From d21ac9a70bce0535a2f3cc3a621452ad9d0681d6 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Tue, 3 Feb 2015 09:17:46 +0100
Subject: [PATCH] Fixed one security bug pointed out by Ehsan Foroughi.

---
 src/saml2/response.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/saml2/response.py b/src/saml2/response.py
index c40997a..8c6332c 100644
--- a/src/saml2/response.py
+++ b/src/saml2/response.py
@@ -850,9 +850,13 @@ class AuthnResponse(StatusResponse):
         """
 
         try:
-            self._verify()
-        except AssertionError:
+            res = self._verify()
+        except AssertionError as err:
+            logger.error("Verification error on the response: %s" % err)
             raise
+        else:
+            if res is None:
+                return None
 
         if not isinstance(self.response, samlp.Response):
             return self