('textarea_autosize.js',)
+        js = ("textarea_autosize.js",)
 
     def metadata_element_preview(self, obj):  # pragma: no cover
         try:
-            dumps = json.dumps(obj.as_pysaml2_mdstore_row(),
-                               indent=4)
+            dumps = json.dumps(obj.as_pysaml2_mdstore_row(), indent=4)
         except Exception:
             # for newly created
             return
-        return mark_safe(dumps.replace(r'\n', '<br>').replace(r'\s', '&nbsp'))
-    metadata_element_preview.short_description = 'Metadata element preview'
+        # TODO: here an escape would be better ...
+        return mark_safe(
+            dumps.replace(r"\n", "<br>").replace(r"\s", "&nbsp")
+        )  # nosec B703 B308
+
+    metadata_element_preview.short_description = "Metadata element preview"
 
     def save_model(self, request, obj, form, change):
         res = False
-        msg = ''
+        msg = ""
         try:
             json.dumps(obj.as_pysaml2_mdstore_row())
             res = obj.validate()
@@ -86,70 +86,108 @@ def save_model(self, request, obj, form, change):
 
         if not res:  # pragma: no cover
             messages.set_level(request, messages.ERROR)
-            _msg = _("Storage {} is not valid, if 'mdq' at least a "
-                     "valid url must be inserted. "
-                     "If local: at least a file or a valid path").format(obj.name)
+            _msg = _(
+                "Storage {} is not valid, if 'mdq' at least a "
+                "valid url must be inserted. "
+                "If local: at least a file or a valid path"
+            ).format(obj.name)
             if msg:
-                _msg = _msg + '. ' + msg
+                _msg = _msg + ". " + msg
             messages.add_message(request, messages.ERROR, _msg)
 
 
 @admin.register(ServiceProvider)
 class ServiceProviderAdmin(admin.ModelAdmin):
-    list_display = ('display_name',
-                    'agreement_screen',
-                    'agreement_message',
-                    'signing_algorithm',
-                    'digest_algorithm',
-                    'is_active', 'is_valid',
-                    'updated')
-    list_filter = ('created',
-                   'signing_algorithm',
-                   'digest_algorithm',
-                   'disable_encrypted_assertions',
-                   'is_active', 'is_valid',
-                   'updated')
-    search_fields = ('entity_id', 'display_name', 'metadata_url')
-    readonly_fields = ('created', 'updated',
-                       'as_idpspconfig_dict_element_html',
-                       'is_valid', 'last_seen')
+    list_display = (
+        "display_name",
+        "agreement_screen",
+        "agreement_message",
+        "signing_algorithm",
+        "digest_algorithm",
+        "is_active",
+        "is_valid",
+        "updated",
+    )
+    list_filter = (
+        "created",
+        "signing_algorithm",
+        "digest_algorithm",
+        "disable_encrypted_assertions",
+        "is_active",
+        "is_valid",
+        "updated",
+    )
+    search_fields = ("entity_id", "display_name", "metadata_url")
+    readonly_fields = (
+        "created",
+        "updated",
+        "as_idpspconfig_dict_element_html",
+        "is_valid",
+        "last_seen",
+    )
     actions = (valida_elemento,)
-    list_editable = ('is_active',)
+    list_editable = ("is_active",)
     fieldsets = (
-                (None, {'fields': (('entity_id', 'display_name',),
-                                   ('metadata_url',),
-                                   ('signing_algorithm', 'digest_algorithm'),
-                                   ('disable_encrypted_assertions'),
-                                   ('is_active'),
-                                   'is_valid',
-                                   )}),
-                (_('Agreement and Description'), {'fields': (('agreement_screen', 'agreement_consent_form',),
-                                                             ('agreement_message',
-                                                              'description'),
-                                                             ),
-                                                  'classes': ('collapse',),
-                                                  }),
-                (_('Attributes'), {'fields': (
-                    ('attribute_processor',),
-                    ('attribute_mapping',),
-                    ('force_attribute_release',),
+        (
+            None,
+            {
+                "fields": (
+                    (
+                        "entity_id",
+                        "display_name",
+                    ),
+                    ("metadata_url",),
+                    ("signing_algorithm", "digest_algorithm"),
+                    ("disable_encrypted_assertions"),
+                    ("is_active"),
+                    "is_valid",
+                )
+            },
+        ),
+        (
+            _("Agreement and Description"),
+            {
+                "fields": (
+                    (
+                        "agreement_screen",
+                        "agreement_consent_form",
+                    ),
+                    ("agreement_message", "description"),
+                ),
+                "classes": ("collapse",),
+            },
+        ),
+        (
+            _("Attributes"),
+            {
+                "fields": (
+                    ("attribute_processor",),
+                    ("attribute_mapping",),
+                    ("force_attribute_release",),
                 ),
-                }),
-        (_('Attributes preview'), {'fields': (
-            ('as_idpspconfig_dict_element_html',),
+            },
         ),
-            'classes': ('collapse',),
-        }),
-        (None, {'fields': (('created', 'updated', 'last_seen'),)})
+        (
+            _("Attributes preview"),
+            {
+                "fields": (("as_idpspconfig_dict_element_html",),),
+                "classes": ("collapse",),
+            },
+        ),
+        (None, {"fields": (("created", "updated", "last_seen"),)}),
     )
 
     class Media:
-        js = ('textarea_autosize.js',)
+        js = ("textarea_autosize.js",)
 
     def as_idpspconfig_dict_element_html(self, obj):
-        return mark_safe(json.dumps(obj.as_idpspconfig_dict_element(),
-                                    indent=4).replace(r'\n', '<br>').replace(r'\s', '&nbsp'))
-    as_idpspconfig_dict_element_html.short_description = 'SP config preview'
+        return mark_safe(
+            json.dumps(obj.as_idpspconfig_dict_element(), indent=4)
+            .replace(r"\n", "<br>")
+            .replace(r"\s", "&nbsp")
+        )  # nosec B703 B308
+
+    as_idpspconfig_dict_element_html.short_description = "SP config preview"
 
     def save_model(self, request, obj, form, change):
         try:
diff --git a/uniauth_saml2_idp/auth/ldap_peoples.py b/uniauth_saml2_idp/auth/ldap_peoples.py
index 2909a2f..9eb048a 100644
--- a/uniauth_saml2_idp/auth/ldap_peoples.py
+++ b/uniauth_saml2_idp/auth/ldap_peoples.py
@@ -2,6 +2,7 @@
 
 from django.contrib.auth import get_user_model
 from django.contrib.auth.backends import ModelBackend
+
 # from django.contrib.auth.decorators import user_passes_test
 from django.db import connections
 
@@ -13,17 +14,17 @@
 
 class LdapAcademiaAuthBackend(ModelBackend):
     """
-        This class logout a user if another session of that user
-        will be created
+    This class logout a user if another session of that user
+    will be created
 
-        in settings.py
-        AUTHENTICATION_BACKENDS = [ 'idp.ldap_auth.backends.ModelBackend',
-                                    'ldap_peoples.auth.LdapAcademiaAuthBackend'
-                                  ]
+    in settings.py
+    AUTHENTICATION_BACKENDS = [ 'idp.ldap_auth.backends.ModelBackend',
+                                'ldap_peoples.auth.LdapAcademiaAuthBackend'
+                              ]
     """
 
     def authenticate(self, request, username=None, password=None):
-        ldap_conn = connections['ldap']
+        ldap_conn = connections["ldap"]
         user = None
         username = conv.escape_filter_chars(username, encoding=None)
         lu = LdapAcademiaUser.objects.filter(uid=username).first()
@@ -34,8 +35,7 @@ def authenticate(self, request, username=None, password=None):
         # check if username exists and if it is active
         try:
             ldap_conn.connect()
-            ldap_conn.connection.bind_s(lu.distinguished_name(),
-                                        password)
+            ldap_conn.connection.bind_s(lu.distinguished_name(), password)
             ldap_conn.connection.unbind_s()
         except Exception:
             logger.info(
@@ -56,24 +56,26 @@ def authenticate(self, request, username=None, password=None):
             user.email = lu.mail[0]
             user.first_name = lu.cn
             user.last_name = lu.sn
-            user.origin = 'ldap_peoples'
+            user.origin = "ldap_peoples"
             user.save()
         except Exception:
-            user = get_user_model().objects.create(username=username,
-                                                   email=lu.mail[0],
-                                                   first_name=lu.cn,
-                                                   last_name=lu.sn,
-                                                   origin='ldap_peoples')
+            user = get_user_model().objects.create(
+                username=username,
+                email=lu.mail[0],
+                first_name=lu.cn,
+                last_name=lu.sn,
+                origin="ldap_peoples",
+            )
 
         # TODO: Create a middleware for this
         # disconnect already created session, only a session per user is allowed
         # get all the active sessions
         # if not settings.MULTIPLE_USER_AUTH_SESSIONS:
-            # for session in Session.objects.all():
-            # try:
-            # if int(session.get_decoded()['_auth_user_id']) == user.pk:
-            # session.delete()
-            # except (KeyError, TypeError, ValueError):
-            # pass
+        # for session in Session.objects.all():
+        # try:
+        # if int(session.get_decoded()['_auth_user_id']) == user.pk:
+        # session.delete()
+        # except (KeyError, TypeError, ValueError):
+        # pass
 
         return user
diff --git a/uniauth_saml2_idp/auth/multildap.py b/uniauth_saml2_idp/auth/multildap.py
index f9fcb54..cbd39c9 100644
--- a/uniauth_saml2_idp/auth/multildap.py
+++ b/uniauth_saml2_idp/auth/multildap.py
@@ -27,9 +27,13 @@ def authenticate(self, request, username=None, password=None):
         lu = None
         dn = None
 
+        uid_value = 'uid'
+
         username = conv.escape_filter_chars(username, encoding=None)
         for lc in settings.LDAP_CONNECTIONS:
-            search_filter = '(uid={})'.format(username)
+            # rewrites uid value if necessary
+            uid_value = lc.conf.get('uid_alias', 'uid')
+            search_filter = f"({uid_value}={username})"
             lu = lc.get(search=search_filter)
             if lu:
                 logger.info(
@@ -51,25 +55,32 @@ def authenticate(self, request, username=None, password=None):
         else:
             msg = "--- LDAP user {} succesfully authenticated to {} ---"
             logger.info(msg.format(dn, lc))
-            attrs = ','.join([i for i in list(lu.values())[0]])
+            attrs = ",".join([i for i in list(lu.values())[0]])
             logger.info("--- LDAP user attributes: [{}]".format(attrs))
-        username = lu_obj.uid[0]
+
+        username = getattr(lu_obj, uid_value)[0]
         user = get_user_model().objects.filter(username=username).first()
+        mail = lu_obj.mail[0] if lu_obj.mail else ""
+        sn = lu_obj.sn[0] if lu_obj.sn else ""
+        gn = lu_obj.givenName[0] if lu_obj.givenName else ""
+
         if user:
             # update attrs:
-            user.email = lu_obj.mail[0]
-            user.first_name = lu_obj.givenName[0]
-            user.last_name = lu_obj.sn[0]
+            user.email = mail
+            user.first_name = gn
+            user.last_name = sn
             user.origin = lc.__repr__()
             user.save()
         else:
             logger.info("--- Creating user: {}".format(username))
-            user = get_user_model().objects.create(username=username,
-                                                   email=lu_obj.mail[0],
-                                                   first_name=lu_obj.givenName[0],
-                                                   last_name=lu_obj.sn[0],
-                                                   origin=lc.__repr__())
+            user = get_user_model().objects.create(
+                username=username,
+                email=mail,
+                first_name=gn,
+                last_name=sn,
+                origin=lc.__repr__(),
+            )
 
         # avoids another LDAP query in Attributes processors
-        request.saml_session['identity_attributes'] = lu[dn]
+        request.saml_session["identity_attributes"] = lu[dn]
         return user
diff --git a/uniauth_saml2_idp/decorators.py b/uniauth_saml2_idp/decorators.py
index 0abd6e7..fd0d2ca 100644
--- a/uniauth_saml2_idp/decorators.py
+++ b/uniauth_saml2_idp/decorators.py
@@ -1,7 +1,10 @@
 import logging
 
+from django.conf import settings
+from django.urls import reverse
 from django.utils.translation import gettext as _
 from django.shortcuts import render
+
 from saml2 import BINDING_HTTP_POST, BINDING_HTTP_REDIRECT
 
 from .utils import repr_saml
@@ -9,71 +12,99 @@
 
 logger = logging.getLogger(__name__)
 
-_not_valid_saml_msg = _('Not a valid SAML Session, Probably your request is '
-                        'expired or you refreshed your page getting in a stale '
-                        'request. Please come back to your SP and renew '
-                        'the authentication request')
+_not_valid_saml_msg = _(
+    "Not a valid SAML Session, Probably your request is "
+    "expired or you refreshed your page getting in a stale "
+    "request. Please come back to your SP and renew "
+    "the authentication request"
+)
 
 
 def store_params_in_session(request):
-    """ Entrypoint view for SSO. Gathers the parameters from the
-        HTTP request and stores them in the session
+    """Entrypoint view for SSO. Gathers the parameters from the
+    HTTP request and stores them in the session
 
-        It do not return anything because request come as pointer
+    It do not return anything because request come as pointer
     """
-    if request.method == 'POST':
+    if request.method == "POST":
         passed_data = request.POST
         binding = BINDING_HTTP_POST
     else:
         passed_data = request.GET
         binding = BINDING_HTTP_REDIRECT
-    saml_request = passed_data.get('SAMLRequest')
+
+    saml_request = passed_data.get("SAMLRequest")
     if saml_request:
         msg = "SAML request [\n{}]"
         logger.debug(msg.format(repr_saml(saml_request, b64=True)))
     else:  # pragma: no cover
-        msg = _('not a valid SAMLRequest: {}').format(
-            _('AuthnRequest is missing. Please Retry'))
-        logger.info('SAML Request absent from {}'.format(request))
-        return render(request, 'error.html',
-                      {'exception_type': msg,
-                       'exception_msg': _('Please renew your SAML Request'),
-                       'extra_message': _not_valid_saml_msg},
-                      status=403)
+        msg = _("not a valid SAMLRequest: {}").format(
+            _("AuthnRequest is missing. Please Retry")
+        )
+        logger.info("SAML Request absent from {}".format(request))
+        return render(
+            request,
+            "error.html",
+            {
+                "exception_type": msg,
+                "exception_msg": _("Please renew your SAML Request"),
+                "extra_message": _not_valid_saml_msg,
+            },
+            status=403,
+        )
 
-    request.saml_session['SAMLRequest'] = saml_request
-    request.saml_session['Binding'] = binding
-    request.saml_session['RelayState'] = passed_data.get('RelayState', '')
+    request.saml_session["SAMLRequest"] = saml_request
+    request.saml_session["Binding"] = binding
+    request.saml_session["RelayState"] = passed_data.get("RelayState", "")
 
 
 def store_params_in_session_func(func_to_decorate):
-    """ store_params_in_session as a funcion decorator
-    """
+    """store_params_in_session as a funcion decorator"""
+
     def new_func(*original_args, **original_kwargs):
         request = original_args[0]
         try:
             store_params_in_session(request)
             return func_to_decorate(*original_args, **original_kwargs)
         except Exception as e:  # pragma: no cover
-            msg = _('not a valid SAMLRequest: {}').format(e)
-            return render(request, 'error.html',
-                          {'exception_type': msg,
-                           'exception_msg': _('Please renew your SAML Request'),
-                           'extra_message': _not_valid_saml_msg},
-                          status=403)
+            msg = _("not a valid SAMLRequest: {}").format(e)
+            return render(
+                request,
+                "error.html",
+                {
+                    "exception_type": msg,
+                    "exception_msg": _("Please renew your SAML Request"),
+                    "extra_message": _not_valid_saml_msg,
+                },
+                status=403,
+            )
+
     return new_func
 
 
 def require_saml_request(func_to_decorate):
-    """ store_params_in_session as a funcion decorator
-    """
+    """store_params_in_session as a funcion decorator"""
+
     def new_func(*original_args, **original_kwargs):
         request = original_args[0]
-        if not request.saml_session.get('SAMLRequest'):
-            return render(request, 'error.html',
-                          {'exception_type': _("You cannot access to this service directly"),
-                           'exception_msg': _('Please renew your SAML Request'),
-                           'extra_message': _not_valid_saml_msg},
-                          status=403)
+        
+        if request.user.is_authenticated:
+            return func_to_decorate(*original_args, **original_kwargs)
+        
+        elif settings.ADMIN_PATH in request.GET.get('next', []):
+            return func_to_decorate(*original_args, **original_kwargs)
+        
+        elif not request.saml_session.get("SAMLRequest"):
+            return render(
+                request,
+                "error.html",
+                {
+                    "exception_type": _("You cannot access to this service directly"),
+                    "exception_msg": _("Please renew your SAML Request"),
+                    "extra_message": _not_valid_saml_msg,
+                },
+                status=403,
+            )
         return func_to_decorate(*original_args, **original_kwargs)
+
     return new_func
diff --git a/uniauth_saml2_idp/error_views.py b/uniauth_saml2_idp/error_views.py
index b65d0e5..5421947 100644
--- a/uniauth_saml2_idp/error_views.py
+++ b/uniauth_saml2_idp/error_views.py
@@ -7,23 +7,26 @@
 
 
 class SamlIDPErrorView(TemplateView):
-    """ Default error view when a 'known' error
-        occurs in the saml2 authentication views.
+    """Default error view when a 'known' error
+    occurs in the saml2 authentication views.
     """
-    template_name = 'error.html'
+
+    template_name = "error.html"
     status = 403
 
     def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         exception = kwargs.get("exception")
 
-        context.update({
-            "exception_type": exception.__class__.__name__ if exception else None,
-            "exception_msg": str(exception) if exception else None,
-            "extra_message": kwargs.get("extra_message"),
-        })
+        context.update(
+            {
+                "exception_type": exception.__class__.__name__ if exception else None,
+                "exception_msg": str(exception) if exception else None,
+                "extra_message": kwargs.get("extra_message"),
+            }
+        )
         return context
 
     def render_to_response(self, context, **response_kwargs):
-        response_kwargs['status'] = self.status
+        response_kwargs["status"] = self.status
         return super(TemplateView, self).render_to_response(context, **response_kwargs)
diff --git a/uniauth_saml2_idp/forms.py b/uniauth_saml2_idp/forms.py
index 8d39107..2e3589b 100644
--- a/uniauth_saml2_idp/forms.py
+++ b/uniauth_saml2_idp/forms.py
@@ -7,20 +7,20 @@ class LoginForm(AuthenticationForm):
     # these are inherited
     # username = forms.CharField()
     # password = forms.CharField(widget=forms.PasswordInput())
-    forget_agreement = forms.BooleanField(label=_("Delete previous agreement"),
-                                          required=False,
-                                          localize=True)
-    forget_login = forms.BooleanField(label=_("Forget access"),
-                                      required=False,
-                                      localize=True)
+    forget_agreement = forms.BooleanField(
+        label=_("Delete previous agreement"), required=False, localize=True
+    )
+    forget_login = forms.BooleanField(
+        label=_("Forget access"), required=False, localize=True
+    )
 
 
 class AgreementForm(forms.Form):
-    CHOICES = ((1, _('I give my consent')),
-               (0, _('I deny my consent')))
+    CHOICES = ((1, _("I give my consent")), (0, _("I deny my consent")))
 
     confirm = forms.ChoiceField(choices=CHOICES, widget=forms.RadioSelect)
-    dont_show_again = forms.BooleanField(label=_("Don't show this screen "
-                                                 "on next login."),
-                                         required=False,
-                                         localize=True)
+    dont_show_again = forms.BooleanField(
+        label=_("Don't show this screen " "on next login."),
+        required=False,
+        localize=True,
+    )
diff --git a/uniauth_saml2_idp/management/commands/aacli.py b/uniauth_saml2_idp/management/commands/aacli.py
index 1cae7f8..707f3c5 100644
--- a/uniauth_saml2_idp/management/commands/aacli.py
+++ b/uniauth_saml2_idp/management/commands/aacli.py
@@ -7,20 +7,22 @@
 
 
 class Command(BaseCommand):
-    help = 'Attribute release query'
+    help = "Attribute release query"
 
     def add_arguments(self, parser):
-        parser.epilog = 'Example: ./manage.py aacli -e https://auth.unical.it/idp/metadata/ -u joe'
-        parser.add_argument('-e', required=True,
+        parser.epilog = (
+            "Example: ./manage.py aacli -e https://auth.unical.it/idp/metadata/ -u joe"
+        )
+        parser.add_argument("-e", required=True,
                             help="Entity to request metadata for")
-        parser.add_argument('-u', required=True,
-                            help="username to test")
-        parser.add_argument('-debug', required=False, action="store_true",
-                            help="see debug message")
+        parser.add_argument("-u", required=True, help="username to test")
+        parser.add_argument(
+            "-debug", required=False, action="store_true", help="see debug message"
+        )
 
     def handle(self, *args, **options):
-        uid = options['u']
-        eid = options['e']
+        uid = options["u"]
+        eid = options["e"]
 
         idph = IdPHandlerViewMixin()
         idph.IDP = get_IDP()
@@ -31,19 +33,22 @@ def handle(self, *args, **options):
 
         user = get_user_model().objects.filter(username=uid).first()
         if not user:
-            user = get_user_model().objects.create(username=uid,
-                                                   origin='aacli')
+            user = get_user_model().objects.create(username=uid, origin="aacli")
 
         identity, policy, ava = idph.get_ava(user)
-        print('SP Configuration:')
-        print(json.dumps(idph.sp['config'], indent=2))
+        print("SP Configuration:")
+        print(json.dumps(idph.sp["config"], indent=2))
         print()
         try:
-            idph.sp['name_id_format'] = idph.IDP.metadata[eid]['spsso_descriptor'][0]['name_id_format'][0]['text']
-            print('TargetedID: {}'.format(idph.processor.get_user_id(user,
-                                                                     idph.sp,
-                                                                     idph.IDP.config)))
+            idph.sp["name_id_format"] = idph.IDP.metadata[eid]["spsso_descriptor"][0][
+                "name_id_format"
+            ][0]["text"]
+            print(
+                "TargetedID: {}".format(
+                    idph.processor.get_user_id(user, idph.sp, idph.IDP.config)
+                )
+            )
         except Exception:
-            print('TargetedID: {}'.format(idph.processor.eduPersonTargetedID))
+            print("TargetedID: {}".format(idph.processor.eduPersonTargetedID))
 
         print(json.dumps(ava, indent=2))
diff --git a/uniauth_saml2_idp/management/commands/mdquery.py b/uniauth_saml2_idp/management/commands/mdquery.py
index b7a0354..fb2b45d 100644
--- a/uniauth_saml2_idp/management/commands/mdquery.py
+++ b/uniauth_saml2_idp/management/commands/mdquery.py
@@ -7,29 +7,29 @@
 
 
 class Command(BaseCommand):
-    help = 'Metadata Query protocol'
+    help = "Metadata Query protocol"
 
     def add_arguments(self, parser):
-        parser.epilog = 'Example: ./manage.py mdquery -e https://auth.unical.it/idp/metadata/ -f json'
-        parser.add_argument('-e', required=True,
+        parser.epilog = "Example: ./manage.py mdquery -e https://auth.unical.it/idp/metadata/ -f json"
+        parser.add_argument("-e", required=True,
                             help="Entity to request metadata for")
         parser.add_argument(
-            '-f', default=['json', 'saml2'], help='output format')
-        parser.add_argument('-debug', required=False, action="store_true",
-                            help="see debug message")
+            "-f", default=["json", "saml2"], help="output format")
+        parser.add_argument(
+            "-debug", required=False, action="store_true", help="see debug message"
+        )
 
     def handle(self, *args, **options):
         idp = get_idp_config()
-        for md in MetadataStore.objects.filter(is_active=1,
-                                               is_valid=1):
-            if md.type in ('file', 'local'):
+        for md in MetadataStore.objects.filter(is_active=1, is_valid=1):
+            if md.type in ("file", "local"):
                 idp.metadata.load(md.type, md.url)
             else:
-                idp.metadata.load(md.type,
-                                  url=md.url, ca_cert=md.file,
-                                  **json.loads(md.kwargs))
-        res = idp.metadata[options['e']]
-        if options['f'] == 'json':
+                idp.metadata.load(
+                    md.type, url=md.url, ca_cert=md.file, **json.loads(md.kwargs)
+                )
+        res = idp.metadata[options["e"]]
+        if options["f"] == "json":
             print(json.dumps(res, indent=2))
         else:
             print(idp.metadata.dumps())
diff --git a/uniauth_saml2_idp/migrations/0001_initial.py b/uniauth_saml2_idp/migrations/0001_initial.py
index 812a5e2..f1cef95 100644
--- a/uniauth_saml2_idp/migrations/0001_initial.py
+++ b/uniauth_saml2_idp/migrations/0001_initial.py
@@ -6,7 +6,6 @@
 
 
 class Migration(migrations.Migration):
-
     initial = True
 
     dependencies = [
@@ -15,81 +14,228 @@ class Migration(migrations.Migration):
 
     operations = [
         migrations.CreateModel(
-            name='MetadataStore',
+            name="MetadataStore",
             fields=[
-                ('id', models.AutoField(auto_created=True,
-                                        primary_key=True, serialize=False, verbose_name='ID')),
-                ('name', models.CharField(max_length=256)),
-                ('url', models.CharField(
-                    blank=True, help_text='for "remote" and "mdq", use path if "local".', max_length=255, null=True)),
-                ('file', models.FileField(
-                    blank=True, help_text='https cert if type==mdq https cert if type==remote xml file if type==file', null=True, upload_to='metadata')),
-                ('type', models.CharField(choices=[
-                 ('remote', 'remote'), ('mdq', 'mdq'), ('local', 'local')], max_length=12)),
-                ('kwargs', models.TextField(default='{}', help_text='A dictionary')),
-                ('is_valid', models.BooleanField(default=False,
-                                                 help_text='if sign validation was succesfull')),
-                ('is_active', models.BooleanField(default=False,
-                                                  help_text='enable/disable this metadata source')),
-                ('created', models.DateTimeField(auto_now_add=True)),
-                ('updated', models.DateTimeField(auto_now=True,
-                                                 help_text='when last download/validation occourred', null=True)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("name", models.CharField(max_length=256)),
+                (
+                    "url",
+                    models.CharField(
+                        blank=True,
+                        help_text='for "remote" and "mdq", use path if "local".',
+                        max_length=255,
+                        null=True,
+                    ),
+                ),
+                (
+                    "file",
+                    models.FileField(
+                        blank=True,
+                        help_text="https cert if type==mdq https cert if type==remote xml file if type==file",
+                        null=True,
+                        upload_to="metadata",
+                    ),
+                ),
+                (
+                    "type",
+                    models.CharField(
+                        choices=[
+                            ("remote", "remote"),
+                            ("mdq", "mdq"),
+                            ("local", "local"),
+                        ],
+                        max_length=12,
+                    ),
+                ),
+                ("kwargs", models.TextField(default="{}", help_text="A dictionary")),
+                (
+                    "is_valid",
+                    models.BooleanField(
+                        default=False, help_text="if sign validation was succesfull"
+                    ),
+                ),
+                (
+                    "is_active",
+                    models.BooleanField(
+                        default=False, help_text="enable/disable this metadata source"
+                    ),
+                ),
+                ("created", models.DateTimeField(auto_now_add=True)),
+                (
+                    "updated",
+                    models.DateTimeField(
+                        auto_now=True,
+                        help_text="when last download/validation occourred",
+                        null=True,
+                    ),
+                ),
             ],
             options={
-                'verbose_name': 'Metadata Store',
-                'verbose_name_plural': 'Metadatas Store',
+                "verbose_name": "Metadata Store",
+                "verbose_name_plural": "Metadatas Store",
             },
         ),
         migrations.CreateModel(
-            name='ServiceProvider',
+            name="ServiceProvider",
             fields=[
-                ('id', models.AutoField(auto_created=True,
-                                        primary_key=True, serialize=False, verbose_name='ID')),
-                ('entity_id', models.CharField(max_length=254, unique=True)),
-                ('display_name', models.CharField(max_length=254)),
-                ('metadata_url', models.URLField(blank=True, default='',
-                                                 help_text='optional, usually this is the same of entityID', max_length=254)),
-                ('description', models.TextField(blank=True, default='')),
-                ('agreement_screen', models.BooleanField(default=True)),
-                ('agreement_consent_form', models.BooleanField(default=False)),
-                ('agreement_message', models.TextField(blank=True, default='')),
-                ('signing_algorithm', models.CharField(choices=[('http://www.w3.org/2000/09/xmldsig#rsa-sha1', 'SIG_RSA_SHA1'), ('http://www.w3.org/2001/04/xmldsig-more#rsa-sha224', 'SIG_RSA_SHA224'), ('http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
-                                                                                                                                                                                                          'SIG_RSA_SHA256'), ('http://www.w3.org/2001/04/xmldsig-more#rsa-sha384', 'SIG_RSA_SHA384'), ('http://www.w3.org/2001/04/xmldsig-more#rsa-sha512', 'SIG_RSA_SHA512')], default='http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', max_length=256)),
-                ('digest_algorithm', models.CharField(choices=[('http://www.w3.org/2000/09/xmldsig#sha1', 'DIGEST_SHA1'), ('http://www.w3.org/2001/04/xmldsig-more#sha224', 'DIGEST_SHA224'), ('http://www.w3.org/2001/04/xmlenc#sha256', 'DIGEST_SHA256'), (
-                    'http://www.w3.org/2001/04/xmldsig-more#sha384', 'DIGEST_SHA384'), ('http://www.w3.org/2001/04/xmlenc#sha512', 'DIGEST_SHA512'), ('http://www.w3.org/2001/04/xmlenc#ripemd160', 'DIGEST_RIPEMD160')], default='http://www.w3.org/2001/04/xmlenc#sha256', max_length=256)),
-                ('disable_encrypted_assertions', models.BooleanField(
-                    default=True, help_text='disable encryption')),
-                ('attribute_processor', models.CharField(blank=True, default='idp.processors.LdapUnicalMultiAcademiaProcessor',
-                                                         help_text='"package.file.classname", example: "idp.processors.LdapAcademiaProcessor"', max_length=256)),
-                ('attribute_mapping', models.TextField(
-                    blank=True, default='{\n    "cn": "cn",\n    "codice_fiscale": "codice_fiscale",\n    "displayName": "displayName",\n    "eduPersonAffiliation": "eduPersonAffiliation",\n    "eduPersonEntitlement": "eduPersonEntitlement",\n    "eduPersonHomeOrganization": "eduPersonHomeOrganization",\n    "eduPersonPrincipalName": "eduPersonPrincipalName",\n    "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",\n    "eduPersonTargetedID": "eduPersonTargetedID",\n    "email": [\n        "mail",\n        "email"\n    ],\n    "givenName": [\n        "givenName",\n        "another_possible_occourrence"\n    ],\n    "mail": [\n        "mail",\n        "email"\n    ],\n    "matricola_dipendente": "matricola_dipendente",\n    "matricola_studente": "matricola_studente",\n    "schacHomeOrganization": "schacHomeOrganization",\n    "schacPersonalUniqueCode": "schacPersonalUniqueCode",\n    "schacPersonalUniqueID": "schacPersonalUniqueID",\n    "sn": "sn"\n}', help_text='Attribute that would be release to this SP, in JSON format.', null=True)),
-                ('force_attribute_release', models.BooleanField(default=False,
-                                                                help_text='Release the configured attribute mapping regardless of what SP asks for.')),
-                ('is_valid', models.BooleanField(default=False)),
-                ('is_active', models.BooleanField(default=False)),
-                ('created', models.DateTimeField(auto_now_add=True)),
-                ('updated', models.DateTimeField(auto_now=True, null=True)),
-                ('last_seen', models.DateTimeField(blank=True, null=True)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("entity_id", models.CharField(max_length=254, unique=True)),
+                ("display_name", models.CharField(max_length=254)),
+                (
+                    "metadata_url",
+                    models.URLField(
+                        blank=True,
+                        default="",
+                        help_text="optional, usually this is the same of entityID",
+                        max_length=254,
+                    ),
+                ),
+                ("description", models.TextField(blank=True, default="")),
+                ("agreement_screen", models.BooleanField(default=True)),
+                ("agreement_consent_form", models.BooleanField(default=False)),
+                ("agreement_message", models.TextField(blank=True, default="")),
+                (
+                    "signing_algorithm",
+                    models.CharField(
+                        choices=[
+                            (
+                                "http://www.w3.org/2000/09/xmldsig#rsa-sha1",
+                                "SIG_RSA_SHA1",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224",
+                                "SIG_RSA_SHA224",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+                                "SIG_RSA_SHA256",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384",
+                                "SIG_RSA_SHA384",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512",
+                                "SIG_RSA_SHA512",
+                            ),
+                        ],
+                        default="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+                        max_length=256,
+                    ),
+                ),
+                (
+                    "digest_algorithm",
+                    models.CharField(
+                        choices=[
+                            ("http://www.w3.org/2000/09/xmldsig#sha1", "DIGEST_SHA1"),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#sha224",
+                                "DIGEST_SHA224",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmlenc#sha256",
+                                "DIGEST_SHA256",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmldsig-more#sha384",
+                                "DIGEST_SHA384",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmlenc#sha512",
+                                "DIGEST_SHA512",
+                            ),
+                            (
+                                "http://www.w3.org/2001/04/xmlenc#ripemd160",
+                                "DIGEST_RIPEMD160",
+                            ),
+                        ],
+                        default="http://www.w3.org/2001/04/xmlenc#sha256",
+                        max_length=256,
+                    ),
+                ),
+                (
+                    "disable_encrypted_assertions",
+                    models.BooleanField(
+                        default=True, help_text="disable encryption"),
+                ),
+                (
+                    "attribute_processor",
+                    models.CharField(
+                        blank=True,
+                        default="idp.processors.LdapUnicalMultiAcademiaProcessor",
+                        help_text='"package.file.classname", example: "idp.processors.LdapAcademiaProcessor"',
+                        max_length=256,
+                    ),
+                ),
+                (
+                    "attribute_mapping",
+                    models.TextField(
+                        blank=True,
+                        default='{\n    "cn": "cn",\n    "codice_fiscale": "codice_fiscale",\n    "displayName": "displayName",\n    "eduPersonAffiliation": "eduPersonAffiliation",\n    "eduPersonEntitlement": "eduPersonEntitlement",\n    "eduPersonHomeOrganization": "eduPersonHomeOrganization",\n    "eduPersonPrincipalName": "eduPersonPrincipalName",\n    "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",\n    "eduPersonTargetedID": "eduPersonTargetedID",\n    "email": [\n        "mail",\n        "email"\n    ],\n    "givenName": [\n        "givenName",\n        "another_possible_occourrence"\n    ],\n    "mail": [\n        "mail",\n        "email"\n    ],\n    "matricola_dipendente": "matricola_dipendente",\n    "matricola_studente": "matricola_studente",\n    "schacHomeOrganization": "schacHomeOrganization",\n    "schacPersonalUniqueCode": "schacPersonalUniqueCode",\n    "schacPersonalUniqueID": "schacPersonalUniqueID",\n    "sn": "sn"\n}',
+                        help_text="Attribute that would be release to this SP, in JSON format.",
+                        null=True,
+                    ),
+                ),
+                (
+                    "force_attribute_release",
+                    models.BooleanField(
+                        default=False,
+                        help_text="Release the configured attribute mapping regardless of what SP asks for.",
+                    ),
+                ),
+                ("is_valid", models.BooleanField(default=False)),
+                ("is_active", models.BooleanField(default=False)),
+                ("created", models.DateTimeField(auto_now_add=True)),
+                ("updated", models.DateTimeField(auto_now=True, null=True)),
+                ("last_seen", models.DateTimeField(blank=True, null=True)),
             ],
             options={
-                'verbose_name': 'Service Provider',
-                'verbose_name_plural': 'Service Providers',
+                "verbose_name": "Service Provider",
+                "verbose_name_plural": "Service Providers",
             },
         ),
         migrations.CreateModel(
-            name='AgreementRecord',
+            name="AgreementRecord",
             fields=[
-                ('id', models.AutoField(auto_created=True,
-                                        primary_key=True, serialize=False, verbose_name='ID')),
-                ('sp_entity_id', models.TextField()),
-                ('attrs', models.TextField()),
-                ('created', models.DateTimeField(auto_now_add=True)),
-                ('user', models.ForeignKey(
-                    on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("sp_entity_id", models.TextField()),
+                ("attrs", models.TextField()),
+                ("created", models.DateTimeField(auto_now_add=True)),
+                (
+                    "user",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
             ],
             options={
-                'verbose_name': 'Agreement Record',
-                'verbose_name_plural': 'Agreement Records',
+                "verbose_name": "Agreement Record",
+                "verbose_name_plural": "Agreement Records",
             },
         ),
     ]
diff --git a/uniauth_saml2_idp/migrations/0002_auto_20210408_1050.py b/uniauth_saml2_idp/migrations/0002_auto_20210408_1050.py
index da85458..6c3788d 100644
--- a/uniauth_saml2_idp/migrations/0002_auto_20210408_1050.py
+++ b/uniauth_saml2_idp/migrations/0002_auto_20210408_1050.py
@@ -4,16 +4,19 @@
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
-        ('uniauth_saml2_idp', '0001_initial'),
+        ("uniauth_saml2_idp", "0001_initial"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='serviceprovider',
-            name='attribute_processor',
-            field=models.CharField(blank=True, default='uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor',
-                                   help_text='"package.file.classname", example: "idp.processors.LdapAcademiaProcessor"', max_length=256),
+            model_name="serviceprovider",
+            name="attribute_processor",
+            field=models.CharField(
+                blank=True,
+                default="uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor",
+                help_text='"package.file.classname", example: "idp.processors.LdapAcademiaProcessor"',
+                max_length=256,
+            ),
         ),
     ]
diff --git a/uniauth_saml2_idp/migrations/0003_alter_serviceprovider_attribute_processor.py b/uniauth_saml2_idp/migrations/0003_alter_serviceprovider_attribute_processor.py
new file mode 100644
index 0000000..b9e8b30
--- /dev/null
+++ b/uniauth_saml2_idp/migrations/0003_alter_serviceprovider_attribute_processor.py
@@ -0,0 +1,22 @@
+# Generated by Django 3.2.18 on 2023-04-16 15:44
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("uniauth_saml2_idp", "0002_auto_20210408_1050"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="serviceprovider",
+            name="attribute_processor",
+            field=models.CharField(
+                blank=True,
+                default="uniauth_saml2_idp.processors.base.BaseProcessor",
+                help_text='"package.file.classname", example: "uniauth_saml2_idp.base.processors.BaseProcessor"',
+                max_length=256,
+            ),
+        ),
+    ]
diff --git a/uniauth_saml2_idp/migrations/0004_alter_serviceprovider_attribute_mapping.py b/uniauth_saml2_idp/migrations/0004_alter_serviceprovider_attribute_mapping.py
new file mode 100644
index 0000000..9973a6e
--- /dev/null
+++ b/uniauth_saml2_idp/migrations/0004_alter_serviceprovider_attribute_mapping.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.19 on 2023-06-14 08:30
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('uniauth_saml2_idp', '0003_alter_serviceprovider_attribute_processor'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='serviceprovider',
+            name='attribute_mapping',
+            field=models.TextField(
+                blank=True, default='{\n    "cn": "cn",\n    "codice_fiscale": "codice_fiscale",\n    "displayName": "displayName",\n    "eduPersonAffiliation": "eduPersonAffiliation",\n    "eduPersonEntitlement": "eduPersonEntitlement",\n    "eduPersonHomeOrganization": "eduPersonHomeOrganization",\n    "eduPersonPrincipalName": "eduPersonPrincipalName",\n    "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",\n    "eduPersonTargetedID": "eduPersonTargetedID",\n    "email": [\n        "mail",\n        "email"\n    ],\n    "givenName": [\n        "givenName",\n        "first_name"\n    ],\n    "mail": [\n        "mail",\n        "email"\n    ],\n    "matricola_dipendente": "matricola_dipendente",\n    "matricola_studente": "matricola_studente",\n    "schacHomeOrganization": "schacHomeOrganization",\n    "schacPersonalUniqueCode": "schacPersonalUniqueCode",\n    "schacPersonalUniqueID": "schacPersonalUniqueID",\n    "sn": [\n        "sn",\n        "last_name"\n    ]\n}', help_text='Attribute that would be release to this SP, in JSON format.', null=True),
+        ),
+    ]
diff --git a/uniauth_saml2_idp/migrations/0005_alter_serviceprovider_attribute_mapping.py b/uniauth_saml2_idp/migrations/0005_alter_serviceprovider_attribute_mapping.py
new file mode 100644
index 0000000..73a0ba1
--- /dev/null
+++ b/uniauth_saml2_idp/migrations/0005_alter_serviceprovider_attribute_mapping.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.2.19 on 2023-09-05 16:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('uniauth_saml2_idp', '0004_alter_serviceprovider_attribute_mapping'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='serviceprovider',
+            name='attribute_mapping',
+            field=models.TextField(blank=True, default='{\n    "email": [\n        "mail",\n        "email"\n    ],\n    "givenName": [\n        "givenName",\n        "first_name"\n    ],\n    "mail": [\n        "mail",\n        "email"\n    ],\n    "sn": [\n        "sn",\n        "last_name"\n    ]\n}',
+                                   help_text='Attribute that would be release to this SP, in JSON format.', null=True),
+        ),
+    ]
diff --git a/uniauth_saml2_idp/models.py b/uniauth_saml2_idp/models.py
index a7e54e6..7241fda 100644
--- a/uniauth_saml2_idp/models.py
+++ b/uniauth_saml2_idp/models.py
@@ -2,6 +2,7 @@
 import logging
 import os
 import json
+import pathlib
 import requests
 import saml2.xmldsig
 
@@ -12,10 +13,14 @@
 from django.utils.translation import gettext as _
 from django.utils.module_loading import import_string
 
-from . exceptions import NotYetImplemented
+from .exceptions import NotYetImplemented
 
 
-logger = logging.getLogger('__name__')
+logger = logging.getLogger("__name__")
+
+
+def get_metadata_upload_dir():
+    return os.path.join(settings.MEDIA_ROOT, "metadata")
 
 
 class AgreementRecord(models.Model):
@@ -28,11 +33,11 @@ class AgreementRecord(models.Model):
     class Meta:
         # index field length problem
         # unique_together = ("user", "sp_entity_id")
-        verbose_name = _('Agreement Record')
-        verbose_name_plural = _('Agreement Records')
+        verbose_name = _("Agreement Record")
+        verbose_name_plural = _("Agreement Records")
 
     def __str__(self):
-        return '{}, {}'.format(self.user, self.created)
+        return "{}, {}".format(self.user, self.created)
 
     def is_expired(self):
         valid_for = getattr(settings, "SAML_IDP_USER_AGREEMENT_VALID_FOR")
@@ -48,35 +53,58 @@ def wants_more_attrs(self, newAttrs):
 class ServiceProvider(models.Model):
     entity_id = models.CharField(max_length=254, unique=True)
     display_name = models.CharField(max_length=254)
-    metadata_url = models.URLField(max_length=254, blank=True, default='',
-                                   help_text=_("optional, usually this "
-                                               "is the same of entityID"))
-    description = models.TextField(blank=True, default='')
+    metadata_url = models.URLField(
+        max_length=254,
+        blank=True,
+        default="",
+        help_text=_("optional, usually this " "is the same of entityID"),
+    )
+    description = models.TextField(blank=True, default="")
     agreement_screen = models.BooleanField(
-        default=settings.SAML_IDP_SHOW_USER_AGREEMENT_SCREEN)
+        default=settings.SAML_IDP_SHOW_USER_AGREEMENT_SCREEN
+    )
     agreement_consent_form = models.BooleanField(
-        default=settings.SAML_IDP_SHOW_CONSENT_FORM)
-    agreement_message = models.TextField(blank=True, default='')
-    signing_algorithm = models.CharField(choices=[(y, x) for x, y in saml2.xmldsig.SIG_ALLOWED_ALG],
-                                         default=settings.SAML_AUTHN_SIGN_ALG,
-                                         max_length=256)
-    digest_algorithm = models.CharField(choices=[(y, x) for x, y in saml2.xmldsig.DIGEST_ALLOWED_ALG],
-                                        default=settings.SAML_AUTHN_DIGEST_ALG,
-                                        max_length=256)
-    disable_encrypted_assertions = models.BooleanField(default=True,
-                                                       help_text=('disable encryption'))
-    attribute_processor = models.CharField(default=settings.DEFAULT_SPCONFIG['processor'],
-                                           help_text=_('"package.file.classname", '
-                                                       'example: "uniauth_saml2_idp.base.processors.BaseProcessor"'),
-                                           max_length=256, blank=True)
-    attribute_mapping = models.TextField(default=json.dumps(settings.DEFAULT_SPCONFIG['attribute_mapping'],
-                                                            sort_keys=True,
-                                                            indent=4),
-                                         blank=True, null=True,
-                                         help_text=_('Attribute that would be release to this SP, in JSON format.'))
-    force_attribute_release = models.BooleanField(default=False,
-                                                  help_text=_("Release the configured attribute mapping "
-                                                              "regardless of what SP asks for."))
+        default=settings.SAML_IDP_SHOW_CONSENT_FORM
+    )
+    agreement_message = models.TextField(blank=True, default="")
+    signing_algorithm = models.CharField(
+        choices=[(y, x) for x, y in saml2.xmldsig.SIG_ALLOWED_ALG],
+        default=settings.SAML_AUTHN_SIGN_ALG,
+        max_length=256,
+    )
+    digest_algorithm = models.CharField(
+        choices=[(y, x) for x, y in saml2.xmldsig.DIGEST_ALLOWED_ALG],
+        default=settings.SAML_AUTHN_DIGEST_ALG,
+        max_length=256,
+    )
+    disable_encrypted_assertions = models.BooleanField(
+        default=True, help_text=("disable encryption")
+    )
+    attribute_processor = models.CharField(
+        default=settings.DEFAULT_SPCONFIG["processor"],
+        help_text=_(
+            '"package.file.classname", '
+            'example: "uniauth_saml2_idp.base.processors.BaseProcessor"'
+        ),
+        max_length=256,
+        blank=True,
+    )
+    attribute_mapping = models.TextField(
+        default=json.dumps(
+            settings.DEFAULT_SPCONFIG["attribute_mapping"], sort_keys=True, indent=4
+        ),
+        blank=True,
+        null=True,
+        help_text=_(
+            "Attribute that would be release to this SP, in JSON format."),
+    )
+    force_attribute_release = models.BooleanField(
+        default=False,
+        help_text=_(
+            "Release the configured attribute mapping "
+            "regardless of what SP asks for."
+        ),
+    )
     is_valid = models.BooleanField(default=False)
     is_active = models.BooleanField(default=False)
     created = models.DateTimeField(auto_now_add=True)
@@ -84,11 +112,11 @@ class ServiceProvider(models.Model):
     last_seen = models.DateTimeField(null=True, blank=True)
 
     class Meta:
-        verbose_name = _('Service Provider')
-        verbose_name_plural = _('Service Providers')
+        verbose_name = _("Service Provider")
+        verbose_name_plural = _("Service Providers")
 
     def __str__(self):
-        return '{}'.format(self.entity_id)
+        return "{}".format(self.entity_id)
 
     def validate(self):
         error = None
@@ -96,7 +124,7 @@ def validate(self):
             # check if class Processor exists and is importable
             import_string(self.attribute_processor)
         except Exception as e:
-            error = '{}'.format(e)
+            error = "{}".format(e)
             self.is_active = False
 
         try:
@@ -105,19 +133,19 @@ def validate(self):
             # Dict must do not have a trailing "," at last element
             json.loads(self.attribute_mapping)
         except Exception as e:
-            error = 'Attribute Mapping is not a valid JSON format: {}'.format(
+            error = "Attribute Mapping is not a valid JSON format: {}".format(
                 e)
             self.is_active = False
 
         # test if its entityID is available in metadatastore
         try:
             get_idp_config = import_string(
-                'uniauth_saml2_idp.utils.get_idp_config')
-            get_idp_config().metadata.service(self.entity_id,
-                                              "spsso_descriptor",
-                                              'assertion_consumer_service')
+                "uniauth_saml2_idp.utils.get_idp_config")
+            get_idp_config().metadata.service(
+                self.entity_id, "spsso_descriptor", "assertion_consumer_service"
+            )
         except Exception as e:
-            error = '{} is not present in any Metadata'.format(e)
+            error = "{} is not present in any Metadata".format(e)
             self.is_active = False
 
         if error:
@@ -137,48 +165,61 @@ def as_idpspconfig_dict(cls):
         return d
 
     def as_idpspconfig_dict_element(self):
-        d = {'processor': self.attribute_processor,
-             'attribute_mapping': json.loads(self.attribute_mapping),
-             'force_attribute_release': self.force_attribute_release,
-             'display_name': self.display_name,
-             'display_description': self.description,
-             'display_agreement_message': self.agreement_message,
-             'signing_algorithm': self.signing_algorithm,
-             'digest_algorithm': self.digest_algorithm,
-             'disable_encrypted_assertions': self.disable_encrypted_assertions,
-             'show_user_agreement_screen': self.agreement_screen,
-             'display_agreement_consent_form': self.agreement_consent_form}
+        d = {
+            "processor": self.attribute_processor,
+            "attribute_mapping": json.loads(self.attribute_mapping),
+            "force_attribute_release": self.force_attribute_release,
+            "display_name": self.display_name,
+            "display_description": self.description,
+            "display_agreement_message": self.agreement_message,
+            "signing_algorithm": self.signing_algorithm,
+            "digest_algorithm": self.digest_algorithm,
+            "disable_encrypted_assertions": self.disable_encrypted_assertions,
+            "show_user_agreement_screen": self.agreement_screen,
+            "display_agreement_consent_form": self.agreement_consent_form,
+        }
         return d
 
 
 class MetadataStore(models.Model):
-    MDStype = (('remote', 'remote'),
-               ('mdq', 'mdq'),
-               ('local', 'local'))
+    MDStype = (("remote", "remote"), ("mdq", "mdq"), ("local", "local"))
 
     name = models.CharField(max_length=256)
-    url = models.CharField(max_length=255,
-                           blank=True, null=True,
-                           help_text=_('for "remote" and "mdq", '
-                                       'use path if "local".'))
-    file = models.FileField(blank=True, null=True,
-                            upload_to='metadata',
-                            help_text=_('https cert if type==mdq '
-                                        'https cert if type==remote '
-                                        'xml file if type==file'))
+    url = models.CharField(
+        max_length=255,
+        blank=True,
+        null=True,
+        help_text=_('for "remote" and "mdq", ' 'use path if "local".'),
+    )
+    file = models.FileField(
+        blank=True,
+        null=True,
+        upload_to="metadata",
+        help_text=_(
+            "https cert if type==mdq "
+            "https cert if type==remote "
+            "xml file if type==file"
+        ),
+    )
     type = models.CharField(choices=MDStype, max_length=12)
-    kwargs = models.TextField(help_text=_("A dictionary"), default='{}')
-    is_valid = models.BooleanField(default=False,
-                                   help_text=_('if sign validation was succesfull'))
-    is_active = models.BooleanField(default=False, help_text=_(
-        'enable/disable this metadata source'))
+    kwargs = models.TextField(help_text=_("A dictionary"), default="{}")
+    is_valid = models.BooleanField(
+        default=False, help_text=_("if sign validation was succesfull")
+    )
+    is_active = models.BooleanField(
+        default=False, help_text=_("enable/disable this metadata source")
+    )
     created = models.DateTimeField(auto_now_add=True)
-    updated = models.DateTimeField(auto_now=True, null=True, blank=True,
-                                   help_text=_('when last download/validation occourred'))
+    updated = models.DateTimeField(
+        auto_now=True,
+        null=True,
+        blank=True,
+        help_text=_("when last download/validation occourred"),
+    )
 
     class Meta:
-        verbose_name = _('Metadata Store')
-        verbose_name_plural = _('Metadatas Store')
+        verbose_name = _("Metadata Store")
+        verbose_name_plural = _("Metadatas Store")
 
     @classmethod
     def as_pysaml_mdstore_dict(cls):
@@ -209,61 +250,73 @@ def as_pysaml_mdstore_dict(cls):
         return d
 
     def as_pysaml2_mdstore_row(self):
-        if self.type in ('remote', 'mdq'):  # pragma: no cover
+        if self.type in ("remote", "mdq"):  # pragma: no cover
             d = dict(url=self.url)
             if self.file:
-                d['cert'] = self.file.path
+                d["cert"] = self.file.path
             if self.kwargs:
                 kwargs = json.loads(self.kwargs)
                 d.update(kwargs)
             return d
-        elif self.type == 'local':
+        elif self.type == "local":
             return (self.url) if not self.file else (self.file.path)
         raise NotYetImplemented(
-            'see models.MetadataStore.as_pysaml2_mdstore_row')
+            "see models.MetadataStore.as_pysaml2_mdstore_row")
 
     def validate(self):
         error = None
-        if self.type == 'mdq':  # pragma: no cover
+        if self.type == "mdq":  # pragma: no cover
             try:
-                r = requests.head(self.url + '/entities/')
+                r = requests.head(self.url + "/entities/", timeout=6)
                 if r.status_code != 200:
                     logger.error(
-                        '{} /entities query failed: {}'.format(self, r.content))
+                        "{} /entities query failed: {}".format(self, r.content)
+                    )
                     self.is_active = False
             except Exception as e:
-                error = 'Endpoint is not reachable: {}'.format(e)
+                error = "Endpoint is not reachable: {}".format(e)
                 self.is_active = False
-        elif self.type == 'remote':  # pragma: no cover
+        elif self.type == "remote":  # pragma: no cover
             try:
-                r = requests.get(self.url)
+                r = requests.get(self.url, timeout=6)
                 if r.status_code != 200:
                     logger.error(
-                        '{} /entities query failed: {}'.format(self, r.content))
+                        "{} /entities query failed: {}".format(self, r.content)
+                    )
                     self.is_active = False
             except Exception as e:
-                error = 'Endpoint is not reachable: {}'.format(e)
+                error = "Endpoint is not reachable: {}".format(e)
                 self.is_active = False
 
-        elif self.type == 'local':
+        elif self.type == "local":
+            self.save()
+
             # check that is a valid XML file, avoids: pysaml2 Exception on parse
             try:
                 if self.file:
                     defusedxml.ElementTree.fromstring(
-                        open(self.file.path).read())
+                        open(self.file.path).read()
+                    )
                 if self.url:
-                    files = [os.path.join(self.url, f)
-                             for f in os.listdir(self.url)]
+                    files = [
+                        os.path.join(self.url, f)
+                        for f in os.listdir(self.url)
+                    ]
                     for f in files:
                         defusedxml.ElementTree.fromstring(open(f).read())
             except Exception as e:
                 self.is_active = False
-                error = 'found an invalid XML: {}'.format(e)
+                error = "found an invalid XML: {}".format(e)
 
-            res = (self.url) if not self.file else (self.file.path)
-            if not os.path.exists(res):
+            if not self.file and not self.url:
+                self.is_active = False
+                error = 'If storage is "local" you have to set at least file or url.'
+            elif self.url and not os.path.exists(self.url):
                 self.is_active = False
-                error = 'Path is not existent: {}'.format(res)
+                error = "Path is not existent: {}".format(self.url)
+            elif self.file:
+                fpath = pathlib.Path(self.file.path)
+                self.url = fpath.parent
 
         try:
             json.loads(self.kwargs)
@@ -280,9 +333,5 @@ def validate(self):
         self.save()
         return self.is_valid
 
-    # TODO
-    # def save(...
-    # validate content otherwise save it as is_valid = False
-
     def __str__(self):
-        return '{} [{}]'.format(self.name, self.is_valid)
+        return "{} [{}]".format(self.name, self.is_valid)
diff --git a/uniauth_saml2_idp/processors/base.py b/uniauth_saml2_idp/processors/base.py
index 20bf74a..5083242 100644
--- a/uniauth_saml2_idp/processors/base.py
+++ b/uniauth_saml2_idp/processors/base.py
@@ -1,58 +1,58 @@
 import hashlib
 
 from django.conf import settings
-from saml2.saml import (NAMEID_FORMAT_UNSPECIFIED,
-                        NAMEID_FORMAT_TRANSIENT,
-                        NAMEID_FORMAT_PERSISTENT,
-                        NAMEID_FORMAT_EMAILADDRESS,
-                        NAMEID_FORMAT_X509SUBJECTNAME,
-                        NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME,
-                        NAMEID_FORMAT_KERBEROS,
-                        NAMEID_FORMAT_ENTITY,
-                        NAMEID_FORMAT_ENCRYPTED)
+from saml2.saml import (
+    NAMEID_FORMAT_UNSPECIFIED,
+    NAMEID_FORMAT_TRANSIENT,
+    NAMEID_FORMAT_PERSISTENT,
+    NAMEID_FORMAT_EMAILADDRESS,
+    NAMEID_FORMAT_X509SUBJECTNAME,
+    NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME,
+    NAMEID_FORMAT_KERBEROS,
+    NAMEID_FORMAT_ENTITY,
+    NAMEID_FORMAT_ENCRYPTED,
+)
 
 
 class NameIdBuilder:
-    """ Processor with methods to retrieve nameID standard format
-        see: https://wiki.shibboleth.net/confluence/display/CONCEPT/NameIdentifiers
+    """Processor with methods to retrieve nameID standard format
+    see: https://wiki.shibboleth.net/confluence/display/CONCEPT/NameIdentifiers
 
-        also: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
+    also: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
     """
 
     # None needs to be implemented
-    format_mappings = {NAMEID_FORMAT_UNSPECIFIED: 'get_nameid_unspecified',
-                       NAMEID_FORMAT_TRANSIENT: 'get_nameid_transient',
-                       NAMEID_FORMAT_PERSISTENT: 'get_nameid_persistent',
-                       NAMEID_FORMAT_EMAILADDRESS: 'get_nameid_email',
-                       # TODO: need to be implemented
-                       NAMEID_FORMAT_X509SUBJECTNAME: None,
-                       NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME: None,
-                       NAMEID_FORMAT_KERBEROS: None,
-                       NAMEID_FORMAT_ENTITY: None,
-                       NAMEID_FORMAT_ENCRYPTED: None}
+    format_mappings = {
+        NAMEID_FORMAT_UNSPECIFIED: "get_nameid_unspecified",
+        NAMEID_FORMAT_TRANSIENT: "get_nameid_transient",
+        NAMEID_FORMAT_PERSISTENT: "get_nameid_persistent",
+        NAMEID_FORMAT_EMAILADDRESS: "get_nameid_email",
+        # TODO: need to be implemented
+        NAMEID_FORMAT_X509SUBJECTNAME: None,
+        NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME: None,
+        NAMEID_FORMAT_KERBEROS: None,
+        NAMEID_FORMAT_ENTITY: None,
+        NAMEID_FORMAT_ENCRYPTED: None,
+    }
 
     @staticmethod
-    def get_nameid_prefix(user_id, sp_entityid, idp_entityid='', user=''):
-        """ Inherit and customize as your needs"""
-        return '!'.join((idp_entityid, sp_entityid, user_id))
+    def get_nameid_prefix(user_id, sp_entityid, idp_entityid="", user=""):
+        """Inherit and customize as your needs"""
+        return "!".join((idp_entityid, sp_entityid, user_id))
 
     @classmethod
-    def get_nameid_opaque(cls, user_id,
-                          salt=settings.SAML_COMPUTEDID_SALT, **kwargs):
-        """ Returns opaque salted unique identifiers
-        """
-        salted_value = user_id.encode()+salt
+    def get_nameid_opaque(cls, user_id, salt=settings.SAML_COMPUTEDID_SALT, **kwargs):
+        """Returns opaque salted unique identifiers"""
+        salted_value = user_id.encode() + salt
         alg = getattr(hashlib, settings.SAML_COMPUTEDID_HASHALG)
         opaque = alg(salted_value)
         return opaque.hexdigest()
 
     @classmethod
-    def get_nameid_persistent(cls, user_id,
-                              sp_entityid='', idp_entityid='',
-                              user=None):
-        """ Get PersistentID
-            TransientID format as ComputedID
-            see: http://software.internet2.edu/eduperson/internet2-mace-dir-eduperson-201602.html#eduPersonTargetedID
+    def get_nameid_persistent(cls, user_id, sp_entityid="", idp_entityid="", user=None):
+        """Get PersistentID
+        TransientID format as ComputedID
+        see: http://software.internet2.edu/eduperson/internet2-mace-dir-eduperson-201602.html#eduPersonTargetedID
         """
 
         #
@@ -62,11 +62,11 @@ def get_nameid_persistent(cls, user_id,
         pid = user.persistent_id(sp_entityid)
         if user and not pid:
             # computed
-            user_persistent_id = cls.get_nameid_opaque(cls.get_nameid_prefix(user_id,
-                                                                             sp_entityid,
-                                                                             idp_entityid,
-                                                                             user),
-                                                       salt=settings.SAML_COMPUTEDID_SALT)
+            user_persistent_id = cls.get_nameid_opaque(
+                cls.get_nameid_prefix(
+                    user_id, sp_entityid, idp_entityid, user),
+                salt=settings.SAML_COMPUTEDID_SALT,
+            )
         else:
             user_persistent_id = pid
         return user_persistent_id
@@ -76,39 +76,44 @@ def get_nameid_email(cls, user_id, user=None, **kwargs):  # pragma: no cover
         return user.email
 
     @classmethod
-    def get_nameid_transient(cls, user_id, sp_entityid='', **kwargs):
-        """ This would an opaque and reusable
-        """
-        return cls.get_nameid_opaque(cls.get_nameid_prefix(user_id,
-                                                           sp_entityid,
-                                                           kwargs.get(
-                                                               'idp_entityid', ''),
-                                                           kwargs.get('user', '')),
-                                     salt=settings.SAML_COMPUTEDID_SALT)
+    def get_nameid_transient(cls, user_id, sp_entityid="", **kwargs):
+        """This would an opaque and reusable"""
+        return cls.get_nameid_opaque(
+            cls.get_nameid_prefix(
+                user_id,
+                sp_entityid,
+                kwargs.get("idp_entityid", ""),
+                kwargs.get("user", ""),
+            ),
+            salt=settings.SAML_COMPUTEDID_SALT,
+        )
 
     @classmethod
     def get_nameid_unspecified(cls, user_id, **kwargs):
-        """ returns user_id as is
-        """
+        """returns user_id as is"""
         return user_id  # pragma: no cover
 
     @classmethod
     def get_nameid(cls, user_id, nameid_format, **kwargs):
         method = cls.format_mappings.get(nameid_format)
         if not method:  # pragma: no cover
-            raise NotImplementedError('{} was not been mapped in '
-                                      'NameIdBuilder.format_mappings'.format(nameid_format))
+            raise NotImplementedError(
+                "{} was not been mapped in "
+                "NameIdBuilder.format_mappings".format(nameid_format)
+            )
         if not hasattr(cls, method):  # pragma: no cover
-            raise NotImplementedError('{} was not been implemented '
-                                      'NameIdBuilder methods'.format(nameid_format))
+            raise NotImplementedError(
+                "{} was not been implemented "
+                "NameIdBuilder methods".format(nameid_format)
+            )
         name_id = getattr(cls, method)(user_id, **kwargs)
         return name_id
 
 
 class BaseProcessor:
-    """ Processor class is used to determine if a user has access to a
-        client service of this IDP
-        and to construct the identity dictionary which is sent to the SP
+    """Processor class is used to determine if a user has access to a
+    client service of this IDP
+    and to construct the identity dictionary which is sent to the SP
     """
 
     def __init__(self, entity_id, request=None):
@@ -117,28 +122,28 @@ def __init__(self, entity_id, request=None):
         self.request = request
 
     def has_access(self, request):
-        """ Check if this user is allowed to use this IDP
-        """
+        """Check if this user is allowed to use this IDP"""
         return True
 
     def enable_multifactor(self, user):
-        """ Check if this user should use a second authentication system
-        """
+        """Check if this user should use a second authentication system"""
         return False
 
     def get_user_id(self, user, sp, idp_config):
-        """ Get identifier for a user. Take the one defined in
-            settings.SAML_IDP_DJANGO_USERNAME_FIELD first, if not set
-            use the USERNAME_FIELD property which is set on the
-            user Model. This defaults to the user.username field.
+        """Get identifier for a user. Take the one defined in
+        settings.SAML_IDP_DJANGO_USERNAME_FIELD first, if not set
+        use the USERNAME_FIELD property which is set on the
+        user Model. This defaults to the user.username field.
         """
-        user_field_str = sp['config'].get('nameid_field') or \
-            getattr(settings, 'SAML_IDP_DJANGO_USERNAME_FIELD', None) or \
-            getattr(user, 'USERNAME_FIELD', 'username')
+        user_field_str = (
+            sp["config"].get("nameid_field")
+            or getattr(settings, "SAML_IDP_DJANGO_USERNAME_FIELD", None)
+            or getattr(user, "USERNAME_FIELD", "username")
+        )
 
         if not hasattr(user, user_field_str):  # pragma: no cover
             raise ValueError(
-                'user doesn\'t have {} as attribute'.format(user_field_str))
+                "user doesn't have {} as attribute".format(user_field_str))
 
         user_field = getattr(user, user_field_str)
 
@@ -148,20 +153,21 @@ def get_user_id(self, user, sp, idp_config):
             user_uid = str(user_field)
 
         # returns in a real name_id format
-        user_id = NameIdBuilder.get_nameid(user_uid,
-                                           sp['name_id_format'],
-                                           sp_entityid=sp['id'],
-                                           idp_entityid=idp_config.entityid,
-                                           user=user)
+        user_id = NameIdBuilder.get_nameid(
+            user_uid,
+            sp["name_id_format"],
+            sp_entityid=sp["id"],
+            idp_entityid=idp_config.entityid,
+            user=user,
+        )
         # needed for targetedID attr
-        if sp['name_id_format'] in [NAMEID_FORMAT_PERSISTENT,
-                                    NAMEID_FORMAT_TRANSIENT]:
+        if sp["name_id_format"] in [NAMEID_FORMAT_PERSISTENT, NAMEID_FORMAT_TRANSIENT]:
             self.eduPersonTargetedID = user_id
         return user_id
 
     def extra_attr_processing(self, results, sp_mapping, **kwargs):
         """This should inherits another class
-           and be executed in create_identity
+        and be executed in create_identity
         """
         return results
 
@@ -178,11 +184,11 @@ def process_attributes(self, user, sp_mapping):
         return results
 
     def create_identity(self, user, sp={}):
-        """ Generate an identity dictionary of the user based on the
-            given mapping of desired user attributes by the SP
+        """Generate an identity dictionary of the user based on the
+        given mapping of desired user attributes by the SP
         """
-        default_mapping = {'username': 'username'}
-        sp_mapping = sp['config'].get('attribute_mapping', default_mapping)
+        default_mapping = {"username": "username"}
+        sp_mapping = sp["config"].get("attribute_mapping", default_mapping)
 
         results = self.process_attributes(user, sp_mapping)
         results = self.extra_attr_processing(results, sp_mapping)
diff --git a/uniauth_saml2_idp/processors/ldap.py b/uniauth_saml2_idp/processors/ldap.py
index 1b1742d..c69dfae 100644
--- a/uniauth_saml2_idp/processors/ldap.py
+++ b/uniauth_saml2_idp/processors/ldap.py
@@ -1,17 +1,17 @@
 import logging
 
 from django.conf import settings
-from . base import BaseProcessor
-from . unical_attributes_generator import UnicalAttributeGenerator
+from .base import BaseProcessor
+from .unical_attributes_generator import UnicalAttributeGenerator
 
 
 logger = logging.getLogger(__name__)
 
 
-if 'ldap_peoples' in settings.INSTALLED_APPS:
+if "ldap_peoples" in settings.INSTALLED_APPS:
     from ldap_peoples.models import LdapAcademiaUser
 
-if 'multildap' in settings.INSTALLED_APPS:
+if "multildap" in settings.INSTALLED_APPS:
     pass
 
