From 5b837c3ccc16a2d6fb10f23faba239f02bcc8176 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 14 Jun 2021 12:51:42 +0200 Subject: [PATCH] providers/saml: improve error handling for signature errors Signed-off-by: Jens Langhammer --- authentik/providers/saml/processors/metadata_parser.py | 2 +- authentik/providers/saml/processors/request_parser.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/authentik/providers/saml/processors/metadata_parser.py b/authentik/providers/saml/processors/metadata_parser.py index d17ebaaaa..8708a6c06 100644 --- a/authentik/providers/saml/processors/metadata_parser.py +++ b/authentik/providers/saml/processors/metadata_parser.py @@ -120,7 +120,7 @@ class ServiceProviderMetadataParser: ) ctx.key = key ctx.verify(signature_node) - except xmlsec.VerificationError as exc: + except xmlsec.Error as exc: raise ValueError("Failed to verify Metadata signature") from exc def parse(self, raw_xml: str) -> ServiceProviderMetadata: diff --git a/authentik/providers/saml/processors/request_parser.py b/authentik/providers/saml/processors/request_parser.py index 1f1e80109..f1d9393b3 100644 --- a/authentik/providers/saml/processors/request_parser.py +++ b/authentik/providers/saml/processors/request_parser.py @@ -108,7 +108,7 @@ class AuthNRequestParser: ) ctx.key = key ctx.verify(signature_node) - except xmlsec.VerificationError as exc: + except xmlsec.Error as exc: raise CannotHandleAssertion(ERROR_FAILED_TO_VERIFY) from exc return self._parse_xml(decoded_xml, relay_state) @@ -160,7 +160,7 @@ class AuthNRequestParser: sign_algorithm_transform, b64decode(signature), ) - except xmlsec.VerificationError as exc: + except xmlsec.Error as exc: raise CannotHandleAssertion(ERROR_FAILED_TO_VERIFY) from exc return self._parse_xml(decoded_xml, relay_state)