Unable to map SAML response attributes to User attributes

[Coolvibes]

Hi, I'm using devise_saml_authenticatable version - 1.5.0 with ruby-2.0.0-p648 on Rails 4. I created a sample IdP connector on Onelogin following this wiki. Devise::SamlSessionsController#create first looks for the attribute-map.yml, if not added. Upon adding the attribute-map.yml, I get an error - undefined method `to_sym' for nil:NilClass - when I try to use any devise helpers(e.g. current_user, user_signed_in?) within my controller code. Format for my SAML attributes(I'm receiving - email, username, name) as per the SAML response I decoded is - urn:oasis:names:tc:SAML:2.0:attrname-format:basic - which would imply simple string values as keys. But I have also tried the other following versions of my attribute-map.yml as I'm just beginning to learn working with this protocol.

attribute-map.yml - 1

email: "email"
username: "username"
name: "name"

attribute-map.yml - 2

"urn:oasis:names:tc:SAML:2.0:attrname-format:email": "email"
"urn:oasis:names:tc:SAML:2.0:attrname-format:username": "username"
"urn:oasis:names:tc:SAML:2.0:attrname-format:name": "name"

attribute-map.yml - 3

"urn:mace:dir:attribute-def:email": "email"
"urn:mace:dir:attribute-def:username": "username"
"urn:mace:dir:attribute-def:name": "name"

I'm guessing there's some issue with attribute mapping to my User model fields, which are email, name, username. I am able to establish SSO login and receive a response. Please help, thank you!

[adamstegman]

@Coolvibes we don't support Ruby 2.0.0 or Rails 4, so I'd suspect that the issue is from using those old versions. What is the stacktrace from the error you saw?

[Coolvibes]

@adamstegman PFB:

Started GET "/" for 127.0.0.1 at 2023-03-08 14:13:53 +0530
Processing by WelcomeController#index as HTML
  Parameters: {"org_name"=>nil}
Completed 401 Unauthorized in 14ms (ActiveRecord: 0.0ms | Http: 0.0ms)

Started GET "/users/saml/sign_in" for 127.0.0.1 at 2023-03-08 14:13:53 +0530
Processing by Devise::SamlSessionsController#new as HTML
  Parameters: {"org_name"=>nil}
Created AuthnRequest: <samlp:AuthnRequest AssertionConsumerServiceURL='http://localhost:3000/users/saml/auth' Destination='https://oneops.onelogin.com/trust/saml2/http-post/sso/8005c7eb-b113-4261-a8ca-3f6ac78e3e67' ID='_1910327e-392c-450e-9453-fad5b5e1b67d' IssueInstant='2023-03-08T08:43:53Z' Version='2.0' xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer>https://<app_name>.onelogin.com/</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'/></samlp:AuthnRequest>
Redirected to https://<app_name>.onelogin.com/trust/saml2/http-post/sso/8005c7eb-b113-4261-a8ca-3f6ac78e3e67?SAMLRequest=fZLNitswFIVfxTutFMlWHDsiDpgJhcC0DPPTRTdFkW8ag6zr6srTztuP7DAwXTQgEBLnOzo60o7M4EbdTvHiH%2BH3BBSzlghC7NHfoadpgPAE4bW38PJ437BLjKMWwqE17oIUtZJSiikRJGYvYZIVyw7JqPdmdrkylCD0gCOt0uTwV%2B9XFgcRw0RxIQsx6%2FiI85pQ1FKWtoITP%2BW54utik3NTW8PVeWNsVYOCTcWy46FhP%2FNtLlVRAVfbwvJ1KYFv16XiZ9OVpxLy06bqkpRogqOnaHxsWCELxWUa9bOs9VrpUv1g2fd0jyVzsZIs%2Bzs4T3oO17ApeI2GetLeDEA6Wv3Ufr3XSajNR2OfkfE2MwaMaNGx%2FW5W6yVd2N%2Fqaic%2BK3fXp%2FuWnI%2BHB3S9fcta5%2FDPXQAToWGpWmDZFwyDif%2FPkq%2FyZafv%2BHmRahhM79quC0DExP566r9%2FZP8O
Completed 302 Found in 6ms (ActiveRecord: 0.0ms | Http: 0.0ms)

