search

fangli / django-saml2-auth

Django SAML2 Authentication Made Easy. Easily integrate with SAML2 SSO identity providers like Okta
Other
502 stars 222 forks source link

Using pysaml2 > 4.5.0 causes errors wrt to entityid attribute being missing. #75

Open fxdgear opened 5 years ago

fxdgear commented 5 years ago 
Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 126, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 124, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.7/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/registry_library/src/django-saml2-auth/django_saml2_auth/views.py", line 160, in acs
    resp, entity.BINDING_HTTP_POST)
  File "/usr/local/lib/python3.7/site-packages/saml2/client_base.py", line 679, in parse_authn_request_response
    if not getattr(self.config, 'entityid', None):
saml2.SAMLError: Missing entity_id specification

I've had to pin my requireemnts to install from master for this project. But I've also had to pin my requirements for pysaml2 to 4.5.0 cause a release in pysaml2 checks for the existance of the entityid in the pysaml config. When we instantiate the saml client here I think we need to pass in a config object.

cause later in the pysaml2 lib here we are checking for the existance of an attribute config.

cguethle commented 5 years ago

Ran into the same issue. Stayed with pysaml==4.7.0 after setting ENTITY_ID in the settings. While docs for django-saml2-auth indicate ENTITY_ID is optional, pysaml>4.5.0 makes it not optional.

hooman96 commented 5 years ago

I provided ENTITY_ID as well but have the following error:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/saml2/client_base.py", line 181, in _sso_location
    srvs = self.metadata.single_sign_on_service(list(eids.keys())[0],
IndexError: list index out of range

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/usr/local/lib/python3.7/site-packages/django/core/handlers/base.py", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.7/site-packages/django_saml2_auth/views.py", line 243, in signin
    _, info = saml_client.prepare_for_authenticate()
  File "/usr/local/lib/python3.7/site-packages/saml2/client.py", line 76, in prepare_for_authenticate
    **kwargs)
  File "/usr/local/lib/python3.7/site-packages/saml2/client.py", line 110, in prepare_for_negotiated_authenticate
    destination = self._sso_location(entityid, binding)
  File "/usr/local/lib/python3.7/site-packages/saml2/client_base.py", line 185, in _sso_location
    raise IdpUnspecified("No IdP to send to given the premises")
saml2.client_base.IdpUnspecified: No IdP to send to given the premises