Trying to process response and failing due to double decryption

Question

Trying to process response and failing due to double decryption

AndriusKuc opened this issue 5 years ago · 2 comments

Trying to process response fails with UnencryptedAssertionFoundException exception saying that The assertion should be encrypted, but it was not.

Looking it seems like it's being decrypted twice and an exception is thrown for that reason.

First time it's decrypted in processAssertions

    private function processAssertions(Response $response) : ArrayCollection
    {
        $assertions = $response->getAssertions();
        if (empty($assertions)) {
            throw new NoAssertionsFoundException('No assertions found in response from IdP.');
        }

        $decryptedAssertions = $this->assertionProcessor->decryptAssertions(
            new ArrayCollection($assertions)
        );
       <...>

Later it is trying to decrypt it again and fails:

    public function process($assertion) : Assertion
    {
        $assertion = $this->decryptAssertion($assertion);
        <...>

Answer 1 · 2019-10-02T12:09:16.000Z

Could you try and reproduce this on a 3.x release? That would really help me to pinpoint the issue

Answer 2 · 2019-10-02T12:11:20.000Z

Never mind, I see you are one step ahead already...
I'm kind of surprised, because this bug exists like forever..