search

IdentityPython / djangosaml2

Django SAML2 Service Provider based on pySAML2
Apache License 2.0
256 stars 143 forks source link

User fails to create after SAML auth #134

Closed derchrisuk closed 4 years ago

derchrisuk commented 5 years ago

I have an App, which is using its own User model. After adding all required settings to get SAML auth working, I get the following error:

ERROR 2018-10-15 16:52:50,569 django.request log Internal Server Error: /saml2/acs/
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/django/db/models/query.py", line 486, in get_or_create
    return self.get(**lookup), False
  File "/usr/local/lib/python3.6/site-packages/django/db/models/query.py", line 399, in get
    self.model._meta.object_name
pretalx.person.models.user.User.DoesNotExist: User matching query does not exist.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 124, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.6/site-packages/django/views/decorators/http.py", line 40, in inner
    return func(request, *args, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/djangosaml2/views.py", line 313, in assertion_consumer_service
    create_unknown_user=create_unknown_user)
  File "/usr/local/lib/python3.6/site-packages/django/contrib/auth/__init__.py", line 73, in authenticate
    user = backend.authenticate(request, **credentials)
  File "/usr/local/lib/python3.6/site-packages/djangosaml2/backends.py", line 107, in authenticate
    create_unknown_user, main_attribute, attributes, attribute_mapping)
  File "/usr/local/lib/python3.6/site-packages/djangosaml2/backends.py", line 152, in get_saml2_user
    return self._get_or_create_saml2_user(main_attribute, attributes, attribute_mapping)
  File "/usr/local/lib/python3.6/site-packages/djangosaml2/backends.py", line 166, in _get_or_create_saml2_user
    defaults=user_create_defaults, **user_query_args)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/manager.py", line 82, in manager_method
    return getattr(self.get_queryset(), name)(*args, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/query.py", line 488, in get_or_create
    return self._create_object_from_params(lookup, params)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/query.py", line 522, in _create_object_from_params
    obj = self.create(**params)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/query.py", line 413, in create
    obj.save(force_insert=True, using=self.db)
  File "/pretalx/pretalx/person/models/user.py", line 119, in save
    return super().save(args, kwargs)
  File "/usr/local/lib/python3.6/site-packages/django/contrib/auth/base_user.py", line 73, in save
    super().save(*args, **kwargs)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/base.py", line 718, in save
    force_update=force_update, update_fields=update_fields)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/base.py", line 748, in save_base
    updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields)
  File "/usr/local/lib/python3.6/site-packages/django/db/models/base.py", line 803, in _save_table
    raise ValueError("Cannot force an update in save() with no primary key.")
ValueError: Cannot force an update in save() with no primary key.

This User model is using email as username field, which I already send as Name_ID

I have set debug log on to try to understand where it is failing exactly, but could not find out. What I discovered is that it only happens when trying to create a new user. When I register locally in the App with same username = email, and try to do the SAML auth again, it is finding the user, and is also updating the fields as per attribute mapping:

SAML_ATTRIBUTE_MAPPING = {
     'uid': ('username', ),
     'uid': ('email', ),
     'givenName': ('nick', ),
     'sn': ('name', ),
     'dc': ('is_staff', ),
 }
peppelinux commented 4 years ago

Do you use a custom User? Django message is quite eloquent "ValueError: Cannot force an update in save() with no primary key." This would be related to Django model and not to djangosaml2's ACS.

I'm going to clear all the old issues, if you still have troubles please open a new thread with renewed information, I'm sure that time passed and you got it fixed