@@ -263,6 +263,7 @@ def __init__(self, sec_context, return_addrs=None, timeslack=0,
263263 self .request_id = request_id
264264
265265 self .xmlstr = ""
266+ self .origxml = ""
266267 self .name_id = None
267268 self .response = None
268269 self .not_on_or_after = 0
@@ -290,7 +291,7 @@ def _postamble(self):
290291
291292 try :
292293 valid_instance (self .response )
293- except NotValid , exc :
294+ except NotValid as exc :
294295 logger .error ("Not valid response: %s" % exc .args [0 ])
295296 self ._clear ()
296297 return self
@@ -318,18 +319,22 @@ def _loads(self, xmldata, decode=True, origxml=None):
318319 # own copy
319320 self .xmlstr = xmldata [:]
320321 logger .debug ("xmlstr: %s" % (self .xmlstr ,))
322+ if origxml :
323+ self .origxml = origxml
324+ else :
325+ self .origxml = self .xmlstr
321326
322327 try :
323- self .response = self .signature_check (xmldata , origdoc = origxml ,
324- must = self .require_signature ,
325- require_response_signature = self .require_response_signature )
328+ self .response = self .signature_check (
329+ xmldata , origdoc = origxml , must = self .require_signature ,
330+ require_response_signature = self .require_response_signature )
326331
327332 except TypeError :
328333 raise
329334 except SignatureError :
330335 raise
331- except Exception , excp :
332- # logger.exception("EXCEPTION: %s", excp)
336+ except Exception as excp :
337+ logger .exception ("EXCEPTION: %s" , excp )
333338 raise
334339
335340 #print "<", self.response
@@ -577,7 +582,7 @@ def condition_ok(self, lax=False):
577582 conditions .not_on_or_after , self .timeslack )
578583 if conditions .not_before :
579584 validate_before (conditions .not_before , self .timeslack )
580- except Exception , excp :
585+ except Exception as excp :
581586 logger .error ("Exception on conditions: %s" % (excp ,))
582587 if not lax :
583588 raise
@@ -746,6 +751,19 @@ def _assertion(self, assertion):
746751 :return: True/False depending on if the assertion is sane or not
747752 """
748753
754+ if not hasattr (assertion , 'signature' ) or not assertion .signature :
755+ logger .debug ("unsigned" )
756+ if self .require_signature :
757+ raise SignatureError ("Signature missing for assertion" )
758+ else :
759+ logger .debug ("signed" )
760+
761+ try :
762+ self .sec .check_signature (assertion , class_name (assertion ),
763+ self .xmlstr )
764+ except Exception as exc :
765+ logger .error ("correctly_signed_response: %s" % exc )
766+ raise
749767 self .assertion = assertion
750768 logger .debug ("assertion context: %s" % (self .context ,))
751769 logger .debug ("assertion keys: %s" % (assertion .keyswv ()))
@@ -1041,6 +1059,7 @@ def __init__(self, sec_context, attribute_converters, timeslack=0,
10411059 self .sec = sec_context
10421060 self .timeslack = timeslack
10431061 self .xmlstr = ""
1062+ self .origxml = ""
10441063 self .name_id = ""
10451064 self .response = None
10461065 self .not_signed = False
@@ -1053,6 +1072,7 @@ def loads(self, xmldata, decode=True, origxml=None):
10531072 # own copy
10541073 self .xmlstr = xmldata [:]
10551074 logger .debug ("xmlstr: %s" % (self .xmlstr ,))
1075+ self .origxml = origxml
10561076
10571077 try :
10581078 self .response = self .signature_check (xmldata , origdoc = origxml )
@@ -1061,7 +1081,7 @@ def loads(self, xmldata, decode=True, origxml=None):
10611081 raise
10621082 except SignatureError :
10631083 raise
1064- except Exception , excp :
1084+ except Exception as excp :
10651085 logger .exception ("EXCEPTION: %s" , excp )
10661086 raise
10671087
@@ -1072,7 +1092,7 @@ def loads(self, xmldata, decode=True, origxml=None):
10721092 def verify (self , key_file = "" ):
10731093 try :
10741094 valid_instance (self .response )
1075- except NotValid , exc :
1095+ except NotValid as exc :
10761096 logger .error ("Not valid response: %s" % exc .args [0 ])
10771097 raise
10781098 return self
0 commit comments