handled a case to avoid error 500 when doing IdP initiated login

IdentityPython · knaperek · Jun 11, 2016 · Jun 9, 2016 · Jun 9, 2016 · Jun 9, 2016
commit 89d21f0487bacb2e91fffd59b85886fa17484dc2
diff --git a/djangosaml2/views.py b/djangosaml2/views.py
@@ -42,6 +42,7 @@ def csrf_exempt(view_func):
 from saml2.client import Saml2Client
 from saml2.metadata import entity_descriptor
 from saml2.ident import code, decode
+from saml2.sigver import MissingKey
 
 from djangosaml2.cache import IdentityCache, OutstandingQueriesCache
 from djangosaml2.cache import StateCache
@@ -209,9 +210,14 @@ def assertion_consumer_service(request,
     oq_cache = OutstandingQueriesCache(request.session)
     outstanding_queries = oq_cache.outstanding_queries()
 
-    # process the authentication response
-    response = client.parse_authn_request_response(xmlstr, BINDING_HTTP_POST,
-                                                   outstanding_queries)
+    try:
+        response = client.parse_authn_request_response(xmlstr, BINDING_HTTP_POST,
+                                                       outstanding_queries)
+    except MissingKey:
+        logger.error('MissingKey error in ACS')
+        return HttpResponseForbidden(
+            "The Identity Provider is not configured correctly: "
+            "certificate key missing")
     if response is None:
         logger.error('SAML response is None')
         return HttpResponseBadRequest(