 
@@ -25,22 +25,25 @@ def _get_username(user):
 
 class GroupProcessor(BaseProcessor):
     """
-        Example implementation of access control for users:
-        - superusers are allowed
-        - staff is allowed
-        - they have to belong to a certain group
+    Example implementation of access control for users:
+    - superusers are allowed
+    - staff is allowed
+    - they have to belong to a certain group
     """
+
     group = "ExampleGroup"
 
     def has_access(self, user):  # pragma: no cover
-        return user.is_superuser or \
-            user.is_staff or \
-            user.groups.filter(name=self.group).exists()
+        return (
+            user.is_superuser
+            or user.is_staff
+            or user.groups.filter(name=self.group).exists()
+        )
 
 
 class LdapAcademiaProcessor(BaseProcessor):
-    """ Processor class used to retrieve attribute from LDAP server
-        and user nameID (userID) with standard formats
+    """Processor class used to retrieve attribute from LDAP server
+    and user nameID (userID) with standard formats
     """
 
     def get_identity(self, user):
@@ -48,12 +51,11 @@ def get_identity(self, user):
         return LdapAcademiaUser.objects.filter(uid=username).first()
 
     def create_identity(self, user, sp={}):
-        """ Generate an identity dictionary of the user based on the
-            given mapping of desired user attributes by the SP
+        """Generate an identity dictionary of the user based on the
+        given mapping of desired user attributes by the SP
         """
-        default_mapping = {'username': 'username'}
-        sp_mapping = sp['config'].get('attribute_mapping',
-                                      default_mapping)
+        default_mapping = {"username": "username"}
+        sp_mapping = sp["config"].get("attribute_mapping", default_mapping)
 
         # get ldap user
         lu = self.get_identity(user)
@@ -70,7 +72,7 @@ def create_identity(self, user, sp={}):
 
         # if targetedID is available give it to sp
         if self.eduPersonTargetedID:
-            results['eduPersonTargetedID'] = [self.eduPersonTargetedID]
+            results["eduPersonTargetedID"] = [self.eduPersonTargetedID]
 
         return results
 
@@ -92,18 +94,23 @@ class LdapUnicalMultiAcademiaProcessor(LdapUnicalAcademiaProcessor):
     """
 
     def get_identity(self, user):
-        if hasattr(self, 'saml_request') and hasattr(self.saml_request, 'session'):
-            if self.request.saml_session.get('identity_attributes'):
-                return type('', (object,), self.request.saml_session['identity_attributes'])()
+        if hasattr(self, "saml_request") and hasattr(self.saml_request, "session"):
+            if self.request.saml_session.get("identity_attributes"):
+                return type(
+                    "", (object,
+                         ), self.request.saml_session["identity_attributes"]
+                )()
 
         # otherwise do another query ...
         username = _get_username(user)
         identity = None
         for lc in settings.LDAP_CONNECTIONS:  # pragma: no coverage
-            ldapfilter = '(uid={})'.format(username)
-            logging.debug("Processor {} searches for {} in {}".format(self.__class__,
-                                                                      username,
-                                                                      lc))
-            identity = lc.get(search=ldapfilter, format='object')
+            ldapfilter = "(uid={})".format(username)
+            logging.debug(
+                "Processor {} searches for {} in {}".format(
+                    self.__class__, username, lc
+                )
+            )
+            identity = lc.get(search=ldapfilter, format="object")
             if identity:
                 return identity
diff --git a/uniauth_saml2_idp/processors/unical_attributes_generator.py b/uniauth_saml2_idp/processors/unical_attributes_generator.py
index ec61dff..a21edc5 100644
--- a/uniauth_saml2_idp/processors/unical_attributes_generator.py
+++ b/uniauth_saml2_idp/processors/unical_attributes_generator.py
@@ -3,13 +3,17 @@
 
 class UnicalAttributeProcessor:
     @staticmethod
-    def codice_fiscale_rs(schacpersonaluniqueids=[], nationprefix=False, nationprefix_sep=':'):
+    def codice_fiscale_rs(
+        schacpersonaluniqueids=[], nationprefix=False, nationprefix_sep=":"
+    ):
         if isinstance(schacpersonaluniqueids, str):
             schacpersonaluniqueids = [schacpersonaluniqueids]
         # R&S format
-        rs_regexp = (r'(?P<urn_prefix>urn:schac:personalUniqueID:)?'
-                     r'(?P<nation>[a-zA-Z]{2}):'
-                     r'(?P<doc_type>[a-zA-Z]{2,3}):(?P<uniqueid>[\w]+)')
+        rs_regexp = (
+            r"(?P<urn_prefix>urn:schac:personalUniqueID:)?"
+            r"(?P<nation>[a-zA-Z]{2}):"
+            r"(?P<doc_type>[a-zA-Z]{2,3}):(?P<uniqueid>[\w]+)"
+        )
         for uniqueid in schacpersonaluniqueids:
             result = re.match(rs_regexp, uniqueid, re.I)
             if result:
@@ -17,50 +21,61 @@ def codice_fiscale_rs(schacpersonaluniqueids=[], nationprefix=False, nationprefi
                 # if data.get('nation') == 'IT' and data.get('doc_type') in  ['CF', 'TIN']:
                 if nationprefix:
                     # returns IT:CODICEFISCALE
-                    return nationprefix_sep.join((data['nation'], data['uniqueid']))
+                    return nationprefix_sep.join((data["nation"], data["uniqueid"]))
                 # returns CODICEFISCALE
-                return data['uniqueid']
+                return data["uniqueid"]
 
     @staticmethod
-    def matricola(personalUniqueCodes=[], id_string='dipendente', orgname='unical.it'):
+    def matricola(personalUniqueCodes=[], id_string="dipendente", orgname="unical.it"):
         if isinstance(personalUniqueCodes, str):
             personalUniqueCodes = [personalUniqueCodes]
-        _regexp = (r'(?P<urn_prefix>urn:schac:personalUniqueCode:)?'
-                   r'(?P<nation>[a-zA-Z]{2}):'
-                   # r'(?P<organization>[a-zA-Z\.\-]+):'
-                   'ORGNAME:'
-                   'IDSTRING:'
-                   r'(?P<uniqueid>[\w]+)').replace('IDSTRING', id_string).replace('ORGNAME', orgname)
+        _regexp = (
+            (
+                r"(?P<urn_prefix>urn:schac:personalUniqueCode:)?"
+                r"(?P<nation>[a-zA-Z]{2}):"
+                # r'(?P<organization>[a-zA-Z\.\-]+):'
+                "ORGNAME:"
+                "IDSTRING:"
+                r"(?P<uniqueid>[\w]+)"
+            )
+            .replace("IDSTRING", id_string)
+            .replace("ORGNAME", orgname)
+        )
         for uniqueid in personalUniqueCodes:
             result = re.match(_regexp, uniqueid, re.I)
             if result:
-                return result.groupdict()['uniqueid']
+                return result.groupdict()["uniqueid"]
 
 
 class UnicalAttributeGenerator:
-
     @staticmethod
     def matricola_dipendente(attributes):
-        if attributes.get('schacPersonalUniqueCode'):
-            return UnicalAttributeProcessor.matricola(attributes['schacPersonalUniqueCode'],
-                                                      id_string='dipendente')
+        if attributes.get("schacPersonalUniqueCode"):
+            return UnicalAttributeProcessor.matricola(
+                attributes["schacPersonalUniqueCode"], id_string="dipendente"
+            )
 
     @staticmethod
     def matricola_studente(attributes):
-        if attributes.get('schacPersonalUniqueCode'):
-            return UnicalAttributeProcessor.matricola(attributes['schacPersonalUniqueCode'],
-                                                      id_string='studente')
+        if attributes.get("schacPersonalUniqueCode"):
+            return UnicalAttributeProcessor.matricola(
+                attributes["schacPersonalUniqueCode"], id_string="studente"
+            )
 
     @staticmethod
     def codice_fiscale(attributes):
-        if attributes.get('schacPersonalUniqueID'):
-            return UnicalAttributeProcessor.codice_fiscale_rs(attributes['schacPersonalUniqueID'])
+        if attributes.get("schacPersonalUniqueID"):
+            return UnicalAttributeProcessor.codice_fiscale_rs(
+                attributes["schacPersonalUniqueID"]
+            )
 
     @classmethod
     def process(cls, attributes, sp_mapping):
-        cattr = dict(matricola_dipendente=cls.matricola_dipendente(attributes),
-                     matricola_studente=cls.matricola_studente(attributes),
-                     codice_fiscale=cls.codice_fiscale(attributes))
+        cattr = dict(
+            matricola_dipendente=cls.matricola_dipendente(attributes),
+            matricola_studente=cls.matricola_studente(attributes),
+            codice_fiscale=cls.codice_fiscale(attributes),
+        )
         for k, v in cattr.items():
             if v and k in sp_mapping:
                 attributes[k] = v
diff --git a/uniauth_saml2_idp/tests/__init__.py b/uniauth_saml2_idp/tests/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/uniauth_saml2_idp/tests/base.py b/uniauth_saml2_idp/tests/base.py
new file mode 100644
index 0000000..34828e8
--- /dev/null
+++ b/uniauth_saml2_idp/tests/base.py
@@ -0,0 +1,156 @@
+from .sp.sp_pysaml2 import SAML_CONFIG as SAML_SP_CONFIG
+from .idp_pysaml2 import SAML_IDP_CONFIG
+import copy
+import os
+import logging
+import pathlib
+import re
+import sys
+import subprocess
+
+
+from django.contrib.auth import get_user_model
+from django.test import TestCase, Client
+from django.urls import reverse
+from saml2 import BINDING_HTTP_POST
+from saml2.config import SPConfig
+from saml2.client import Saml2Client
+from saml2.metadata import entity_descriptor
+
+sys.path.append(os.getcwd())
+
+
+logger = logging.getLogger("django_test")
+
+
+# clean up sp metadata folder
+fpath = pathlib.Path(__file__)
+idp_md_path = f"{fpath.parent}/data/metadata"
+sp_md_path = f"{fpath.parent}/sp/metadata"
+mds = [sp_md_path + "/idp.xml", idp_md_path + "/sp.xml"]
+for md_path in (idp_md_path, sp_md_path):
+    if not os.path.exists(md_path):
+        os.mkdir(md_path)
+
+
+def cleanup_metadata():
+    for md in mds:
+        if os.path.exists(md):
+            os.remove(md)
+
+
+idp_eid = SAML_IDP_CONFIG["entityid"]
+sp_eid = SAML_SP_CONFIG["entityid"]
+
+action_post_regexp = "(?P<name>action)=" '"(?P<value>[a-zA-Z0-9\.\:\/\_\?\=]*)"'
+samlrequest_form_regexp = (
+    '.*name="SAMLRequest" ' 'value="(?P<value>[a-zA-Z0-9=+]*)"[\s\n.]*'
+)
+
+samlresponse_form_regexp = 'name="SAMLResponse" value="(?P<value>[a-zA-Z0-9+=]*)"'
+login_process_url = reverse("uniauth_saml2_idp:saml_login_process")
+login_url = reverse("uniauth_saml2_idp:login") + \
+    "?next={}".format(login_process_url)
+logout_url = reverse(
+    "uniauth_saml2_idp:saml_logout_binding", kwargs={"binding": "POST"}
+)
+
+
+def extract_saml_authn_data(result):
+    url = reverse("uniauth_saml2_idp:saml_login_binding",
+                  kwargs={"binding": "POST"})
+    logging.info("IdP Target is: {}".format(url))
+    # url = re.search(action_post_regexp, result.get('data', '')).groupdict()['value']
+
+    # IF HTTP-POST
+    if result.get("data"):
+        authn_req = result.get("data", "")
+        data = {
+            "SAMLRequest": re.search(samlrequest_form_regexp, authn_req).groupdict()[
+                "value"
+            ]
+        }
+    # ELSE HTTP-REDIRECT
+    else:
+        authn_req = result["headers"][0][1]
+        url, data = authn_req, authn_req
+    return url, data
+
+
+class BaseTestRP(TestCase):
+    def setUp(self):
+        # put idp metadata in sp metadata store
+        # self.IDP = IdPConfig()
+        # self.IDP.load(copy.deepcopy(SAML_IDP_CONFIG))
+        # idp_metadata = entity_descriptor(self.IDP)
+        cleanup_metadata()
+        idp_md_url = reverse("uniauth_saml2_idp:saml2_idp_metadata")
+        client = Client()
+        idp_metadata = client.get(idp_md_url)
+
+        # idp metadata into sp md store
+        with open(mds[0], "wb") as fd:
+            fd.write(idp_metadata.content)
+
+        # create a pysaml SP
+        self.sp_conf = SPConfig()
+        self.sp_conf.load(copy.deepcopy(SAML_SP_CONFIG))
+
+        self.sp_client = Saml2Client(self.sp_conf)
+        logger.info("{} SP: {}".format(self.__class__.__name__, self.client))
+
+    def _get_superuser_user(self):
+        data = dict(username="admin", email="test@test.org",
+                    is_superuser=1, is_staff=1)
+        user = get_user_model().objects.get_or_create(**data)[0]
+        user.set_password("admin")
+        user.save()
+        return user
+
+    def _superuser_login(self):
+        user = self._get_superuser_user()
+        self.client.force_login(user)
+
+    def _add_sp_md(self):
+        self._superuser_login()
+        # put md store through admin UI
+        create_url = reverse("admin:uniauth_saml2_idp_metadatastore_add")
+        data = dict(
+            name="sptest", type="local", url=idp_md_path, kwargs="{}", is_active=1
+        )
+        response = self.client.post(create_url, data, follow=True)
+        self.assertIn("was added successfully", response.content.decode())
+        # self.assertFalse("error", response.content.decode())
+
+        # put sp metadata into IDP md store
+        sp_metadata = entity_descriptor(self.sp_conf)
+        with open(idp_md_path + "/sp.xml", "wb") as fd:
+            fd.write(sp_metadata.to_string())
+
+    def _add_sp(self):
+        self._superuser_login()
+        create_url = reverse("admin:uniauth_saml2_idp_serviceprovider_add")
+        data = dict(
+            entity_id=SAML_SP_CONFIG["entityid"],
+            display_name="That SP display name",
+            signing_algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256",
+            digest_algorithm="http://www.w3.org/2001/04/xmlenc#sha256",
+            disable_encrypted_assertions=1,
+            is_active=1,
+        )
+        response = self.client.post(create_url, data, follow=True)
+        assert "was added successfully" in response.content.decode()
+
+    def _get_sp_authn_request(self):
+        session_id, result = self.sp_client.prepare_for_authenticate(
+            entityid=idp_eid, relay_state="/", binding=BINDING_HTTP_POST
+        )
+        url, data = extract_saml_authn_data(result)
+        return url, data, session_id
+
+    def _run_ldapd(self):
+        self.ldapd = subprocess.Popen(
+            ["python3", f"{fpath.parent}/ldapd.py"],
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+        )
diff --git a/example/tests/data/certificates/private.pem b/uniauth_saml2_idp/tests/data/certificates/private.pem
similarity index 100%
rename from example/tests/data/certificates/private.pem
rename to uniauth_saml2_idp/tests/data/certificates/private.pem
diff --git a/example/tests/data/certificates/public.pem b/uniauth_saml2_idp/tests/data/certificates/public.pem
similarity index 100%
rename from example/tests/data/certificates/public.pem
rename to uniauth_saml2_idp/tests/data/certificates/public.pem
diff --git a/uniauth_saml2_idp/tests/idp_pysaml2.py b/uniauth_saml2_idp/tests/idp_pysaml2.py
new file mode 100644
index 0000000..a6661bf
--- /dev/null
+++ b/uniauth_saml2_idp/tests/idp_pysaml2.py
@@ -0,0 +1,279 @@
+import os
+import saml2
+from saml2 import (
+    BINDING_HTTP_POST,
+    BINDING_HTTP_REDIRECT,
+)
+from saml2.entity_category import refeds, edugain
+from saml2.saml import NAMEID_FORMAT_TRANSIENT, NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+LOGIN_URL = "/idp/login/"
+
+# idp protocol:fqdn:port
+HOST = "localhost"
+PORT = 9000  # None if 80 or 443...
+HTTPS = False
+
+BASE = "https://{}".format(HOST) if HTTPS else "http://{}".format(HOST)
+if PORT:
+    BASE += ":{}".format(PORT)
+
+BASE_URL = "{}/idp".format(BASE)
+# end
+
+IDP_SP_METADATA_PATH = "tests/data/metadata"
+
+# please check [Refactor datetime](https://github.com/IdentityPython/pysaml2/pull/518)
+# only used to parse issue_instant in a try...
+SAML2_DATETIME_FORMATS = ["%Y-%m-%dT%H:%M:%SZ", "%Y%m%d%H%M%SZ"]
+
+SAML_IDP_CONFIG = {
+    "debug": True,
+    # "xmlsec_binary": get_xmlsec_binary(["/opt/local/bin", "/usr/bin/xmlsec1"]),
+    "entityid": "%s/metadata" % BASE_URL,
+    "entity_category_support": [
+        edugain.COCO,  # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
+        refeds.RESEARCH_AND_SCHOLARSHIP,
+    ],
+    "attribute_map_dir": "data/attribute-maps",
+    "description": "SAML2 IDP",
+    "service": {
+        "idp": {
+            "name": "Django testunical SAML IdP",
+            "ui_info": {
+                "display_name": [
+                    {"lang": "en", "text": "Unical IdP"},
+                    {"lang": "it", "text": "Unical IdP"},
+                ],
+                "description": [
+                    {"lang": "en", "text": "University of Calabria Identity Provider"},
+                    {
+                        "lang": "it",
+                        "text": "Identity Provider della Università della Calabria",
+                    },
+                ],
+                "information_url": {
+                    "lang": "it",
+                    "text": "https://www.unical.it/portale/strutture/centri/centroict/schdeserviziict/idem/",
+                },
+                "privacy_statement_url": {
+                    "lang": "it",
+                    "text": "https://www.unical.it/portale/ateneo/privacy/",
+                },
+                "logo": {
+                    "width": "80",
+                    "height": "60",
+                    "text": "https://{}/static/img/logo.svg".format(HOST),
+                },
+            },
+            "endpoints": {
+                "single_sign_on_service": [
+                    ("%s/sso/post" % BASE_URL, BINDING_HTTP_POST),
+                    ("%s/sso/redirect" % BASE_URL, BINDING_HTTP_REDIRECT),
+                ],
+                "single_logout_service": [
+                    ("%s/slo/post" % BASE, BINDING_HTTP_POST),
+                    # ("%s/slo/redirect" % BASE, BINDING_HTTP_REDIRECT)
+                ],
+            },
+            # transient per default, persistent if asked by sp
+            "name_id_format": [NAMEID_FORMAT_TRANSIENT, NAMEID_FORMAT_PERSISTENT],
+            "validate_certificate": True,
+            # this is default
+            "only_use_keys_in_metadata": True,
+            "want_authn_requests_only_with_valid_cert": True,
+            "want_authn_requests_signed": True,
+            "logout_requests_signed": True,
+            "sign_response": True,
+            "sign_assertion": True,
+            # the following if set should be a cert filename, not a boolean
+            # 'verify_ssl_cert': None,
+            # 'verify_encrypt_cert_assertion': None,
+            # 'verify_encrypt_cert_advice': None,
+            # this works if pysaml2 is installed from peppelinux's fork
+            # 'signing_algorithm':  saml2.xmldsig.SIG_RSA_SHA256,
+            # 'digest_algorithm':  saml2.xmldsig.DIGEST_SHA256,
+            "policy": {
+                "default": {
+                    "lifetime": {"minutes": 15},
+                    # if the sp are not conform to entity_categories (in our metadata) the attributes will not be released
+                    # "entity_categories": ["refeds", "edugain"],
+                    # "entity_categories": ["refeds",],
+                    "name_form": NAME_FORMAT_URI,
+                    # global pysaml2 restrictions, useless with custom AttributeProcessors
+                    # "attribute_restrictions": {
+                    # 'username': None,
+                    # 'first_name': None,
+                    # 'last_name': None,
+                    #
+                    # Here only mail addresses that end with ".umu.se" will be returned.
+                    # 'email': None,
+                    # #'email': [".*\.umu\.se$"],
+                    # "mail": [".*\.umu\.se$"],
+                    # },
+                },
+                # attributes will be released only if this SP have refeds in out entity_categories in its metadata.
+                # "https://sp1.testunical.it/saml2/metadata/": {
+                # "entity_categories": ["refeds",]
+                # }
+                # "https://example.com/sp": {
+                # "lifetime": {"minutes": 5},
+                # "nameid_format": NAMEID_FORMAT_PERSISTENT,
+                # "name_form": NAME_FORMAT_BASIC
+                # }
+            },
+        },
+        # TODO
+        # AttributeAuthorityDescriptor is needed for legacy SP
+        # this adds the needed attributes in metadata ...!
+        # 'aq': {
+        #
+        #    }
+    },
+    # Quite useless, you can even configure metadata store through admin backend!
+    "metadata": {
+        # 'local': [
+        # IDP_SP_METADATA_PATH,
+        # ],
+        #
+        # "remote": [{
+        # "url": 'https://satosa.testunical.it/Saml2/metadata',
+        # "cert": "/opt/satosa-saml2/pki/frontend.cert",
+        # working only with pplx-dev fork:
+        # "disable_ssl_certificate_validation": True,
+        # }],
+        # "mdq": [{
+        # "url": "http://localhost:8001",
+        # "url": "https://ds.testunical.it",
+        # "cert": "certficates/others/ds.testunical.it.cert",
+        # working only with pplx-dev fork:
+        # "disable_ssl_certificate_validation": True,
+        # }]
+    },
+    # Signing
+    "key_file": BASE_DIR + "/tests/data/certificates/private.pem",
+    "cert_file": BASE_DIR + "/tests/data/certificates/public.pem",
+    # Encryption
+    "encryption_keypairs": [
+        {
+            "key_file": BASE_DIR + "/tests/data/certificates/private.pem",
+            "cert_file": BASE_DIR + "/tests/data/certificates/public.pem",
+        }
+    ],
+    # How many hours this configuration is expected to be accurate as eposed in metadata
+    # 'valid_for': 24 * 10,
+    # own metadata settings
+    "contact_person": [
+        {
+            "given_name": "Giuseppe",
+            "sur_name": "De Marco",
+            "company": "Universita della Calabria",
+            "email_address": "giuseppe.demarco@unical.it",
+            "contact_type": "administrative",
+        },
+        {
+            "given_name": "Giuseppe",
+            "sur_name": "De Marco",
+            "company": "Universita della Calabria",
+            "email_address": "giuseppe.demarco@unical.it",
+            "contact_type": "technical",
+        },
+    ],
+    # you can set multilanguage information here
+    "organization": {
+        "name": [("Unical", "it"), ("Unical", "en")],
+        "display_name": [("Unical", "it"), ("Unical", "en")],
+        "url": [("http://www.unical.it", "it"), ("http://www.unical.it", "en")],
+    },
+    # TODO: put idp logs in a separate file too
+    # "logger": {
+    # "rotating": {
+    # "filename": "idp.log",
+    # "maxBytes": 500000,
+    # "backupCount": 5,
+    # },
+    # "loglevel": "debug",
+    # }
+}
+
+SAML_IDP_SHOW_USER_AGREEMENT_SCREEN = True
+SAML_IDP_SHOW_CONSENT_FORM = False
+SAML_IDP_USER_AGREEMENT_ATTR_EXCLUDE = []
+# User agreements will be valid for 1 year unless overriden. If this attribute is not used, user agreements will not expire
+SAML_IDP_USER_AGREEMENT_VALID_FOR = 24 * 365
+
+SAML_IDP_DJANGO_USERNAME_FIELD = "username"
+# alg, salt and arguments used for computed user identifier used in opaque, transient and persistent nameid_format
+SAML_COMPUTEDID_HASHALG = "sha256"
+SAML_COMPUTEDID_SALT = b"87sdfybDSFDSFsdf__7yb"
+
+SAML_AUTHN_SIGN_ALG = saml2.xmldsig.SIG_RSA_SHA256
+SAML_AUTHN_DIGEST_ALG = saml2.xmldsig.DIGEST_SHA256
+
+# Encrypt authn response by default (will not work with SP that doesn't have enc keys in their metadata)
+SAML_FORCE_ENCRYPTED_ASSERTION = False
+
+# if enabled and nameid format is persistent the nameid related to user:recipient_id will be stored in PersistentId model
+SAML_ALLOWCREATE = True
+
+# SP configurations
+SAML_IDP_SPCONFIG = {}
+
+# Disable unconfigured SP even if they are in MetadataStore
+SAML_DISALLOW_UNDEFINED_SP = False
+
+# This coniguration will be used by default for each newly created SP through admin backend.
+DEFAULT_SPCONFIG = {
+    "processor": "uniauth_saml2_idp.processors.base.BaseProcessor",
+    "attribute_mapping": {
+        "uid": "uid",
+        "persistent_ids": "persistent_ids",
+        "email": "email",
+        "first_name": "first_name",
+        "last_name": "last_name",
+        "username": "username",
+        # 'is_staff': 'is_staff',
+        # 'is_superuser':  'is_superuser',
+        # refeds + edugain Entities
+        # "cn": "cn",
+        # "eduPersonEntitlement": "eduPersonEntitlement",
+        # "eduPersonPrincipalName": "eduPersonPrincipalName",
+        # "schacHomeOrganization": "schacHomeOrganization",
+        # "eduPersonHomeOrganization": "eduPersonHomeOrganization",
+        # "eduPersonAffiliation": "eduPersonAffiliation",
+        # "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
+        # "eduPersonTargetedID": "eduPersonTargetedID",
+        # "mail": ["mail", "email"],
+        # "email": ["mail", "email"],
+        # "schacPersonalUniqueCode": "schacPersonalUniqueCode",
+        # "schacPersonalUniqueID": "schacPersonalUniqueID",
+        # "sn": "sn",
+        # "givenName": ["givenName", "another_possible_occourrence"],
+        # "displayName": "displayName",
+        # custom attributes
+        # "codice_fiscale": "codice_fiscale",
+        # "matricola_studente": "matricola_studente",
+        # "matricola_dipendente": "matricola_dipendente"
+    },
+    "display_name": "Unical SP",
+    "display_description": "This is for test purpose",
+    # Only for SP externals to our organization
+    "display_agreement_message": "Some information about you has been requested",
+    "signing_algorithm": saml2.xmldsig.SIG_RSA_SHA256,
+    "digest_algorithm": saml2.xmldsig.DIGEST_SHA256,
+    "disable_encrypted_assertions": True,
+    # 'show_user_agreement_screen': SAML_IDP_SHOW_USER_AGREEMENT_SCREEN
+}
+
+# Quite useless, you can even configure SP through admin backend!
+# shibboleth test SP
+# SAML_IDP_SPCONFIG['https://sp.testunical.it/shibboleth'] = DEFAULT_SPCONFIG
+# SAML_IDP_SPCONFIG['https://sp1.testunical.it/saml2/metadata/'] = DEFAULT_SPCONFIG
+
+# satosa frontend
+# SAML_IDP_SPCONFIG['https://satosa.testunical.it/Saml2/metadata'] = DEFAULT_SPCONFIG
diff --git a/example/tests/ldapd.py b/uniauth_saml2_idp/tests/ldapd.py
similarity index 96%
rename from example/tests/ldapd.py
rename to uniauth_saml2_idp/tests/ldapd.py
index 3d1c769..cbe8517 100644
--- a/example/tests/ldapd.py
+++ b/uniauth_saml2_idp/tests/ldapd.py
@@ -1,4 +1,5 @@
 import sys
+
 try:
     from cStringIO import StringIO as BytesIO
 except ImportError:
@@ -71,9 +72,7 @@
 """
 
 
-
 class Tree(object):
-
     def __init__(self):
         global LDIF
         self.f = BytesIO(LDIF)
@@ -98,8 +97,9 @@ def buildProtocol(self, addr):
         return proto
 
