diff options
author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-02-03 09:17:46 +0100 |
---|---|---|
committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-02-03 09:17:46 +0100 |
commit | d21ac9a70bce0535a2f3cc3a621452ad9d0681d6 (patch) | |
tree | 5395e389cc0a2f5a68f20eea81dc88a7f1f59fc0 | |
parent | 623525442185481d83bb43846b9930ec4e66f75d (diff) | |
download | pysaml2-d21ac9a70bce0535a2f3cc3a621452ad9d0681d6.tar.gz |
Fixed one security bug pointed out by Ehsan Foroughi.
-rw-r--r-- | src/saml2/response.py | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/saml2/response.py b/src/saml2/response.py index c40997a3..8c6332c8 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -850,9 +850,13 @@ class AuthnResponse(StatusResponse): """ try: - self._verify() - except AssertionError: + res = self._verify() + except AssertionError as err: + logger.error("Verification error on the response: %s" % err) raise + else: + if res is None: + return None if not isinstance(self.response, samlp.Response): return self |