diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2019-03-12 13:27:32 +0200 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2019-03-12 14:58:56 +0200 |
commit | 845fc7d40c3f81b79a95bbbea7a82953a54572c4 (patch) | |
tree | 33dd834f3b4a7b28909a36a9006790908f6b5fda | |
parent | 0271cd46f31c6e096aa001ed43740acf9b999091 (diff) | |
download | pysaml2-845fc7d40c3f81b79a95bbbea7a82953a54572c4.tar.gz |
Keep old behaviour until decryption is properly understood
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
-rw-r--r-- | src/saml2/response.py | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/src/saml2/response.py b/src/saml2/response.py index 26b0ab22..2660e738 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -944,21 +944,32 @@ class AuthnResponse(StatusResponse): resp = self.response decr_text = str(self.response) - while self.find_encrypt_data(resp): + decr_text_old = None + while self.find_encrypt_data(resp) and decr_text_old != decr_text: + decr_text_old = decr_text try: decr_text = self.sec.decrypt_keys(decr_text, keys) except DecryptError as e: continue else: resp = samlp.response_from_string(decr_text) + # check and prepare for comparison between str and unicode + if type(decr_text_old) != type(decr_text): + if isinstance(decr_text_old, six.binary_type): + decr_text_old = decr_text_old.decode("utf-8") + else: + decr_text_old = decr_text_old.encode("utf-8") _enc_assertions = self.decrypt_assertions( resp.encrypted_assertion, decr_text ) + + decr_text_old = None while ( self.find_encrypt_data(resp) or self.find_encrypt_data_assertion_list(_enc_assertions) - ): + ) and decr_text_old != decr_text: + decr_text_old = decr_text try: decr_text = self.sec.decrypt_keys(decr_text, keys) except DecryptError as e: @@ -968,6 +979,12 @@ class AuthnResponse(StatusResponse): _enc_assertions = self.decrypt_assertions( resp.encrypted_assertion, decr_text, verified=True ) + # check and prepare for comparison between str and unicode + if type(decr_text_old) != type(decr_text): + if isinstance(decr_text_old, six.binary_type): + decr_text_old = decr_text_old.decode("utf-8") + else: + decr_text_old = decr_text_old.encode("utf-8") all_assertions = _enc_assertions if resp.assertion: |