search

ironmansoftware / powershell-universal

Issue tracker for PowerShell Universal
https://powershelluniversal.com
34 stars 3 forks source link

SAML2 /Saml2/Acs Stuck #3898

Open emoeckel opened 1 day ago

emoeckel commented 1 day ago

Version

5.0.10

Severity

High

Environment

msi

Steps to Reproduce

Enable SAML2, visit PSU site.

Expected behavior

Works

Actual behavior

When I enable SAML2 and visit the WebSite, I get prompted from my SAML provider but then get redirected to https://*URL*/Saml2/Acs and have an error on the page of "This page isn't working right now".

I will post additional information that is scrubbed a bit.

Additional Environment data

5.0.10

Screenshots/Animations

image

2024-10-10 08:27:23.639 -07:00 [INF][Microsoft.AspNetCore.Hosting.Diagnostics] Request starting HTTP/2 GET https://PSU URL/ - null null
2024-10-10 08:27:23.645 -07:00 [INF][Microsoft.AspNetCore.Mvc.ChallengeResult] Executing ChallengeResult with authentication schemes ([]).
2024-10-10 08:27:23.645 -07:00 [INF][Sustainsys.Saml2.AspNetCore2.Saml2Handler] Initiating login to SCRUBBED URL
2024-10-10 08:27:23.647 -07:00 [INF][Microsoft.AspNetCore.Hosting.Diagnostics] Request finished HTTP/2 GET https://PSU URL/ - 303 0 null 7.4549ms
2024-10-10 08:27:36.618 -07:00 [INF][Microsoft.AspNetCore.Hosting.Diagnostics] Request starting HTTP/2 POST https://PSU URL/Saml2/Acs - application/x-www-form-urlencoded 4047
2024-10-10 08:27:36.625 -07:00 [INF][Sustainsys.Saml2.AspNetCore2.Saml2Handler] Successfully processed SAML response SCRUBBED STRING- and authenticated SCRUBBED MY USER
2024-10-10 08:27:36.627 -07:00 [INF][Universal.Server.Services.ClaimsEvaluator] Evaluating claims for SCRUBBED MY USER, Cache: False
2024-10-10 08:27:36.755 -07:00 [ERR][Microsoft.AspNetCore.Server.Kestrel] Connection id "0HN792UA7EH8J", Request id "0HN792UA7EH8J:00000003": An unhandled exception was thrown by the application.
Grpc.Core.RpcException: Status(StatusCode="Unknown", Detail="Exception was thrown by handler.", DebugException="Grpc.Core.Internal.CoreErrorDetailException: {"created":"@1728574056.753000000","description":"Error received from peer ipv4:127.0.0.1:62610","file":"..\..\..\src\core\lib\surface\call.cc","file_line":953,"grpc_message":"Exception was thrown by handler.","grpc_status":2}")
 ---> Grpc.Core.Internal.CoreErrorDetailException: {"created":"@1728574056.753000000","description":"Error received from peer ipv4:127.0.0.1:62610","file":"..\..\..\src\core\lib\surface\call.cc","file_line":953,"grpc_message":"Exception was thrown by handler.","grpc_status":2}
   --- End of inner exception stack trace ---
   at ProtoBuf.Grpc.Internal.Reshape.UnaryTaskAsyncImpl[TRequest,TResponse](AsyncUnaryCall`1 call, MetadataContext metadata, CancellationToken cancellationToken) in /_/src/protobuf-net.Grpc/Internal/Reshape.cs:line 549
   at Universal.Server.Services.SecurityProxy.AuthorizeAsync(ClaimsPrincipal claimsPrincipal, IEnumerable`1 roles, String userInfo) in C:\actions-runner\_work\universal\universal\src\Universal.Server\Services\Authentication\SecurityProxy.cs:line 247
   at Universal.Server.Services.ClaimsEvaluator.EvaluateAsync(ClaimsPrincipal principal, HttpContext httpContext, Boolean cache, String userInfo) in C:\actions-runner\_work\universal\universal\src\Universal.Server\Services\Authentication\ClaimsEvaluator.cs:line 95
   at PowerShellUniversal.Saml2AuthenticationMethod.<>c__DisplayClass6_0.<Configure>b__1(CommandResult result, Saml2Response response) in C:\actions-runner\_work\universal\universal\src\PowerShellUniversal.Authentication\Saml2AuthenticationMethod.cs:line 61
   at Sustainsys.Saml2.WebSso.AcsCommand.Run(HttpRequestData request, IOptions options)
   at Sustainsys.Saml2.AspNetCore2.Saml2Handler.HandleRequestAsync()
   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
2024-10-10 08:27:36.756 -07:00 [INF][Microsoft.AspNetCore.Hosting.Diagnostics] Request finished HTTP/2 POST https://PSU URL/Saml2/Acs - 500 0 null 137.2701ms
emoeckel commented 1 day ago

Here is another issue that was fixed in 5.0.1 that appears to be exactly the same

https://github.com/ironmansoftware/powershell-universal/issues/3623