Raise SAMLError when metadata file cannot be parsed

c00kiemon5ter · c00kiemon5ter · commit 072f8142c8cd · 2021-03-07T20:35:52.000+02:00
Signed-off-by: Ivan Kanakarakis &lt;ivan.kanak@gmail.com&gt;
diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py
@@ -7,15 +7,14 @@
 import sys
 from itertools import chain
 from warnings import warn as _warn
-
 from hashlib import sha1
 from os.path import isfile
 from os.path import join
 
 import requests
+
 import six
 
-from xml.etree.ElementTree import ParseError
 from saml2 import md
 from saml2 import saml
 from saml2 import samlp
@@ -25,7 +24,6 @@
 from saml2 import BINDING_HTTP_REDIRECT
 from saml2 import BINDING_HTTP_POST
 from saml2 import BINDING_SOAP
-
 from saml2.httpbase import HTTPBase
 from saml2.extension.idpdisc import BINDING_DISCO
 from saml2.extension.idpdisc import DiscoveryResponse
@@ -616,9 +614,8 @@ def parse(self, xmlstr):
         try:
             self.entities_descr = md.entities_descriptor_from_string(xmlstr)
         except Exception as e:
-            logger.error(f'Metadata Parse Error on: {self.filename}')
-            return
-        
+            raise SAMLError(f'Failed to parse metadata file: {self.filename}') from e
+
         if not self.entities_descr:
             self.entity_descr = md.entity_descriptor_from_string(xmlstr)
             if self.entity_descr:
diff --git a/tests/invalid_metadata_file.xml b/tests/invalid_metadata_file.xml
@@ -0,0 +1 @@
+this content is invalid
diff --git a/tests/test_30_mdstore.py b/tests/test_30_mdstore.py
@@ -7,6 +7,8 @@
 from unittest.mock import Mock
 from unittest.mock import patch
 
+from pytest import raises
+
 import responses
 
 from six.moves.urllib import parse
@@ -19,6 +21,7 @@
 from saml2.mdstore import name
 from saml2 import sigver
 from saml2.httpbase import HTTPBase
+from saml2 import SAMLError
 from saml2 import BINDING_SOAP
 from saml2 import BINDING_HTTP_REDIRECT
 from saml2 import BINDING_HTTP_POST
@@ -156,6 +159,10 @@
         "class": "saml2.mdstore.MetaDataFile",
         "metadata": [(full_path("swamid-2.0.xml"),)],
     }],
+    "14": [{
+        "class": "saml2.mdstore.MetaDataFile",
+        "metadata": [(full_path("invalid_metadata_file.xml"),)],
+    }],
 }
 
 
@@ -170,6 +177,12 @@ def _fix_valid_until(xmlstring):
                   xmlstring)
 
 
+def test_invalid_metadata():
+    mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True)
+    with raises(SAMLError):
+        mds.imp(METADATACONF["14"])
+
+
 def test_swami_1():
     UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php'
     mds = MetadataStore(ATTRCONV, sec_config,
