Keep old behaviour until decryption is properly understood

Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
author: Ivan Kanakarakis <ivan.kanak@gmail.com> 2019-03-12 13:27:32 +0200
committer: Ivan Kanakarakis <ivan.kanak@gmail.com> 2019-03-12 14:58:56 +0200
commit: 845fc7d40c3f81b79a95bbbea7a82953a54572c4 (patch)
tree: 33dd834f3b4a7b28909a36a9006790908f6b5fda
parent: 0271cd46f31c6e096aa001ed43740acf9b999091 (diff)
download: pysaml2-845fc7d40c3f81b79a95bbbea7a82953a54572c4.tar.gz
1 files changed, 19 insertions, 2 deletions
diff --git a/src/saml2/response.py b/src/saml2/response.py
index 26b0ab22..2660e738 100644
--- a/src/saml2/response.py
+++ b/src/saml2/response.py
@@ -944,21 +944,32 @@ class AuthnResponse(StatusResponse):
             resp = self.response
             decr_text = str(self.response)
 
-            while self.find_encrypt_data(resp):
+            decr_text_old = None
+            while self.find_encrypt_data(resp) and decr_text_old != decr_text:
+                decr_text_old = decr_text
                 try:
                     decr_text = self.sec.decrypt_keys(decr_text, keys)
                 except DecryptError as e:
                     continue
                 else:
                     resp = samlp.response_from_string(decr_text)
+                    # check and prepare for comparison between str and unicode
+                    if type(decr_text_old) != type(decr_text):
+                        if isinstance(decr_text_old, six.binary_type):
+                            decr_text_old = decr_text_old.decode("utf-8")
+                        else:
+                            decr_text_old = decr_text_old.encode("utf-8")
 
             _enc_assertions = self.decrypt_assertions(
                 resp.encrypted_assertion, decr_text
             )
+
+            decr_text_old = None
             while (
                 self.find_encrypt_data(resp)
                 or self.find_encrypt_data_assertion_list(_enc_assertions)
-            ):
+            ) and decr_text_old != decr_text:
+                decr_text_old = decr_text
                 try:
                     decr_text = self.sec.decrypt_keys(decr_text, keys)
                 except DecryptError as e:
@@ -968,6 +979,12 @@ class AuthnResponse(StatusResponse):
                     _enc_assertions = self.decrypt_assertions(
                         resp.encrypted_assertion, decr_text, verified=True
                     )
+                    # check and prepare for comparison between str and unicode
+                    if type(decr_text_old) != type(decr_text):
+                        if isinstance(decr_text_old, six.binary_type):
+                            decr_text_old = decr_text_old.decode("utf-8")
+                        else:
+                            decr_text_old = decr_text_old.encode("utf-8")
 
             all_assertions = _enc_assertions
             if resp.assertion:
author	Ivan Kanakarakis <ivan.kanak@gmail.com>	2019-03-12 13:27:32 +0200
committer	Ivan Kanakarakis <ivan.kanak@gmail.com>	2019-03-12 14:58:56 +0200
commit	845fc7d40c3f81b79a95bbbea7a82953a54572c4 (patch)
tree	33dd834f3b4a7b28909a36a9006790908f6b5fda
parent	0271cd46f31c6e096aa001ed43740acf9b999091 (diff)
download	pysaml2-845fc7d40c3f81b79a95bbbea7a82953a54572c4.tar.gz