views: handle ProfileInvalidArtifactError exception when resolving an artifact (#10270)

2016-03-11 15:17:20 +01:00 · 2016-03-11 15:17:20 +01:00 · dba3f32c3a
parent 65b492fee3
commit dba3f32c3a
2 changed files with 12 additions and 0 deletions
--- a/mellon/views.py
+++ b/mellon/views.py
@ -159,6 +159,9 @@ class LoginView(LogMixin, View):
        login = utils.create_login(request)
        try:
            login.initRequest(request.META['QUERY_STRING'], lasso.HTTP_METHOD_ARTIFACT_GET)
+        except lasso.ProfileInvalidArtifactError:
+            self.log.warning(u'artifact is malformed %r', request.GET['SAMLart'])
+            return HttpResponseBadRequest(u'artifact is malformed %r' % request.GET['SAMLart'])
        except lasso.ServerProviderNotFoundError:
            self.log.warning('no entity id found for artifact %s',
                             request.GET['SAMLart'])
--- a/tests/test_views.py
+++ b/tests/test_views.py
@ -205,3 +205,12 @@ def test_sp_initiated_login_requested_authn_context(private_settings, client):
    assert request.initFromQuery(urlparse(response['Location']).query)
    assert request.requestedAuthnContext.authnContextClassRef == (
            'urn:be:fedict:iam:fas:citizen:eid', 'urn:be:fedict:iam:fas:citizen:token')
+
+
+def test_malfortmed_artifact(private_settings, client, caplog):
+    private_settings.MELLON_IDENTITY_PROVIDERS = [{
+        'METADATA': open('tests/metadata.xml').read(),
+    }]
+    response = client.get('/login/?SAMLart=xxx', status=400)
+    assert 'artifact is malformed' in response.content
+    assert 'artifact is malformed' in caplog.text()