Trying to configure onelogin with crewjam/saml - Githubissues

crewjam / saml

SAML library for go

BSD 2-Clause "Simplified" License

952 stars 428 forks source link

Trying to configure onelogin with crewjam/saml #404

Closed anjalipandith closed 2 years ago

anjalipandith commented 2 years ago

Hi Team I am trying to configure SAML with Onelogin; i could not able to make it work.

samlSP, errs := Samlsp.New(samlsp.Options{
    EntityID:    SAMLentityId,
    URL:         *rootURL,
    IDPMetadata: idpMetadata,
    Key:         keyPair.PrivateKey.(*rsa.PrivateKey),
    Certificate: keyPair.Leaf,
    SignRequest: true,
})

I set the following things.

I used following command to create the key and certificates

openssl req -x509 -newkey rsa:2048 -keyout myservice.key -out myservice.cert -days 365 -nodes -subj "/CN=myservice.example.com"

Following info is set in the backend server EntityID="https://xyz-dev.onelogin.com/sp/12345-084412345" (got from onelogin) rootURL= "https://localhost:9233/" (my domain) IDPMetadata = "https://xyz-dev.onelogin.com/sp/12345-084412345"

Samlsp.New() is failing with 2021-12-28 03:12:29 ERRO[21-12-28 03:12:29] router.go:XXX 400 Bad Request

============= What is the procedure to configure onelogin?

Thanks Anjali

anjalipandith commented 2 years ago

idpMetadata, err := samlsp.FetchMetadata(context.Background(), http.DefaultClient, *idpMetadataURL) 
if err != nil {
    return nil, err
}

samlSP, err := SamlspNew(samlsp.Options{
    URL:                 *rootURL,
    IDPMetadata:  idpMetadata,
    Key:                 keyPair.PrivateKey.(*rsa.PrivateKey),
    Certificate:       keyPair.Leaf,
    ForceAuthn:   true,
})

This is working for me now.