def test_sign_response_without_issuer(self):
root = Element(Q_NAMES['saml2p:Response'])
SubElement(root, Q_NAMES['saml2:Assertion'])
response = SAMLResponse(ElementTree(root))
response.sign_response(**SIGNATURE_OPTIONS)
self.assertIsNotNone(response.response_signature)
self.assertIsNone(response.assertion_signature)
self.assertEqual(root.index(response.response_signature), 0)
def test_sign_response_already_exists(self):
root = Element(Q_NAMES['saml2p:Response'])
assertion = SubElement(root, Q_NAMES['saml2:Assertion'])
response_signature = SubElement(root, Q_NAMES['ds:Signature'])
assertion_signature = SubElement(assertion, Q_NAMES['ds:Signature'])
response = SAMLResponse(ElementTree(root))
with self.assertRaisesMessage(
SecurityError, 'The response signature is already present'):
response.sign_response(**SIGNATURE_OPTIONS)
self.assertIs(response.response_signature,
response_signature) # Preserved
self.assertIs(response.assertion_signature,
assertion_signature) # Preserved