IdentityPython/pysaml2

Wrong error log message when assertion signature verification fails

amit12297 opened this issue a year ago · 0 comments

amit12297 commented a year ago

Code Version

7.4.2

Expected Behavior

When assertion signature verification fails, error log should state "incorrectly_signed_response"

Current Behavior

When assertion signature verification fails, error log states "correctly_signed_response" at response.py (line number - 794)
This creates confusion

Possible Solution

Change the error log message to "incorrectly_signed_response"
Modify test_false_sign in test_41_response.py to assert correct error message was logged

Steps to Reproduce

Run : pytest --log-cli-level=ERROR -v tests/test_41_response.py::TestResponse::test_false_sign
Observe the last error log, it says "correctly_signed_response"

Screenshot 2023-08-08 at 2 29 40 AM