providers/saml: fix error on missing AssertionConsumerServiceURL, fall back to default ACS
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
5d9bed130a
commit
335d6edd11
|
@ -59,10 +59,12 @@ class AuthNRequestParser:
|
||||||
) -> AuthNRequest:
|
) -> AuthNRequest:
|
||||||
root = ElementTree.fromstring(decoded_xml)
|
root = ElementTree.fromstring(decoded_xml)
|
||||||
|
|
||||||
|
# http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf
|
||||||
|
# `AssertionConsumerServiceURL` can be omitted, and we should fallback to the
|
||||||
|
# default ACS URL
|
||||||
if "AssertionConsumerServiceURL" not in root.attrib:
|
if "AssertionConsumerServiceURL" not in root.attrib:
|
||||||
msg = "Missing 'AssertionConsumerServiceURL' attribute"
|
request_acs_url = self.provider.acs_url.lower()
|
||||||
LOGGER.warning(msg)
|
else:
|
||||||
raise CannotHandleAssertion(msg)
|
|
||||||
request_acs_url = root.attrib["AssertionConsumerServiceURL"]
|
request_acs_url = root.attrib["AssertionConsumerServiceURL"]
|
||||||
|
|
||||||
if self.provider.acs_url.lower() != request_acs_url.lower():
|
if self.provider.acs_url.lower() != request_acs_url.lower():
|
||||||
|
|
Reference in a new issue