Make the Issuer on the Response Optional

pitbulk · pitbulk · commit 7e4d502c4b64 · 2017-03-06T13:28:13.000+01:00
diff --git a/src/onelogin/saml2/errors.py b/src/onelogin/saml2/errors.py
@@ -94,7 +94,7 @@ class OneLogin_Saml2_ValidationError(Exception):
     WRONG_DESTINATION = 24
     EMPTY_DESTINATION = 25
     WRONG_AUDIENCE = 26
-    ISSUER_NOT_FOUND_IN_RESPONSE = 27
+    ISSUER_MULTIPLE_IN_RESPONSE = 27
     ISSUER_NOT_FOUND_IN_ASSERTION = 28
     WRONG_ISSUER = 29
     SESSION_EXPIRED = 30
diff --git a/src/onelogin/saml2/response.py b/src/onelogin/saml2/response.py
@@ -374,13 +374,14 @@ def get_issuers(self):
         issuers = []
 
         message_issuer_nodes = OneLogin_Saml2_Utils.query(self.document, '/samlp:Response/saml:Issuer')
-        if len(message_issuer_nodes) == 1:
-            issuers.append(message_issuer_nodes[0].text)
-        else:
-            raise OneLogin_Saml2_ValidationError(
-                'Issuer of the Response not found or multiple.',
-                OneLogin_Saml2_ValidationError.ISSUER_NOT_FOUND_IN_RESPONSE
-            )
+        if len(message_issuer_nodes) > 0:
+            if len(message_issuer_nodes) == 1:
+                issuers.append(message_issuer_nodes[0].text)
+            else:
+                raise OneLogin_Saml2_ValidationError(
+                    'Issuer of the Response is multiple.',
+                    OneLogin_Saml2_ValidationError.ISSUER_MULTIPLE_IN_RESPONSE
+                )
 
         assertion_issuer_nodes = self.__query_assertion('/saml:Issuer')
         if len(assertion_issuer_nodes) == 1:
diff --git a/tests/src/OneLogin/saml2_tests/response_test.py b/tests/src/OneLogin/saml2_tests/response_test.py
@@ -344,8 +344,8 @@ def testGetIssuers(self):
 
         xml_4 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_issuer_response.xml.base64'))
         response_4 = OneLogin_Saml2_Response(settings, xml_4)
-        with self.assertRaisesRegexp(OneLogin_Saml2_ValidationError, 'Issuer of the Response not found or multiple.'):
-            response_4.get_issuers()
+        response_4.get_issuers()
+        self.assertEqual(['https://pitbulk.no-ip.org/simplesaml/saml2/idp/metadata.php'], response_4.get_issuers())        
 
         xml_5 = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_issuer_assertion.xml.base64'))
         response_5 = OneLogin_Saml2_Response(settings, xml_5)
