4 files changed, 9 insertions, 12 deletions

diff --git a/src/saml2/client.py b/src/saml2/client.py
index 5f82c6bc..e8642dfa 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -152,8 +152,8 @@ class Saml2Client(Base):
             # XXX   ^through self.create_authn_request(...)
             # XXX - sign_redirect will add the signature to the query params
             # XXX   ^through self.apply_binding(...)
-            sign_post = False if binding == BINDING_HTTP_REDIRECT else sign
-            sign_redirect = False if binding == BINDING_HTTP_POST and sign else sign
+            sign_redirect = sign and binding == BINDING_HTTP_REDIRECT
+            sign_post = sign and not sign_redirect
 
             reqid, request = self.create_authn_request(
                 destination=destination,
@@ -318,10 +318,8 @@ class Saml2Client(Base):
                 session_indexes = None
 
             sign = sign if sign is not None else self.logout_requests_signed
-            sign_post = sign and (
-                binding == BINDING_HTTP_POST or binding == BINDING_SOAP
-            )
             sign_redirect = sign and binding == BINDING_HTTP_REDIRECT
+            sign_post = sign and not sign_redirect
 
             log_report = {
                 "message": "Invoking SLO on entity",
diff --git a/src/saml2/httpbase.py b/src/saml2/httpbase.py
index 5860992d..f8393639 100644
--- a/src/saml2/httpbase.py
+++ b/src/saml2/httpbase.py
@@ -315,7 +315,7 @@ class HTTPBase(object):
 
         if sign and self.sec:
             _signed = self.sec.sign_statement(soap_message,
-                                              class_name=class_name(request),
+                                              node_name=class_name(request),
                                               node_id=request.id)
             soap_message = _signed
 
diff --git a/src/saml2/pack.py b/src/saml2/pack.py
index f0890471..36480743 100644
--- a/src/saml2/pack.py
+++ b/src/saml2/pack.py
@@ -240,7 +240,7 @@ def make_soap_enveloped_saml_thingy(thingy, header_parts=None):
         if thingy[0:5].lower() == '<?xml':
             logger.debug("thingy0: %s", thingy)
             _part = thingy.split("\n")
-            thingy = "".join(_part[1:])
+            thingy = "\n".join(_part[1:])
         thingy = thingy.replace(PREFIX, "")
         logger.debug("thingy: %s", thingy)
         _child = ElementTree.Element('')
diff --git a/src/saml2/request.py b/src/saml2/request.py
index 200a1ff8..787af78f 100644
--- a/src/saml2/request.py
+++ b/src/saml2/request.py
@@ -2,7 +2,6 @@ import logging
 
 from saml2 import time_util
 from saml2 import BINDING_HTTP_REDIRECT
-from saml2 import BINDING_HTTP_POST
 from saml2.attribute_converter import to_local
 from saml2.s_utils import OtherError
 
@@ -55,22 +54,22 @@ class Request(object):
         logger.debug("xmlstr: %s, relay_state: %s, sigalg: %s, signature: %s",
                      self.xmlstr, relay_state, sigalg, signature)
 
-        signed_post = must and binding == BINDING_HTTP_POST
-        signed_redirect = must and binding == BINDING_HTTP_REDIRECT
+        sign_redirect = must and binding == BINDING_HTTP_REDIRECT
+        sign_post = must and not sign_redirect
         incorrectly_signed = IncorrectlySigned("Request was not signed correctly")
 
         try:
             self.message = self.signature_check(
                 xmldata,
                 origdoc=origdoc,
-                must=signed_post,
+                must=sign_post,
                 only_valid_cert=only_valid_cert,
             )
         except Exception as e:
             self.message = None
             raise incorrectly_signed from e
 
-        if signed_redirect:
+        if sign_redirect:
             if sigalg is None or signature is None:
                 raise incorrectly_signed