From e2ed1b0db99530992fa7b6b8ae15a6f79f11c147 Mon Sep 17 00:00:00 2001
From: peppelinux <giuseppe.demarco@unical.it>
Date: Sun, 24 Jan 2021 01:04:04 +0100
Subject: Invalid Destination URL Exception Handling

---
 src/saml2/response.py | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/saml2/response.py b/src/saml2/response.py
index 50e4f6b0..d8a43bfe 100644
--- a/src/saml2/response.py
+++ b/src/saml2/response.py
@@ -94,6 +94,9 @@ class StatusAuthnFailed(StatusError):
 class StatusInvalidAttrNameOrValue(StatusError):
     pass
 
+class StatusInvalidAuthnResponseStatement(StatusError):
+    pass
+
 
 class StatusInvalidNameidPolicy(StatusError):
     pass
@@ -1099,13 +1102,17 @@ class AuthnResponse(StatusResponse):
             return {"name_id": self.name_id, "came_from": self.came_from,
                     "issuer": self.issuer(), "not_on_or_after": nooa,
                     "authz_decision_info": self.authz_decision_info()}
-        else:
+        elif getattr(self.assertion, 'authn_statement', None):
             authn_statement = self.assertion.authn_statement[0]
             return {"ava": self.ava, "name_id": self.name_id,
                     "came_from": self.came_from, "issuer": self.issuer(),
                     "not_on_or_after": nooa, "authn_info": self.authn_info(),
                     "session_index": authn_statement.session_index}
-
+        else:
+            raise StatusInvalidAuthnResponseStatement(
+                "The Authn Response Statement is not valid"
+            )
+        
     def __str__(self):
         return self.xmlstr
 
-- 
cgit v1.2.1