So... you're saying that Keystone allows untrusted users to pass crafted SAML XML requests or responses through routines in PySAML2?
So... you're saying that Keystone allows untrusted users to pass crafted SAML XML requests or responses through routines in PySAML2?