Started POST "/users/saml/auth" for 127.0.0.1 at 2023-03-08 14:13:55 +0530
Processing by Devise::SamlSessionsController#create as HTML
  Parameters: {"RelayState"=>"http://localhost:3000/", "SAMLResponse"=>"PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0\r\nYzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6\r\nbmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIElEPSJSMGY2MDI5MDIwNGQ1\r\nNTBhYTU5N2NmZmMzMWE4ZGMyNTQ5ZGI4NDAyMiIgVmVyc2lvbj0iMi4wIiBJ\r\nc3N1ZUluc3RhbnQ9IjIwMjMtMDMtMDhUMDg6NDM6NTVaIiBEZXN0aW5hdGlv\r\nbj0iaHR0cDovL2xvY2FsaG9zdDozMDAwL3VzZXJzL3NhbWwvYXV0aCIgSW5S\r\nZXNwb25zZVRvPSJfMTkxMDMyN2UtMzkyYy00NTBlLTk0NTMtZmFkNWI1ZTFi\r\nNjdkIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9hcHAub25lbG9naW4uY29tL3Nh\r\nbWwvbWV0YWRhdGEvODAwNWM3ZWItYjExMy00MjYxLWE4Y2EtM2Y2YWM3OGUz\r\nZTY3PC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXND\r\nb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVz\r\nOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1s\r\nbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlv\r\nbiIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1h\r\nIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1h\r\nLWluc3RhbmNlIiBWZXJzaW9uPSIyLjAiIElEPSJwZng1NTdkNzcwNy1iMTAx\r\nLWIyMjUtNmY5NS1mMWMzZjc4Yjg1NTIiIElzc3VlSW5zdGFudD0iMjAyMy0w\r\nMy0wOFQwODo0Mzo1NVoiPjxzYW1sOklzc3Vlcj5odHRwczovL2FwcC5vbmVs\r\nb2dpbi5jb20vc2FtbC9tZXRhZGF0YS84MDA1YzdlYi1iMTEzLTQyNjEtYThj\r\nYS0zZjZhYzc4ZTNlNjc8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1s\r\nbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxk\r\nczpTaWduZWRJbmZvPjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29y\r\naXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4j\r\nIi8+PGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cu\r\ndzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkczpSZWZlcmVu\r\nY2UgVVJJPSIjcGZ4NTU3ZDc3MDctYjEwMS1iMjI1LTZmOTUtZjFjM2Y3OGI4\r\nNTUyIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0i\r\naHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1z\r\naWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3\r\ndy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zv\r\ncm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3Lncz\r\nLm9yZy8yMDAwLzA5L3htbGRzaWcjc2hhMSIvPjxkczpEaWdlc3RWYWx1ZT5M\r\nVzZsVUVVaGdVLzkwd0hvMDdidFNraEtOKzg9PC9kczpEaWdlc3RWYWx1ZT48\r\nL2RzOlJlZmVyZW5jZT48L2RzOlNpZ25lZEluZm8+PGRzOlNpZ25hdHVyZVZh\r\nbHVlPkdOYmZDU0oxV09IYjV3RXlEM2hweWpPUDdoSElTUmxwOG1FeDMvWVBL\r\nUkdDdXpscVdwaUNYZTFRbHkrV01kUzdWbzVqSmVCdzI2OGQwWUJTQ0VZN1Jr\r\nZFI2QWp3Q0h1THRRMlBnRmRtSmRnaXlLVTJQa1NUeXpVUDV5VmlLak1NdjJD\r\nbVNNemVuVGR2UmJxVzBHMFQ2V2xHWVQvSmRLV2NlTWMvbzJNOFRDVC9UMUJo\r\ncWdMSEQzbGFQOHlvTkE2UjBPT2pGNWxwcWVYcFZXSGdxUWp6SkVqa20zVHJp\r\nVDFhdnBMK2dTMzRBMTNYSVdnYlpuZ0p6NnZoY1RnV0xIR2l4YU9ScVhpSWox\r\naklKa0E3b3Zxc05HaEttWDFUR3N4MytWZkZvdUR1RStnNkc2bmlUenN0ZFNm\r\nK0tsamZ2MGlrYlFFQkQwdzBDRlRVNmgxdU5LcE12QT09PC9kczpTaWduYXR1\r\ncmVWYWx1ZT48ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0\r\naWZpY2F0ZT5NSUlEM0RDQ0FzU2dBd0lCQWdJVWVWZlZjTVlvemZBWUluWXpp\r\nRU5pNGZCK2xXRXdEUVlKS29aSWh2Y05BUUVGQlFBd1JURVFNQTRHQTFVRUNn\r\nd0hWMkZzYldGeWRERVZNQk1HQTFVRUN3d01UMjVsVEc5bmFXNGdTV1JRTVJv\r\nd0dBWURWUVFEREJGUGJtVk1iMmRwYmlCQlkyTnZkVzUwSURBZUZ3MHlNekF5\r\nTWpJd056TTBOVGhhRncweU9EQXlNakl3TnpNME5UaGFNRVV4RURBT0JnTlZC\r\nQW9NQjFkaGJHMWhjblF4RlRBVEJnTlZCQXNNREU5dVpVeHZaMmx1SUVsa1VE\r\nRWFNQmdHQTFVRUF3d1JUMjVsVEc5bmFXNGdRV05qYjNWdWRDQXdnZ0VpTUEw\r\nR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFEUmpGTWZoS2pC\r\nSTBSVXhqTTU0VmVudGV1S2RPNnlJZit1QVE5a1dBNHpkV2JRRmUwaFFsSk4w\r\nU2JPbUZuQ0o3NkZiV0o4cGFGbmpnZjVMK2c5UGtGNWh6Wll2Z1RBckRPWHpU\r\nRDFER3dqRXU3S1BicnZNYzlrK09CenNpcE5KVDlFQnUwckpjVTlEOEsyN25R\r\nV0pSQVhqcHlJVXloakYrOG5yK3czZkZWUEtTdDdCNFZQaklaZ3lzb1Q0KzY3\r\nNXFoQmMyZDljaHRZa1FUemYzdDFzclp1ams5UXdwblRESkpaTUxOdEVRQW0z\r\nRzc1Zk1WQVAyZGdxZUhHVmxaWStWSUtRTmZqUyt3WUVNdGUxWWVhMXF6RHdp\r\nMksrMUhDTy8rb0ozcldaeXUzb2x1WU9JWlhIRTR4UkdCdklkeWdydmN6SVB4\r\nc0Z4U0Iyb0hVY2JGODcvSHRBZ01CQUFHamdjTXdnY0F3REFZRFZSMFRBUUgv\r\nQkFJd0FEQWRCZ05WSFE0RUZnUVV5aW54NEVmVXJCREo3VktkNEhZNC9INDZI\r\nMFl3Z1lBR0ExVWRJd1I1TUhlQUZNb3A4ZUJIMUt3UXllMVNuZUIyT1B4K09o\r\nOUdvVW1rUnpCRk1SQXdEZ1lEVlFRS0RBZFhZV3h0WVhKME1SVXdFd1lEVlFR\r\nTERBeFBibVZNYjJkcGJpQkpaRkF4R2pBWUJnTlZCQU1NRVU5dVpVeHZaMmx1\r\nSUVGalkyOTFiblFnZ2hSNVY5Vnd4aWpOOEJnaWRqT0lRMkxoOEg2VllUQU9C\r\nZ05WSFE4QkFmOEVCQU1DQjRBd0RRWUpLb1pJaHZjTkFRRUZCUUFEZ2dFQkFL\r\nNkMwRnpYZmhSQUVpOW5TRXdMS1g0cXZHdWtvNWVXUERjUjhYUVVSSXFyWTJk\r\nL01qdFFreXpkeGpXYmpEaTdsL3JqdUJBN1k3VVlCSkIwTzBISmpSOHlYS1FJ\r\neW9wNUJxTGFJQjAvSjgrWmtGZmdPZmFWUHkxNW5ycU56ZFFLMG5LWWFzY2ox\r\nNFFwamJXTmZwdEZRWk56YUNCVnVydE1GRzE5cXRiVWNNWWdaU0VUZGZNSmhU\r\nNVRYSzJjM2VFaHc0anlTZXZRd2JVNlBGbWY2QjdJSHdzN0ZKa0tsZGREVW82\r\nWE84WjRHVk44b2RzUXVVTk4yb2FNM1crY0Zqc3RSSlNFQktjNHBjSGhzU0pV\r\nc3gvcmlTelNUWm5uNHZ1YVpBb1o0K3phTmhmNFBVUEN1NEU0MVZhVm9xSytz\r\ndDRJYkY3QTB3TWhmWmQ5cXJReHZPNmNwN289PC9kczpYNTA5Q2VydGlmaWNh\r\ndGU+PC9kczpYNTA5RGF0YT48L2RzOktleUluZm8+PC9kczpTaWduYXR1cmU+\r\nPHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6\r\nbmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDplbWFpbEFkZHJlc3Mi\r\nPm1lZGhhLmJhbnNhbEB3YWxtYXJ0LmNvbTwvc2FtbDpOYW1lSUQ+PHNhbWw6\r\nU3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0\r\nYzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRp\r\nb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAyMy0wMy0wOFQwODo0Njo1NVoiIFJl\r\nY2lwaWVudD0iaHR0cDovL2xvY2FsaG9zdDozMDAwL3VzZXJzL3NhbWwvYXV0\r\naCIgSW5SZXNwb25zZVRvPSJfMTkxMDMyN2UtMzkyYy00NTBlLTk0NTMtZmFk\r\nNWI1ZTFiNjdkIi8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1s\r\nOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMjMtMDMt\r\nMDhUMDg6NDA6NTVaIiBOb3RPbk9yQWZ0ZXI9IjIwMjMtMDMtMDhUMDg6NDY6\r\nNTVaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNl\r\nPmh0dHBzOi8vb25lb3BzLm9uZWxvZ2luLmNvbS88L3NhbWw6QXVkaWVuY2U+\r\nPC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+\r\nPHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDIzLTAzLTA4\r\nVDA4OjQzOjU0WiIgU2Vzc2lvbk5vdE9uT3JBZnRlcj0iMjAyMy0wMy0wOVQw\r\nODo0Mzo1NVoiIFNlc3Npb25JbmRleD0iXzM5NDFmYTlkLTk3ZmEtNDU1MC04\r\nN2VkLTcwNDQ1YWIwMGU2NyI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1\r\ndGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIu\r\nMDphYzpjbGFzc2VzOlBhc3N3b3JkUHJvdGVjdGVkVHJhbnNwb3J0PC9zYW1s\r\nOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDpBdXRobkNvbnRleHQ+PC9z\r\nYW1sOkF1dGhuU3RhdGVtZW50PjxzYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48\r\nc2FtbDpBdHRyaWJ1dGUgTmFtZT0ibmFtZSIgTmFtZUZvcm1hdD0idXJuOm9h\r\nc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+\r\nPHNhbWw6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3Lncz\r\nLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0\r\ncmluZyI+TWVkaGE8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJp\r\nYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iZW1haWwiIE5hbWVGb3JtYXQ9\r\nInVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6\r\nYmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzaT0iaHR0cDov\r\nL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBl\r\nPSJ4czpzdHJpbmciPm1lZGhhLmJhbnNhbEB3YWxtYXJ0LmNvbTwvc2FtbDpB\r\ndHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0\r\nZSBOYW1lPSJ1c2VybmFtZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVz\r\nOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0\r\ncmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAx\r\nL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWVk\r\naGFiYW5zYWw8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0\r\nZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+\r\nPC9zYW1scDpSZXNwb25zZT4KCg==\r\n", "org_name"=>nil}
Completed 500 Internal Server Error in 75ms (ActiveRecord: 0.0ms | Http: 0.0ms)

