def _parse_request(self, message, hint=None, final=False): login = self.cfg.idp.get_login_handler() try: if hint: login.setSignatureVerifyHint(hint) login.processAuthnRequestMsg(message) except lasso.DsInvalidSigalgError as e: if login.remoteProviderId and not final: provider = ServiceProvider(self.cfg, login.remoteProviderId) if not provider.has_signing_keys: self.error('Invalid or missing signature, setting hint.') return self._parse_request( message, hint=provider.get_signature_hint(), final=True) msg = 'Invalid or missing signature algorithm %r [%r]' % (e, message) raise InvalidRequest(msg) except (lasso.ProfileInvalidMsgError, lasso.ProfileMissingIssuerError) as e: msg = 'Malformed Request %r [%r]' % (e, message) raise InvalidRequest(msg) except (lasso.ProfileInvalidProtocolprofileError, lasso.DsError) as e: msg = 'Invalid SAML Request: %r (%r [%r])' % (login.request, e, message) raise InvalidRequest(msg) except (lasso.ServerProviderNotFoundError, lasso.ProfileUnknownProviderError) as e: msg = 'Invalid SP [%s] (%r [%r])' % (login.remoteProviderId, e, message) raise UnknownProvider(msg) self.debug('SP %s requested authentication' % login.remoteProviderId) return login