sources/saml: improve error handling for missing assertion and missing subject

closes #3784

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-10-14 13:56:35 +02:00
parent febe3a5477
commit 0ca1368dcc
2 changed files with 6 additions and 2 deletions

View file

@ -163,10 +163,14 @@ class ResponseProcessor:
def _get_name_id(self) -> "Element": def _get_name_id(self) -> "Element":
"""Get NameID Element""" """Get NameID Element"""
assertion = self._root.find("{urn:oasis:names:tc:SAML:2.0:assertion}Assertion") assertion = self._root.find("{urn:oasis:names:tc:SAML:2.0:assertion}Assertion")
if not assertion:
raise ValueError("Assertion element not found")
subject = assertion.find("{urn:oasis:names:tc:SAML:2.0:assertion}Subject") subject = assertion.find("{urn:oasis:names:tc:SAML:2.0:assertion}Subject")
if not subject:
raise ValueError("Subject element not found")
name_id = subject.find("{urn:oasis:names:tc:SAML:2.0:assertion}NameID") name_id = subject.find("{urn:oasis:names:tc:SAML:2.0:assertion}NameID")
if name_id is None: if name_id is None:
raise ValueError("NameID Element not found!") raise ValueError("NameID element not found")
return name_id return name_id
def _get_name_id_filter(self) -> dict[str, str]: def _get_name_id_filter(self) -> dict[str, str]:

View file

@ -163,7 +163,7 @@ class ACSView(View):
try: try:
return processor.prepare_flow(request) return processor.prepare_flow(request)
except UnsupportedNameIDFormat as exc: except (UnsupportedNameIDFormat, ValueError) as exc:
return bad_request_message(request, str(exc)) return bad_request_message(request, str(exc))