**NoMethodError (undefined method `to_sym' for nil:NilClass):
  app/controllers/application_controller.rb:558:in `check_username'

  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_source.erb (0.8ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (1.3ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (1.6ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (23.2ms)**

In the browser, it shows:

Appears on first use of any Devise helper.

[Coolvibes]

@adamstegman Also, I tried to debug this from within Devise::SamlSessionsController#create(by linking to my local gems and using debugger), which is essentially Devise::SessionsController#create and could not reach it. My debugger stops at all points within devise_saml_autheticatable, but not those within devise and even the Devise.saml_config object(RubySaml::Settings) comes out to be blank when I print it within devise_saml_autheticatable, even though all settings are present.

My config/initializers/devise.rb :

Devise.setup do |config|
  config.saml_configure do |settings|
    settings.assertion_consumer_service_url     = "http://localhost:3000/users/saml/auth"
    settings.issuer                             = "https://<app_name>.onelogin.com/"
    settings.idp_entity_id                      = "https://app.onelogin.com/saml/metadata/8005c7eb-b113-4261-a8ca-3f6ac78e3***"
    settings.idp_slo_target_url                 = "https://<app_name>.onelogin.com/trust/saml2/http-redirect/slo/2010424"
    settings.idp_sso_target_url                 = "https://<app_name>.onelogin.com/trust/saml2/http-post/sso/8005c7eb-b113-4261-a8ca-3f6ac78e3***"
    settings.idp_cert_fingerprint_algorithm     = "http://www.w3.org/2000/09/xmldsig#sha1"
    settings.idp_cert_fingerprint               = "82:7F:C6:96:91:A6:12:0E:1F:C3:28:43:15:F9:90:2D:0A:8C:D1:8F"
    settings.name_identifier_format             = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
  end

  config.saml_create_user = true
  config.saml_update_user = true
end

[adamstegman]

It may be more helpful if you run Rails with BACKTRACE=1 so we get the full backtrace, including gems.

[Coolvibes]

@adamstegman Full trace for above error:

Completed 500 Internal Server Error in 175ms (ActiveRecord: 0.0ms | Http: 0.0ms)

