search

Chocobozzz / PeerTube

ActivityPub-federated video streaming platform using P2P directly in your web browser
https://joinpeertube.org/
GNU Affero General Public License v3.0
13.1k stars 1.51k forks source link

Official SAML plugin: minor issue when no certs configured #3300

Closed markvdb closed 4 years ago

markvdb commented 4 years ago

Describe the current behavior On an otherwise healthy default PeerTube 2.4 installation with only the saml2.0 plugin installed, without service provider certificates configured, the default entity_id https:///plugins/auth-saml2/router/metadata.xml returns a 500 Internal server error.

Steps to reproduce:

  1. Install PeerTube 2.4 and official SAML 2.0 plugin.
  2. Request https:///plugins/auth-saml2/router/metadata.xml using browser/wget/whatever.
  3. Receive 500 Internal server error.

Describe the expected behavior Based upon https://framagit.org/framasoft/peertube/official-plugins/-/tree/master/peertube-plugin-auth-saml2/README.md , I'd expect service provider certificate generation to be optional. I'd expected to be able to retrieve at least some information about the SAML 2.0 service provider at the metadata URL, or a warning about needing certificates configured.

A fix may be as quick as updating the relevant page to mention service provider certificate generation is not optional.

/var/log/syslog: Nov 12 21:43:46 peertube peertube[26491]: [peertube.lusis.eu:443] 2020-11-12 21:43:46.814 #033[31merror#033[39m: Error in controller. { Nov 12 21:43:46 peertube peertube[26491]: "err": "Error: Invalid Certificate\n at extract_certificate_data (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:255:11)\n at certificate_to_keyinfo (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:244:31)\n at /var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:112:29\n at create_metadata (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:116:5)\n at ServiceProvider.module.exports.ServiceProvider.ServiceProvider.create_metadata (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:946:12)\n at ServiceProvider.create_metadata (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:6:57)\n at /var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/peertube-plugin-auth-saml2/main.js:117:60\n at Layer.handle [as handle_request] (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/layer.js:95:5)\n at next (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/route.js:137:13)\n at Route.dispatch (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/route.js:112:3)\n at Layer.handle [as handle_request] (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/layer.js:95:5)\n at /var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:281:22\n at Function.process_params (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:335:12)\n at next (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:275:10)\n at Function.handle (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:174:3)\n at router (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:47:12)\n at servePluginCustomRoutes (/var/www/peertube/versions/peertube-v2.4.0/dist/server/controllers/plugins.js:60:12)\n at Layer.handle [as handle_request] (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/layer.js:95:5)\n at trim_prefix (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:317:13)\n at /var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:284:7\n at param (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:354:14)\n at param (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:365:14)\n at Function.process_params (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:410:3)\n at next (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:275:10)\n at /var/www/peertube/versions/peertube-v2.4.0/dist/server/middlewares/validators/plugins.js:32:20\n at Layer.handle [as handle_request] (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/layer.js:95:5)\n at trim_prefix (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:317:13)\n at /var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:284:7\n at param (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:354:14)\n at param (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:365:14)\n at Function.process_params (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:410:3)\n at next (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express/lib/router/index.js:275:10)\n at middleware (/var/www/peertube/versions/peertube-v2.4.0/node_modules/express-validator/src/middlewares/check.js:16:13)\n at runMicrotasks (<anonymous>)" Nov 12 21:43:46 peertube peertube[26491]: } Nov 12 21:43:46 peertube peertube[26491]: [peertube.lusis.eu:443] 2020-11-12 21:43:46.819 #033[32minfo#033[39m: 94.105.0.0 - - [12/Nov/2020:20:43:46 +0000] "GET /plugins/auth-saml2/router/metadata.xml HTTP/1.0" 500 - "-" "Firefox"

relevant bit from journalctl:

Nov 12 21:43:46 peertube peertube[26491]: [peertube.lusis.eu:443] 2020-11-12 21:43:46.814 error: Error in controller. { Nov 12 21:43:46 peertube peertube[26491]: "err": "Error: Invalid Certificate\n at extract_certificate_data (/var/www/peertube/versions/peertube-v2.4.0/storage/plugins/node_modules/saml2-js/lib-js/saml2.js:255:11)\n at Nov 12 21:43:46 peertube peertube[26491]: } Nov 12 21:43:46 peertube peertube[26491]: [peertube.lusis.eu:443] 2020-11-12 21:43:46.819 info: 94.105.0.0 - - [12/Nov/2020:20:43:46 +0000] "GET /plugins/auth-saml2/router/metadata.xml HTTP/1.0" 500 - "-" "Firefox"

rigelk commented 4 years ago

hi @markvdb,

You are in the repository for the core software and your issue pertains to a plugin at https://framagit.org/framasoft/peertube/official-plugins/-/tree/master/peertube-plugin-auth-saml2, so please report your issue at https://framagit.org/framasoft/peertube/official-plugins/-/issues instead.

markvdb commented 4 years ago

Thank you for your quick reply. Sorry about filing in the wrong place.