providers/saml: fix IndexError in signature check
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
2eb5a5cc76
commit
4bd1cd127b
|
@ -100,14 +100,13 @@ class AuthNRequestParser:
|
||||||
xmlsec.tree.add_ids(root, ["ID"])
|
xmlsec.tree.add_ids(root, ["ID"])
|
||||||
signature_nodes = root.xpath("/samlp:AuthnRequest/ds:Signature", namespaces=NS_MAP)
|
signature_nodes = root.xpath("/samlp:AuthnRequest/ds:Signature", namespaces=NS_MAP)
|
||||||
# No signatures, no verifier configured -> decode xml directly
|
# No signatures, no verifier configured -> decode xml directly
|
||||||
if len(signature_nodes) < 1 and not verifier:
|
if len(signature_nodes) < 1:
|
||||||
return self._parse_xml(decoded_xml, relay_state)
|
if not verifier:
|
||||||
|
return self._parse_xml(decoded_xml, relay_state)
|
||||||
|
raise CannotHandleAssertion(ERROR_SIGNATURE_REQUIRED_BUT_ABSENT)
|
||||||
|
|
||||||
signature_node = signature_nodes[0]
|
signature_node = signature_nodes[0]
|
||||||
|
|
||||||
if verifier and signature_node is None:
|
|
||||||
raise CannotHandleAssertion(ERROR_SIGNATURE_REQUIRED_BUT_ABSENT)
|
|
||||||
|
|
||||||
if signature_node is not None:
|
if signature_node is not None:
|
||||||
if not verifier:
|
if not verifier:
|
||||||
raise CannotHandleAssertion(ERROR_SIGNATURE_EXISTS_BUT_NO_VERIFIER)
|
raise CannotHandleAssertion(ERROR_SIGNATURE_EXISTS_BUT_NO_VERIFIER)
|
||||||
|
|
Reference in New Issue