From 8cc897c16eba331ad04ff131a1e33768a8561d03 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Nov 30 2021 16:36:52 +0000
Subject: Fix missing SAML2 provider key with AuthnRequest


This completes a fix for issue #147: the patch there would ensure the
auth request was created without sign request if we synthesized it.
This patch makes it possible for key-less SP's to send an AuthnRequest.

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>

---

diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index 45388f3..5cd8ca6 100644
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -78,7 +78,8 @@ class AuthenticateRequest(ProviderPageBase):
             if hint:
                 login.setSignatureVerifyHint(hint)
             login.processAuthnRequestMsg(message)
-        except lasso.DsInvalidSigalgError as e:
+        except (lasso.DsInvalidSigalgError,
+                lasso.ProviderMissingPublicKeyError) as e:
             if login.remoteProviderId and not final:
                 provider = ServiceProvider(self.cfg, login.remoteProviderId)
                 if not provider.has_signing_keys: