status of phpsaml2 ?

[doumhfr]

Hi,

what is the status of this project ?

On glpi 10.0.11 :

• the original phpsaml doesn't work (blocked on acs page)
• your version doesn't work (can't access the parameters of the plugins, blank page)
• don't know if we can use phpsaml2

[ChrisGralike]

Hi @doumhfr

Thanks for reaching out. Phpsaml2 is still in an early stage but im making good progress. Because i am currently maintaining both versions its a bit of a struggle for time and sometimes motivation to help everyone out.

If you are using my latest version of PHPSaml (that should work as it does in my development environemtn):

• make sure you fully reinstall it (database and files) inside the plugins folder (not marketplace because i didnt test that)
• make sure php is compiled with openssl support (for cert stuff)
• make sure you use php8+
• if my version still doesnt work, create an issue in derrick's repository with logging (if any) from the GLPI_ROOT/files/_log/php_errors.log and ill do my best to help you fix the issue at hand.

Rgrds,

[doumhfr]

[2024-01-18 13:18:08] glpiphplog.WARNING: *** PHP Warning (2): file(https://github.com/derricksmith/phpsaml/releases.atom): Failed to open stream: Connection timed out in /usr/share/nginx/glpi/plugins/phpsaml/inc/config.class.php at line 1147 Backtrace : plugins/phpsaml/inc/config.class.php:1147 file() plugins/phpsaml/inc/config.class.php:190 PluginPhpsamlConfig->version() plugins/phpsaml/front/config.php:49 PluginPhpsamlConfig->showForm() public/index.php:82 require()

our GLPI server doesn't have internet access, don't know if it's this, but it's the only error I have in the log.

[DonutsNL]

Hi @doumhfr

Did you reinstall the plugin?

This 'warning' alone should not break the plugin. It will prevent the plugin from checking the version and showing it in the config page but thats oke. My version its way ahead of the phpsaml repo as it is. So this function currently tells you to downgrade back to derricks latest version (which is not maintained and will break the plugin).

You should be able to configure the plugin and use it. If not, please indicate what isnt working atm.

Rgrds,

[doumhfr]

I have already test this

uninstall/remove the plugin, no more table in the database reinstall the plugin no error message

but when I click on the button to configure the plugin, I have a blank page

on the logs the only things I have :

[2024-01-18 16:16:42] glpiphplog.WARNING: *** PHP User Warning (512): Usage of signed integers in primary or foreign keys is discouraged, please use unsigned integers instead in glpi_plugin_phpsaml_configs.id. in /usr/share/nginx/glpi/src/DBmysql.php at line 2180 Backtrace : src/DBmysql.php:2180 trigger_error() src/DBmysql.php:394 DBmysql->checkForDeprecatedTableOptions() src/DBmysql.php:352 DBmysql->doQuery() plugins/phpsaml/inc/config.class.php:1244 DBmysql->query() plugins/phpsaml/hook.php:58 PluginPhpsamlConfig::install() src/Plugin.php:922 plugin_phpsaml_install() front/plugin.form.php:51 Plugin->install() public/index.php:82 require()

[2024-01-18 16:17:48] glpiphplog.WARNING: *** PHP Warning (2): file(https://github.com/derricksmith/phpsaml/releases.atom): Failed to open stream: Connection timed out in /usr/share/nginx/glpi/plugins/phpsaml/inc/config.class.php at line 1147 Backtrace : plugins/phpsaml/inc/config.class.php:1147 file() plugins/phpsaml/inc/config.class.php:190 PluginPhpsamlConfig->version() plugins/phpsaml/front/config.php:49 PluginPhpsamlConfig->showForm() public/index.php:82 require()

[doumhfr]

I've done some test

the problem is the function version in inc/config.class.php

If I remove all the test, and just keep the : if ($return) { dummy aray....) } at the end the page is loading without problems

but after that I can't sign in

I have this message :

AADSTS7500522: XML element 'AuthnContextClassRef' in XML namespace 'urn:oasis:names:tc:SAML:2.0:assertion' in the SAML message must be a URI.

I try to set the option to false as find in this issue : https://github.com/derricksmith/phpsaml/issues/153#issuecomment-1900114869

but then I've got :

AADSTS750055: SAML message was not properly DEFLATE-encoded.

[doumhfr]

I have set back the option regarding encryption to true and now it's working....don't understand

so the only real problem is the configuration page that doesn't load when the server doesn't have internet access

[SpyK-01]

Hello, I've had the same problem but I've modified the line that calls ( private $phpSamlGitAtomUrl = 'https://github.com/derricksmith/phpsaml/releases.atom' ) to the link of my GLPI (https://MYGLPI.com/) to make sure it manages to reach it and the plugin launches normally without the blank page.