 
-if __name__ == '__main__':
+if __name__ == "__main__":
     from twisted.internet import reactor
+
     if len(sys.argv) == 2:
         port = int(sys.argv[1])
     else:
@@ -112,10 +112,7 @@ def buildProtocol(self, addr):
     # `root = interfaces.IConnectedLDAPEntry(self.factory)` to get the root
     # of the DIT.  The factory that creates the protocol must therefore
     # be adapted to the IConnectedLDAPEntry interface.
-    registerAdapter(
-        lambda x: x.root,
-        LDAPServerFactory,
-        IConnectedLDAPEntry)
+    registerAdapter(lambda x: x.root, LDAPServerFactory, IConnectedLDAPEntry)
     factory = LDAPServerFactory(tree.db)
     factory.debug = True
     application = service.Application("ldaptor-server")
diff --git a/uniauth_saml2_idp/tests/settings.py b/uniauth_saml2_idp/tests/settings.py
new file mode 100644
index 0000000..8d05574
--- /dev/null
+++ b/uniauth_saml2_idp/tests/settings.py
@@ -0,0 +1,185 @@
+"""
+Django settings for django_idp project.
+
+Generated by 'django-admin startproject' using Django 2.0.5.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/2.0/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/2.0/ref/settings/
+"""
+import ldap
+import os
+import logging
+import sys
+
+from .settingslocal import *
+
+if len(sys.argv) > 1 and sys.argv[1] == 'test':
+    logging.disable(logging.CRITICAL)
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
+
+# use settingslocal
+# DEBUG = True
+# SESSION_EXPIRE_AT_BROWSER_CLOSE=True
+# SESSION_COOKIE_AGE = 60 * 10 # minutes
+# SECRET_KEY = settingslocal.SECRET_KEY
+# ALLOWED_HOSTS = settingslocal.ALLOWED_HOSTS
+
+if not DEBUG:
+    SESSION_COOKIE_SECURE = True
+    CSRF_COOKIE_SECURE = True
+    # CSRF_USE_SESSIONS = True
+
+# Application definition
+
+MIDDLEWARE = [
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    # SameSite Cookie workaround
+    "djangosaml2.middleware.SamlSessionMiddleware",
+]
+
+# GETTEXT LOCALIZATION
+MIDDLEWARE.append("django.middleware.locale.LocaleMiddleware")
+LOCALE_PATHS = (os.path.join(BASE_DIR, "locale"),)
+#
+
+ROOT_URLCONF = "django_idp.urls"
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": [],
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+            ],
+        },
+    },
+]
+
+STATICFILES_FINDERS = [
+    "django.contrib.staticfiles.finders.FileSystemFinder",
+    "django.contrib.staticfiles.finders.AppDirectoriesFinder",
+    "sass_processor.finders.CssFinder",
+]
+
+WSGI_APPLICATION = "django_idp.wsgi.application"
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": os.path.join(BASE_DIR, "db.sqlite3"),
+    }
+}
+
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",
+    # TODO
+    # 'unical_ict.auth.SessionUniqueBackend',
+]
+
+#################
+# LDAP, optional
+#################
+if "ldap_peoples" in INSTALLED_APPS:
+    # load default and overrides as you prefer
+    from ldap_peoples.settings import *
+
+    DEFAULT_EDUPERSON_ENTITLEMENT = [
+        "urn:mace:terena.org:tcs:personal-user",
+        "urn:mace:terena.org:tcs:escience-user",
+    ]
+    SCHAC_HOMEORGANIZATIONTYPE_DEFAULT = ["educationInstitution", "university"]
+    SCHAC_HOMEORGANIZATION_DEFAULT = LDAP_BASE_DOMAIN
+
+    LDAP_CONNECTION_OPTIONS = {
+        ldap.OPT_PROTOCOL_VERSION: 3,
+        ldap.OPT_NETWORK_TIMEOUT: 5,
+        # ldap.OPT_DEBUG_LEVEL: 255,
+        # ldap.OPT_X_TLS_CACERTFILE: LDAP_CACERT,
+        # force /etc/ldap.conf configuration.
+        # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER,
+        # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_DEMAND,
+        # ldap.OPT_X_TLS: ldap.OPT_X_TLS_DEMAND,
+        # ldap.OPT_X_TLS_DEMAND: True,
+        # ldap.OPT_X_TLS: ldap.OPT_X_TLS_NEVER,
+        # ldap.OPT_X_TLS_DEMAND: False,
+    }
+
+    DATABASES["ldap"] = {
+        "ENGINE": "ldapdb.backends.ldap",
+        # only in localhost
+        # 'NAME': 'ldapi://',
+        "NAME": LDAP_DB_URL,
+        "USER": LDAP_CONNECTION_USER,
+        "PASSWORD": LDAP_CONNECTION_PASSWD,
+        "RETRY_DELAY": 8,
+        "RETRY_MAX": 3,
+        "CONNECTION_OPTIONS": LDAP_CONNECTION_OPTIONS,
+    }
+
+    DATABASE_ROUTERS = ["ldapdb.router.Router"]
+    AUTHENTICATION_BACKENDS.append(
+        "uniauth_saml2_idp.auth.ldap_peoples.LdapAcademiaAuthBackend"
+    )
+
+if "multildap" in INSTALLED_APPS:
+    AUTHENTICATION_BACKENDS.append(
+        "uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend"
+    )
+
+
+# Password validation
+# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
+    },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/2.0/topics/i18n/
+
+LANGUAGE_CODE = "en-us"
+TIME_ZONE = "UTC"
+USE_I18N = True
+USE_L10N = True
+USE_TZ = True
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/2.0/howto/static-files/
+STATIC_ROOT = os.path.join(BASE_DIR, "static")
+STATIC_URL = "/static/"
+
+MEDIA_ROOT = os.path.join(BASE_DIR, "data/media")
+
+if "uniauth_saml2_idp" in INSTALLED_APPS:
+    pass
diff --git a/uniauth_saml2_idp/tests/settingsldap.py b/uniauth_saml2_idp/tests/settingsldap.py
new file mode 100644
index 0000000..86fc19e
--- /dev/null
+++ b/uniauth_saml2_idp/tests/settingsldap.py
@@ -0,0 +1,58 @@
+import ldap3
+from multildap.client import LdapClient
+
+LDAPTEST = dict(
+    server=dict(
+        host="ldap://localhost:3899",
+        connect_timeout=5,
+        # TLS...
+    ),
+    connection=dict(
+        user="uid=mario,ou=people,dc=testunical,dc=it",
+        password="cimpa12",
+        read_only=True,
+        version=3,
+        # see ldap3 client_strategies
+        client_strategy=ldap3.RESTARTABLE,
+        auto_bind=True,
+        pool_size=1,
+        pool_keepalive=1,
+    ),
+    search=dict(
+        search_base="ou=people,dc=testunical,dc=it",
+        search_filter="(objectclass=person)",
+        search_scope=ldap3.SUBTREE,
+        # general purpose for huge resultsets
+        # TODO: implement paged resultset, see: examples/paged_resultset.py
+        # size_limit = 500,
+        # paged_size = 1000, # up to 500000 results
+        # paged_criticality = True, # check if the server supports paged results
+        # paged_cookie = True, # must be sent back while requesting subsequent entries
+        # to get all = # '*'
+        attributes=[
+            "eduPersonPrincipalName",
+            "schacHomeOrganization",
+            "mail",
+            "uid",
+            "givenName",
+            "sn",
+            "eduPersonScopedAffiliation",
+            "schacPersonalUniqueID",
+            "schacPersonalUniqueCode",
+        ],
+    ),
+    encoding="utf-8",
+    # rewrite_rules =
+    # [{'package': 'attr_rewrite',
+    # 'name': 'replace',
+    # 'kwargs': {'from_str': 'testunical', 'to_str': 'unical',}},
+    # {'package': 'attr_rewrite',
+    # 'name': 'regexp_replace',
+    # 'kwargs': {'regexp': '', 'sub': '',}},
+    # ],
+    # rewrite_dn_to = _REWRITE_DN_TO,
+    allow_authentication=True,
+)
+
+LDAP_CONNECTIONS = {"DEFAULT": LDAPTEST}
+LDAP_CONNECTIONS = [LdapClient(conf) for conf in LDAP_CONNECTIONS.values()]
diff --git a/uniauth_saml2_idp/tests/settingslocal.py b/uniauth_saml2_idp/tests/settingslocal.py
new file mode 100644
index 0000000..9299e17
--- /dev/null
+++ b/uniauth_saml2_idp/tests/settingslocal.py
@@ -0,0 +1,91 @@
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = "lrx(fg&+2e=$l=y8$!+l68_=-lm3*n+myg%r3z!yjm(lg*l%-z"
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+SESSION_EXPIRE_AT_BROWSER_CLOSE = True
+SESSION_COOKIE_AGE = 60 * 10  # minutes
+
+ALLOWED_HOSTS = ["*"]
+
+INSTALLED_APPS = [
+    "accounts",
+    "django.contrib.admin",
+    "django.contrib.auth",
+    "django.contrib.contenttypes",
+    "django.contrib.sessions",
+    "django.contrib.messages",
+    "django.contrib.staticfiles",
+    "sass_processor",
+    "bootstrap_italia_template",
+    "uniauth_saml2_idp",
+    "acsia_template",
+    # 'ldap_peoples',
+    # 'multildap',
+    # 'rangefilter',
+
+    # oas3
+    #  "rest_framework",
+    #  "rest_api",
+]
+
+AUTH_USER_MODEL = "accounts.User"
+
+# ldap_peoples related
+# LDAP_CONNECTION_USER = 'cn=thatuser,dc=unical,dc=it'
+# LDAP_CONNECTION_PASSWD = 'Thatpassword'
+# LDAP_DB_URL = 'ldap://localhost:389/'
+# LDAP_BASE_DOMAIN = 'unical.it'
+# LDAP_PEOPLE_DN = 'dc=proxy'
+
+# needed for ldap admin forms
+DATETIME_INPUT_FORMATS = ["%Y-%m-%d %H:%M:%S", "%d/%m/%Y %H:%M:%S"]
+
+DATE_INPUT_FORMATS = ["%Y-%m-%d", "%d/%m/%Y"]
+
+ADMINS = [
+    ("name surname", "user1@DOMAIN"),
+    ("name surnale", "user2@DOMAIN"),
+]
+
+# LOGGING
+LOGGING = {
+    "version": 1,
+    "disable_existing_loggers": False,
+    "formatters": {
+        "default": {
+            # exact format is not important, this is the minimum information
+            "format": "%(asctime)s %(name)-12s %(levelname)-8s %(message)s",
+        },
+        "detailed": {
+            # %(name)s.%(funcName)s:%(lineno)s]'
+            "format": "[%(asctime)s] %(message)s [(%(levelname)s)]"
+        },
+    },
+    "filters": {"require_debug_false": {"()": "django.utils.log.RequireDebugFalse"}},
+    "handlers": {
+        "mail_admins": {
+            "formatter": "detailed",
+            "level": "ERROR",
+            "filters": ["require_debug_false"],
+            "class": "django.utils.log.AdminEmailHandler",
+        },
+        "console": {
+            "formatter": "detailed",
+            "level": "INFO",
+            "class": "logging.StreamHandler",
+        },
+    },
+    "loggers": {
+        "django": {
+            "handlers": ["console", "mail_admins"],
+            "level": "ERROR",
+            "propagate": False,
+        },
+        "uniauth_saml2_idp": {
+            "handlers": ["console", "mail_admins"],
+            "level": "DEBUG",
+            "propagate": False,
+        },
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/__init__.py b/uniauth_saml2_idp/tests/sp/attribute-maps/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v1x.py b/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v1x.py
new file mode 100644
index 0000000..79c48fd
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v1x.py
@@ -0,0 +1,20 @@
+# See http://technet.microsoft.com/en-us/library/cc733065(v=ws.10).aspx
+# and http://technet.microsoft.com/en-us/library/ee913589(v=ws.10).aspx
+# for information regarding the default claim types supported by
+# Microsoft ADFS v1.x.
+
+MAP = {
+    "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
+    "fro": {
+        "http://schemas.xmlsoap.org/claims/commonname": "commonName",
+        "http://schemas.xmlsoap.org/claims/emailaddress": "emailAddress",
+        "http://schemas.xmlsoap.org/claims/group": "group",
+        "http://schemas.xmlsoap.org/claims/upn": "upn",
+    },
+    "to": {
+        "commonName": "http://schemas.xmlsoap.org/claims/commonname",
+        "emailAddress": "http://schemas.xmlsoap.org/claims/emailaddress",
+        "group": "http://schemas.xmlsoap.org/claims/group",
+        "upn": "http://schemas.xmlsoap.org/claims/upn",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v20.py b/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v20.py
new file mode 100644
index 0000000..c32f838
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/adfs_v20.py
@@ -0,0 +1,47 @@
+# See http://technet.microsoft.com/en-us/library/ee913589(v=ws.10).aspx
+# for information regarding the default claim types supported by
+# Microsoft ADFS v2.0.
+
+MAP = {
+    "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
+    "fro": {
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "emailAddress",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "givenName",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "name",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "upn",
+        "http://schemas.xmlsoap.org/claims/commonname": "commonName",
+        "http://schemas.xmlsoap.org/claims/group": "group",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": "role",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "surname",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier": "privatePersonalId",
+        "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "nameId",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod": "authenticationMethod",
+        "http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid": "denyOnlySid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid": "denyOnlyPrimarySid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid": "denyOnlyPrimaryGroupSid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid": "groupSid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid": "primaryGroupSid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid": "primarySid",
+        "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname": "windowsAccountName",
+    },
+    "to": {
+        "emailAddress": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
+        "givenName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
+        "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
+        "upn": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn",
+        "commonName": "http://schemas.xmlsoap.org/claims/commonname",
+        "group": "http://schemas.xmlsoap.org/claims/group",
+        "role": "http://schemas.microsoft.com/ws/2008/06/identity/claims/role",
+        "surname": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname",
+        "privatePersonalId": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier",
+        "nameId": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
+        "authenticationMethod": "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod",
+        "denyOnlySid": "http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid",
+        "denyOnlyPrimarySid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid",
+        "denyOnlyPrimaryGroupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid",
+        "groupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid",
+        "primaryGroupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid",
+        "primarySid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid",
+        "windowsAccountName": "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/basic.py b/uniauth_saml2_idp/tests/sp/attribute-maps/basic.py
new file mode 100644
index 0000000..a6a6574
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/basic.py
@@ -0,0 +1,325 @@
+MAP = {
+    "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
+    "fro": {
+        "urn:mace:dir:attribute-def:aRecord": "aRecord",
+        "urn:mace:dir:attribute-def:aliasedEntryName": "aliasedEntryName",
+        "urn:mace:dir:attribute-def:aliasedObjectName": "aliasedObjectName",
+        "urn:mace:dir:attribute-def:associatedDomain": "associatedDomain",
+        "urn:mace:dir:attribute-def:associatedName": "associatedName",
+        "urn:mace:dir:attribute-def:audio": "audio",
+        "urn:mace:dir:attribute-def:authorityRevocationList": "authorityRevocationList",
+        "urn:mace:dir:attribute-def:buildingName": "buildingName",
+        "urn:mace:dir:attribute-def:businessCategory": "businessCategory",
+        "urn:mace:dir:attribute-def:c": "c",
+        "urn:mace:dir:attribute-def:cACertificate": "cACertificate",
+        "urn:mace:dir:attribute-def:cNAMERecord": "cNAMERecord",
+        "urn:mace:dir:attribute-def:carLicense": "carLicense",
+        "urn:mace:dir:attribute-def:certificateRevocationList": "certificateRevocationList",
+        "urn:mace:dir:attribute-def:cn": "cn",
+        "urn:mace:dir:attribute-def:co": "co",
+        "urn:mace:dir:attribute-def:commonName": "commonName",
+        "urn:mace:dir:attribute-def:countryName": "countryName",
+        "urn:mace:dir:attribute-def:crossCertificatePair": "crossCertificatePair",
+        "urn:mace:dir:attribute-def:dITRedirect": "dITRedirect",
+        "urn:mace:dir:attribute-def:dSAQuality": "dSAQuality",
+        "urn:mace:dir:attribute-def:dc": "dc",
+        "urn:mace:dir:attribute-def:deltaRevocationList": "deltaRevocationList",
+        "urn:mace:dir:attribute-def:departmentNumber": "departmentNumber",
+        "urn:mace:dir:attribute-def:description": "description",
+        "urn:mace:dir:attribute-def:destinationIndicator": "destinationIndicator",
+        "urn:mace:dir:attribute-def:displayName": "displayName",
+        "urn:mace:dir:attribute-def:distinguishedName": "distinguishedName",
+        "urn:mace:dir:attribute-def:dmdName": "dmdName",
+        "urn:mace:dir:attribute-def:dnQualifier": "dnQualifier",
+        "urn:mace:dir:attribute-def:documentAuthor": "documentAuthor",
+        "urn:mace:dir:attribute-def:documentIdentifier": "documentIdentifier",
+        "urn:mace:dir:attribute-def:documentLocation": "documentLocation",
+        "urn:mace:dir:attribute-def:documentPublisher": "documentPublisher",
+        "urn:mace:dir:attribute-def:documentTitle": "documentTitle",
+        "urn:mace:dir:attribute-def:documentVersion": "documentVersion",
+        "urn:mace:dir:attribute-def:domainComponent": "domainComponent",
+        "urn:mace:dir:attribute-def:drink": "drink",
+        "urn:mace:dir:attribute-def:eduOrgHomePageURI": "eduOrgHomePageURI",
+        "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI": "eduOrgIdentityAuthNPolicyURI",
+        "urn:mace:dir:attribute-def:eduOrgLegalName": "eduOrgLegalName",
+        "urn:mace:dir:attribute-def:eduOrgSuperiorURI": "eduOrgSuperiorURI",
+        "urn:mace:dir:attribute-def:eduOrgWhitePagesURI": "eduOrgWhitePagesURI",
+        "urn:mace:dir:attribute-def:eduPersonAffiliation": "eduPersonAffiliation",
+        "urn:mace:dir:attribute-def:eduPersonEntitlement": "eduPersonEntitlement",
+        "urn:mace:dir:attribute-def:eduPersonNickname": "eduPersonNickname",
+        "urn:mace:dir:attribute-def:eduPersonOrgDN": "eduPersonOrgDN",
+        "urn:mace:dir:attribute-def:eduPersonOrgUnitDN": "eduPersonOrgUnitDN",
+        "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation": "eduPersonPrimaryAffiliation",
+        "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN": "eduPersonPrimaryOrgUnitDN",
+        "urn:mace:dir:attribute-def:eduPersonPrincipalName": "eduPersonPrincipalName",
+        "urn:mace:dir:attribute-def:eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
+        "urn:mace:dir:attribute-def:eduPersonTargetedID": "eduPersonTargetedID",
+        "urn:mace:dir:attribute-def:email": "email",
+        "urn:mace:dir:attribute-def:emailAddress": "emailAddress",
+        "urn:mace:dir:attribute-def:employeeNumber": "employeeNumber",
+        "urn:mace:dir:attribute-def:employeeType": "employeeType",
+        "urn:mace:dir:attribute-def:enhancedSearchGuide": "enhancedSearchGuide",
+        "urn:mace:dir:attribute-def:facsimileTelephoneNumber": "facsimileTelephoneNumber",
+        "urn:mace:dir:attribute-def:favouriteDrink": "favouriteDrink",
+        "urn:mace:dir:attribute-def:fax": "fax",
+        "urn:mace:dir:attribute-def:federationFeideSchemaVersion": "federationFeideSchemaVersion",
+        "urn:mace:dir:attribute-def:friendlyCountryName": "friendlyCountryName",
+        "urn:mace:dir:attribute-def:generationQualifier": "generationQualifier",
+        "urn:mace:dir:attribute-def:givenName": "givenName",
+        "urn:mace:dir:attribute-def:gn": "gn",
+        "urn:mace:dir:attribute-def:homePhone": "homePhone",
+        "urn:mace:dir:attribute-def:homePostalAddress": "homePostalAddress",
+        "urn:mace:dir:attribute-def:homeTelephoneNumber": "homeTelephoneNumber",
+        "urn:mace:dir:attribute-def:host": "host",
+        "urn:mace:dir:attribute-def:houseIdentifier": "houseIdentifier",
+        "urn:mace:dir:attribute-def:info": "info",
+        "urn:mace:dir:attribute-def:initials": "initials",
+        "urn:mace:dir:attribute-def:internationaliSDNNumber": "internationaliSDNNumber",
+        "urn:mace:dir:attribute-def:janetMailbox": "janetMailbox",
+        "urn:mace:dir:attribute-def:jpegPhoto": "jpegPhoto",
+        "urn:mace:dir:attribute-def:knowledgeInformation": "knowledgeInformation",
+        "urn:mace:dir:attribute-def:l": "l",
+        "urn:mace:dir:attribute-def:labeledURI": "labeledURI",
+        "urn:mace:dir:attribute-def:localityName": "localityName",
+        "urn:mace:dir:attribute-def:mDRecord": "mDRecord",
+        "urn:mace:dir:attribute-def:mXRecord": "mXRecord",
+        "urn:mace:dir:attribute-def:mail": "mail",
+        "urn:mace:dir:attribute-def:mailPreferenceOption": "mailPreferenceOption",
+        "urn:mace:dir:attribute-def:manager": "manager",
+        "urn:mace:dir:attribute-def:member": "member",
+        "urn:mace:dir:attribute-def:mobile": "mobile",
+        "urn:mace:dir:attribute-def:mobileTelephoneNumber": "mobileTelephoneNumber",
+        "urn:mace:dir:attribute-def:nSRecord": "nSRecord",
+        "urn:mace:dir:attribute-def:name": "name",
+        "urn:mace:dir:attribute-def:norEduOrgAcronym": "norEduOrgAcronym",
+        "urn:mace:dir:attribute-def:norEduOrgNIN": "norEduOrgNIN",
+        "urn:mace:dir:attribute-def:norEduOrgSchemaVersion": "norEduOrgSchemaVersion",
+        "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier": "norEduOrgUniqueIdentifier",
+        "urn:mace:dir:attribute-def:norEduOrgUniqueNumber": "norEduOrgUniqueNumber",
+        "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier": "norEduOrgUnitUniqueIdentifier",
+        "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber": "norEduOrgUnitUniqueNumber",
+        "urn:mace:dir:attribute-def:norEduPersonBirthDate": "norEduPersonBirthDate",
+        "urn:mace:dir:attribute-def:norEduPersonLIN": "norEduPersonLIN",
+        "urn:mace:dir:attribute-def:norEduPersonNIN": "norEduPersonNIN",
+        "urn:mace:dir:attribute-def:o": "o",
+        "urn:mace:dir:attribute-def:objectClass": "objectClass",
+        "urn:mace:dir:attribute-def:organizationName": "organizationName",
+        "urn:mace:dir:attribute-def:organizationalStatus": "organizationalStatus",
+        "urn:mace:dir:attribute-def:organizationalUnitName": "organizationalUnitName",
+        "urn:mace:dir:attribute-def:otherMailbox": "otherMailbox",
+        "urn:mace:dir:attribute-def:ou": "ou",
+        "urn:mace:dir:attribute-def:owner": "owner",
+        "urn:mace:dir:attribute-def:pager": "pager",
+        "urn:mace:dir:attribute-def:pagerTelephoneNumber": "pagerTelephoneNumber",
+        "urn:mace:dir:attribute-def:personalSignature": "personalSignature",
+        "urn:mace:dir:attribute-def:personalTitle": "personalTitle",
+        "urn:mace:dir:attribute-def:photo": "photo",
+        "urn:mace:dir:attribute-def:physicalDeliveryOfficeName": "physicalDeliveryOfficeName",
+        "urn:mace:dir:attribute-def:pkcs9email": "pkcs9email",
+        "urn:mace:dir:attribute-def:postOfficeBox": "postOfficeBox",
+        "urn:mace:dir:attribute-def:postalAddress": "postalAddress",
+        "urn:mace:dir:attribute-def:postalCode": "postalCode",
+        "urn:mace:dir:attribute-def:preferredDeliveryMethod": "preferredDeliveryMethod",
+        "urn:mace:dir:attribute-def:preferredLanguage": "preferredLanguage",
+        "urn:mace:dir:attribute-def:presentationAddress": "presentationAddress",
+        "urn:mace:dir:attribute-def:protocolInformation": "protocolInformation",
+        "urn:mace:dir:attribute-def:pseudonym": "pseudonym",
+        "urn:mace:dir:attribute-def:registeredAddress": "registeredAddress",
+        "urn:mace:dir:attribute-def:rfc822Mailbox": "rfc822Mailbox",
+        "urn:mace:dir:attribute-def:roleOccupant": "roleOccupant",
+        "urn:mace:dir:attribute-def:roomNumber": "roomNumber",
+        "urn:mace:dir:attribute-def:sOARecord": "sOARecord",
+        "urn:mace:dir:attribute-def:searchGuide": "searchGuide",
+        "urn:mace:dir:attribute-def:secretary": "secretary",
+        "urn:mace:dir:attribute-def:seeAlso": "seeAlso",
+        "urn:mace:dir:attribute-def:serialNumber": "serialNumber",
+        "urn:mace:dir:attribute-def:singleLevelQuality": "singleLevelQuality",
+        "urn:mace:dir:attribute-def:sn": "sn",
+        "urn:mace:dir:attribute-def:st": "st",
+        "urn:mace:dir:attribute-def:stateOrProvinceName": "stateOrProvinceName",
+        "urn:mace:dir:attribute-def:street": "street",
+        "urn:mace:dir:attribute-def:streetAddress": "streetAddress",
+        "urn:mace:dir:attribute-def:subtreeMaximumQuality": "subtreeMaximumQuality",
+        "urn:mace:dir:attribute-def:subtreeMinimumQuality": "subtreeMinimumQuality",
+        "urn:mace:dir:attribute-def:supportedAlgorithms": "supportedAlgorithms",
+        "urn:mace:dir:attribute-def:supportedApplicationContext": "supportedApplicationContext",
+        "urn:mace:dir:attribute-def:surname": "surname",
+        "urn:mace:dir:attribute-def:telephoneNumber": "telephoneNumber",
+        "urn:mace:dir:attribute-def:teletexTerminalIdentifier": "teletexTerminalIdentifier",
+        "urn:mace:dir:attribute-def:telexNumber": "telexNumber",
+        "urn:mace:dir:attribute-def:textEncodedORAddress": "textEncodedORAddress",
+        "urn:mace:dir:attribute-def:title": "title",
+        "urn:mace:dir:attribute-def:uid": "uid",
+        "urn:mace:dir:attribute-def:uniqueIdentifier": "uniqueIdentifier",
+        "urn:mace:dir:attribute-def:uniqueMember": "uniqueMember",
+        "urn:mace:dir:attribute-def:userCertificate": "userCertificate",
+        "urn:mace:dir:attribute-def:userClass": "userClass",
+        "urn:mace:dir:attribute-def:userPKCS12": "userPKCS12",
+        "urn:mace:dir:attribute-def:userPassword": "userPassword",
+        "urn:mace:dir:attribute-def:userSMIMECertificate": "userSMIMECertificate",
+        "urn:mace:dir:attribute-def:userid": "userid",
+        "urn:mace:dir:attribute-def:x121Address": "x121Address",
+        "urn:mace:dir:attribute-def:x500UniqueIdentifier": "x500UniqueIdentifier",
+    },
+    "to": {
+        "aRecord": "urn:mace:dir:attribute-def:aRecord",
+        "aliasedEntryName": "urn:mace:dir:attribute-def:aliasedEntryName",
+        "aliasedObjectName": "urn:mace:dir:attribute-def:aliasedObjectName",
+        "associatedDomain": "urn:mace:dir:attribute-def:associatedDomain",
+        "associatedName": "urn:mace:dir:attribute-def:associatedName",
+        "audio": "urn:mace:dir:attribute-def:audio",
+        "authorityRevocationList": "urn:mace:dir:attribute-def:authorityRevocationList",
+        "buildingName": "urn:mace:dir:attribute-def:buildingName",
+        "businessCategory": "urn:mace:dir:attribute-def:businessCategory",
+        "c": "urn:mace:dir:attribute-def:c",
+        "cACertificate": "urn:mace:dir:attribute-def:cACertificate",
+        "cNAMERecord": "urn:mace:dir:attribute-def:cNAMERecord",
+        "carLicense": "urn:mace:dir:attribute-def:carLicense",
+        "certificateRevocationList": "urn:mace:dir:attribute-def:certificateRevocationList",
+        "cn": "urn:mace:dir:attribute-def:cn",
+        "co": "urn:mace:dir:attribute-def:co",
+        "commonName": "urn:mace:dir:attribute-def:commonName",
+        "countryName": "urn:mace:dir:attribute-def:countryName",
+        "crossCertificatePair": "urn:mace:dir:attribute-def:crossCertificatePair",
+        "dITRedirect": "urn:mace:dir:attribute-def:dITRedirect",
+        "dSAQuality": "urn:mace:dir:attribute-def:dSAQuality",
+        "dc": "urn:mace:dir:attribute-def:dc",
+        "deltaRevocationList": "urn:mace:dir:attribute-def:deltaRevocationList",
+        "departmentNumber": "urn:mace:dir:attribute-def:departmentNumber",
+        "description": "urn:mace:dir:attribute-def:description",
+        "destinationIndicator": "urn:mace:dir:attribute-def:destinationIndicator",
+        "displayName": "urn:mace:dir:attribute-def:displayName",
+        "distinguishedName": "urn:mace:dir:attribute-def:distinguishedName",
+        "dmdName": "urn:mace:dir:attribute-def:dmdName",
+        "dnQualifier": "urn:mace:dir:attribute-def:dnQualifier",
+        "documentAuthor": "urn:mace:dir:attribute-def:documentAuthor",
+        "documentIdentifier": "urn:mace:dir:attribute-def:documentIdentifier",
+        "documentLocation": "urn:mace:dir:attribute-def:documentLocation",
+        "documentPublisher": "urn:mace:dir:attribute-def:documentPublisher",
+        "documentTitle": "urn:mace:dir:attribute-def:documentTitle",
+        "documentVersion": "urn:mace:dir:attribute-def:documentVersion",
+        "domainComponent": "urn:mace:dir:attribute-def:domainComponent",
+        "drink": "urn:mace:dir:attribute-def:drink",
+        "eduOrgHomePageURI": "urn:mace:dir:attribute-def:eduOrgHomePageURI",
+        "eduOrgIdentityAuthNPolicyURI": "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI",
+        "eduOrgLegalName": "urn:mace:dir:attribute-def:eduOrgLegalName",
+        "eduOrgSuperiorURI": "urn:mace:dir:attribute-def:eduOrgSuperiorURI",
+        "eduOrgWhitePagesURI": "urn:mace:dir:attribute-def:eduOrgWhitePagesURI",
+        "eduPersonAffiliation": "urn:mace:dir:attribute-def:eduPersonAffiliation",
+        "eduPersonEntitlement": "urn:mace:dir:attribute-def:eduPersonEntitlement",
+        "eduPersonNickname": "urn:mace:dir:attribute-def:eduPersonNickname",
+        "eduPersonOrgDN": "urn:mace:dir:attribute-def:eduPersonOrgDN",
+        "eduPersonOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonOrgUnitDN",
+        "eduPersonPrimaryAffiliation": "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation",
+        "eduPersonPrimaryOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN",
+        "eduPersonPrincipalName": "urn:mace:dir:attribute-def:eduPersonPrincipalName",
+        "eduPersonScopedAffiliation": "urn:mace:dir:attribute-def:eduPersonScopedAffiliation",
+        "eduPersonTargetedID": "urn:mace:dir:attribute-def:eduPersonTargetedID",
+        "email": "urn:mace:dir:attribute-def:email",
+        "emailAddress": "urn:mace:dir:attribute-def:emailAddress",
+        "employeeNumber": "urn:mace:dir:attribute-def:employeeNumber",
+        "employeeType": "urn:mace:dir:attribute-def:employeeType",
+        "enhancedSearchGuide": "urn:mace:dir:attribute-def:enhancedSearchGuide",
+        "facsimileTelephoneNumber": "urn:mace:dir:attribute-def:facsimileTelephoneNumber",
+        "favouriteDrink": "urn:mace:dir:attribute-def:favouriteDrink",
+        "fax": "urn:mace:dir:attribute-def:fax",
+        "federationFeideSchemaVersion": "urn:mace:dir:attribute-def:federationFeideSchemaVersion",
+        "friendlyCountryName": "urn:mace:dir:attribute-def:friendlyCountryName",
+        "generationQualifier": "urn:mace:dir:attribute-def:generationQualifier",
+        "givenName": "urn:mace:dir:attribute-def:givenName",
+        "gn": "urn:mace:dir:attribute-def:gn",
+        "homePhone": "urn:mace:dir:attribute-def:homePhone",
+        "homePostalAddress": "urn:mace:dir:attribute-def:homePostalAddress",
+        "homeTelephoneNumber": "urn:mace:dir:attribute-def:homeTelephoneNumber",
+        "host": "urn:mace:dir:attribute-def:host",
+        "houseIdentifier": "urn:mace:dir:attribute-def:houseIdentifier",
+        "info": "urn:mace:dir:attribute-def:info",
+        "initials": "urn:mace:dir:attribute-def:initials",
+        "internationaliSDNNumber": "urn:mace:dir:attribute-def:internationaliSDNNumber",
+        "janetMailbox": "urn:mace:dir:attribute-def:janetMailbox",
+        "jpegPhoto": "urn:mace:dir:attribute-def:jpegPhoto",
+        "knowledgeInformation": "urn:mace:dir:attribute-def:knowledgeInformation",
+        "l": "urn:mace:dir:attribute-def:l",
+        "labeledURI": "urn:mace:dir:attribute-def:labeledURI",
+        "localityName": "urn:mace:dir:attribute-def:localityName",
+        "mDRecord": "urn:mace:dir:attribute-def:mDRecord",
+        "mXRecord": "urn:mace:dir:attribute-def:mXRecord",
+        "mail": "urn:mace:dir:attribute-def:mail",
+        "mailPreferenceOption": "urn:mace:dir:attribute-def:mailPreferenceOption",
+        "manager": "urn:mace:dir:attribute-def:manager",
+        "member": "urn:mace:dir:attribute-def:member",
+        "mobile": "urn:mace:dir:attribute-def:mobile",
+        "mobileTelephoneNumber": "urn:mace:dir:attribute-def:mobileTelephoneNumber",
+        "nSRecord": "urn:mace:dir:attribute-def:nSRecord",
+        "name": "urn:mace:dir:attribute-def:name",
+        "norEduOrgAcronym": "urn:mace:dir:attribute-def:norEduOrgAcronym",
+        "norEduOrgNIN": "urn:mace:dir:attribute-def:norEduOrgNIN",
+        "norEduOrgSchemaVersion": "urn:mace:dir:attribute-def:norEduOrgSchemaVersion",
+        "norEduOrgUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier",
+        "norEduOrgUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUniqueNumber",
+        "norEduOrgUnitUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier",
+        "norEduOrgUnitUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber",
+        "norEduPersonBirthDate": "urn:mace:dir:attribute-def:norEduPersonBirthDate",
+        "norEduPersonLIN": "urn:mace:dir:attribute-def:norEduPersonLIN",
+        "norEduPersonNIN": "urn:mace:dir:attribute-def:norEduPersonNIN",
+        "o": "urn:mace:dir:attribute-def:o",
+        "objectClass": "urn:mace:dir:attribute-def:objectClass",
+        "organizationName": "urn:mace:dir:attribute-def:organizationName",
+        "organizationalStatus": "urn:mace:dir:attribute-def:organizationalStatus",
+        "organizationalUnitName": "urn:mace:dir:attribute-def:organizationalUnitName",
+        "otherMailbox": "urn:mace:dir:attribute-def:otherMailbox",
+        "ou": "urn:mace:dir:attribute-def:ou",
+        "owner": "urn:mace:dir:attribute-def:owner",
+        "pager": "urn:mace:dir:attribute-def:pager",
+        "pagerTelephoneNumber": "urn:mace:dir:attribute-def:pagerTelephoneNumber",
+        "personalSignature": "urn:mace:dir:attribute-def:personalSignature",
+        "personalTitle": "urn:mace:dir:attribute-def:personalTitle",
+        "photo": "urn:mace:dir:attribute-def:photo",
+        "physicalDeliveryOfficeName": "urn:mace:dir:attribute-def:physicalDeliveryOfficeName",
+        "pkcs9email": "urn:mace:dir:attribute-def:pkcs9email",
+        "postOfficeBox": "urn:mace:dir:attribute-def:postOfficeBox",
+        "postalAddress": "urn:mace:dir:attribute-def:postalAddress",
+        "postalCode": "urn:mace:dir:attribute-def:postalCode",
+        "preferredDeliveryMethod": "urn:mace:dir:attribute-def:preferredDeliveryMethod",
+        "preferredLanguage": "urn:mace:dir:attribute-def:preferredLanguage",
+        "presentationAddress": "urn:mace:dir:attribute-def:presentationAddress",
+        "protocolInformation": "urn:mace:dir:attribute-def:protocolInformation",
+        "pseudonym": "urn:mace:dir:attribute-def:pseudonym",
+        "registeredAddress": "urn:mace:dir:attribute-def:registeredAddress",
+        "rfc822Mailbox": "urn:mace:dir:attribute-def:rfc822Mailbox",
+        "roleOccupant": "urn:mace:dir:attribute-def:roleOccupant",
+        "roomNumber": "urn:mace:dir:attribute-def:roomNumber",
+        "sOARecord": "urn:mace:dir:attribute-def:sOARecord",
+        "searchGuide": "urn:mace:dir:attribute-def:searchGuide",
+        "secretary": "urn:mace:dir:attribute-def:secretary",
+        "seeAlso": "urn:mace:dir:attribute-def:seeAlso",
+        "serialNumber": "urn:mace:dir:attribute-def:serialNumber",
+        "singleLevelQuality": "urn:mace:dir:attribute-def:singleLevelQuality",
+        "sn": "urn:mace:dir:attribute-def:sn",
+        "st": "urn:mace:dir:attribute-def:st",
+        "stateOrProvinceName": "urn:mace:dir:attribute-def:stateOrProvinceName",
+        "street": "urn:mace:dir:attribute-def:street",
+        "streetAddress": "urn:mace:dir:attribute-def:streetAddress",
+        "subtreeMaximumQuality": "urn:mace:dir:attribute-def:subtreeMaximumQuality",
+        "subtreeMinimumQuality": "urn:mace:dir:attribute-def:subtreeMinimumQuality",
+        "supportedAlgorithms": "urn:mace:dir:attribute-def:supportedAlgorithms",
+        "supportedApplicationContext": "urn:mace:dir:attribute-def:supportedApplicationContext",
+        "surname": "urn:mace:dir:attribute-def:surname",
+        "telephoneNumber": "urn:mace:dir:attribute-def:telephoneNumber",
+        "teletexTerminalIdentifier": "urn:mace:dir:attribute-def:teletexTerminalIdentifier",
+        "telexNumber": "urn:mace:dir:attribute-def:telexNumber",
+        "textEncodedORAddress": "urn:mace:dir:attribute-def:textEncodedORAddress",
+        "title": "urn:mace:dir:attribute-def:title",
+        "uid": "urn:mace:dir:attribute-def:uid",
+        "uniqueIdentifier": "urn:mace:dir:attribute-def:uniqueIdentifier",
+        "uniqueMember": "urn:mace:dir:attribute-def:uniqueMember",
+        "userCertificate": "urn:mace:dir:attribute-def:userCertificate",
+        "userClass": "urn:mace:dir:attribute-def:userClass",
+        "userPKCS12": "urn:mace:dir:attribute-def:userPKCS12",
+        "userPassword": "urn:mace:dir:attribute-def:userPassword",
+        "userSMIMECertificate": "urn:mace:dir:attribute-def:userSMIMECertificate",
+        "userid": "urn:mace:dir:attribute-def:userid",
+        "x121Address": "urn:mace:dir:attribute-def:x121Address",
+        "x500UniqueIdentifier": "urn:mace:dir:attribute-def:x500UniqueIdentifier",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/django_saml_uri.py b/uniauth_saml2_idp/tests/sp/attribute-maps/django_saml_uri.py
new file mode 100644
index 0000000..3d6dc33
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/django_saml_uri.py
@@ -0,0 +1,19 @@
+X500ATTR_OID = "urn:oid:2.5.4."
+PKCS_9 = "urn:oid:1.2.840.113549.1.9.1."
+UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
+
+MAP = {
+    "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+    "fro": {
+        X500ATTR_OID + "3": "first_name",  # cn
+        X500ATTR_OID + "4": "last_name",  # sn
+        PKCS_9 + "1": "email",
+        UCL_DIR_PILOT + "1": "uid",
+    },
+    "to": {
+        "first_name": X500ATTR_OID + "3",
+        "last_name": X500ATTR_OID + "4",
+        "email": PKCS_9 + "1",
+        "uid": UCL_DIR_PILOT + "1",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/saml_uri.py b/uniauth_saml2_idp/tests/sp/attribute-maps/saml_uri.py
new file mode 100644
index 0000000..5056b52
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/saml_uri.py
@@ -0,0 +1,354 @@
+EDUCOURSE_OID = "urn:oid:1.3.6.1.4.1.5923.1.6.1."
+EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
+EDUMEMBER1_OID = "urn:oid:1.3.6.1.4.1.5923.1.5.1."
+
+# ldap.gv.at definitions as specified in:
+# http://www.ref.gv.at/AG-IZ-PVP2-Version-2-1-0-2.2754.0.html
+LDAPGVAT_OID = "urn:oid:1.2.40.0.10.2.1.1."
+
+UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
+X500ATTR_OID = "urn:oid:2.5.4."
+LDAPGVAT_UCL_DIR_PILOT = UCL_DIR_PILOT
+LDAPGVAT_X500ATTR_OID = X500ATTR_OID
+NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
+NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
+PKCS_9 = "urn:oid:1.2.840.113549.1.9.1."
+SCHAC = "urn:oid:1.3.6.1.4.1.25178.1.2."
+SIS = "urn:oid:1.2.752.194.10.2."
+UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
+
+# openosi-0.82.schema http://www.openosi.org/osi/display/ldap/Home
+OPENOSI_OID = "urn:oid:1.3.6.1.4.1.27630.2.1.1."
+
+EIDAS_NATURALPERSON = "http://eidas.europa.eu/attributes/naturalperson/"
+EIDAS_LEGALPERSON = "http://eidas.europa.eu/attributes/legalperson/"
+
+MAP = {
+    "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+    "fro": {
+        EIDAS_LEGALPERSON + "LegalPersonIdentifier": "LegalPersonIdentifier",
+        EIDAS_LEGALPERSON + "LegalAddress": "LegalAddress",
+        EIDAS_LEGALPERSON + "LegalName": "LegalName",
+        EIDAS_LEGALPERSON + "VATRegistration": "VATRegistration",
+        EIDAS_LEGALPERSON + "TaxReference": "TaxReference",
+        EIDAS_LEGALPERSON + "BusinessCodes": "BusinessCodes",
+        EIDAS_LEGALPERSON + "LEI": "LEI",
+        EIDAS_LEGALPERSON + "EORI": "EORI",
+        EIDAS_LEGALPERSON + "SEED": "SEED",
+        EIDAS_LEGALPERSON + "SIC": "SIC",
+        EIDAS_LEGALPERSON + "D-2012-17-EUIdentifier": "D-2012-17-EUIdentifier",
+        EIDAS_NATURALPERSON + "PersonIdentifier": "PersonIdentifier",
+        EIDAS_NATURALPERSON + "CurrentFamilyName": "FamilyName",
+        EIDAS_NATURALPERSON + "CurrentGivenName": "FirstName",
+        EIDAS_NATURALPERSON + "DateOfBirth": "DateOfBirth",
+        EIDAS_NATURALPERSON + "BirthName": "BirthName",
+        EIDAS_NATURALPERSON + "PlaceOfBirth": "PlaceOfBirth",
+        EIDAS_NATURALPERSON + "CurrentAddress": "CurrentAddress",
+        EIDAS_NATURALPERSON + "Gender": "Gender",
+        EDUCOURSE_OID + "1": "eduCourseOffering",
+        EDUCOURSE_OID + "2": "eduCourseMember",
+        EDUMEMBER1_OID + "1": "isMemberOf",
+        EDUPERSON_OID + "1": "eduPersonAffiliation",
+        EDUPERSON_OID + "2": "eduPersonNickname",
+        EDUPERSON_OID + "3": "eduPersonOrgDN",
+        EDUPERSON_OID + "4": "eduPersonOrgUnitDN",
+        EDUPERSON_OID + "5": "eduPersonPrimaryAffiliation",
+        EDUPERSON_OID + "6": "eduPersonPrincipalName",
+        EDUPERSON_OID + "7": "eduPersonEntitlement",
+        EDUPERSON_OID + "8": "eduPersonPrimaryOrgUnitDN",
+        EDUPERSON_OID + "9": "eduPersonScopedAffiliation",
+        EDUPERSON_OID + "10": "eduPersonTargetedID",
+        EDUPERSON_OID + "11": "eduPersonAssurance",
+        EDUPERSON_OID + "12": "eduPersonPrincipalNamePrior",
+        EDUPERSON_OID + "13": "eduPersonUniqueId",
+        EDUPERSON_OID + "16": "eduPersonOrcid",
+        LDAPGVAT_OID + "1": "PVP-GID",
+        LDAPGVAT_OID + "149": "PVP-BPK",
+        LDAPGVAT_OID + "153": "PVP-OU-OKZ",
+        LDAPGVAT_OID + "261.10": "PVP-VERSION",
+        LDAPGVAT_OID + "261.20": "PVP-PRINCIPAL-NAME",
+        LDAPGVAT_OID + "261.24": "PVP-PARTICIPANT-OKZ",
+        LDAPGVAT_OID + "261.30": "PVP-ROLES",
+        LDAPGVAT_OID + "261.40": "PVP-INVOICE-RECPT-ID",
+        LDAPGVAT_OID + "261.50": "PVP-COST-CENTER-ID",
+        LDAPGVAT_OID + "261.60": "PVP-CHARGE-CODE",
+        LDAPGVAT_OID + "3": "PVP-OU-GV-OU-ID",
+        LDAPGVAT_OID + "33": "PVP-FUNCTION",
+        LDAPGVAT_OID + "55": "PVP-BIRTHDATE",
+        LDAPGVAT_OID + "71": "PVP-PARTICIPANT-ID",
+        LDAPGVAT_UCL_DIR_PILOT + "1": "PVP-USERID",
+        LDAPGVAT_UCL_DIR_PILOT + "3": "PVP-MAIL",
+        LDAPGVAT_X500ATTR_OID + "11": "PVP-OU",
+        LDAPGVAT_X500ATTR_OID + "20": "PVP-TEL",
+        LDAPGVAT_X500ATTR_OID + "42": "PVP-GIVENNAME",
+        NETSCAPE_LDAP + "1": "carLicense",
+        NETSCAPE_LDAP + "2": "departmentNumber",
+        NETSCAPE_LDAP + "3": "employeeNumber",
+        NETSCAPE_LDAP + "4": "employeeType",
+        NETSCAPE_LDAP + "39": "preferredLanguage",
+        NETSCAPE_LDAP + "40": "userSMIMECertificate",
+        NETSCAPE_LDAP + "216": "userPKCS12",
+        NETSCAPE_LDAP + "241": "displayName",
+        NOREDUPERSON_OID + "1": "norEduOrgUniqueNumber",
+        NOREDUPERSON_OID + "2": "norEduOrgUnitUniqueNumber",
+        NOREDUPERSON_OID + "3": "norEduPersonBirthDate",
+        NOREDUPERSON_OID + "4": "norEduPersonLIN",
+        NOREDUPERSON_OID + "5": "norEduPersonNIN",
+        NOREDUPERSON_OID + "6": "norEduOrgAcronym",
+        NOREDUPERSON_OID + "7": "norEduOrgUniqueIdentifier",
+        NOREDUPERSON_OID + "8": "norEduOrgUnitUniqueIdentifier",
+        NOREDUPERSON_OID + "9": "federationFeideSchemaVersion",
+        NOREDUPERSON_OID + "10": "norEduPersonLegalName",
+        NOREDUPERSON_OID + "11": "norEduOrgSchemaVersion",
+        NOREDUPERSON_OID + "12": "norEduOrgNIN",
+        OPENOSI_OID + "17": "osiHomeUrl",
+        OPENOSI_OID + "19": "osiPreferredTZ",
+        OPENOSI_OID + "72": "osiICardTimeLastUpdated",
+        OPENOSI_OID + "104": "osiMiddleName",
+        OPENOSI_OID + "107": "osiOtherEmail",
+        OPENOSI_OID + "109": "osiOtherHomePhone",
+        OPENOSI_OID + "120": "osiWorkURL",
+        PKCS_9 + "1": "email",
+        SCHAC + "1": "schacMotherTongue",
+        SCHAC + "2": "schacGender",
+        SCHAC + "3": "schacDateOfBirth",
+        SCHAC + "4": "schacPlaceOfBirth",
+        SCHAC + "5": "schacCountryOfCitizenship",
+        SCHAC + "6": "schacSn1",
+        SCHAC + "7": "schacSn2",
+        SCHAC + "8": "schacPersonalTitle",
+        SCHAC + "9": "schacHomeOrganization",
+        SCHAC + "10": "schacHomeOrganizationType",
+        SCHAC + "11": "schacCountryOfResidence",
+        SCHAC + "12": "schacUserPresenceID",
+        SCHAC + "13": "schacPersonalPosition",
+        SCHAC + "14": "schacPersonalUniqueCode",
+        SCHAC + "15": "schacPersonalUniqueID",
+        SCHAC + "17": "schacExpiryDate",
+        SCHAC + "18": "schacUserPrivateAttribute",
+        SCHAC + "19": "schacUserStatus",
+        SCHAC + "20": "schacProjectMembership",
+        SCHAC + "21": "schacProjectSpecificRole",
+        SIS + "1": "sisLegalGuardianFor",
+        SIS + "2": "sisSchoolGrade",
+        UCL_DIR_PILOT + "1": "uid",
+        UCL_DIR_PILOT + "3": "mail",
+        UCL_DIR_PILOT + "25": "dc",
+        UCL_DIR_PILOT + "37": "associatedDomain",
+        UCL_DIR_PILOT + "43": "co",
+        UCL_DIR_PILOT + "60": "jpegPhoto",
+        UMICH + "57": "labeledURI",
+        X500ATTR_OID + "2": "knowledgeInformation",
+        X500ATTR_OID + "3": "cn",
+        X500ATTR_OID + "4": "sn",
+        X500ATTR_OID + "5": "serialNumber",
+        X500ATTR_OID + "6": "c",
+        X500ATTR_OID + "7": "l",
+        X500ATTR_OID + "8": "st",
+        X500ATTR_OID + "9": "street",
+        X500ATTR_OID + "10": "o",
+        X500ATTR_OID + "11": "ou",
+        X500ATTR_OID + "12": "title",
+        X500ATTR_OID + "14": "searchGuide",
+        X500ATTR_OID + "15": "businessCategory",
+        X500ATTR_OID + "16": "postalAddress",
+        X500ATTR_OID + "17": "postalCode",
+        X500ATTR_OID + "18": "postOfficeBox",
+        X500ATTR_OID + "19": "physicalDeliveryOfficeName",
+        X500ATTR_OID + "20": "telephoneNumber",
+        X500ATTR_OID + "21": "telexNumber",
+        X500ATTR_OID + "22": "teletexTerminalIdentifier",
+        X500ATTR_OID + "23": "facsimileTelephoneNumber",
+        X500ATTR_OID + "24": "x121Address",
+        X500ATTR_OID + "25": "internationaliSDNNumber",
+        X500ATTR_OID + "26": "registeredAddress",
+        X500ATTR_OID + "27": "destinationIndicator",
+        X500ATTR_OID + "28": "preferredDeliveryMethod",
+        X500ATTR_OID + "29": "presentationAddress",
+        X500ATTR_OID + "30": "supportedApplicationContext",
+        X500ATTR_OID + "31": "member",
+        X500ATTR_OID + "32": "owner",
+        X500ATTR_OID + "33": "roleOccupant",
+        X500ATTR_OID + "36": "userCertificate",
+        X500ATTR_OID + "37": "cACertificate",
+        X500ATTR_OID + "38": "authorityRevocationList",
+        X500ATTR_OID + "39": "certificateRevocationList",
+        X500ATTR_OID + "40": "crossCertificatePair",
+        X500ATTR_OID + "42": "givenName",
+        X500ATTR_OID + "43": "initials",
+        X500ATTR_OID + "44": "generationQualifier",
+        X500ATTR_OID + "45": "x500UniqueIdentifier",
+        X500ATTR_OID + "46": "dnQualifier",
+        X500ATTR_OID + "47": "enhancedSearchGuide",
+        X500ATTR_OID + "48": "protocolInformation",
+        X500ATTR_OID + "50": "uniqueMember",
+        X500ATTR_OID + "51": "houseIdentifier",
+        X500ATTR_OID + "52": "supportedAlgorithms",
+        X500ATTR_OID + "53": "deltaRevocationList",
+        X500ATTR_OID + "54": "dmdName",
+        X500ATTR_OID + "65": "pseudonym",
+    },
+    "to": {
+        "LegalPersonIdentifier": EIDAS_LEGALPERSON + "LegalPersonIdentifier",
+        "LegalAddress": EIDAS_LEGALPERSON + "LegalAddress",
+        "LegalName": EIDAS_LEGALPERSON + "LegalName",
+        "VATRegistration": EIDAS_LEGALPERSON + "VATRegistration",
+        "TaxReference": EIDAS_LEGALPERSON + "TaxReference",
+        "BusinessCodes": EIDAS_LEGALPERSON + "BusinessCodes",
+        "LEI": EIDAS_LEGALPERSON + "LEI",
+        "EORI": EIDAS_LEGALPERSON + "EORI",
+        "SEED": EIDAS_LEGALPERSON + "SEED",
+        "SIC": EIDAS_LEGALPERSON + "SIC",
+        "D-2012-17-EUIdentifier": EIDAS_LEGALPERSON + "D-2012-17-EUIdentifier",
+        "PersonIdentifier": EIDAS_NATURALPERSON + "PersonIdentifier",
+        "FamilyName": EIDAS_NATURALPERSON + "CurrentFamilyName",
+        "FirstName": EIDAS_NATURALPERSON + "CurrentGivenName",
+        "DateOfBirth": EIDAS_NATURALPERSON + "DateOfBirth",
+        "BirthName": EIDAS_NATURALPERSON + "BirthName",
+        "PlaceOfBirth": EIDAS_NATURALPERSON + "PlaceOfBirth",
+        "CurrentAddress": EIDAS_NATURALPERSON + "CurrentAddress",
+        "Gender": EIDAS_NATURALPERSON + "Gender",
+        "associatedDomain": UCL_DIR_PILOT + "37",
+        "authorityRevocationList": X500ATTR_OID + "38",
+        "businessCategory": X500ATTR_OID + "15",
+        "c": X500ATTR_OID + "6",
+        "cACertificate": X500ATTR_OID + "37",
+        "carLicense": NETSCAPE_LDAP + "1",
+        "certificateRevocationList": X500ATTR_OID + "39",
+        "cn": X500ATTR_OID + "3",
+        "co": UCL_DIR_PILOT + "43",
+        "crossCertificatePair": X500ATTR_OID + "40",
+        "dc": UCL_DIR_PILOT + "25",
+        "deltaRevocationList": X500ATTR_OID + "53",
+        "departmentNumber": NETSCAPE_LDAP + "2",
+        "destinationIndicator": X500ATTR_OID + "27",
+        "displayName": NETSCAPE_LDAP + "241",
+        "dmdName": X500ATTR_OID + "54",
+        "dnQualifier": X500ATTR_OID + "46",
+        "eduCourseMember": EDUCOURSE_OID + "2",
+        "eduCourseOffering": EDUCOURSE_OID + "1",
+        "eduPersonAffiliation": EDUPERSON_OID + "1",
+        "eduPersonEntitlement": EDUPERSON_OID + "7",
+        "eduPersonNickname": EDUPERSON_OID + "2",
+        "eduPersonOrgDN": EDUPERSON_OID + "3",
+        "eduPersonOrgUnitDN": EDUPERSON_OID + "4",
+        "eduPersonPrimaryAffiliation": EDUPERSON_OID + "5",
+        "eduPersonPrimaryOrgUnitDN": EDUPERSON_OID + "8",
+        "eduPersonPrincipalName": EDUPERSON_OID + "6",
+        "eduPersonPrincipalNamePrior": EDUPERSON_OID + "12",
+        "eduPersonScopedAffiliation": EDUPERSON_OID + "9",
+        "eduPersonTargetedID": EDUPERSON_OID + "10",
+        "eduPersonAssurance": EDUPERSON_OID + "11",
+        "eduPersonUniqueId": EDUPERSON_OID + "13",
+        "eduPersonOrcid": EDUPERSON_OID + "16",
+        "email": PKCS_9 + "1",
+        "employeeNumber": NETSCAPE_LDAP + "3",
+        "employeeType": NETSCAPE_LDAP + "4",
+        "enhancedSearchGuide": X500ATTR_OID + "47",
+        "facsimileTelephoneNumber": X500ATTR_OID + "23",
+        "federationFeideSchemaVersion": NOREDUPERSON_OID + "9",
+        "generationQualifier": X500ATTR_OID + "44",
+        "givenName": X500ATTR_OID + "42",
+        "houseIdentifier": X500ATTR_OID + "51",
+        "initials": X500ATTR_OID + "43",
+        "internationaliSDNNumber": X500ATTR_OID + "25",
+        "isMemberOf": EDUMEMBER1_OID + "1",
+        "jpegPhoto": UCL_DIR_PILOT + "60",
+        "knowledgeInformation": X500ATTR_OID + "2",
+        "l": X500ATTR_OID + "7",
+        "labeledURI": UMICH + "57",
+        "mail": UCL_DIR_PILOT + "3",
+        "member": X500ATTR_OID + "31",
+        "norEduOrgAcronym": NOREDUPERSON_OID + "6",
+        "norEduOrgNIN": NOREDUPERSON_OID + "12",
+        "norEduOrgSchemaVersion": NOREDUPERSON_OID + "11",
+        "norEduOrgUniqueIdentifier": NOREDUPERSON_OID + "7",
+        "norEduOrgUniqueNumber": NOREDUPERSON_OID + "1",
+        "norEduOrgUnitUniqueIdentifier": NOREDUPERSON_OID + "8",
+        "norEduOrgUnitUniqueNumber": NOREDUPERSON_OID + "2",
+        "norEduPersonBirthDate": NOREDUPERSON_OID + "3",
+        "norEduPersonLIN": NOREDUPERSON_OID + "4",
+        "norEduPersonLegalName": NOREDUPERSON_OID + "10",
+        "norEduPersonNIN": NOREDUPERSON_OID + "5",
+        "o": X500ATTR_OID + "10",
+        "osiHomeUrl": OPENOSI_OID + "17",
+        "osiPreferredTZ": OPENOSI_OID + "19",
+        "osiICardTimeLastUpdated": OPENOSI_OID + "72",
+        "osiMiddleName": OPENOSI_OID + "104",
+        "osiOtherEmail": OPENOSI_OID + "107",
+        "osiOtherHomePhone": OPENOSI_OID + "109",
+        "osiWorkURL": OPENOSI_OID + "120",
+        "ou": X500ATTR_OID + "11",
+        "owner": X500ATTR_OID + "32",
+        "physicalDeliveryOfficeName": X500ATTR_OID + "19",
+        "postOfficeBox": X500ATTR_OID + "18",
+        "postalAddress": X500ATTR_OID + "16",
+        "postalCode": X500ATTR_OID + "17",
+        "preferredDeliveryMethod": X500ATTR_OID + "28",
+        "preferredLanguage": NETSCAPE_LDAP + "39",
+        "presentationAddress": X500ATTR_OID + "29",
+        "protocolInformation": X500ATTR_OID + "48",
+        "pseudonym": X500ATTR_OID + "65",
+        "PVP-USERID": LDAPGVAT_UCL_DIR_PILOT + "1",
+        "PVP-MAIL": LDAPGVAT_UCL_DIR_PILOT + "3",
+        "PVP-GID": LDAPGVAT_OID + "1",
+        "PVP-BPK": LDAPGVAT_OID + "149",
+        "PVP-OU-OKZ": LDAPGVAT_OID + "153",
+        "PVP-VERSION": LDAPGVAT_OID + "261.10",
+        "PVP-PRINCIPAL-NAME": LDAPGVAT_OID + "261.20",
+        "PVP-PARTICIPANT-OKZ": LDAPGVAT_OID + "261.24",
+        "PVP-ROLES": LDAPGVAT_OID + "261.30",
+        "PVP-INVOICE-RECPT-ID": LDAPGVAT_OID + "261.40",
+        "PVP-COST-CENTER-ID": LDAPGVAT_OID + "261.50",
+        "PVP-CHARGE-CODE": LDAPGVAT_OID + "261.60",
+        "PVP-OU-GV-OU-ID": LDAPGVAT_OID + "3",
+        "PVP-FUNCTION": LDAPGVAT_OID + "33",
+        "PVP-BIRTHDATE": LDAPGVAT_OID + "55",
+        "PVP-PARTICIPANT-ID": LDAPGVAT_OID + "71",
+        "PVP-OU": LDAPGVAT_X500ATTR_OID + "11",
+        "PVP-TEL": LDAPGVAT_X500ATTR_OID + "20",
+        "PVP-GIVENNAME": LDAPGVAT_X500ATTR_OID + "42",
+        "registeredAddress": X500ATTR_OID + "26",
+        "roleOccupant": X500ATTR_OID + "33",
+        "schacCountryOfCitizenship": SCHAC + "5",
+        "schacCountryOfResidence": SCHAC + "11",
+        "schacDateOfBirth": SCHAC + "3",
+        "schacExpiryDate": SCHAC + "17",
+        "schacGender": SCHAC + "2",
+        "schacHomeOrganization": SCHAC + "9",
+        "schacHomeOrganizationType": SCHAC + "10",
+        "schacMotherTongue": SCHAC + "1",
+        "schacPersonalPosition": SCHAC + "13",
+        "schacPersonalTitle": SCHAC + "8",
+        "schacPersonalUniqueCode": SCHAC + "14",
+        "schacPersonalUniqueID": SCHAC + "15",
+        "schacPlaceOfBirth": SCHAC + "4",
+        "schacProjectMembership": SCHAC + "20",
+        "schacProjectSpecificRole": SCHAC + "21",
+        "schacSn1": SCHAC + "6",
+        "schacSn2": SCHAC + "7",
+        "schacUserPresenceID": SCHAC + "12",
+        "schacUserPrivateAttribute": SCHAC + "18",
+        "schacUserStatus": SCHAC + "19",
+        "searchGuide": X500ATTR_OID + "14",
+        "serialNumber": X500ATTR_OID + "5",
+        "sisLegalGuardianFor": SIS + "1",
+        "sisSchoolGrade": SIS + "2",
+        "sn": X500ATTR_OID + "4",
+        "st": X500ATTR_OID + "8",
+        "street": X500ATTR_OID + "9",
+        "supportedAlgorithms": X500ATTR_OID + "52",
+        "supportedApplicationContext": X500ATTR_OID + "30",
+        "telephoneNumber": X500ATTR_OID + "20",
+        "teletexTerminalIdentifier": X500ATTR_OID + "22",
+        "telexNumber": X500ATTR_OID + "21",
+        "title": X500ATTR_OID + "12",
+        "uid": UCL_DIR_PILOT + "1",
+        "uniqueMember": X500ATTR_OID + "50",
+        "userCertificate": X500ATTR_OID + "36",
+        "userPKCS12": NETSCAPE_LDAP + "216",
+        "userSMIMECertificate": NETSCAPE_LDAP + "40",
+        "x121Address": X500ATTR_OID + "24",
+        "x500UniqueIdentifier": X500ATTR_OID + "45",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/attribute-maps/shibboleth_uri.py b/uniauth_saml2_idp/tests/sp/attribute-maps/shibboleth_uri.py
new file mode 100644
index 0000000..30b3150
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/attribute-maps/shibboleth_uri.py
@@ -0,0 +1,190 @@
+EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
+X500ATTR = "urn:oid:2.5.4."
+NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
+NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
+UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
+PKCS_9 = "urn:oid:1.2.840.113549.1.9."
+UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
+
+MAP = {
+    "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri",
+    "fro": {
+        EDUPERSON_OID + "2": "eduPersonNickname",
+        EDUPERSON_OID + "9": "eduPersonScopedAffiliation",
+        EDUPERSON_OID + "11": "eduPersonAssurance",
+        EDUPERSON_OID + "10": "eduPersonTargetedID",
+        EDUPERSON_OID + "4": "eduPersonOrgUnitDN",
+        NOREDUPERSON_OID + "6": "norEduOrgAcronym",
+        NOREDUPERSON_OID + "7": "norEduOrgUniqueIdentifier",
+        NOREDUPERSON_OID + "4": "norEduPersonLIN",
+        EDUPERSON_OID + "1": "eduPersonAffiliation",
+        NOREDUPERSON_OID + "2": "norEduOrgUnitUniqueNumber",
+        NETSCAPE_LDAP + "40": "userSMIMECertificate",
+        NOREDUPERSON_OID + "1": "norEduOrgUniqueNumber",
+        NETSCAPE_LDAP + "241": "displayName",
+        UCL_DIR_PILOT + "37": "associatedDomain",
+        EDUPERSON_OID + "6": "eduPersonPrincipalName",
+        NOREDUPERSON_OID + "8": "norEduOrgUnitUniqueIdentifier",
+        NOREDUPERSON_OID + "9": "federationFeideSchemaVersion",
+        X500ATTR + "53": "deltaRevocationList",
+        X500ATTR + "52": "supportedAlgorithms",
+        X500ATTR + "51": "houseIdentifier",
+        X500ATTR + "50": "uniqueMember",
+        X500ATTR + "19": "physicalDeliveryOfficeName",
+        X500ATTR + "18": "postOfficeBox",
+        X500ATTR + "17": "postalCode",
+        X500ATTR + "16": "postalAddress",
+        X500ATTR + "15": "businessCategory",
+        X500ATTR + "14": "searchGuide",
+        EDUPERSON_OID + "5": "eduPersonPrimaryAffiliation",
+        X500ATTR + "12": "title",
+        X500ATTR + "11": "ou",
+        X500ATTR + "10": "o",
+        X500ATTR + "37": "cACertificate",
+        X500ATTR + "36": "userCertificate",
+        X500ATTR + "31": "member",
+        X500ATTR + "30": "supportedApplicationContext",
+        X500ATTR + "33": "roleOccupant",
+        X500ATTR + "32": "owner",
+        NETSCAPE_LDAP + "1": "carLicense",
+        PKCS_9 + "1": "email",
+        NETSCAPE_LDAP + "3": "employeeNumber",
+        NETSCAPE_LDAP + "2": "departmentNumber",
+        X500ATTR + "39": "certificateRevocationList",
+        X500ATTR + "38": "authorityRevocationList",
+        NETSCAPE_LDAP + "216": "userPKCS12",
+        EDUPERSON_OID + "8": "eduPersonPrimaryOrgUnitDN",
+        X500ATTR + "9": "street",
+        X500ATTR + "8": "st",
+        NETSCAPE_LDAP + "39": "preferredLanguage",
+        EDUPERSON_OID + "7": "eduPersonEntitlement",
+        X500ATTR + "2": "knowledgeInformation",
+        X500ATTR + "7": "l",
+        X500ATTR + "6": "c",
+        X500ATTR + "5": "serialNumber",
+        X500ATTR + "4": "sn",
+        UCL_DIR_PILOT + "60": "jpegPhoto",
+        X500ATTR + "65": "pseudonym",
+        NOREDUPERSON_OID + "5": "norEduPersonNIN",
+        UCL_DIR_PILOT + "3": "mail",
+        UCL_DIR_PILOT + "25": "dc",
+        X500ATTR + "40": "crossCertificatePair",
+        X500ATTR + "42": "givenName",
+        X500ATTR + "43": "initials",
+        X500ATTR + "44": "generationQualifier",
+        X500ATTR + "45": "x500UniqueIdentifier",
+        X500ATTR + "46": "dnQualifier",
+        X500ATTR + "47": "enhancedSearchGuide",
+        X500ATTR + "48": "protocolInformation",
+        X500ATTR + "54": "dmdName",
+        NETSCAPE_LDAP + "4": "employeeType",
+        X500ATTR + "22": "teletexTerminalIdentifier",
+        X500ATTR + "23": "facsimileTelephoneNumber",
+        X500ATTR + "20": "telephoneNumber",
+        X500ATTR + "21": "telexNumber",
+        X500ATTR + "26": "registeredAddress",
+        X500ATTR + "27": "destinationIndicator",
+        X500ATTR + "24": "x121Address",
+        X500ATTR + "25": "internationaliSDNNumber",
+        X500ATTR + "28": "preferredDeliveryMethod",
+        X500ATTR + "29": "presentationAddress",
+        EDUPERSON_OID + "3": "eduPersonOrgDN",
+        NOREDUPERSON_OID + "3": "norEduPersonBirthDate",
+    },
+    "to": {
+        "roleOccupant": X500ATTR + "33",
+        "gn": X500ATTR + "42",
+        "norEduPersonNIN": NOREDUPERSON_OID + "5",
+        "title": X500ATTR + "12",
+        "facsimileTelephoneNumber": X500ATTR + "23",
+        "mail": UCL_DIR_PILOT + "3",
+        "postOfficeBox": X500ATTR + "18",
+        "fax": X500ATTR + "23",
+        "telephoneNumber": X500ATTR + "20",
+        "norEduPersonBirthDate": NOREDUPERSON_OID + "3",
+        "rfc822Mailbox": UCL_DIR_PILOT + "3",
+        "dc": UCL_DIR_PILOT + "25",
+        "countryName": X500ATTR + "6",
+        "emailAddress": PKCS_9 + "1",
+        "employeeNumber": NETSCAPE_LDAP + "3",
+        "organizationName": X500ATTR + "10",
+        "eduPersonAssurance": EDUPERSON_OID + "11",
+        "norEduOrgAcronym": NOREDUPERSON_OID + "6",
+        "registeredAddress": X500ATTR + "26",
+        "physicalDeliveryOfficeName": X500ATTR + "19",
+        "associatedDomain": UCL_DIR_PILOT + "37",
+        "l": X500ATTR + "7",
+        "stateOrProvinceName": X500ATTR + "8",
+        "federationFeideSchemaVersion": NOREDUPERSON_OID + "9",
+        "pkcs9email": PKCS_9 + "1",
+        "givenName": X500ATTR + "42",
+        "x500UniqueIdentifier": X500ATTR + "45",
+        "eduPersonNickname": EDUPERSON_OID + "2",
+        "houseIdentifier": X500ATTR + "51",
+        "street": X500ATTR + "9",
+        "supportedAlgorithms": X500ATTR + "52",
+        "preferredLanguage": NETSCAPE_LDAP + "39",
+        "postalAddress": X500ATTR + "16",
+        "email": PKCS_9 + "1",
+        "norEduOrgUnitUniqueIdentifier": NOREDUPERSON_OID + "8",
+        "eduPersonPrimaryOrgUnitDN": EDUPERSON_OID + "8",
+        "c": X500ATTR + "6",
+        "teletexTerminalIdentifier": X500ATTR + "22",
+        "o": X500ATTR + "10",
+        "cACertificate": X500ATTR + "37",
+        "telexNumber": X500ATTR + "21",
+        "ou": X500ATTR + "11",
+        "initials": X500ATTR + "43",
+        "eduPersonOrgUnitDN": EDUPERSON_OID + "4",
+        "deltaRevocationList": X500ATTR + "53",
+        "norEduPersonLIN": NOREDUPERSON_OID + "4",
+        "supportedApplicationContext": X500ATTR + "30",
+        "eduPersonEntitlement": EDUPERSON_OID + "7",
+        "generationQualifier": X500ATTR + "44",
+        "eduPersonAffiliation": EDUPERSON_OID + "1",
+        "eduPersonPrincipalName": EDUPERSON_OID + "6",
+        "localityName": X500ATTR + "7",
+        "owner": X500ATTR + "32",
+        "norEduOrgUnitUniqueNumber": NOREDUPERSON_OID + "2",
+        "searchGuide": X500ATTR + "14",
+        "certificateRevocationList": X500ATTR + "39",
+        "organizationalUnitName": X500ATTR + "11",
+        "userCertificate": X500ATTR + "36",
+        "preferredDeliveryMethod": X500ATTR + "28",
+        "internationaliSDNNumber": X500ATTR + "25",
+        "uniqueMember": X500ATTR + "50",
+        "departmentNumber": NETSCAPE_LDAP + "2",
+        "enhancedSearchGuide": X500ATTR + "47",
+        "userPKCS12": NETSCAPE_LDAP + "216",
+        "eduPersonTargetedID": EDUPERSON_OID + "10",
+        "norEduOrgUniqueNumber": NOREDUPERSON_OID + "1",
+        "x121Address": X500ATTR + "24",
+        "destinationIndicator": X500ATTR + "27",
+        "eduPersonPrimaryAffiliation": EDUPERSON_OID + "5",
+        "surname": X500ATTR + "4",
+        "jpegPhoto": UCL_DIR_PILOT + "60",
+        "eduPersonScopedAffiliation": EDUPERSON_OID + "9",
+        "protocolInformation": X500ATTR + "48",
+        "knowledgeInformation": X500ATTR + "2",
+        "employeeType": NETSCAPE_LDAP + "4",
+        "userSMIMECertificate": NETSCAPE_LDAP + "40",
+        "member": X500ATTR + "31",
+        "streetAddress": X500ATTR + "9",
+        "dmdName": X500ATTR + "54",
+        "postalCode": X500ATTR + "17",
+        "pseudonym": X500ATTR + "65",
+        "dnQualifier": X500ATTR + "46",
+        "crossCertificatePair": X500ATTR + "40",
+        "eduPersonOrgDN": EDUPERSON_OID + "3",
+        "authorityRevocationList": X500ATTR + "38",
+        "displayName": NETSCAPE_LDAP + "241",
+        "businessCategory": X500ATTR + "15",
+        "serialNumber": X500ATTR + "5",
+        "norEduOrgUniqueIdentifier": NOREDUPERSON_OID + "7",
+        "st": X500ATTR + "8",
+        "carLicense": NETSCAPE_LDAP + "1",
+        "presentationAddress": X500ATTR + "29",
+        "sn": X500ATTR + "4",
+        "domainComponent": UCL_DIR_PILOT + "25",
+    },
+}
diff --git a/uniauth_saml2_idp/tests/sp/certificates/private.key b/uniauth_saml2_idp/tests/sp/certificates/private.key
new file mode 100644
index 0000000..0679842
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/certificates/private.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCj0BzOt58ECsSw
+T049bIhmD0p7q0Y+4L7cjrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3
+gYzvF35VMzp0fCW7OmXIR8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQ
+NEinQr94nI7tMFReDejjXKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99f
+F3u/WOJ/JB2aETTfvInrFIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7W
+OXHUXFLKRuXLeVxEbZYzSSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5
+AC6CuPnrAgMBAAECggEASyECZUhPtMHfjWEB6CfjsrMmnOtjbykSQANya+7RLjNK
+xN1e3tu/hurXlb3aheaYSQ9IjkvCAOTpngXbhjhHJ3o0QAJEJ8dTsPRCc9E7/yIi
+JtKNE2uyhM1G5YzPSNpszKwf64G3ooWiMWeZPqTdPcrHvj6hIvXMLqJtBMlretz2
+yuK5CstZJg7uhBGfK+uqO0YvPc65nmN+v7EVHQCw7YbBAK+j3x4L4j2wU4DYU8+o
+7gDs3wUZ0yccCjNqe2WnZEdnqUFJfBQS4hweoncJ0guaQHEt+cmU+9/RiDD8SM5l
+v8qftREQuRNQicvNfUCCkfDqAQygqNAqdAFMFgufEQKBgQDQdniGevawT+/dtFe3
+qYfjnKZIEx5wSinKfh8TO8JeIhCA3gZikyMcNM1Yf0YdQayv8EmdqeTjXQnOMWR5
+AsuRvkEsI2Xd7CaUVyAMTPgol9sI5pbmG5eyKoVnlbZRj2uLLvnpASqlwKX45WX4
+JB/uFSHGFSQoLLfOiieSU0mBCQKBgQDJKxjmmTJR2dd2XS5dkyThi1y2v3AvY/JZ
+miJ3tTgUWBr1QhAL19jQLSWqlonq9yrYXu0aG068Ze/QG1luo3UvL0Dp2xqVxYOv
+NfQyI9HucsyDUZ6RWuUCueW/JgHxEEXQVKbZTaSoJBjqqIRWSv46/jBM36oJtlZ0
+vY4k1OAEUwKBgDjPUGE1uWyrHC9LKmx+4u2Aj0AtFap8S49Hd6iCLKICnoS//PV4
+K6VQLnXjmXP3pdv8m9M/rYTYogdzJnJj9J4vPwuMSgKEjK74X196ylYlrCdsz8q9
+0kVXmSt1fU4Uy7YOg0SgcMLjEVgXDAbnsVvsnlug/02DgkPjGo2h7PIhAoGAIrK0
+UNILw+J3L4tS/ADtU5neHAdZKlNq8dmMKGmxipDH1ZXXfrN0SjP/UzU0BLstQLTe
+4KnlIsnSW2rcOiEnjUPxRmTsaPjwhcAgpqVXCHH0pJHnb9rltVqrLhU4MIRGBnET
+dlfWFspjIdZ/PQMiZrqBSkEp6xLwRqKLaf7txNECgYAEDbnTCzavjgQghASm3s22
+k4Wukd408kKuCkHJY/fn8MiDBxu9Y/RtiTAa2J6cy8HQ5sgnx1HMPCsS6DyyBkoG
+3MZI2q0RkMNGaSDwLVo61GPinVv0ylECMKHCKLxZsU9mmunzhMhIUra2nSn0zUpm
+I+aV3a2hnizaY23PtO97Hw==
+-----END PRIVATE KEY-----
diff --git a/uniauth_saml2_idp/tests/sp/certificates/public.cert b/uniauth_saml2_idp/tests/sp/certificates/public.cert
new file mode 100644
index 0000000..b592324
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/certificates/public.cert
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDETCCAfmgAwIBAgIUPw12Gkt4agBtLBntd7RzTWwLKAYwDQYJKoZIhvcNAQEL
+BQAwGDEWMBQGA1UEAwwNc3AxLnVuaWNhbC5pdDAeFw0xOTAzMjAxNDMxMTVaFw0y
+OTAzMTcxNDMxMTVaMBgxFjAUBgNVBAMMDXNwMS51bmljYWwuaXQwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj0BzOt58ECsSwT049bIhmD0p7q0Y+4L7c
+jrvvJYcMT7HZE+tbO4M6upkXnP+3gvPpRccaEtwJoda3gYzvF35VMzp0fCW7OmXI
+R8cJtySIfzkdmmO385Tbxlp1jRxZyQtc2nPzCKeV4xlQNEinQr94nI7tMFReDejj
+XKwS5RABk8KQMo2M78xa9RQyxqDC1e0ioeVQRR2og99fF3u/WOJ/JB2aETTfvInr
+FIyFA5XB0roBDyM44877nRKYeMBd4kVk+fs4yu6kZm7WOXHUXFLKRuXLeVxEbZYz
+SSMjncsB1U35OAt+Ozkp+12qaqMAVdGKP+xso3zGAr/5AC6CuPnrAgMBAAGjUzBR
+MB0GA1UdDgQWBBR6RRoajGB1UmdiMAKSmgpL3RD0mzAfBgNVHSMEGDAWgBR6RRoa
+jGB1UmdiMAKSmgpL3RD0mzAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
+A4IBAQBzRUa++T0EiR+Fq4iTpKIysigV+1CeMbS+u1JaPOnMXfWmboOOVDrHhnit
+bpfxm+SpbafPTz40THtfw9EKvReMjNa4HQ4vFBMwZtmYZ4piGS5PferFDzYdZG1d
+S/2vcCQA4Dya/R675XKEhBdWO8JfUOL1ImMoJBa5Z+ApU8OCk8hpiJUV0akpw7jA
++VO8+VR2T+SH+3h28KOrNdraWozZ99NKqB7GUFcaxouaOkPE7mi8JyAgLZMZvJae
+QeJEUI9sfavSLmvBsfbusAeCjFYCVM9MM7uZNvK6gI0Dzppl+rN7vRWcBF+oYyiS
+1EX9j2GqG1yWcdGvY60GJu5Er5id
+-----END CERTIFICATE-----
diff --git a/uniauth_saml2_idp/tests/sp/sp_pysaml2.py b/uniauth_saml2_idp/tests/sp/sp_pysaml2.py
new file mode 100644
index 0000000..e001fd9
--- /dev/null
+++ b/uniauth_saml2_idp/tests/sp/sp_pysaml2.py
@@ -0,0 +1,169 @@
+import os
+import saml2
+
+from saml2.saml import (
+    NAMEID_FORMAT_PERSISTENT,
+    NAMEID_FORMAT_TRANSIENT,
+)
+from saml2.sigver import get_xmlsec_binary
+
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+BASE = "http://sp1.testunical.it"
+BASE_URL = "{}/saml2".format(BASE)
+
+LOGIN_URL = "/saml2/login/"
+LOGOUT_URL = "/saml2/logout/"
+LOGIN_REDIRECT_URL = "/saml2/echo_attributes"
+
+# needed only if metadata are downloaded remotely
+# IDP_URL = 'http://idp1.testunical.it:9000/idp'
+
+SAML_CONFIG = {
+    "debug": True,
+    "xmlsec_binary": get_xmlsec_binary(["/opt/local/bin", "/usr/bin/xmlsec1"]),
+    "entityid": "%s/metadata/" % BASE_URL,
+    # 'entity_category': [edugain.COCO, # "http://www.geant.net/uri/dataprotection-code-of-conduct/v1"
+    # refeds.RESEARCH_AND_SCHOLARSHIP],
+    "attribute_map_dir": os.path.join(BASE_DIR, "sp/attribute-maps"),
+    "service": {
+        "sp": {
+            "name": "%s/metadata/" % BASE_URL,
+            # SPID needs NAMEID_FORMAT_TRANSIENT
+            "name_id_format": [NAMEID_FORMAT_PERSISTENT, NAMEID_FORMAT_TRANSIENT],
+            "endpoints": {
+                "assertion_consumer_service": [
+                    ("%s/acs/" % BASE_URL, saml2.BINDING_HTTP_POST),
+                ],
+                "single_logout_service": [
+                    ("%s/ls/post/" % BASE_URL, saml2.BINDING_HTTP_POST),
+                    ("%s/ls/" % BASE_URL, saml2.BINDING_HTTP_REDIRECT),
+                ],
+            },  # end endpoints
+            # these only works using pySAML2 patched with this
+            # https://github.com/IdentityPython/pysaml2/pull/597
+            "signing_algorithm": saml2.xmldsig.SIG_RSA_SHA256,
+            "digest_algorithm": saml2.xmldsig.DIGEST_SHA256,
+            # Mandates that the identity provider MUST authenticate the
+            # presenter directly rather than rely on a previous security context.
+            "force_authn": True,
+            "name_id_format_allow_create": False,
+            # attributes that this project need to identify a user
+            # 'required_attributes': ['email', 'givenName',
+            # 'eduPersonaPrincipalName', 'sn',
+            # 'displayName'],
+            # 'required_attributes': ['email'],
+            # attributes that may be useful to have but not required
+            # 'optional_attributes': ['eduPersonAffiliation'],
+            "want_response_signed": True,
+            "authn_requests_signed": True,
+            "logout_requests_signed": True,
+            # Indicates that Authentication Responses to this SP must
+            # be signed. If set to True, the SP will not consume
+            # any SAML Responses that are not signed.
+            "want_assertions_signed": True,
+            "only_use_keys_in_metadata": True,
+            # When set to true, the SP will consume unsolicited SAML
+            # Responses, i.e. SAML Responses for which it has not sent
+            # a respective SAML Authentication Request.
+            "allow_unsolicited": True,
+            # Permits to have attributes not configured in attribute-mappings
+            # otherwise...without OID will be rejected
+            "allow_unknown_attributes": True,
+        },  # end sp
+    },
+    # many metadata, many idp...
+    "metadata": {
+        "local": [
+            os.path.join(BASE_DIR, "sp/metadata"),
+        ],
+        #
+        "remote": [
+            # {
+            # "url": "https://proxy.auth.unical.it/Saml2IDP/metadata",
+            # "cert": "/opt/satosa-saml2/pki/frontend.cert",
+            # "disable_ssl_certificate_validation": True,
+            # },
+            # {
+            # "url": "https://auth.unical.it/idp/metadata/",
+            # "disable_ssl_certificate_validation": True,
+            # }
+        ],
+        # "mdq": [{
+        # "url": "https://ds.testunical.it",
+        # "cert": "certficates/others/ds.testunical.it.cert",
+        # "disable_ssl_certificate_validation": True,
+        # }]
+    },
+    # avoids exception: HTTPSConnectionPool(host='satosa.testunical.it', port=443): Max retries exceeded with url: /idp/shibboleth (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
+    # 'ca_certs' : "/opt/satosa-saml2/pki/http_certificates/ca.crt",
+    # Signing
+    "key_file": BASE_DIR + "/sp/certificates/private.key",
+    "cert_file": BASE_DIR + "/sp/certificates/public.cert",
+    # Encryption
+    "encryption_keypairs": [
+        {
+            "key_file": BASE_DIR + "/sp/certificates/private.key",
+            "cert_file": BASE_DIR + "/sp/certificates/public.cert",
+        }
+    ],
+    # own metadata settings
+    "contact_person": [
+        {
+            "given_name": "Giuseppe",
+            "sur_name": "De Marco",
+            "company": "Universita della Calabria",
+            "email_address": "giuseppe.demarco@unical.it",
+            "contact_type": "administrative",
+        },
+        {
+            "given_name": "Giuseppe",
+            "sur_name": "De Marco",
+            "company": "Universita della Calabria",
+            "email_address": "giuseppe.demarco@unical.it",
+            "contact_type": "technical",
+        },
+    ],
+    # you can set multilanguage information here
+    "organization": {
+        "name": [("Unical", "it"), ("Unical", "en")],
+        "display_name": [("Unical", "it"), ("Unical", "en")],
+        "url": [("http://www.unical.it", "it"), ("http://www.unical.it", "en")],
+    },
+    # 'valid_for': 24 * 10,
+}
+
+# OR NAME_ID or MAIN_ATTRIBUTE (not together!)
+SAML_USE_NAME_ID_AS_USERNAME = True
+# SAML_DJANGO_USER_MAIN_ATTRIBUTE = 'email'
+# SAML_DJANGO_USER_MAIN_ATTRIBUTE_LOOKUP = '__iexact'
+
+SAML_CREATE_UNKNOWN_USER = True
+
+# logout
+SAML_LOGOUT_REQUEST_PREFERRED_BINDING = saml2.BINDING_HTTP_POST
+
+SAML_ATTRIBUTE_MAPPING = {
+    # django related
+    # 'uid': ('username', ),
+    # pure oid standard
+    "email": ("email",),
+    "mail": ("email",),
+    # oid pure
+    "cn": ("first_name",),
+    "sn": ("last_name",),
+    "schacPersonalUniqueID": ("schacPersonalUniqueID",),
+    "eduPersonPrincipalName": ("eduPersonPrincipalName",),
+    "eduPersonEntitlement": ("eduPersonEntitlement",),
+    "schacPersonalUniqueCode": ("schacPersonalUniqueCode",),
+    # spid related
+    "name": ("first_name",),
+    "familyName": ("last_name",),
+    "fiscalNumber": ("codice_fiscale",),
+    "placeOfBirth": ("place_of_birth",),
+    "dateOfBirth": ("birth_date",),
+    # unical legacy fallback
+    "codice_fiscale": ("codice_fiscale",),
+}
diff --git a/uniauth_saml2_idp/tests/test_01_undefined_sp.py b/uniauth_saml2_idp/tests/test_01_undefined_sp.py
new file mode 100644
index 0000000..ee2c662
--- /dev/null
+++ b/uniauth_saml2_idp/tests/test_01_undefined_sp.py
@@ -0,0 +1,15 @@
+from .base import BaseTestRP, logging
+
+
+class TestUnknowRP(BaseTestRP):
+    def test_authn_request(self):
+        url, data, session_id = self._get_sp_authn_request()
+
+        # client = Client()
+        response = self.client.post(url, data)
+
+        assert (
+            response.status_code == 403
+            and "Incorrectly signed" in response.content.decode()
+        )
+        logging.info("IdP do not accept SP with unknow metadata -> OK")
diff --git a/uniauth_saml2_idp/tests/test_02_sp.py b/uniauth_saml2_idp/tests/test_02_sp.py
new file mode 100644
index 0000000..5e0242d
--- /dev/null
+++ b/uniauth_saml2_idp/tests/test_02_sp.py
@@ -0,0 +1,46 @@
+from django.conf import settings
+from django.urls import reverse
+from django.test import override_settings
+
+from .base import BINDING_HTTP_POST, BaseTestRP, extract_saml_authn_data, idp_eid
+
+
+class TestRP(BaseTestRP):
+    def setUp(self):
+        super().setUp()
+        self._superuser_login()
+        self._add_sp_md()
+
+    def test_unsigned_authn_request(self):
+        """
+        a UNsigned saml request from a well know SP
+        """
+        value = settings.SAML_IDP_CONFIG
+        value["service"]["idp"]["want_authn_requests_signed"] = True
+        with override_settings(SAML_IDP_CONFIG=value):
+            session_id, result = self.sp_client.prepare_for_authenticate(
+                entityid=idp_eid,
+                relay_state="/",
+                binding=BINDING_HTTP_POST,
+                sign=False,
+                sigalg=None,
+            )
+            url, data = extract_saml_authn_data(result)
+            response = self.client.post(url, data)
+
+            # forbidden !
+            assert (
+                response.status_code == 403
+                and "Incorrectly signed" in response.content.decode()
+            )
+
+    def test_authn_request(self):
+        """
+        a signed saml request from a well know SP
+        """
+        url, data, session_id = self._get_sp_authn_request()
+
+        response = self.client.post(url, data)
+
+        login_url = reverse("uniauth_saml2_idp:saml_login_process")
+        assert response.status_code == 302 and response.url == login_url
diff --git a/example/tests/test_03_sp_disabled.py b/uniauth_saml2_idp/tests/test_03_sp_disabled.py
similarity index 62%
rename from example/tests/test_03_sp_disabled.py
rename to uniauth_saml2_idp/tests/test_03_sp_disabled.py
index 37ffa23..698d1e4 100644
--- a/example/tests/test_03_sp_disabled.py
+++ b/uniauth_saml2_idp/tests/test_03_sp_disabled.py
@@ -1,8 +1,6 @@
 from django.conf import settings
-from django.urls import reverse
 