NoMethodError (undefined method `to_sym' for nil:NilClass):
  activerecord (4.1.10) lib/active_record/sanitization.rb:59:in `block in expand_hash_conditions_for_aggregates'
  activerecord (4.1.10) lib/active_record/sanitization.rb:58:in `each'
  activerecord (4.1.10) lib/active_record/sanitization.rb:58:in `expand_hash_conditions_for_aggregates'
  activerecord (4.1.10) lib/active_record/relation/query_methods.rb:950:in `build_where'
  activerecord (4.1.10) lib/active_record/relation/query_methods.rb:572:in `where!'
  activerecord (4.1.10) lib/active_record/relation/query_methods.rb:559:in `where'
  activerecord (4.1.10) lib/active_record/querying.rb:10:in `where'
  devise_saml_authenticatable (1.5.0) lib/devise_saml_authenticatable.rb:118:in `block in <module:Devise>'
  devise_saml_authenticatable (1.5.0) lib/devise_saml_authenticatable/model.rb:45:in `call'
  devise_saml_authenticatable (1.5.0) lib/devise_saml_authenticatable/model.rb:45:in `authenticate_with_saml'
  devise_saml_authenticatable (1.5.0) lib/devise_saml_authenticatable/strategy.rb:50:in `retrieve_resource'
  devise_saml_authenticatable (1.5.0) lib/devise_saml_authenticatable/strategy.rb:23:in `authenticate!'
  warden (1.2.7) lib/warden/strategies/base.rb:54:in `_run!'
  warden (1.2.7) lib/warden/proxy.rb:359:in `block in _run_strategies_for'
  warden (1.2.7) lib/warden/proxy.rb:354:in `each'
  warden (1.2.7) lib/warden/proxy.rb:354:in `_run_strategies_for'
  warden (1.2.7) lib/warden/proxy.rb:324:in `_perform_authentication'
  warden (1.2.7) lib/warden/proxy.rb:105:in `authenticate'
  devise (3.5.4) lib/devise/controllers/helpers.rb:124:in `current_user'
  devise (3.5.4) lib/devise/controllers/helpers.rb:120:in `user_signed_in?'
  app/controllers/application_controller.rb:559:in `check_username'
  activesupport (4.1.10) lib/active_support/callbacks.rb:429:in `block in make_lambda'
  activesupport (4.1.10) lib/active_support/callbacks.rb:161:in `call'
  activesupport (4.1.10) lib/active_support/callbacks.rb:161:in `block in halting'
  activesupport (4.1.10) lib/active_support/callbacks.rb:501:in `call'
  activesupport (4.1.10) lib/active_support/callbacks.rb:501:in `block in call'
  activesupport (4.1.10) lib/active_support/callbacks.rb:501:in `each'
  activesupport (4.1.10) lib/active_support/callbacks.rb:501:in `call'
  activesupport (4.1.10) lib/active_support/callbacks.rb:86:in `run_callbacks'
  actionpack (4.1.10) lib/abstract_controller/callbacks.rb:19:in `process_action'
  actionpack (4.1.10) lib/action_controller/metal/rescue.rb:29:in `process_action'
  actionpack (4.1.10) lib/action_controller/metal/instrumentation.rb:32:in `block in process_action'
  activesupport (4.1.10) lib/active_support/notifications.rb:159:in `block in instrument'
  activesupport (4.1.10) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (4.1.10) lib/active_support/notifications.rb:159:in `instrument'
  actionpack (4.1.10) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
  actionpack (4.1.10) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
  activerecord (4.1.10) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  actionpack (4.1.10) lib/abstract_controller/base.rb:136:in `process'
  actionview (4.1.10) lib/action_view/rendering.rb:30:in `process'
  actionpack (4.1.10) lib/action_controller/metal.rb:196:in `dispatch'
  actionpack (4.1.10) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  actionpack (4.1.10) lib/action_controller/metal.rb:232:in `block in action'
