Merge pull request #168 from lsgd/master

Catch errors on parsing authentication responses

Author: vgrem

office365/runtime/auth/saml_token_provider.py

@@ -54,8 +54,10 @@ def acquire_token(self):
                 'endpoint': url.scheme + '://' + url.hostname + self.login
             }
 
-            self.acquire_service_token(options)
-            self.acquire_authentication_cookie(options)
+            if not self.acquire_service_token(options):
+                return False
+            if not self.acquire_authentication_cookie(options):
+                return False
             return True
         except requests.exceptions.RequestException as e:
             self.error = "Error: {}".format(e)
@@ -96,7 +98,13 @@ def process_service_token_response(self, response):
         logger = self.logger(self.process_service_token_response.__name__)
         logger.debug_secrets('response: %s\nresponse.content: %s', response, response.content)
 
-        xml = ElementTree.fromstring(response.content)
+        try:
+            xml = ElementTree.fromstring(response.content)
+        except ElementTree.ParseError as e:
+            self.error = 'An error occurred while parsing the server response: {}'.format(e)
+            logger.error(self.error)
+            return None
+
         ns_prefixes = {'S': '{http://www.w3.org/2003/05/soap-envelope}',
                        'psf': '{http://schemas.microsoft.com/Passport/SoapServices/SOAPFault}',
                        'wst': '{http://schemas.xmlsoap.org/ws/2005/02/trust}',
@@ -107,14 +115,21 @@ def process_service_token_response(self, response):
         if xml.find('{0}Body/{0}Fault'.format(ns_prefixes['S'])) is not None:
             error = xml.find('{0}Body/{0}Fault/{0}Detail/{1}error/{1}internalerror/{1}text'.format(ns_prefixes['S'],
                                                                                                    ns_prefixes['psf']))
-            self.error = 'An error occurred while retrieving token: {0}'.format(error.text)
+            if error is None:
+                self.error = 'An error occurred while retrieving token from XML response.'
+            else:
+                self.error = 'An error occurred while retrieving token from XML response: {0}'.format(error.text)
             logger.error(self.error)
             return None
 
         # extract token
         token = xml.find(
             '{0}Body/{1}RequestSecurityTokenResponse/{1}RequestedSecurityToken/{2}BinarySecurityToken'.format(
                 ns_prefixes['S'], ns_prefixes['wst'], ns_prefixes['wsse']))
+        if token is None:
+            self.error = 'The service token could not be extracted from the XML response.'
+            logger.error(self.error)
+            return None
         logger.debug_secrets("token: %s", token)
         return token.text