-from .base import *
-from .idp_pysaml2 import IDP_SP_METADATA_PATH
+from .base import BaseTestRP
 
 
 class TestUndefinedRP(BaseTestRP):
@@ -18,6 +16,8 @@ def test_authn_request(self):
         url, data, session_id = self._get_sp_authn_request()
 
         response = self.client.post(url, data, follow=True)
-        assert response.status_code == 403 and \
-               'This SP is not allowed to access to this Service' in \
-               response.content.decode()
+        assert (
+            response.status_code == 403
+            and "This SP is not allowed to access to this Service"
+            in response.content.decode()
+        )
diff --git a/example/tests/test_04_sp_enabled.py b/uniauth_saml2_idp/tests/test_04_sp_enabled.py
similarity index 52%
rename from example/tests/test_04_sp_enabled.py
rename to uniauth_saml2_idp/tests/test_04_sp_enabled.py
index 7f734b5..42b7271 100644
--- a/example/tests/test_04_sp_enabled.py
+++ b/uniauth_saml2_idp/tests/test_04_sp_enabled.py
@@ -2,12 +2,9 @@
 
 from django.conf import settings
 from django.urls import reverse
-from djangosaml2.cache import (IdentityCache,
-                               OutstandingQueriesCache,
-                               StateCache)
+from djangosaml2.cache import IdentityCache, OutstandingQueriesCache, StateCache
 from uniauth_saml2_idp.models import ServiceProvider
 from .base import *
-from .idp_pysaml2 import IDP_SP_METADATA_PATH
 
 
 class TestEnabledRP(BaseTestRP):
@@ -17,8 +14,7 @@ def setUp(self):
         settings.SAML_DISALLOW_UNDEFINED_SP = True
         self._add_sp()
         self.sp = ServiceProvider.objects.first()
-        self.login_data = dict(username='admin',
-                               password='ingoalla')
+        self.login_data = dict(username="admin", password="ingoalla")
         # create a dummy user
         self.user = self._get_superuser_user()
 
@@ -29,7 +25,7 @@ def test_authn_def_sp(self):
         url, data, session_id = self._get_sp_authn_request()
 
         response = self.client.post(url, data, follow=True)
-        assert 'id_username' in response.content.decode()
+        assert "id_username" in response.content.decode()
 
     def test_disabled_sp(self):
         self.sp.is_active = False
@@ -37,7 +33,7 @@ def test_disabled_sp(self):
         url, data, session_id = self._get_sp_authn_request()
 
         response = self.client.post(url, data, follow=True)
-        assert 'was disabled' in response.content.decode()
+        assert "was disabled" in response.content.decode()
 
     def test_authn(self):
         self.sp.is_active = 1
@@ -47,90 +43,109 @@ def test_authn(self):
 
         response = self.client.post(url, data, follow=True)
         assert response.status_code == 200
-        assert 'id_username' in response.content.decode()
+        assert "id_username" in response.content.decode()
 
     def test_account_attrs(self):
         # test accounts methods
         self.user.uid
-        self.user.set_persistent_id(recipient_id=sp_eid,
-                                    persistent_id='sd87f6sd78fsd87f6ds')
-        logger.info('{}, uid: {}, persistent_id: {}'.format(self.user,
-                                                            self.user.uid,
-                                                            self.user.persistent_id(sp_eid)))
+        self.user.set_persistent_id(
+            recipient_id=sp_eid, persistent_id="sd87f6sd78fsd87f6ds"
+        )
+        logger.info(
+            "{}, uid: {}, persistent_id: {}".format(
+                self.user, self.user.uid, self.user.persistent_id(sp_eid)
+            )
+        )
         # test persistent_id object repr
-        logger.info(self.user.persistentid_set.get(recipient_id=sp_eid).__str__())
+        logger.info(self.user.persistentid_set.get(
+            recipient_id=sp_eid).__str__())
 
     def test_invalid_session(self):
         # authentication with invalid form, wrong password
-        login_response = self.client.post(login_url, data=self.login_data, follow=True)
-        assert 'Not a valid SAML Session' in login_response.content.decode()
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        assert "Not a valid SAML Session" in login_response.content.decode()
 
     def test_invalid_form(self):
         url, data, session_id = self._get_sp_authn_request()
         response = self.client.post(url, data, follow=True)
         # authentication with invalid form, wrong password
-        login_response = self.client.post(login_url, data=self.login_data, follow=True)
-        assert 'is invalid' in login_response.content.decode()
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        assert "is invalid" in login_response.content.decode()
 
     def test_valid_form(self):
         url, data, session_id = self._get_sp_authn_request()
         response = self.client.post(url, data, follow=True)
         # csrf_regexp = '<input type="hidden" name="csrfmiddlewaretoken" value="(?P<value>[a-zA-Z0-9+=]*)">'
         # login_data['csrfmiddlewaretoken'] = re.findall(csrf_regexp, response.content.decode())[0]
-        self.login_data['password'] = 'admin'
-        login_response = self.client.post(login_url,
-                                          data=self.login_data, follow=True)
+        self.login_data["password"] = "admin"
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
         # is there a SAML response?
-        saml_resp = re.findall(samlresponse_form_regexp, login_response.content.decode())
+        saml_resp = re.findall(
+            samlresponse_form_regexp, login_response.content.decode()
+        )
         assert saml_resp
 
         # test agreement screens
         self.sp.agreement_screen = 1
         self.sp.save()
-        login_response = self.client.post(login_url, data=self.login_data, follow=True)
-        assert 'has requested the following informations' in login_response.content.decode()
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        assert (
+            "has requested the following informations"
+            in login_response.content.decode()
+        )
 
         # don't show again
         agr_data = dict(dont_show_again=1, confirm=1)
-        agr_url = reverse('uniauth_saml2_idp:saml_user_agreement')
+        agr_url = reverse("uniauth_saml2_idp:saml_user_agreement")
         agr_response = self.client.post(agr_url, data=agr_data, follow=True)
 
         # login again, agreement screen should not be displayed anymore
         # purge persistent_id from storage
         self.user.persistentid_set.all().delete()
-        login_response = self.client.post(login_url, data=self.login_data, follow=True)
-        saml_resp = re.findall(samlresponse_form_regexp, login_response.content.decode())
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        saml_resp = re.findall(
+            samlresponse_form_regexp, login_response.content.decode()
+        )
         assert saml_resp
 
         # transient name_id format, remove persistent_id
         sp_conf = copy.deepcopy(SAML_SP_CONFIG)
-        del(sp_conf['service']['sp']['name_id_format'][0])
+        del sp_conf["service"]["sp"]["name_id_format"][0]
         self.sp_conf.load(sp_conf)
         url, data, session_id = self._get_sp_authn_request()
         response = self.client.post(url, data, follow=True)
-        login_response = self.client.post(login_url, data=self.login_data, follow=True)
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
 
         # test logout
         session = self.client.session
         state = StateCache(session)
-        identity_cache = IdentityCache(session)
+        IdentityCache(session)
         oq_cache = OutstandingQueriesCache(session)
-        oq_cache.set(session_id, '/')
+        oq_cache.set(session_id, "/")
         outstanding_queries = oq_cache.outstanding_queries()
-        client = Saml2Client(self.sp_conf, state_cache=state,
-                             identity_cache=IdentityCache(session))
-        response = client.parse_authn_request_response(saml_resp[0],
-                                                       BINDING_HTTP_POST,
-                                                       outstanding_queries)
+        client = Saml2Client(
+            self.sp_conf, state_cache=state, identity_cache=IdentityCache(
+                session)
+        )
+        response = client.parse_authn_request_response(
+            saml_resp[0], BINDING_HTTP_POST, outstanding_queries
+        )
         # this should take name_id dict
         # result = client.global_logout(session['SAML']['subject_id'])
         logout_result = client.global_logout(response.name_id)
 
         # is there a SAML response?
-        saml_req_logout = re.findall(samlrequest_form_regexp,
-                                     logout_result[idp_eid][1]['data'])
+        saml_req_logout = re.findall(
+            samlrequest_form_regexp, logout_result[idp_eid][1]["data"]
+        )
         assert saml_req_logout
 
-        logout_response = self.client.post(logout_url,
-                                           data={'SAMLRequest': saml_req_logout},
-                                           follow=True)
+        logout_response = self.client.post(
+            logout_url, data={"SAMLRequest": saml_req_logout}, follow=True
+        )
diff --git a/uniauth_saml2_idp/tests/test_05_ldap_datastore.py b/uniauth_saml2_idp/tests/test_05_ldap_datastore.py
new file mode 100644
index 0000000..a54ab13
--- /dev/null
+++ b/uniauth_saml2_idp/tests/test_05_ldap_datastore.py
@@ -0,0 +1,171 @@
+import base64
+import json
+import re
+
+from django.conf import settings
+
+from saml2.config import SPConfig
+from saml2.metadata import entity_descriptor
+from uniauth_saml2_idp.models import ServiceProvider
+
+from .base import BINDING_HTTP_POST, BaseTestRP, SAML_SP_CONFIG, Saml2Client, copy, extract_saml_authn_data, idp_eid, idp_md_path, login_url, samlresponse_form_regexp
+from .settingsldap import LDAP_CONNECTIONS
+
+
+class TestEnabledRP(BaseTestRP):
+    def setUp(self):
+        super().setUp()
+        self._add_sp_md()
+        settings.SAML_DISALLOW_UNDEFINED_SP = True
+        self._add_sp()
+        self.sp = ServiceProvider.objects.first()
+        self.login_data = dict(username="mario", password="cimpa12")
+        # add LDAP in settings
+        settings.INSTALLED_APPS.append("multildap")
+        settings.LDAP_CONNECTIONS = LDAP_CONNECTIONS
+        settings.AUTHENTICATION_BACKENDS.append(
+            "uniauth_saml2_idp.auth.multildap.LdapUnicalMultiAcademiaAuthBackend"
+        )
+
+        # disable agreement screen
+        self.sp.agreement_screen = 0
+
+        # configure sp processors
+        self.sp.attribute_processor = (
+            "uniauth_saml2_idp.processors.ldap.LdapUnicalMultiAcademiaProcessor"
+        )
+        self.sp.attribute_mapping = json.dumps(
+            {
+                # refeds + edugain Entities
+                "cn": "cn",
+                "eduPersonEntitlement": "eduPersonEntitlement",
+                "eduPersonPrincipalName": "eduPersonPrincipalName",
+                "schacHomeOrganization": "schacHomeOrganization",
+                "eduPersonHomeOrganization": "eduPersonHomeOrganization",
+                "eduPersonAffiliation": "eduPersonAffiliation",
+                "eduPersonScopedAffiliation": "eduPersonScopedAffiliation",
+                "eduPersonTargetedID": "eduPersonTargetedID",
+                "mail": ["mail", "email"],
+                "email": ["mail", "email"],
+                "schacPersonalUniqueCode": "schacPersonalUniqueCode",
+                "schacPersonalUniqueID": "schacPersonalUniqueID",
+                "sn": "sn",
+                "givenName": ["givenName", "another_possible_occourrence"],
+                "displayName": "displayName",
+                # custom attributes
+                "codice_fiscale": "codice_fiscale",
+                "matricola_studente": "matricola_studente",
+                "matricola_dipendente": "matricola_dipendente",
+            }
+        )
+        self.sp.save()
+
+        # run ldapd
+        self._run_ldapd()
+
+    def test_valid_form(self):
+        url, data, session_id = self._get_sp_authn_request()
+        response = self.client.post(url, data, follow=True)
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        # is there a SAML response?
+        saml_resp = re.findall(
+            samlresponse_form_regexp, login_response.content.decode()
+        )
+        assert saml_resp
+
+        # login again to update existing user on db
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+
+        # test a disabled user
+        # user = get_user_model().objects.last()
+        # user.is_active = 0
+        # user.save()
+        # login_response = self.client.post(login_url,
+        # data=self.login_data, follow=True)
+
+    def test_invalid_form(self):
+        url, data, session_id = self._get_sp_authn_request()
+        response = self.client.post(url, data, follow=True)
+        login_data = {"username": "mario", "password": "erewr"}
+        login_response = self.client.post(
+            login_url, data=login_data, follow=True)
+        assert "is invalid" in login_response.content.decode()
+
+        login_data = {"username": "dsfhdsjkfh", "password": "erewr"}
+        login_response = self.client.post(
+            login_url, data=login_data, follow=True)
+        assert "is invalid" in login_response.content.decode()
+
+    def test_sp_attr_policy(self):
+        # create a pysaml SP
+        self.sp_conf = SPConfig()
+        _sp_conf = copy.deepcopy(SAML_SP_CONFIG)
+        _sp_conf["service"]["sp"]["required_attributes"] = [
+            "email",
+            "givenName",
+            "eduPersonPrincipalName",
+            "sn",
+            "displayName",
+        ]
+        self.sp_conf.load(_sp_conf)
+        # put sp metadata into IDP md store
+        sp_metadata = entity_descriptor(self.sp_conf)
+        with open(idp_md_path + "/sp.xml", "wb") as fd:
+            fd.write(sp_metadata.to_string())
+
+        sp_client = Saml2Client(self.sp_conf)
+        session_id, result = sp_client.prepare_for_authenticate(
+            entityid=idp_eid, relay_state="/", binding=BINDING_HTTP_POST
+        )
+        url, data = extract_saml_authn_data(result)
+        response = self.client.post(url, data, follow=True)
+        # login again to update existing user on db
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        # is there a SAML response?
+        saml_resp = re.findall(
+            samlresponse_form_regexp, login_response.content.decode()
+        )
+        assert saml_resp
+        saml_assrt = base64.b64decode(saml_resp[0]).decode()
+        assert "sn" in saml_assrt
+
+    def test_sp_attr_policy2(self):
+        # create a pysaml SP
+        self.sp_conf = SPConfig()
+        _sp_conf = copy.deepcopy(SAML_SP_CONFIG)
+        _sp_conf["service"]["sp"]["required_attributes"] = [
+            "email",
+            "givenName",
+            "eduPersonPrincipalName",
+            "sn",
+            "telexNumber",
+        ]
+        self.sp_conf.load(_sp_conf)
+        # put sp metadata into IDP md store
+        sp_metadata = entity_descriptor(self.sp_conf)
+        with open(idp_md_path + "/sp.xml", "wb") as fd:
+            fd.write(sp_metadata.to_string())
+
+        sp_client = Saml2Client(self.sp_conf)
+        session_id, result = sp_client.prepare_for_authenticate(
+            entityid=idp_eid, relay_state="/", binding=BINDING_HTTP_POST
+        )
+        url, data = extract_saml_authn_data(result)
+        response = self.client.post(url, data, follow=True)
+        # login again to update existing user on db
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        # is there a SAML response?
+        saml_resp = re.findall(
+            samlresponse_form_regexp, login_response.content.decode()
+        )
+        # assert saml_resp
+        # saml_assrt = base64.b64decode(saml_resp[0]).decode()
+        # assert 'telexNumber' not in saml_assrt
+
+    def tearDown(self):
+        """Kill ldapd test server"""
+        self.ldapd.kill()
diff --git a/uniauth_saml2_idp/tests/test_06_sp_faulty.py b/uniauth_saml2_idp/tests/test_06_sp_faulty.py
new file mode 100644
index 0000000..49897b7
--- /dev/null
+++ b/uniauth_saml2_idp/tests/test_06_sp_faulty.py
@@ -0,0 +1,27 @@
+
+from django.conf import settings
+from uniauth_saml2_idp.models import ServiceProvider
+from .base import BaseTestRP, login_url
+
+
+class TestEnabledRP(BaseTestRP):
+    def setUp(self):
+        super().setUp()
+        self._add_sp_md()
+        settings.SAML_DISALLOW_UNDEFINED_SP = True
+        self._add_sp()
+        self.sp = ServiceProvider.objects.first()
+        self.login_data = dict(username="admin", password="admin")
+        # create a dummy user
+        self.user = self._get_superuser_user()
+
+    def test_faulty_attr_processor(self):
+        self.sp.attribute_processor = "uniauth_saml2_idp.processors.base.UNKNOW"
+        self.sp.save()
+
+        url, data, session_id = self._get_sp_authn_request()
+
+        response = self.client.post(url, data, follow=True)
+        login_response = self.client.post(
+            login_url, data=self.login_data, follow=True)
+        assert b"AttributeError" in login_response.content
diff --git a/uniauth_saml2_idp/tests/test_07_sp_httpredirect.py b/uniauth_saml2_idp/tests/test_07_sp_httpredirect.py
new file mode 100644
index 0000000..74326f4
--- /dev/null
+++ b/uniauth_saml2_idp/tests/test_07_sp_httpredirect.py
@@ -0,0 +1,59 @@
+
+from django.conf import settings
+from django.urls import reverse
+from django.test import override_settings
+from saml2 import BINDING_HTTP_REDIRECT
+
+from .base import BaseTestRP, extract_saml_authn_data, idp_eid
+
+from uniauth_saml2_idp.models import ServiceProvider
+
+
+class TestRP(BaseTestRP):
+    def setUp(self):
+        super().setUp()
+        self._superuser_login()
+        self._add_sp_md()
+
+    def test_authn_request_redirect(self):
+        """
+        HTTP-REDIRECT login
+        """
+        value = settings.SAML_IDP_CONFIG
+        value["service"]["idp"]["want_authn_requests_signed"] = False
+        with override_settings(SAML_IDP_CONFIG=value):
+            session_id, result = self.sp_client.prepare_for_authenticate(
+                entityid=idp_eid, relay_state="/",
+                binding=BINDING_HTTP_REDIRECT,
+                sign=True
+            )
+            url, data = extract_saml_authn_data(result)
+
+            response = self.client.get(url, follow=True)
+            assert response.status_code == 200
+
+            login_process_url = reverse("uniauth_saml2_idp:saml_login_process")
+            login_url = reverse("uniauth_saml2_idp:login") + "?next={}".format(
+                login_process_url
+            )
+
+            # test a login
+            login_data = dict(username="admin", password="admin")
+            # create a dummy user
+            self.user = self._get_superuser_user()
+
+            # agreement screen
+            self._add_sp()
+            self.sp = ServiceProvider.objects.first()
+            self.sp.agreement_screen = 1
+            self.sp.save()
+
+            login_response = self.client.post(
+                login_url, data=login_data, follow=True)
+            assert (
+                "has requested the following informations"
+                in login_response.content.decode()
+            )
+
+            self.sp.delete()
+            self.user.delete()
diff --git a/uniauth_saml2_idp/urls.py b/uniauth_saml2_idp/urls.py
index 6068d55..fb5b258 100644
--- a/uniauth_saml2_idp/urls.py
+++ b/uniauth_saml2_idp/urls.py
@@ -1,23 +1,34 @@
-from django.urls import path
+from django.conf import settings
+from django.urls import path, include
 
 from . import views
 
-app_name = 'uniauth_saml2_idp'
+app_name = "uniauth_saml2_idp"
 
 urlpatterns = [
-    path('login/', views.LoginAuthView.as_view(), name='login'),
-    # path('sso/init', views.SSOInitView.as_view(), name="saml_idp_init"),
-    path('sso/<str:binding>', views.SsoEntryView.as_view(),
+    path("sso/<str:binding>", views.SSOEntryView.as_view(),
          name="saml_login_binding"),
-    path('login/process/', views.LoginProcessView.as_view(),
-         name='saml_login_process'),
-    #  path('login/process_multi_factor/', views.get_metadata,
-    #  name='saml_multi_factor'),
-    path('login/process_user_agreement/',
-         views.UserAgreementScreen.as_view(), name='saml_user_agreement'),
-    path('slo/<str:binding>', views.LogoutProcessView.as_view(),
-         name="saml_logout_binding"),
-    path('metadata/', views.metadata, name='saml2_idp_metadata'),
-
-    path('test/500/', views.test500, name='test500'),
+    path("login/process/", views.LoginProcessView.as_view(),
+         name="saml_login_process"),
+    path(
+        "login/process_user_agreement/",
+        views.UserAgreementScreen.as_view(),
+        name="saml_user_agreement",
+    ),
+    path(
+        "slo/<str:binding>",
+        views.LogoutProcessView.as_view(),
+        name="saml_logout_binding",
+    ),
+    path("metadata/", views.metadata, name="saml2_idp_metadata"),
+    path("test/500/", views.test500, name="test500"),
 ]
+
+if 'mfa' in settings.INSTALLED_APPS:
+    urlpatterns.append(
+        path('login/', views.LoginMfaView.as_view(), name="login")
+    )
+else:
+    urlpatterns.append(
+        path("login/", views.LoginAuthView.as_view(), name="login")
+    )
diff --git a/uniauth_saml2_idp/utils.py b/uniauth_saml2_idp/utils.py
index b951c4e..c313dfd 100644
--- a/uniauth_saml2_idp/utils.py
+++ b/uniauth_saml2_idp/utils.py
@@ -1,7 +1,7 @@
 import base64
 import copy
-import xml.dom.minidom
-import xml.etree.ElementTree
+import defusedxml.minidom
+import defusedxml.ElementTree
 import zlib
 
 from django.conf import settings
@@ -9,23 +9,22 @@
 from saml2.server import Server
 from xml.parsers.expat import ExpatError
 
