Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

saml.py is raising ValueError with xsd namespace

See original GitHub issue

This fix e58e89526da18f9e0ab9d67d17a2766f3941e1ea seems like it’s is causing our local logins to fail.

In our SAML response we have xsd as a namespace xmlns:xsd=“http://www.w3.org/2001/XMLSchema”

And the type on line 215 assert typ == "xs:string"

is xsd:string rather than xs:string

Which is failing this validation now. I feel like at least the namespace should possibly be ignored here or at least include xsd.

Code Version

4.6.1

Expected Behavior

No error and login as before

Current Behavior

Error message

ValueError:

Type and value doesn’t match

Possible Solution

Be more lenient on the namespace checking as the prefix doesn’t matter. Maybe don’t even include the prefix in the assert.

https://stackoverflow.com/a/10603259/3708872

Steps to Reproduce

Not 100% sure how this is occurring. Our saml response has

<saml2p:Response Destination="..." ID="_57a5b0cab713510ae768fb896c8dfe3c" InResponseTo="id-EaxVQg3F3EFkT04HU" IssueInstant="2018-09-06T14:14:16.400Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

And then <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string"> . . .

Which I believe is causing this error.

I did a quick hack to just have the assert be

assert typ == "xs:string" or type == "xsd:string" And it worked as before, but I’m sure there’s something better.

Thanks!

Issue Analytics

State:
Created 5 years ago
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

c00kiemon5tercommented, Sep 6, 2018

So, this is an issue that I’ve seen elsewhere in the codebase, and it’s pretty bad. I can duplicate the xs-prefixed structure for xsd, but then these are just namespace prefixes and could have any value. We should not be depending on those; we shouldn’t even have to be checking them 😦 I will try to fix this locally.

1reaction

c00kiemon5tercommented, Sep 6, 2018

I just realised you are talking about the prefix. This is not a duplicate, but closely related.

Top Results From Across the Web

xml-schema xsd error: with namespace - Stack Overflow

It was detected that 'transition' has no namespace, but components with no target namespace are not referenceable from schema document 'file:/C:/Users/ ...

python/3854/peer/peer/entity/utils.py - Program Talk

'''Return a node name qualified with the XML namespace''' ... raise ValueError( "The metadata must have just one EnsatyDescriptor" ) ... schema =...

Source code for saml2.utils - PythonHosted.org

[docs] def validate_xml(xml, schema, debug=False): """ """ assert ... url) is None: raise OneLogin_Saml2_Error( 'Redirect to invalid URL: ' + url, ...

How to use the xmlschema.exceptions.XMLSchemaTypeError ...

sissaschool / xmlschema / xmlschema / validators / schema.py View on Github external ... :param namespaces: a map from prefixes to namespaces.

snowflake-connector-python - PyPI

Added the ability to retrieve metadata/schema without executing the query (describe method). v2.4.5(June 15,2021). Fix for incorrect JWT token invalidity when ...