From adab59994e33f4f5b33ca7e032256712f9209494 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Thu, 31 May 2018 09:18:50 +0200
Subject: [PATCH] idp/saml: do not modify absent response on
 ProfileInvalidProtocolprofileError (fixes #24189)

On this path it's impossible to return an AuthnResponse as Lasso cannot
decide on the destination URL, as no protocol profile could be
determined.
---
 src/authentic2/idp/saml/saml2_endpoints.py | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/authentic2/idp/saml/saml2_endpoints.py b/src/authentic2/idp/saml/saml2_endpoints.py
index a83c5c7e..faf3aa45 100644
--- a/src/authentic2/idp/saml/saml2_endpoints.py
+++ b/src/authentic2/idp/saml/saml2_endpoints.py
@@ -463,7 +463,6 @@ def sso(request):
                 "answered because no valid protocol binding could be found")
             logger.warning("the request cannot be answered because no "
                 "valid protocol binding could be found")
-            login.response.status.statusMessage = 'No valid protocol binding could be found'
             return HttpResponseBadRequest(message, content_type='text/plain')
         except lasso.ProviderMissingPublicKeyError, e:
             log_info_authn_request_details(login)
-- 
2.17.0