-from . exceptions import (MetadataNotFound,
-                          SPConfigurationMissing)
-from . models import MetadataStore, ServiceProvider
+from .exceptions import MetadataNotFound, SPConfigurationMissing
+from .models import MetadataStore, ServiceProvider
 
 
 def repr_saml(saml_str, b64=False):
-    """ Decode SAML from b64 and b64 deflated and
-        return a pretty printed representation
+    """Decode SAML from b64 and b64 deflated and
+    return a pretty printed representation
     """
     try:
         msg = base64.b64decode(saml_str).decode() if b64 else saml_str
-        dom = xml.dom.minidom.parseString(msg)
+        dom = defusedxml.minidom.parseString(msg)
     except (UnicodeDecodeError, ExpatError):  # pragma: no cover
         # in HTTP-REDIRECT the base64 must be inflated
         msg = base64.b64decode(saml_str)
         inflated = zlib.decompress(msg, -15)
-        dom = xml.dom.minidom.parseString(inflated.decode())
+        dom = defusedxml.minidom.parseString(inflated.decode())
     return dom.toprettyxml()
 
 
@@ -40,17 +39,17 @@ def get_idp_config(saml_idp_config=settings.SAML_IDP_CONFIG):
     # this is only used for merge DB metadatastores configurations
     db_mdstores = MetadataStore.as_pysaml_mdstore_dict()
     for k, v in db_mdstores.items():
-        if not idp_config['metadata'].get(k):
-            idp_config['metadata'][k] = []
+        if not idp_config["metadata"].get(k):
+            idp_config["metadata"][k] = []
         for endpoint in v:
-            if endpoint not in idp_config['metadata'][k]:
-                idp_config['metadata'][k].append(endpoint)
+            if endpoint not in idp_config["metadata"][k]:
+                idp_config["metadata"][k].append(endpoint)
     # end DB metadatastores configurations
     try:
         conf.load(idp_config)
     except FileNotFoundError as e:  # pragma: no cover
         raise MetadataNotFound(e)
-    except xml.etree.ElementTree.ParseError as e:  # pragma: no cover
+    except defusedxml.ElementTree.ParseError as e:  # pragma: no cover
         raise SPConfigurationMissing(e)
     except Exception as e:  # pragma: no cover
         raise Exception(e)
@@ -65,10 +64,10 @@ def get_idp_sp_config():
 
 
 def get_client_id(request):
-    x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+    x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
     if x_forwarded_for:  # pragma: no cover
-        ip = x_forwarded_for.split(',')[0]
+        ip = x_forwarded_for.split(",")[0]
     else:
-        ip = request.META.get('REMOTE_ADDR')
-    ua = request.META.get('HTTP_USER_AGENT', '')
-    return '{} ({})'.format(ip, ua)
+        ip = request.META.get("REMOTE_ADDR")
+    ua = request.META.get("HTTP_USER_AGENT", "")
+    return "{} ({})".format(ip, ua)
diff --git a/uniauth_saml2_idp/views.py b/uniauth_saml2_idp/views.py
index 8f75dbc..cbf681f 100644
--- a/uniauth_saml2_idp/views.py
+++ b/uniauth_saml2_idp/views.py
@@ -4,16 +4,15 @@
 import logging
 import json
 import re
+import urllib
 
 from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.contrib.auth import logout, login as auth_login
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.contrib.auth.views import LoginView
-from django.core.exceptions import (ImproperlyConfigured,
-                                    PermissionDenied)
-from django.http import (HttpResponse,
-                         HttpResponseRedirect)
+from django.core.exceptions import ImproperlyConfigured, PermissionDenied
+from django.http import HttpResponse, HttpResponseRedirect
 from django.template.loader import render_to_string
 from django.urls import reverse
 from django.utils.decorators import method_decorator
@@ -24,86 +23,112 @@
 from django.views.decorators.csrf import csrf_exempt
 from django.views.decorators.cache import never_cache
 from django.shortcuts import render
+
+from mfa.views import LoginView as MfaLoginAuthView
+
 from saml2 import BINDING_HTTP_POST
-from saml2.authn_context import (PASSWORD,
-                                 AuthnBroker,
-                                 authn_context_class_ref)
+from saml2.authn_context import PASSWORD, AuthnBroker, authn_context_class_ref
 
 from saml2.assertion import Policy
 from saml2.config import IdPConfig
 from saml2.ident import NameID
 from saml2.metadata import entity_descriptor
-from saml2.s_utils import (UnknownPrincipal,
-                           UnsupportedBinding,
-                           UnknownSystemEntity)
+from saml2.s_utils import UnknownPrincipal, UnsupportedBinding, UnknownSystemEntity
 from saml2.saml import NAMEID_FORMAT_UNSPECIFIED, NAMEID_FORMAT_PERSISTENT
-from saml2.response import (IncorrectlySigned,)
+from saml2.response import (
+    IncorrectlySigned,
+)
 from six import text_type
 
 from accounts.models import PersistentId
-from . decorators import (_not_valid_saml_msg,
-                          store_params_in_session_func,
-                          require_saml_request)
-from . exceptions import (MetadataNotFound,
-                          MetadataCorruption,
-                          UnavailableRequiredAttributes,
-                          DisabledSP)
-from . forms import AgreementForm, LoginForm
-from . models import AgreementRecord, ServiceProvider
-from . processors.base import BaseProcessor
-from . utils import (repr_saml,
-                     get_idp_config,
-                     get_idp_sp_config,
-                     get_client_id)
+from .decorators import (
+    _not_valid_saml_msg,
+    store_params_in_session_func,
+    require_saml_request,
+)
+from .exceptions import (
+    MetadataNotFound,
+    MetadataCorruption,
+    UnavailableRequiredAttributes,
+    DisabledSP,
+)
+from .forms import AgreementForm, LoginForm
+from .models import AgreementRecord, ServiceProvider
+from .processors.base import BaseProcessor
+from .utils import repr_saml, get_idp_config, get_idp_sp_config, get_client_id
 
 
 logger = logging.getLogger(__name__)
 
 
-class SsoEntryView(View):
-    """ Entrypoint view for SSO. Build the saml session and redirects
-        the requester to the login_process view.
+class SSOEntryView(View):
+    """Entrypoint view for SSO. Build the saml session and redirects
+    the requester to the login_process view.
     """
 
     def is_entity_known(self, *args, **kwargs):
         try:
             self.IDP.response_args(self.saml_request.message)
         except UnknownSystemEntity as exp:  # pragma: no cover
-            logger.error('{}'.format(exp))
-            return render(self.request, 'error.html',
-                          {'exception_type': exp,
-                           'exception_msg': _("This SP is not registered"),
-                           'extra_message': _('Unknow Entity')},
-                          status=403)
+            logger.error("{}".format(exp))
+            return render(
+                self.request,
+                "error.html",
+                {
+                    "exception_type": exp,
+                    "exception_msg": _("This SP is not registered"),
+                    "extra_message": _("Unknow Entity"),
+                },
+                status=403,
+            )
 
     def is_undefined_sp(self, *args, **kwargs):
         if settings.SAML_DISALLOW_UNDEFINED_SP:
             if self.sp_id not in get_idp_sp_config().keys():
-                return render(self.request, 'error.html',
-                              {'exception_type': _("This SP is not allowed to access to this Service"),
-                               'exception_msg': _("Attribute Processor needs "
-                                                  "to be configured and undefined SP are not Allowed.")},
-                              status=403)
+                return render(
+                    self.request,
+                    "error.html",
+                    {
+                        "exception_type": _(
+                            "This SP is not allowed to access to this Service"
+                        ),
+                        "exception_msg": _(
+                            "Attribute Processor needs "
+                            "to be configured and undefined SP are not Allowed."
+                        ),
+                    },
+                    status=403,
+                )
 
     def is_disabled_sp(self, *args, **kwargs):
         # check if the SP was defined but disabled
         if ServiceProvider.objects.filter(entity_id=self.sp_id, is_active=False):
-            return render(self.request, 'error.html',
-                          {'exception_type': _("This SP is not allowed to access to this Service"),
-                           'exception_msg': _("{} was disabled".format(self.sp_id))},
-                          status=403)
+            return render(
+                self.request,
+                "error.html",
+                {
+                    "exception_type": _(
+                        "This SP is not allowed to access to this Service"
+                    ),
+                    "exception_msg": _("{} was disabled".format(self.sp_id)),
+                },
+                status=403,
+            )
 
     def mduui(self, *args, **kwargs):
         mduui = {}
-        if not self.IDP.config.metadata.service(self.sp_id,
-                                                "spsso_descriptor",
-                                                'assertion_consumer_service'):
+        if not self.IDP.config.metadata.service(
+            self.sp_id, "spsso_descriptor", "assertion_consumer_service"
+        ):
             msg = _("{} is not present in any Metadata").format(self.sp_id)
             raise MetadataNotFound(msg)
 
         try:
-            mduui = self.IDP.metadata[self.sp_id]['spsso_descriptor'][0]\
-                .get('extensions', {}).get('extension_elements', [{}])[0]
+            mduui = (
+                self.IDP.metadata[self.sp_id]["spsso_descriptor"][0]
+                .get("extensions", {})
+                .get("extension_elements", [{}])[0]
+            )
         except IndexError as excp:
             logger.error('MDUUI not available: "{}"'.format(excp))
 
@@ -111,19 +136,23 @@ def mduui(self, *args, **kwargs):
         # IDP.metadata[self.sp_id]['spsso_descriptor'][0]['name_id_format'][0]['text']
 
         if self.sp_id:
-            sp_display_name = self.sp.get('display_name') or \
-                mduui.get('display_name', [{}])[0].get('text')
-            sp_display_description = self.sp.get('display_description', '') or \
-                mduui.get('description', [{}])[0].get('text') or \
-                self.sp_id
-            self.request.saml_session['sp_display_name'] = sp_display_name
-            self.request.saml_session['sp_display_description'] = sp_display_description
-            self.request.saml_session['sp_logo'] = mduui.get('logo', [{}])[
-                0].get('text')
+            sp_display_name = self.sp.get("display_name") or mduui.get(
+                "display_name", [{}]
+            )[0].get("text")
+            sp_display_description = (
+                self.sp.get("display_description", "")
+                or mduui.get("description", [{}])[0].get("text")
+                or self.sp_id
+            )
+            self.request.saml_session["sp_display_name"] = sp_display_name
+            self.request.saml_session["sp_display_description"] = sp_display_description
+            self.request.saml_session["sp_logo"] = mduui.get("logo", [{}])[0].get(
+                "text"
+            )
             return True
 
     def additional_checks(self, *args, **kwargs):
-        for i in ('is_entity_known', 'is_undefined_sp', 'is_disabled_sp'):
+        for i in ("is_entity_known", "is_undefined_sp", "is_disabled_sp"):
             if not hasattr(self, i):
                 continue
             fail = getattr(self, i)()
@@ -132,31 +161,34 @@ def additional_checks(self, *args, **kwargs):
 
     @method_decorator(store_params_in_session_func)
     @method_decorator(csrf_exempt)
-    def dispatch(self, request, *args, **kwargs):
-        # decoratos do the most
+    def dispatch(self, request, api: bool = None, *args, **kwargs):
+        # decorators do the most
         logger.info("SSO req from client {}".format(get_client_id(request)))
-        binding = request.saml_session.get('Binding', BINDING_HTTP_POST)
+        binding = request.saml_session.get("Binding", BINDING_HTTP_POST)
         self.IDP = get_IDP()
         try:
-            self.saml_request = self.IDP.parse_authn_request(request.saml_session['SAMLRequest'],
-                                                             binding)
+            self.saml_request = self.IDP.parse_authn_request(
+                request.saml_session["SAMLRequest"], binding
+            )
         except IncorrectlySigned as exp:
-            logger.error('{}'.format(exp))
-            return render(request, 'error.html',
-                          {'exception_type': exp,
-                           'exception_msg': _("Incorrectly signed"),
-                           'extra_message': _('SP Metadata '
-                                              'is changed, expired '
-                                              'or unavailable.')},
-                          status=403)
+            logger.error("{}".format(exp))
+            err_data = {
+                "exception_type": exp,
+                "exception_msg": _("Incorrectly signed"),
+                "extra_message": _(
+                    "SP Metadata " "is changed, expired " "or unavailable."
+                ),
+            }
+            if api:
+                return err_data
+
+            return render(request, "error.html", err_data, status=403)
         except Exception as exp:  # pragma: no cover
-            logger.error('{}'.format(exp))
-            return render(request, 'error.html',
-                          {'exception_type': exp},
-                          status=403)
+            logger.error("{}".format(exp))
+            return render(request, "error.html", {"exception_type": exp}, status=403)
 
         # later we'll check if the authnrequest is older then the IDP session age
-        request.saml_session['issue_instant'] = self.saml_request.message.issue_instant
+        request.saml_session["issue_instant"] = self.saml_request.message.issue_instant
 
         # these are not serializable ...
         # request.saml_session['IDP'] = self.IDP
@@ -166,13 +198,12 @@ def dispatch(self, request, *args, **kwargs):
         if self.saml_request.message.force_authn:
             logout(request)
             msg = "SSO AuthnRequest [force_authn=True]: {} [{}]".format(
-                                    self.saml_request.message.issuer.text,
-                                    self.saml_request.message.id
+                self.saml_request.message.issuer.text, self.saml_request.message.id
             )
             logger.info(msg)
 
-        request.saml_session['message_id'] = self.saml_request.message.id
-        request.saml_session['issue_instant'] = self.saml_request.message.issue_instant
+        request.saml_session["message_id"] = self.saml_request.message.id
+        request.saml_session["issue_instant"] = self.saml_request.message.issue_instant
 
         self.sp_id = self.saml_request.message.issuer.text
         self.sp = get_idp_sp_config().get(self.sp_id, {})
@@ -184,16 +215,16 @@ def dispatch(self, request, *args, **kwargs):
         if failed_tests:
             return failed_tests
         else:
-            return HttpResponseRedirect(
-                reverse('uniauth_saml2_idp:saml_login_process')
-            )
+            return HttpResponseRedirect(reverse("uniauth_saml2_idp:saml_login_process"))
 
 
 class ErrorHandler(object):
     error_view = import_string(
-        getattr(settings,
-                'SAML_IDP_ERROR_VIEW_CLASS',
-                'uniauth_saml2_idp.error_views.SamlIDPErrorView')
+        getattr(
+            settings,
+            "SAML_IDP_ERROR_VIEW_CLASS",
+            "uniauth_saml2_idp.error_views.SamlIDPErrorView",
+        )
     )
 
     def handle_error(self, request, **kwargs):
@@ -208,37 +239,43 @@ def get_IDP(idp_conf=settings.SAML_IDP_CONFIG):
 
 
 class IdPHandlerViewMixin(ErrorHandler):
-    """ Contains some methods used by multiple views
-    """
+    """Contains some methods used by multiple views"""
 
     def dispatch(self, request, *args, **kwargs):
-        """ Construct IDP server with config from settings dict
-        """
+        """Construct IDP server with config from settings dict"""
         err_data = {}
         try:
             self.IDP = get_IDP()
         except Exception as excp:  # pragma: no cover
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp)
         except MetadataNotFound as exp:
-            logger.error('{}'.format(exp))
+            logger.error("{}".format(exp))
             if request:
-                err_data = {'exception_type': _("Unable to find Service "
-                                                "Provider Metadata"),
-                            'exception_msg': "",
-                            'extra_message': _('SP Metadata are expired '
-                                               'or not found. Please contact '
-                                               'IDP technical support for '
-                                               'better acknowledge')}
+                err_data = {
+                    "exception_type": _("Unable to find Service " "Provider Metadata"),
+                    "exception_msg": "",
+                    "extra_message": _(
+                        "SP Metadata are expired "
+                        "or not found. Please contact "
+                        "IDP technical support for "
+                        "better acknowledge"
+                    ),
+                }
         except MetadataCorruption as exp:
-            logger.error('{}'.format(exp))
-            err_data = {'exception_type': _("Some Metadata "
-                                            "seems to be corrupted"),
-                        'exception_msg': "",
-                        'extra_message': _('This is a security exception. '
-                                           'Please contact IdP staff.')}
+            logger.error("{}".format(exp))
+            err_data = {
+                "exception_type": _("Some Metadata " "seems to be corrupted"),
+                "exception_msg": "",
+                "extra_message": _(
+                    "This is a security exception. " "Please contact IdP staff."
+                ),
+            }
         if request and err_data:
-            return render(request, 'error.html', err_data, status=403)
+            return render(request, "error.html", err_data, status=403)
+
+        # required for get_ava
+        self.request = request
         return super().dispatch(request, *args, **kwargs)
 
     def convert_attributes(self, attr_name_list):
@@ -255,38 +292,44 @@ def convert_attributes(self, attr_name_list):
         return converted_attrs
 
     def set_sp(self, sp_entity_id):
-        """ Saves SP info to instance variable
-            Raises an exception if sp matching
-            the given entity id cannot be found.
+        """Saves SP info to instance variable
+        Raises an exception if sp matching
+        the given entity id cannot be found.
 
-            If undefined SP are allowed it handles its presence in metadatastore
-            and the attribute release policy.
+        If undefined SP are allowed it handles its presence in metadatastore
+        and the attribute release policy.
         """
-        self.sp = {'id': sp_entity_id}
-        self.sp['config'] = get_idp_sp_config().get(sp_entity_id)
+        self.sp = {"id": sp_entity_id}
+        self.sp["config"] = get_idp_sp_config().get(sp_entity_id)
 
         sp = ServiceProvider.objects.filter(entity_id=sp_entity_id).first()
 
-        if not self.sp['config']:
-            self.sp['config'] = copy.deepcopy(settings.DEFAULT_SPCONFIG)
-            self.sp['config']['force_attribute_release'] = False
+        if not self.sp["config"]:
+            self.sp["config"] = copy.deepcopy(settings.DEFAULT_SPCONFIG)
+            self.sp["config"]["force_attribute_release"] = False
 
         if not sp:
             # TODO: get these information from sp's metadata
-            sp = ServiceProvider.objects.create(entity_id=sp_entity_id,
-                                                display_name=sp_entity_id,
-                                                is_valid=True,
-                                                is_active=True,
-                                                last_seen=timezone.localtime())
+            sp = ServiceProvider.objects.create(
+                entity_id=sp_entity_id,
+                display_name=sp_entity_id,
+                is_valid=True,
+                is_active=True,
+                agreement_message=settings.DEFAULT_SPCONFIG.get(
+                    'display_agreement_message', ""
+                ),
+                last_seen=timezone.localtime(),
+            )
         elif not sp.is_active:
-            msg = _("{} was disabled. "
-                    "Please contact technical staff for informations.")
+            msg = _(
+                "{} was disabled. " "Please contact technical staff for informations."
+            )
             raise DisabledSP(msg.format(sp_entity_id))
         else:
             sp.last_seen = timezone.localtime()
             sp.save()
 
-        if self.sp['config']['force_attribute_release']:
+        if self.sp["config"]["force_attribute_release"]:
             # IdP ignores what SP requests for and release what you configured
             return
 
@@ -298,8 +341,8 @@ def set_sp(self, sp_entity_id):
 
         # clean up unrequested attributes
         # TODO a bettere generalization with SAML2 attr mapping here
-        req_attr_list = [entry['name'] for entry in req_attrs['required']]
-        opt_attr_list = [entry['name'] for entry in req_attrs['optional']]
+        req_attr_list = [entry["name"] for entry in req_attrs["required"]]
+        opt_attr_list = [entry["name"] for entry in req_attrs["optional"]]
 
         # conversion: avoids that some attrs have identifiers instead of names
         conv_req_attr_list = self.convert_attributes(req_attr_list)
@@ -311,69 +354,73 @@ def set_sp(self, sp_entity_id):
         # updates newly requested attrs
         for attr in attr_list:
             # if there's some configuration about mapping ...
-            if attr in settings.DEFAULT_SPCONFIG['attribute_mapping']:
-                self.sp['config']['attribute_mapping'][attr] = settings.DEFAULT_SPCONFIG['attribute_mapping'][attr]
+            if attr in settings.DEFAULT_SPCONFIG["attribute_mapping"]:
+                self.sp["config"]["attribute_mapping"][
+                    attr
+                ] = settings.DEFAULT_SPCONFIG["attribute_mapping"][attr]
             # .. otherwise map it as it come from sp's metadata
             else:
-                self.sp['config']['attribute_mapping'][attr] = [attr]
+                self.sp["config"]["attribute_mapping"][attr] = [attr]
 
         # clean up unrequired
         to_be_removed = []
-        for attr in self.sp['config']['attribute_mapping']:
+        for attr in self.sp["config"]["attribute_mapping"]:
             if attr not in attr_list:
                 to_be_removed.append(attr)
         for attr in to_be_removed:
-            del self.sp['config']['attribute_mapping'][attr]
+            del self.sp["config"]["attribute_mapping"][attr]
 
         # update SP's attribute map
-        sp.attribute_mapping = json.dumps(self.sp['config']['attribute_mapping'],
-                                          indent=2)
+        sp.attribute_mapping = json.dumps(
+            self.sp["config"]["attribute_mapping"], indent=2
+        )
         sp.save()
 
         # check if some required are unavailable...
-        if req_attrs['required']:
-            msg = _("{} requested unavailable attribute '{}' to this IdP. "
-                    "Please contact SP technical staff for support.")
+        if req_attrs["required"]:
+            msg = _(
+                "{} requested unavailable attribute '{}' to this IdP. "
+                "Please contact SP technical staff for support."
+            )
             # if some required attributes are unavailable the IdP give this warning
             for req in conv_req_attr_list:
-                if req not in self.sp['config']['attribute_mapping']:
+                if req not in self.sp["config"]["attribute_mapping"]:
                     logger.info(msg)
                     raise UnavailableRequiredAttributes(
                         msg.format(sp_entity_id, req))
 
     def set_processor(self, request=None):
-        """ Instantiate user-specified processor or
-            default to an all-access base processor.
-            Raises an exception if the configured processor
-            class can not be found or initialized.
+        """Instantiate user-specified processor or
+        default to an all-access base processor.
+        Raises an exception if the configured processor
+        class can not be found or initialized.
         """
-        processor_string = self.sp['config'].get('processor', None)
+        processor_string = self.sp["config"].get("processor", None)
         if processor_string:
             try:
                 self.processor = import_string(processor_string)(
-                    self.sp['id'], request=request)
+                    self.sp["id"], request=request
+                )
                 return
             except Exception as e:
-                logger.error('{}'.format(e))
+                logger.error("{}".format(e))
                 msg = _("Failed to instantiate processor: {} - {}")
-                logger.error(msg.format(processor_string, e),
-                             exc_info=True)
+                logger.error(msg.format(processor_string, e), exc_info=True)
                 #  raise ImproperlyConfigured(_(msg.format(processor_string, e)))
                 return self.handle_error(request, exception=e, status=500)
-        self.processor = BaseProcessor(self.sp['id'], request=request)
+        self.processor = BaseProcessor(self.sp["id"], request=request)
 
     def verify_request_signature(self, req_info):
-        """ Signature verification
-            for authn request signature_check is at
-            saml2.sigver.SecurityContext.correctly_signed_authn_request
+        """Signature verification
+        for authn request signature_check is at
+        saml2.sigver.SecurityContext.correctly_signed_authn_request
         """
         # TODO: Add unit tests for this
         if not req_info.signature_check(req_info.xmlstr):
             raise ValueError(_("Message signature verification failure"))
 
     def check_access(self, request):
-        """ Check if user has access to the service of this SP
-        """
+        """Check if user has access to the service of this SP"""
         if not self.processor.has_access(request):
             raise PermissionDenied(
                 _("You do not have access to this resource"))
@@ -388,108 +435,119 @@ def get_authn(self, req_info=None):
         return broker.get_authn_by_accr(req_authn_context)
 
     def get_name_id_format(self, user, authn, resp_args):
-        name_id_format = resp_args.get('name_id_policy')
+        name_id_format = resp_args.get("name_id_policy")
         if not name_id_format:
             logger.warning(
-                'Missing NAME_ID_FORMAT, rely on: NAMEID_FORMAT_PERSISTENT')
-        self.sp['name_id_format'] = name_id_format.format \
-            if name_id_format else NAMEID_FORMAT_PERSISTENT
-        idp_name_id_format_list = self.IDP.config.getattr("name_id_format",
-                                                          "idp")
+                "Missing NAME_ID_FORMAT, rely on: NAMEID_FORMAT_PERSISTENT"
+            )
+        self.sp["name_id_format"] = (
+            name_id_format.format if name_id_format else NAMEID_FORMAT_PERSISTENT
+        )
+        idp_name_id_format_list = self.IDP.config.getattr(
+            "name_id_format", "idp")
 
         # name_id format availability
-        if idp_name_id_format_list and not self.sp['name_id_format']:
+        if idp_name_id_format_list and not self.sp["name_id_format"]:
             name_id_format = idp_name_id_format_list[0]
 
-        elif self.sp['name_id_format'] and not idp_name_id_format_list:
-            name_id_format = self.sp['name_id_format']
+        elif self.sp["name_id_format"] and not idp_name_id_format_list:
+            name_id_format = self.sp["name_id_format"]
 
-        elif self.sp['name_id_format'] not in idp_name_id_format_list:
-            _msg = _('SP requested a name_id_format '
-                     'that is not supported in the IDP: {}').format(self.sp['name_id_format'])
+        elif self.sp["name_id_format"] not in idp_name_id_format_list:
+            _msg = _(
+                "SP requested a name_id_format " "that is not supported in the IDP: {}"
+            ).format(self.sp["name_id_format"])
             #  logger.error(_msg)
             raise UnavailableRequiredAttributes(_msg)
-        elif self.sp['name_id_format'] in idp_name_id_format_list:
-            name_id_format = self.sp['name_id_format']
+        elif self.sp["name_id_format"] in idp_name_id_format_list:
+            name_id_format = self.sp["name_id_format"]
 
         else:
             name_id_format = NAMEID_FORMAT_UNSPECIFIED
 
         # if SP doesn't request a specific name_id_format...
-        if not self.sp['name_id_format']:
-            self.sp['name_id_format'] = name_id_format
+        if not self.sp["name_id_format"]:
+            self.sp["name_id_format"] = name_id_format
 
         user_id = self.processor.get_user_id(user, self.sp, self.IDP.config)
-        name_id = NameID(format=name_id_format,
-                         sp_name_qualifier=self.sp['id'],
-                         text=user_id)
+        name_id = NameID(
+            format=name_id_format, sp_name_qualifier=self.sp["id"], text=user_id
+        )
         return name_id, user_id
 
     def get_ava(self, user=None):
         # IDENTITY AND ATTR POLICY
         # Generate request session stuff needed for user agreement screen
-        attrs_to_exclude = self.sp['config'].get('user_agreement_attr_exclude', []) + \
-            getattr(settings, "SAML_IDP_USER_AGREEMENT_ATTR_EXCLUDE", [])
+        attrs_to_exclude = self.sp["config"].get(
+            "user_agreement_attr_exclude", []
+        ) + getattr(settings, "SAML_IDP_USER_AGREEMENT_ATTR_EXCLUDE", [])
 
         identity = {
             k: v
-            for k, v in self.processor.create_identity(user or self.request.user,
-                                                       self.sp).items()
+            for k, v in self.processor.create_identity(
+                user or self.request.user, self.sp
+            ).items()
             if k not in attrs_to_exclude
         }
 
         # entity categories and other pysaml2 policies could filter out some attributes
         policy = Policy(
-            restrictions=settings.SAML_IDP_CONFIG['service']['idp'].get('policy'))
-        ava = policy.filter(identity,
-                            self.sp['id'],
-                            self.IDP.config.metadata,
-                            required=[])
+            restrictions=settings.SAML_IDP_CONFIG["service"]["idp"].get(
+                "policy")
+        )
+        ava = policy.filter(
+            identity, self.sp["id"], self.IDP.config.metadata, required=[]
+        )
         # remove None
         for attr in ava:
             if not ava[attr]:
-                ava[attr] = ''
+                ava[attr] = ""
 
         # END IDENTITY AND ATTR POLICY
         return identity, policy, ava
 
     def apply_allow_create(self, name_id):
-        name_id_policy = self.resp_args['name_id_policy']
-        if name_id_policy and getattr(name_id_policy, 'allow_create', None):
+        name_id_policy = self.resp_args["name_id_policy"]
+        if name_id_policy and getattr(name_id_policy, "allow_create", None):
             name_id_policy = name_id_policy.allow_create.lower()
         # allow create support
-        if settings.SAML_ALLOWCREATE and \
-           name_id_policy in ['true', '1'] and \
-           name_id.format == NAMEID_FORMAT_PERSISTENT:
-            if not PersistentId.objects.filter(user=self.request.user,
-                                               recipient_id=self.sp['id']):
-                PersistentId.objects.create(user=self.request.user,
-                                            persistent_id=self.processor.eduPersonTargetedID,
-                                            recipient_id=self.sp['id'])
+        if (
+            settings.SAML_ALLOWCREATE
+            and name_id_policy in ["true", "1"]
+            and name_id.format == NAMEID_FORMAT_PERSISTENT
+        ):
+            if not PersistentId.objects.filter(
+                user=self.request.user, recipient_id=self.sp["id"]
+            ):
+                PersistentId.objects.create(
+                    user=self.request.user,
+                    persistent_id=self.processor.eduPersonTargetedID,
+                    recipient_id=self.sp["id"],
+                )
         # allow create support end
 
     def build_authn_response(self, user, authn, resp_args):
-        """ pysaml2 server.Server.create_authn_response wrapper
-        """
+        """pysaml2 server.Server.create_authn_response wrapper"""
         name_id, user_id = self.get_name_id_format(user, authn, resp_args)
         # get identity attributes with the policy that applied filters on them
         identity, policy, ava = self.get_ava()
-        self.request.saml_session['identity'] = identity
+        self.request.saml_session["identity"] = identity
         # talking logs
         msg = (
-            'SSO AuthnResponse [{}] to {} [{}]: {} attrs ({}) on {} filtered by policy')
-        self.request.saml_session['authn_log'] = msg.format(
-                                        name_id.format,
-                                        self.sp['id'],
-                                        self.request.saml_session.get('message_id'),
-                                        len(ava),
-                                        ','.join(ava.keys()),
-                                        len(identity)
+            "SSO AuthnResponse [{}] to {} [{}]: {} attrs ({}) on {} filtered by policy"
+        )
+        self.request.saml_session["authn_log"] = msg.format(
+            name_id.format,
+            self.sp["id"],
+            self.request.saml_session.get("message_id"),
+            len(ava),
+            ",".join(ava.keys()),
+            len(identity),
         )
-        logger.info(self.request.saml_session['authn_log'])
+        logger.info(self.request.saml_session["authn_log"])
 
