Merge pull request #779 from peppelinux/metadata_exp_handler

c00kiemon5ter · web-flow · commit a0539a2444b9 · 2021-03-07T20:39:53.000+02:00
Raise SAMLError on failure to parse a metadata file
diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py
@@ -7,12 +7,12 @@
 import sys
 from itertools import chain
 from warnings import warn as _warn
-
 from hashlib import sha1
 from os.path import isfile
 from os.path import join
 
 import requests
+
 import six
 
 from saml2 import md
@@ -24,7 +24,6 @@
 from saml2 import BINDING_HTTP_REDIRECT
 from saml2 import BINDING_HTTP_POST
 from saml2 import BINDING_SOAP
-
 from saml2.httpbase import HTTPBase
 from saml2.extension.idpdisc import BINDING_DISCO
 from saml2.extension.idpdisc import DiscoveryResponse
@@ -612,7 +611,10 @@ def do_entity_descriptor(self, entity_descr):
             self.entity[entity_descr.entity_id] = _ent
 
     def parse(self, xmlstr):
-        self.entities_descr = md.entities_descriptor_from_string(xmlstr)
+        try:
+            self.entities_descr = md.entities_descriptor_from_string(xmlstr)
+        except Exception as e:
+            raise SAMLError(f'Failed to parse metadata file: {self.filename}') from e
 
         if not self.entities_descr:
             self.entity_descr = md.entity_descriptor_from_string(xmlstr)
diff --git a/tests/invalid_metadata_file.xml b/tests/invalid_metadata_file.xml
@@ -0,0 +1 @@
+this content is invalid
diff --git a/tests/test_30_mdstore.py b/tests/test_30_mdstore.py
@@ -7,6 +7,8 @@
 from unittest.mock import Mock
 from unittest.mock import patch
 
+from pytest import raises
+
 import responses
 
 from six.moves.urllib import parse
@@ -19,6 +21,7 @@
 from saml2.mdstore import name
 from saml2 import sigver
 from saml2.httpbase import HTTPBase
+from saml2 import SAMLError
 from saml2 import BINDING_SOAP
 from saml2 import BINDING_HTTP_REDIRECT
 from saml2 import BINDING_HTTP_POST
@@ -156,6 +159,10 @@
         "class": "saml2.mdstore.MetaDataFile",
         "metadata": [(full_path("swamid-2.0.xml"),)],
     }],
+    "14": [{
+        "class": "saml2.mdstore.MetaDataFile",
+        "metadata": [(full_path("invalid_metadata_file.xml"),)],
+    }],
 }
 
 
@@ -170,6 +177,12 @@ def _fix_valid_until(xmlstring):
                   xmlstring)
 
 
+def test_invalid_metadata():
+    mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True)
+    with raises(SAMLError):
+        mds.imp(METADATACONF["14"])
+
+
 def test_swami_1():
     UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php'
     mds = MetadataStore(ATTRCONV, sec_config,
