Make response function is_valid support raising exceptions

quantus · quantus · commit 5545e21ad3a6 · 2016-11-17T22:47:11.000+02:00
diff --git a/src/onelogin/saml2/response.py b/src/onelogin/saml2/response.py
@@ -47,7 +47,7 @@ def __init__(self, settings, response):
             self.encrypted = True
             self.decrypted_document = self.__decrypt_assertion(decrypted_document)
 
-    def is_valid(self, request_data, request_id=None):
+    def is_valid(self, request_data, request_id=None, raises=False):
         """
         Validates the response object.
 
@@ -57,6 +57,9 @@ def is_valid(self, request_data, request_id=None):
         :param request_id: Optional argument. The ID of the AuthNRequest sent by this SP to the IdP
         :type request_id: string
 
+        :param raises: Optional argument. If true, the function will raise an exception as soon as first validation test fails
+        :type raises: bool
+
         :returns: True if the SAML Response is valid, False if not
         :rtype: bool
         """
@@ -226,6 +229,8 @@ def is_valid(self, request_data, request_id=None):
             debug = self.__settings.is_debug_active()
             if debug:
                 print(err)
+            if raises:
+                raise
             return False
 
     def check_status(self):
diff --git a/tests/src/OneLogin/saml2_tests/response_test.py b/tests/src/OneLogin/saml2_tests/response_test.py
@@ -1349,3 +1349,18 @@ def testIsValidWithoutInResponseTo(self):
                 'http_host': 'pitbulk.no-ip.org',
                 'script_name': 'newonelogin/demo1/index.php?acs'
             }))
+
+    def testIsValidRaisesExceptionWhenRaisesArgumentIsTrue(self):
+        """
+        Tests that the internal exception gets raised if the raise parameter
+        is True.
+        """
+        settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
+        settings.set_strict(True)
+        xml = self.file_contents(join(self.data_path, 'responses', 'invalids', 'no_conditions.xml.base64'))
+        response = OneLogin_Saml2_Response(settings, xml)
+
+        self.assertFalse(response.is_valid(self.get_request_data()))
+
+        with self.assertRaises(Exception):
+            response.is_valid(self.get_request_data(), raises=True)
