providers/saml: improved error handling

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-16 10:58:51 +02:00
parent 124071f9be
commit ae26d2756f
1 changed files with 5 additions and 1 deletions

View File

@ -59,6 +59,10 @@ class AuthNRequestParser:
) -> AuthNRequest:
root = ElementTree.fromstring(decoded_xml)
if "AssertionConsumerServiceURL" not in root.attrib:
msg = "Missing 'AssertionConsumerServiceURL' attribute"
LOGGER.warning(msg)
raise CannotHandleAssertion(msg)
request_acs_url = root.attrib["AssertionConsumerServiceURL"]
if self.provider.acs_url.lower() != request_acs_url.lower():
@ -66,7 +70,7 @@ class AuthNRequestParser:
f"ACS URL of {request_acs_url} doesn't match Provider "
f"ACS URL of {self.provider.acs_url}."
)
LOGGER.info(msg)
LOGGER.warning(msg)
raise CannotHandleAssertion(msg)
auth_n_request = AuthNRequest(id=root.attrib["ID"], relay_state=relay_state)