Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Infinite Recursion During Coercion of Encrypted Responses #48

Open
dbrrr opened this issue Oct 16, 2020 · 0 comments
Open

Infinite Recursion During Coercion of Encrypted Responses #48

dbrrr opened this issue Oct 16, 2020 · 0 comments

Comments

@dbrrr
Copy link

dbrrr commented Oct 16, 2020

Encrypted response, unlike normal responses, are: org.opensaml.xmlsec.encryption.impl.EncryptedDataImpl. This causes an infinite loop when coercing to a Response, because it's never coerced to an Element. I believe we may need to decrypt first before we can get a org.opensaml.core.xml.XMLObject and have the rest of the coercions work.

We need to figure out a graceful way to handle this: the rest of the code expects a Response pretty early in the process, so either we need to identify/decrypt encrypted responses before handing them to the rest of the verification code, or have the caller do it.

Test case added in #47

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant