From 3cedd0bce9fc75f3bc8917f64bc86c54fd741072 Mon Sep 17 00:00:00 2001
From: e271828- <e271828-@users.noreply.github.com>
Date: Sun, 13 Sep 2020 22:35:41 -0400
Subject: Add note to docs on debugging responses

Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
---
 docs/howto/index.rst  | 16 ++++++++--------
 src/saml2/response.py |  6 +++++-
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/docs/howto/index.rst b/docs/howto/index.rst
index 52f2d409..711058d0 100644
--- a/docs/howto/index.rst
+++ b/docs/howto/index.rst
@@ -6,30 +6,30 @@ How to use PySAML2
 :Release: |release|
 :Date: |today|
 
-Before you can use Pysaml2, you'll need to get it installed. 
+Before you can use Pysaml2, you'll need to get it installed.
 If you have not done it yet, read the :ref:`install`
 
 Well, now you have it installed and you want to do something.
 
-And I'm sorry to tell you this; but there isn't really a lot you can do with 
+And I'm sorry to tell you this; but there isn't really a lot you can do with
 this code on its own.
 
-Sure you can send a AuthenticationRequest to an IdentityProvider or a 
+Sure you can send a AuthenticationRequest to an IdentityProvider or a
 AttributeQuery to an AttributeAuthority, but in order to get what they
 return you have to sit behind a Web server. Well that is not really true since
 the AttributeQuery would be over SOAP and you would get the result over the
 connection you have to the AttributeAuthority.
 
-But anyway, you may get my point. This is middleware stuff !
+But anyway, you may get my point. This is middleware stuff!
 
-PySAML2 is built to fit into a 
+PySAML2 is built to fit into a
 `WSGI  <http://www.python.org/dev/peps/pep-0333/>`_ application
 
-But it can be used in a non-WSGI environment too. 
+But it can be used in a non-WSGI environment too.
 
 So you will find descriptions of both cases here.
 
-The configuration is the same regardless of whether you are using PySAML2 in a 
+The configuration is the same regardless of whether you are using PySAML2 in a
 WSGI or non-WSGI environment.
 
 .. toctree::
@@ -37,4 +37,4 @@ WSGI or non-WSGI environment.
 
    config
 
-   
+
diff --git a/src/saml2/response.py b/src/saml2/response.py
index 72d0ef75..fc2071d3 100644
--- a/src/saml2/response.py
+++ b/src/saml2/response.py
@@ -413,7 +413,7 @@ class StatusResponse(object):
                 self.response.destination
                 and self.response.destination not in self.return_addrs
             ):
-                logger.error("%s not in %s", self.response.destination, self.return_addrs)
+                logger.error("destination '%s' not in return addresses '%s'", self.response.destination, self.return_addrs)
                 return None
 
         valid = self.issue_instant_ok() and self.status_ok()
@@ -737,6 +737,10 @@ class AuthnResponse(StatusResponse):
     def get_subject(self):
         """ The assertion must contain a Subject
         """
+
+        if not self.assertion:
+            raise ValueError("Missing assertion")
+
         if not self.assertion.subject:
             raise ValueError(
                 "Invalid assertion subject: {subject}".format(
-- 
cgit v1.2.1