def _parse_request(self, message, hint=None, final=False):
login = self.cfg.idp.get_login_handler()
try:
if hint:
login.setSignatureVerifyHint(hint)
login.processAuthnRequestMsg(message)
except lasso.DsInvalidSigalgError as e:
if login.remoteProviderId and not final:
provider = ServiceProvider(self.cfg, login.remoteProviderId)
if not provider.has_signing_keys:
self.error('Invalid or missing signature, setting hint.')
return self._parse_request(
message,
hint=provider.get_signature_hint(),
final=True)
msg = 'Invalid or missing signature algorithm %r [%r]' % (e,
message)
raise InvalidRequest(msg)
except (lasso.ProfileInvalidMsgError,
lasso.ProfileMissingIssuerError) as e:
msg = 'Malformed Request %r [%r]' % (e, message)
raise InvalidRequest(msg)
except (lasso.ProfileInvalidProtocolprofileError, lasso.DsError) as e:
msg = 'Invalid SAML Request: %r (%r [%r])' % (login.request, e,
message)
raise InvalidRequest(msg)
except (lasso.ServerProviderNotFoundError,
lasso.ProfileUnknownProviderError) as e:
msg = 'Invalid SP [%s] (%r [%r])' % (login.remoteProviderId, e,
message)
raise UnknownProvider(msg)
self.debug('SP %s requested authentication' % login.remoteProviderId)
return login
