find_child_element throughs a Value exception when CAS response contains comments

[zabano]

https://github.com/cwaldbieser/jhub_cas_authenticator/blob/ffe254d0eb57016733564f88d177a81745bf2af8/jhub_cas_authenticator/cas_auth.py#L259

The _find_childelement function throughs an error when the XML response from the CAS server contains comment objects. As a workaround I added a test before the line referenced above to check if the element is not a comment.

def find_child_element(elm, child_local_name):
    """
    Find an XML child element by local tag name.
    """
    for n in range(len(elm)):
        child_elm = elm[n]
        if not isinstance(child_elm, etree._Comment):
            tag = etree.QName(child_elm)
            if tag.localname == child_local_name:
                return child_elm
    return None

I am not sure if this is the best way to fix this issue.

[cwaldbieser]

Do you have an example of the CAS XML response I can use for testing? You can redact any personally identifying information.

[cwaldbieser]

If you have a particular example, I can make an update and test against it.

[zabano]

Sorry for the late reply. I will try to get you a deanonymized XML response from CAS as soon as possible.