  actionpack (4.1.10) lib/action_dispatch/routing/route_set.rb:82:in `call'
  actionpack (4.1.10) lib/action_dispatch/routing/route_set.rb:82:in `dispatch'
  actionpack (4.1.10) lib/action_dispatch/routing/route_set.rb:50:in `call'
  actionpack (4.1.10) lib/action_dispatch/routing/mapper.rb:45:in `call'
  actionpack (4.1.10) lib/action_dispatch/journey/router.rb:73:in `block in call'
  actionpack (4.1.10) lib/action_dispatch/journey/router.rb:59:in `each'
  actionpack (4.1.10) lib/action_dispatch/journey/router.rb:59:in `call'
  actionpack (4.1.10) lib/action_dispatch/routing/route_set.rb:692:in `call'
  rack-attack (5.2.0) lib/rack/attack.rb:172:in `call'
  warden (1.2.7) lib/warden/manager.rb:36:in `block in call'
  warden (1.2.7) lib/warden/manager.rb:35:in `catch'
  warden (1.2.7) lib/warden/manager.rb:35:in `call'
  rack (1.5.5) lib/rack/etag.rb:23:in `call'
  rack (1.5.5) lib/rack/conditionalget.rb:35:in `call'
  rack (1.5.5) lib/rack/head.rb:11:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/flash.rb:254:in `call'
  rack (1.5.5) lib/rack/session/abstract/id.rb:225:in `context'
  rack (1.5.5) lib/rack/session/abstract/id.rb:220:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/cookies.rb:562:in `call'
  activerecord (4.1.10) lib/active_record/query_cache.rb:36:in `call'
  activerecord (4.1.10) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
  activesupport (4.1.10) lib/active_support/callbacks.rb:82:in `run_callbacks'
  actionpack (4.1.10) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/reloader.rb:73:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
  railties (4.1.10) lib/rails/rack/logger.rb:38:in `call_app'
  railties (4.1.10) lib/rails/rack/logger.rb:20:in `block in call'
  activesupport (4.1.10) lib/active_support/tagged_logging.rb:68:in `block in tagged'
  activesupport (4.1.10) lib/active_support/tagged_logging.rb:26:in `tagged'
  activesupport (4.1.10) lib/active_support/tagged_logging.rb:68:in `tagged'
  railties (4.1.10) lib/rails/rack/logger.rb:20:in `call'
  quiet_assets (1.1.0) lib/quiet_assets.rb:27:in `call_with_quiet_assets'
  request_store (1.5.0) lib/request_store/middleware.rb:19:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/request_id.rb:21:in `call'
  rack (1.5.5) lib/rack/methodoverride.rb:21:in `call'
  rack (1.5.5) lib/rack/runtime.rb:17:in `call'
  rack (1.5.5) lib/rack/lock.rb:17:in `call'
  actionpack (4.1.10) lib/action_dispatch/middleware/static.rb:84:in `call'
  rack (1.5.5) lib/rack/sendfile.rb:112:in `call'
  railties (4.1.10) lib/rails/engine.rb:514:in `call'
  railties (4.1.10) lib/rails/application.rb:144:in `call'
  rack (1.5.5) lib/rack/lock.rb:17:in `call'
  rack (1.5.5) lib/rack/content_length.rb:14:in `call'
  rack (1.5.5) lib/rack/handler/webrick.rb:60:in `service'
  /Users/m0b0d7e/.rvm/rubies/ruby-2.0.0-p648/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
  /Users/m0b0d7e/.rvm/rubies/ruby-2.0.0-p648/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
  /Users/m0b0d7e/.rvm/rubies/ruby-2.0.0-p648/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'

  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_source.erb (1.1ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_trace.html.erb (2.0ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/_request_and_response.html.erb (1.7ms)
  Rendered /Users/m0b0d7e/.rvm/gems/ruby-2.0.0-p648/gems/actionpack-4.1.10/lib/action_dispatch/middleware/templates/rescues/diagnostics.erb within rescues/layout (166.4ms)