|
6 | 6 | from contextlib import closing |
7 | 7 | from six.moves.urllib.parse import parse_qs |
8 | 8 | import uuid |
| 9 | +import re |
9 | 10 |
|
10 | 11 | from saml2.cert import OpenSSLWrapper |
11 | 12 | from saml2.sigver import make_temp, DecryptError, EncryptError, CertificateError |
@@ -129,8 +130,10 @@ def verify_encrypted_assertion(self, assertion, decr_text): |
129 | 130 | self.verify_assertion(assertion) |
130 | 131 | assert assertion[0].signature is None |
131 | 132 |
|
132 | | - assert 'EncryptedAssertion><encas1:Assertion xmlns:encas0="http://www.w3.org/2001/XMLSchema-instance" ' \ |
133 | | - 'xmlns:encas1="urn:oasis:names:tc:SAML:2.0:assertion"' in decr_text |
| 133 | + assert re.search( |
| 134 | + r':EncryptedAssertion><encas[0-9]:Assertion ([^ >]* )*xmlns:encas[0-9]="urn:oasis:names:tc:SAML:2.0:assertion"', |
| 135 | + decr_text, |
| 136 | + ) |
134 | 137 |
|
135 | 138 | def verify_advice_assertion(self, resp, decr_text): |
136 | 139 | assert resp.assertion[0].signature is None |
@@ -1188,9 +1191,10 @@ def verify_assertion(self, assertion): |
1188 | 1191 | def verify_encrypted_assertion(self, assertion, decr_text): |
1189 | 1192 | self.verify_assertion(assertion) |
1190 | 1193 | assert assertion[0].signature is None |
1191 | | - |
1192 | | - assert 'EncryptedAssertion><encas1:Assertion xmlns:encas0="http://www.w3.org/2001/XMLSchema-instance" ' \ |
1193 | | - 'xmlns:encas1="urn:oasis:names:tc:SAML:2.0:assertion"' in decr_text |
| 1194 | + assert re.search( |
| 1195 | + r':EncryptedAssertion><encas[0-9]:Assertion ([^ >]* )*xmlns:encas[0-9]="urn:oasis:names:tc:SAML:2.0:assertion"', |
| 1196 | + decr_text, |
| 1197 | + ) |
1194 | 1198 |
|
1195 | 1199 | def verify_advice_assertion(self, resp, decr_text): |
1196 | 1200 | assert resp.assertion[0].signature is None |
|
0 commit comments