-        self.request.saml_session['identity'] = ava
-        self.request.saml_session['subject_id'] = self.processor.eduPersonTargetedID
+        self.request.saml_session["identity"] = ava
+        self.request.saml_session["subject_id"] = self.processor.eduPersonTargetedID
         #
 
         # apply allow_create
@@ -497,20 +555,20 @@ def build_authn_response(self, user, authn, resp_args):
 
         # ASSERTION ENCRYPTED
         encrypt_assertion = False
-        if self.IDP.has_encrypt_cert_in_metadata(self.sp['id']):
-            sp_enc_cert = self.IDP.config.metadata.certs(self.sp['id'],
-                                                         "spsso",
-                                                         use="encryption")
+        if self.IDP.has_encrypt_cert_in_metadata(self.sp["id"]):
+            sp_enc_cert = self.IDP.config.metadata.certs(
+                self.sp["id"], "spsso", use="encryption"
+            )
             if sp_enc_cert:
                 encrypt_assertion = True
-            elif getattr(settings, 'SAML_FORCE_ENCRYPTED_ASSERTION', False):
+            elif getattr(settings, "SAML_FORCE_ENCRYPTED_ASSERTION", False):
                 encrypt_assertion = True
-            if self.sp['config'].get('disable_encrypted_assertions', False):
+            if self.sp["config"].get("disable_encrypted_assertions", False):
                 encrypt_assertion = False
             # TODO: investigate here
             if encrypt_assertion:
-                resp_args['encrypt_cert_assertion'] = sp_enc_cert[0]
-                resp_args['encrypt_cert_advice'] = sp_enc_cert[0]
+                resp_args["encrypt_cert_assertion"] = sp_enc_cert[0]
+                resp_args["encrypt_cert_advice"] = sp_enc_cert[0]
 
                 # PREFIM here won't work with shibboleth
                 # WARN Shibboleth.AttributeResolver.Query [4] [default]: no SAML 2 AttributeAuthority role found in metadata
@@ -519,36 +577,33 @@ def build_authn_response(self, user, authn, resp_args):
 
         authn_resp = self.IDP.create_authn_response(
             authn=authn,
-            identity=self.request.saml_session['identity'],
+            identity=self.request.saml_session["identity"],
             userid=user_id,
             name_id=name_id,
-
             # signature
-            sign_response=self.sp['config'].get("sign_response") or \
-            self.IDP.config.getattr("sign_response", "idp") or \
-            False,
-            sign_assertion=self.sp['config'].get("sign_assertion") or \
-            self.IDP.config.getattr("sign_assertion", "idp") or \
-            False,
-
+            sign_response=self.sp["config"].get("sign_response")
+            or self.IDP.config.getattr("sign_response", "idp")
+            or False,
+            sign_assertion=self.sp["config"].get("sign_assertion")
+            or self.IDP.config.getattr("sign_assertion", "idp")
+            or False,
             # default is sha1 in pySAML2
-            sign_alg=self.sp['config'].get("signing_algorithm") or \
-            getattr(settings, 'SAML_AUTHN_SIGN_ALG', False),
-            digest_alg=self.sp['config'].get("digest_algorithm") or \
-            getattr(settings, 'SAML_AUTHN_DIGEST_ALG', False),
-
+            sign_alg=self.sp["config"].get("signing_algorithm")
+            or getattr(settings, "SAML_AUTHN_SIGN_ALG", False),
+            digest_alg=self.sp["config"].get("digest_algorithm")
+            or getattr(settings, "SAML_AUTHN_DIGEST_ALG", False),
             # Encryption
             encrypt_assertion=encrypt_assertion,
             encrypt_advice_attributes=encrypt_assertion,
             encrypt_assertion_self_contained=encrypt_assertion,
-            **resp_args
+            **resp_args,
         )
         return authn_resp
 
-    def create_html_response(self, request, binding,
-                             authn_resp, destination, relay_state):
-        """ Login form for SSO
-        """
+    def create_html_response(
+        self, request, binding, authn_resp, destination, relay_state
+    ):
+        """Login form for SSO"""
         if binding == BINDING_HTTP_POST:
             context = {
                 "acs_url": destination,
@@ -556,8 +611,8 @@ def create_html_response(self, request, binding,
                 "relay_state": relay_state,
             }
             template = "saml_post.html"
-            html_response = render_to_string(template, context=context,
-                                             request=request)
+            html_response = render_to_string(
+                template, context=context, request=request)
 
         # response won't be in http-redirect!
         else:  # pragma: no cover
@@ -566,41 +621,48 @@ def create_html_response(self, request, binding,
                 msg_str=authn_resp,
                 destination=destination,
                 relay_state=relay_state,
-                response=True)
+                response=True,
+            )
 
-            logger.debug('http args are: {}'.format(http_args))
-            html_response = http_args['data']
+            logger.debug("http args are: {}".format(http_args))
+            html_response = http_args["data"]
         return html_response
 
     def render_response(self, request, html_response):
-        """ Return either as redirect to MultiFactorView
-            or as html with self-submitting form.
+        """Return either as redirect to MultiFactorView
+        or as html with self-submitting form.
         """
-        if not hasattr(self, 'processor'):
+        if not hasattr(self, "processor"):
             # In case of SLO, where processor isn't relevant
             return HttpResponse(html_response)
 
-        request.saml_session['response'] = html_response
-
-        request.saml_session['sp_display_info'] = {
-            'display_name': request.saml_session['sp_display_description'],
-            'display_description': request.saml_session['sp_display_description'],
-            'display_agreement_message': self.sp['config'].get('display_agreement_message'),
-            'display_agreement_consent_form': self.sp['config'].get('display_agreement_consent_form')
+        request.saml_session["response"] = html_response
+
+        request.saml_session["sp_display_info"] = {
+            "display_name": request.saml_session["sp_display_description"],
+            "display_description": request.saml_session["sp_display_description"],
+            "display_agreement_message": self.sp["config"].get(
+                "display_agreement_message"
+            ),
+            "display_agreement_consent_form": self.sp["config"].get(
+                "display_agreement_consent_form"
+            ),
         }
-        request.saml_session['sp_entity_id'] = self.sp['id']
+        request.saml_session["sp_entity_id"] = self.sp["id"]
 
         # Conditions for showing user agreement screen
-        user_agreement_enabled_for_sp = self.sp['config'].get(
-                        'show_user_agreement_screen',
-                        getattr(settings, "SAML_IDP_SHOW_USER_AGREEMENT_SCREEN")
+        user_agreement_enabled_for_sp = self.sp["config"].get(
+            "show_user_agreement_screen",
+            getattr(settings, "SAML_IDP_SHOW_USER_AGREEMENT_SCREEN"),
         )
 
-        agreement_for_sp = AgreementRecord.objects.filter(user=request.user,
-                                                          sp_entity_id=self.sp['id']).first()
+        agreement_for_sp = AgreementRecord.objects.filter(
+            user=request.user, sp_entity_id=self.sp["id"]
+        ).first()
         if agreement_for_sp:
-            if agreement_for_sp.is_expired() or \
-               agreement_for_sp.wants_more_attrs(request.saml_session['identity'].keys()):
+            if agreement_for_sp.is_expired() or agreement_for_sp.wants_more_attrs(
+                request.saml_session["identity"].keys()
+            ):
                 agreement_for_sp.delete()
                 already_agreed = False
             else:
@@ -611,162 +673,219 @@ def render_response(self, request, html_response):
         # Multifactor goes before user agreement because might result in user not being authenticated
         if self.processor.enable_multifactor(request.user):
             logger.debug("Redirecting to process_multi_factor")
-            return HttpResponseRedirect(reverse('uniauth_saml2_idp:saml_multi_factor'))
+            return HttpResponseRedirect(reverse("uniauth_saml2_idp:saml_multi_factor"))
 
         # If we are here, there's no multifactor. Check whether to show user agreement
         if user_agreement_enabled_for_sp and not already_agreed:
             logger.debug("Redirecting to process_user_agreement")
-            return HttpResponseRedirect(reverse('uniauth_saml2_idp:saml_user_agreement'))
+            return HttpResponseRedirect(
+                reverse("uniauth_saml2_idp:saml_user_agreement")
+            )
 
         # No multifactor or user agreement
         logger.debug("Performing SAML redirect")
         return HttpResponse(html_response)
 
 
-@method_decorator(require_saml_request, name='dispatch')
+@method_decorator(require_saml_request, name="dispatch")
+@method_decorator(store_params_in_session_func, name="dispatch")
 class LoginAuthView(LoginView):
-    """ First Login Form
-    """
+    """First Login Form"""
+
     template_name = "saml_login.html"
     form_class = LoginForm
 
+    def clean_mfa(self):
+        if self.request.session.get('mfa_user'):
+            del self.request.session['mfa_user']
+
     def form_invalid(self, form):
         """If the form is invalid, returns a generic message
         status code 200 to prevent brute force attack based to response code!
         """
-        return render(self.request, 'error.html',
-                      {'exception_type': _("You cannot access to this service"),
-                       'exception_msg': _("Your Username or Password is invalid, "
-                                          "your account could be expired or been "
-                                          "disabled due to many login attempts."),
-                       'extra_message': _("Please access to 'Forgot your Password' "
-                                          "procedure, before contact the help desk.")},
-                      status=200)
+        return render(
+            self.request,
+            "error.html",
+            {
+                "exception_type": _("You cannot access to this service"),
+                "exception_msg": _(
+                    "Your Username or Password is invalid, "
+                    "your account could be expired or been "
+                    "disabled due to many login attempts."
+                ),
+                "extra_message": _(
+                    "Please access to 'Forgot your Password' "
+                    "procedure, before contact the help desk."
+                ),
+            },
+            status=403,
+        )
 
     def form_valid(self, form):
         """Security check complete. Log the user in."""
+        
+        # check if admin access
+        ac = urllib.parse.splitquery(self.request.get_full_path())
+        if f'next=/{settings.ADMIN_PATH}' in ac[1]:
+            self.clean_mfa()
+            return super().form_valid(form)
+        # end check admin access
+        
         # check issue instant
         now = timezone.localtime()
         issue_instant = now
-        authn_issue_instant = self.request.saml_session['issue_instant']
+        authn_issue_instant = self.request.saml_session.get("issue_instant")
+        
+        if not authn_issue_instant:
+            return render(
+                self.request,
+                "error.html",
+                {
+                    "exception_type": _("Not a valid SAML2 request"),
+                    "exception_msg": _("Your request is not valid"),
+                },
+                status=403,
+            )
+        
         for tformat in settings.SAML2_DATETIME_FORMATS:
             try:
                 issue_instant = timezone.datetime.strptime(
-                                    authn_issue_instant, tformat
+                    authn_issue_instant, tformat
                 )
                 break
             except Exception as e:
-                logger.debug('{} not parseable with {}: {}'.format(
-                                        authn_issue_instant, tformat, e)
+                logger.debug(
+                    "{} not parseable with {}: {}".format(
+                        authn_issue_instant, tformat, e
+                    )
                 )
         # end check
-        mins = getattr(settings, 'SESSION_COOKIE_AGE', 600)
+        mins = getattr(settings, "SESSION_COOKIE_AGE", 600)
         dt_check = None
         try:
             dt_check = issue_instant < timezone.make_naive(
-                                (now - datetime.timedelta(minutes=mins)),
-                                 timezone.get_current_timezone())
+                (now - datetime.timedelta(minutes=mins)),
+                timezone.get_current_timezone(),
+            )
         except Exception as e:
-            logger.error('Issue instant time comparison failed: {}'.format(e))
+            logger.error("Issue instant time comparison failed: {}".format(e))
         if dt_check:
-            return render(self.request, 'error.html',
-                          {'exception_type': _("You take too long to authenticate!"),
-                           'exception_msg': _("Your request is expired"),
-                           'extra_message': _('{} minutes are passed').format(mins)},
-                          status=403)
+            return render(
+                self.request,
+                "error.html",
+                {
+                    "exception_type": _("You take too long to authenticate!"),
+                    "exception_msg": _("Your request is expired"),
+                    "extra_message": _("{} minutes are passed").format(mins),
+                },
+                status=403,
+            )
         # end check issue instant
 
         user = form.get_user()
         auth_login(self.request, user)
 
         # bind the user id to saml_session (needed for SLO and SameSite workaround)
-        self.request.saml_session['_auth_user_id'] = user.pk
+        self.request.saml_session["_auth_user_id"] = user.pk
 
-        if self.request.POST.get('forget_agreement'):
+        if self.request.POST.get("forget_agreement"):
             # TODO: also add the sp_nameid in the query?
             agr = AgreementRecord.objects.filter(user=self.request.user)
             agr.delete()
 
-        if self.request.POST.get('forget_login'):
-            self.request.saml_session['forget_login'] = 1
+        if self.request.POST.get("forget_login"):
+            self.request.saml_session["forget_login"] = 1
+        
+        self.clean_mfa()
+        return super().form_valid(form)
+        # return HttpResponseRedirect(self.get_success_url())
 
-        return HttpResponseRedirect(self.get_success_url())
 
-
-@method_decorator(never_cache, name='dispatch')
-@method_decorator(require_saml_request, name='dispatch')
+@method_decorator(never_cache, name="dispatch")
+@method_decorator(require_saml_request, name="dispatch")
 class LoginProcessView(LoginRequiredMixin, IdPHandlerViewMixin, View):
-    """ View which processes the actual SAML request and
-        returns a self-submitting form with the SAML response.
-        The login_required decorator ensures the user authenticates
-        first on the IdP using 'normal' ways.
+    """View which processes the actual SAML request and
+    returns a self-submitting form with the SAML response.
+    The login_required decorator ensures the user authenticates
+    first on the IdP using 'normal' ways.
     """
 
     def dispatch(self, request, *args, **kwargs):
         if request.user.is_authenticated:
-            logger.info('{}: already logged in.'.format(request.user.username))
+            logger.info("{}: already logged in.".format(request.user.username))
         return super().dispatch(request, *args, **kwargs)
 
-    def get(self, request, *args, **kwargs):
+    def process_saml_session(self, request, *args, **kwargs):
         try:
-            binding = request.saml_session.get('Binding', BINDING_HTTP_POST)
+            binding = request.saml_session.get("Binding", BINDING_HTTP_POST)
             # Parse incoming request
-            req_info = self.IDP.parse_authn_request(request.saml_session['SAMLRequest'],
-                                                    binding)
+            req_info = self.IDP.parse_authn_request(
+                request.saml_session["SAMLRequest"], binding
+            )
 
             # Compile Response Arguments
             self.resp_args = self.IDP.response_args(req_info.message)
             # Set SP and Processor
-            self.set_sp(self.resp_args['sp_entity_id'])
+            self.set_sp(self.resp_args["sp_entity_id"])
             self.set_processor(request=request)
             # Check if user has access
             self.check_access(request)
             # Construct SamlResponse message
-            self.authn_resp = self.build_authn_response(request.user,
-                                                        self.get_authn(),
-                                                        self.resp_args)
+            self.authn_resp = self.build_authn_response(
+                request.user, self.get_authn(), self.resp_args
+            )
         except KeyError as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=400)
         except ValueError as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=400)
         except (UnknownPrincipal, UnsupportedBinding) as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=400)
         except ImproperlyConfigured as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=500)
         except UnknownSystemEntity as excp:
-            logger.error('{}'.format(excp))
-            return self.handle_error(request,
-                                     exception=excp,
-                                     exception_msg=_(
-                                         'This SP needs attribute mappings'),
-                                     status=403)
+            logger.error("{}".format(excp))
+            return self.handle_error(
+                request,
+                exception=excp,
+                exception_msg=_("This SP needs attribute mappings"),
+                status=403,
+            )
         except PermissionDenied as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=403)
         except Exception as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=500)
 
         html_response = self.create_html_response(
             request,
-            binding=self.resp_args['binding'],
+            binding=self.resp_args["binding"],
             authn_resp=self.authn_resp,
-            destination=self.resp_args['destination'],
-            relay_state=request.saml_session['RelayState'])
+            destination=self.resp_args["destination"],
+            relay_state=request.saml_session["RelayState"],
+        )
 
-        logger.debug("SAML Authn request Response [\n{}]".format(
-            repr_saml(self.authn_resp)))
+        logger.debug(
+            "SAML Authn request Response [\n{}]".format(
+                repr_saml(self.authn_resp))
+        )
         return self.render_response(request, html_response)
 
+    def get(self, request, *args, **kwargs):
+        return self.process_saml_session(request, *args, **kwargs)
 
-@method_decorator(never_cache, name='dispatch')
+    def post(self, request, *args, **kwargs):
+        return self.process_saml_session(request, *args, **kwargs)
+
+
+@method_decorator(never_cache, name="dispatch")
 class SSOInitView(LoginRequiredMixin, IdPHandlerViewMixin, View):  # pragma: no cover
-    """ View used for IDP initialized login,
-        doesn't handle any SAML authn request
+    """View used for IDP initialized login,
+    doesn't handle any SAML authn request
     """
 
     def post(self, request, *args, **kwargs):
@@ -777,149 +896,167 @@ def get(self, request, *args, **kwargs):
 
         try:
             # get sp information from the parameters
-            self.set_sp(passed_data['sp'])
+            self.set_sp(passed_data["sp"])
             self.set_processor(request=request)
             # Check if user has access to SP
             self.check_access(request)
         except (KeyError, ImproperlyConfigured) as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=400)
         except PermissionDenied as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=403)
 
         binding_out, destination = self.IDP.pick_binding(
-            service="assertion_consumer_service",
-            entity_id=self.sp['id'])
+            service="assertion_consumer_service", entity_id=self.sp["id"]
+        )
 
         # Adds few things that would have been added
         # if this were SP Initiated
-        passed_data['destination'] = destination
-        passed_data['in_response_to'] = "IdP_Initiated_Login"
-        passed_data['sp_entity_id'] = self.sp['id']
+        passed_data["destination"] = destination
+        passed_data["in_response_to"] = "IdP_Initiated_Login"
+        passed_data["sp_entity_id"] = self.sp["id"]
 
         # Construct SamlResponse messages
         try:
-            authn_resp = self.build_authn_response(request.user,
-                                                   self.get_authn(),
-                                                   passed_data)
+            authn_resp = self.build_authn_response(
+                request.user, self.get_authn(), passed_data
+            )
         except Exception as excp:
-            logger.error('{}'.format(excp))
+            logger.error("{}".format(excp))
             return self.handle_error(request, exception=excp, status=500)
 
-        html_response = self.create_html_response(request, binding_out,
-                                                  authn_resp, destination,
-                                                  passed_data['RelayState'])
+        html_response = self.create_html_response(
+            request, binding_out, authn_resp, destination, passed_data["RelayState"]
+        )
         return self.render_response(request, html_response)
 
 
-@method_decorator(never_cache, name='dispatch')
-@method_decorator(require_saml_request, name='dispatch')
+@method_decorator(never_cache, name="dispatch")
+@method_decorator(require_saml_request, name="dispatch")
 class UserAgreementScreen(ErrorHandler, LoginRequiredMixin, View):
-    """This view shows the user an overview of the data being sent to the SP.
-    """
+    """This view shows the user an overview of the data being sent to the SP."""
 
     def get(self, request, *args, **kwargs):
-        template = 'user_agreement.html'
+        template = "user_agreement.html"
         context = dict()
         try:
             # prevents KeyError at /login/process_user_agreement/: 'sp_display_info'
-            ses_disp_info = request.saml_session['sp_display_info']
-
-            context['sp_display_name'] = ses_disp_info['display_name']
-            context['sp_display_description'] = ses_disp_info['display_description']
-            context['sp_display_agreement_message'] = ses_disp_info.get(
-                'display_agreement_message')
-            context['sp_display_agreement_consent_form'] = ses_disp_info.get(
-                'display_agreement_consent_form')
-            context['attrs_passed_to_sp'] = request.saml_session['identity']
+            ses_disp_info = request.saml_session["sp_display_info"]
+
+            context["sp_display_name"] = ses_disp_info.get(
+                "display_name", ses_disp_info)
+            context["sp_display_description"] = ses_disp_info["display_description"]
+
+            context["sp_display_agreement_message"] = ses_disp_info.get(
+                "display_agreement_message"
+            )
+            context["sp_display_agreement_consent_form"] = ses_disp_info.get(
+                "display_agreement_consent_form"
+            )
+            context["attrs_passed_to_sp"] = request.saml_session["identity"]
         except Exception as excp:  # pragma: no cover
             logout(request)
-            logging.error('{}'.format(excp))
+            logging.error("{}".format(excp))
             msg = _not_valid_saml_msg
-            return self.handle_error(request, exception=excp,
-                                     extra_message=msg)
+            return self.handle_error(
+                request,
+                exception=excp,
+                extra_message=msg
+            )
 
-        context['form'] = AgreementForm()
-        html_response = render_to_string(template, context=context,
-                                         request=request)
+        context["form"] = AgreementForm()
+        html_response = render_to_string(
+            template, context=context, request=request)
         return HttpResponse(html_response)
 
     def post(self, request, *args, **kwargs):
         form = AgreementForm(request.POST)
         if not form.is_valid():
-            return render(request, 'error.html',
-                          {'exception_type': _("Invalid submission")},
-                          status=403)
+            return render(
+                request,
+                "error.html",
+                {"exception_type": _("Invalid submission")},
+                status=403,
+            )
 
-        confirm = int(form.cleaned_data['confirm'])
-        dont_show_again = form.cleaned_data['dont_show_again']
+        confirm = int(form.cleaned_data["confirm"])
+        dont_show_again = form.cleaned_data["dont_show_again"]
 
         if not confirm:
             logout(request)
-            return render(request, 'error.html',
-                          {'exception_type': _(
-                              "You cannot access to this service")},
-                          status=403)
+            return render(
+                request,
+                "error.html",
+                {"exception_type": _("You cannot access to this service")},
+                status=403,
+            )
 
         if dont_show_again:
             record = AgreementRecord(
                 user=request.user,
-                sp_entity_id=request.saml_session['sp_entity_id'],
-                attrs=",".join(request.saml_session['identity'].keys())
+                sp_entity_id=request.saml_session["sp_entity_id"],
+                attrs=",".join(request.saml_session["identity"].keys()),
             )
             record.save()
 
-        saml_response_data = request.saml_session.get('response')
-        if request.saml_session.get('forget_login'):
+        saml_response_data = request.saml_session.get("response")
+        if request.saml_session.get("forget_login"):
             logout(request)
         return HttpResponse(saml_response_data)
 
 
-@method_decorator(never_cache, name='dispatch')
-@method_decorator(require_saml_request, name='dispatch')
+@method_decorator(never_cache, name="dispatch")
+@method_decorator(require_saml_request, name="dispatch")
 class ProcessMultiFactorView(LoginRequiredMixin, View):
-    """ This view is used in an optional step is to perform 'other'
-        user validation, for example 2nd factor checks.
-        Override this view per the documentation if using this
-        functionality to plug in your custom validation logic.
+    """This view is used in an optional step is to perform 'other'
+    user validation, for example 2nd factor checks.
+    Override this view per the documentation if using this
+    functionality to plug in your custom validation logic.
     """
 
     def multifactor_is_valid(self, request):  # pragma: no cover
-        """ The code here can do whatever it needs to validate your
-            user (via request.user or elsewise).
-            It must return True for authentication
-            to be considered a success.
+        """The code here can do whatever it needs to validate your
+        user (via request.user or elsewise).
+        It must return True for authentication
+        to be considered a success.
         """
         return True
 
     def get(self, request, *args, **kwargs):  # pragma: no cover
         if self.multifactor_is_valid(request):
-            logger.debug('MultiFactor succeeded for %s' % request.user)
+            logger.debug("MultiFactor succeeded for %s" % request.user)
 
             # Check if user agreement redirect needed
-            if request.saml_session.get('sp_display_info'):
+            if request.saml_session.get("sp_display_info"):
                 # Arbitrary value that's only set if user agreement needed.
-                return HttpResponseRedirect(reverse('uniauth_saml2_idp:saml_user_agreement'))
-            return HttpResponse(request.saml_session['response'])
+                return HttpResponseRedirect(
+                    reverse("uniauth_saml2_idp:saml_user_agreement")
+                )
+            return HttpResponse(request.saml_session["response"])
         logger.debug(
-            _("MultiFactor failed; %s will not be able to log in") % request.user)
+            _("MultiFactor failed; %s will not be able to log in") % request.user
+        )
         logout(request)
         raise PermissionDenied(_("MultiFactor authentication factor failed"))
 
 
-@method_decorator(never_cache, name='dispatch')
-@method_decorator(csrf_exempt, name='dispatch')
-@method_decorator(require_saml_request, name='dispatch')
+@method_decorator(never_cache, name="dispatch")
+@method_decorator(csrf_exempt, name="dispatch")
+# @method_decorator(require_saml_request, name="dispatch")
 class LogoutProcessView(IdPHandlerViewMixin, View):
-    """ View which processes the actual SAML Single Logout request
-        The login_required decorator ensures the user authenticates
-        first on the IdP using 'normal' way.
+    """View which processes the actual SAML Single Logout request
+    The login_required decorator ensures the user authenticates
+    first on the IdP using 'normal' way.
 
-        LoginRequiredMixin cannot be used here due to
-        SameSite=strict prevention
+    LoginRequiredMixin cannot be used here due to
+    SameSite=strict prevention
     """
-    __service_name = 'Single LogOut'
+
+    __service_name = "Single LogOut"
+
+    def dispatch(self, request, *args, **kwargs):
+        return super().dispatch(request, *args, **kwargs)
 
     def post(self, request, *args, **kwargs):
         return self.get(request, *args, **kwargs)
@@ -930,26 +1067,33 @@ def get(self, request, *args, **kwargs):
         # do not assign a variable that overwrite request object
         # if it will fail the return with HttpResponseBadRequest trows naturally
         # store_params_in_session(request) -> now is a decorator
-        binding = request.saml_session['Binding']
-        relay_state = request.saml_session['RelayState']
+        binding = request.saml_session["Binding"]
+        relay_state = request.saml_session["RelayState"]
         logger.debug("{} requested [\n{}] to IDP".format(
             self.__service_name, binding))
 
         # adapted from pysaml2 examples/idp2/idp_uwsgi.py
         try:
             req_info = self.IDP.parse_logout_request(
-                request.saml_session['SAMLRequest'], binding)
+                request.saml_session["SAMLRequest"], binding
+            )
         except Exception as excp:  # pragma: no cover
             expc_msg = "{} Bad request: {}".format(self.__service_name, excp)
             logger.error(expc_msg)
             return self.handle_error(request, exception=expc_msg, status=400)
 
-        logger.info("{} from {} for [{}]".format(self.__service_name,
-                                                 getattr(req_info.message.name_id, 'sp_name_qualifier', ""),
-                                                 getattr(req_info.message.name_id, 'text', ""))
+        logger.info(
+            "{} from {} for [{}]".format(
+                self.__service_name,
+                getattr(req_info.message.name_id, "sp_name_qualifier", ""),
+                getattr(req_info.message.name_id, "text", ""),
+            )
+        )
+        logger.debug(
+            "{} SAML request [\n{}]".format(
+                self.__service_name, repr_saml(req_info.xmlstr, b64=False)
+            )
         )
-        logger.debug("{} SAML request [\n{}]".format(self.__service_name,
-                                                     repr_saml(req_info.xmlstr, b64=False)))
 
         resp = self.IDP.create_logout_response(req_info.message, [binding])
 
@@ -957,61 +1101,60 @@ def get(self, request, *args, **kwargs):
             destination = re.findall(
                 r'Destination="([a-z0-9A-Z\.\-\_\:\/]*)"', resp)[0]
         except IndexError:
-            logger.error(f'Cannot find any Destination from {resp}')
-            return self.handle_error(request,
-                                     exception='Cannot find any Destination from your request',
-                                     status=400)
+            logger.error(f"Cannot find any Destination from {resp}")
+            return self.handle_error(
+                request,
+                exception="Cannot find any Destination from your request",
+                status=400,
+            )
 
         try:
             # hinfo returns request or response, it depends by request arg
-            hinfo = self.IDP.apply_binding(binding, resp,
-                                           destination,
-                                           relay_state, response=True)
+            hinfo = self.IDP.apply_binding(
+                binding, resp, destination, relay_state, response=True
+            )
         except Exception as excp:
             logger.error("ServiceError: {}".format(excp))
             return self.handle_error(request, exception=excp, status=400)
 
-        logger.debug("{} Response [\n{}]".format(self.__service_name,
-                                                 repr_saml(resp.encode())))
-        logger.debug("binding: {} destination:{} relay_state:{}".format(binding,
-                                                                        destination,
-                                                                        relay_state))
+        logger.debug(
+            "{} Response [\n{}]".format(
+                self.__service_name, repr_saml(resp.encode()))
+        )
+        logger.debug(
+            "binding: {} destination:{} relay_state:{}".format(
+                binding, destination, relay_state
+            )
+        )
 
         # logout user from IDP, this won't work in crossdomains because of SameSite
         user = get_user_model().objects.filter(
-            pk=request.saml_session['_auth_user_id'])
+            pk=request.saml_session.get("_auth_user_id"))
         if user:
             user.first().clear_sessions()
         else:
-            logger.warn('{}: logging out an unauthenticated user?'.format(
-                self.__service_name))
+            logger.warn(
+                "{}: logging out an unauthenticated user?".format(
+                    self.__service_name)
+            )
 
-        if hinfo['method'] == 'GET':
-            return HttpResponseRedirect(hinfo['headers'][0][1])
+        if hinfo["method"] == "GET":
+            return HttpResponseRedirect(hinfo["headers"][0][1])
         else:
             html_response = self.create_html_response(
                 request,
                 binding=binding,
                 authn_resp=resp.__str__(),
                 destination=destination,
-                relay_state=relay_state)
+                relay_state=relay_state,
+            )
         return self.render_response(request, html_response)
 
 
-#  @never_cache
-#  def get_metadata(request):
-    #  if hasattr(settings, "SAML_IDP_MULTIFACTOR_VIEW"):
-        #  multifactor_class = import_string(getattr(settings,
-        #  "SAML_IDP_MULTIFACTOR_VIEW"))
-    #  else:
-        #  multifactor_class = ProcessMultiFactorView
-    #  return multifactor_class.as_view()(request)
-
-
 def metadata(request):
-    """ Returns an XML with the SAML 2.0 metadata for this Idp.
-        The metadata is constructed on-the-fly based on the
-        config dict in the django settings.
+    """Returns an XML with the SAML 2.0 metadata for this Idp.
+    The metadata is constructed on-the-fly based on the
+    config dict in the django settings.
     """
     conf = IdPConfig()
     conf.load(copy.deepcopy(settings.SAML_IDP_CONFIG))
@@ -1020,12 +1163,18 @@ def metadata(request):
     # removed ...
     # metadata.extensions = None
 
-    return HttpResponse(content=text_type(metadata).encode('utf-8'),
-                        content_type="text/xml; charset=utf8")
+    return HttpResponse(
+        content=text_type(metadata).encode("utf-8"),
+        content_type="text/xml; charset=utf8",
+    )
 
 
 def test500(request):
     # this avoid conflicts with unit tests
-    if not hasattr(request, 'META'):
+    if not hasattr(request, "META"):
         return HttpResponse(status=500)
-    raise Exception()
+    raise Exception("Error 500 tested succesfully")
+
+
+class LoginMfaView(LoginAuthView, MfaLoginAuthView):
+    pass
diff --git a/uwsgi_setup/django_init b/uwsgi_setup/django_init
index 80cc802..3bf9ace 100755
--- a/uwsgi_setup/django_init
+++ b/uwsgi_setup/django_init
@@ -19,11 +19,11 @@
 
 PATH=/sbin:/usr/sbin:/bin:/usr/bin
 BASEDIR="/opt"
-ENVDIR="$BASEDIR/django-saml2-idp.env"
-APPNAME="unicalauth"
+ENVDIR="$BASEDIR/env"
+APPNAME="uniauth"
 APPDIR="$BASEDIR/$APPNAME"
 #DEBUG=""
-PID_PATH="/var/log/uwsgi"
+PID_PATH="/opt/uniauth/logs"
 USER=wert
 COMMAND="uwsgi --ini $APPDIR/uwsgi_setup/uwsgi.ini &"
 STOP_CMD="source $ENVDIR/bin/activate && uwsgi --stop $PID_PATH/$APPNAME.pid"
diff --git a/uwsgi_setup/uwsgi.ini b/uwsgi_setup/uwsgi.ini
index cfca801..919bd44 100644
--- a/uwsgi_setup/uwsgi.ini
+++ b/uwsgi_setup/uwsgi.ini
@@ -1,27 +1,21 @@
 [uwsgi]
-project     = unicalauth
+project     = uniauth
 base        = /opt
-
 chdir       = %(base)/%(project)
 
-uid         = wert
-gid         = wert
+uid         = 1000
+gid         = 1000
 
 socket      = 127.0.0.1:3000
 master      = true
 processes   = 4
-#threads     = 2
-
-# se installato con pip non serve il plugin perchè embedded
-#plugins    = python
-# con virtualenv non serve
-#pythonpath     = %(base)/%(project)/%(project)
 
-virtualenv  = %(base)/django-idp.env
+virtualenv  = %(base)/env
+env         = DJANGO_SETTINGS_MODULE = %(project).settings
 
-logto = /var/log/uwsgi/%(project).log
-log-maxsize = 100000000
-log-backupname = /var/log/uwsgi/%(project).old.log
+# logto = %(base)/%(project)/logs/%(project).log
+# log-maxsize = 350000
+# log-backupname = %(base)/%(project)/logs/%(project).old.log
 
 module      = django_idp.wsgi:application
 vacuum      = True
@@ -37,9 +31,7 @@ harakiri = 20
 # SAML over https needs a greater buffersize, instead: "invalid request block size: 5843 (max 4096)...skip"
 buffer-size=32768
 
-env         = DJANGO_SETTINGS_MODULE = %(project).settings
-
 pidfile     = /var/log/uwsgi/%(project).pid
 touch-reload    = %(base)/%(project)/django_idp/settings.py
 stats       = 127.0.0.1:9191
-stats-http = True
+stats-http  = True