Keridos
commented
4 years ago Having the same issue on Nextcloud 19.0
Closed fedecastelli closed 2 years ago
Keridos
commented
4 years ago Having the same issue on Nextcloud 19.0
fedecastelli
commented
4 years ago I've upgraded it too to the version 19.0 and I'm having the same issue too
r3pek
commented
4 years ago I think something stopped working with NC19 because I had everything working with SSO (remote variable) on NC18 but it doesn't work anymore.
blizzz
commented
4 years ago oO 18 and 19 run the same versions
r3pek
commented
4 years ago oO 18 and 19 run the same versions
That part I know. Something must have changed on NC.... not on the plugin. But what changed made it non-working ;)
pentiumoverdrive
commented
3 years ago Trying on 19 as well with ADFS.
I have IDP settings configured and I can download metadata XML. I think I had to fill in correct fields.
My log looked like this:
I updated the saml plugin today and had same problems for the while, then I clicked around and did a reset on the settings, filled it in again and now I'm getting no errors at all. No clue if this was needed. Feels like a gui bug to me. I'm not sure if I'm supposed to see anything related on the login page though (which I don't).
UPDATE: No, I'm still getting this error message and "invalid metadata" now....
jetexe
commented
3 years ago Version 20. same trouble
ben-kuhn
commented
3 years ago Version 21, same trouble.
theoneandonly-vector
commented
3 years ago I only get the error when I try to download it on v21, no error about "invalid metadata" after filling it out.
katsie03
commented
3 years ago Azure AD here, it cannot find the metadata provided (e.g. https://nextcloud.yourdomain.com/index.php/apps/user_saml/metadata). Removed index.php with no hope, so i done a GET request and that provided return data so I really am scratching my head here for what happened. And it'ds pretty funny that a resolution has not been found.
theoneandonly-vector
commented
3 years ago for me it works now.
col-panic
commented
2 years ago Same problem for version 22
blacklight
commented
2 years ago It seems that, at least in its most recent occurrence, this issue is actually a regression due to conflicting IPD IDs (one end expects them to be 0-based, another one expects them to be 1-based): https://github.com/nextcloud/user_saml/issues/573. In other words, a simple smoke test involving adding a fresh IPD account wasn't done before pushing 5.0.0.
I have tried to add another IDP with the same configuration as the first, and it fixed the problem in my case. This confirms the hypothesis of the IPD IDs mismatch. To any of the maintainers - it'd be nice if this could get fixed.
alenkovich
commented
2 years ago Same here.. NC v24, user_saml 5.0.0 .. fresh installation. After adding first IdP provider it shows "invalid metadata" and adding second provider works.
KoffeinKaio
commented
2 years ago copying my comment from #573 : commenting out an if in js/admin.js seems to fix it for me
getConfigIdentifier: function() {
// if (this.currentConfig === '1') {
// return '';
// }
return this.currentConfig + '-';
},Might be the root of SAMLSettings/SAMLController wanting an $idp of 0 while a config with id 0 never exists
getConfigIdentifier() is used in the frontend to get the current No. of the IDP config, an return of '' might have been used before to indicate a new config / empty first provider => default 0. As it was moved to DB a config with No. 0 never exists and therefore errors later in PHP. If any of the maintainers could look if thats enough of a "fix" or if I should look deeper - that would be nice.
I would be happy to make a PR out of this.
EDIT: whelp. too easy to be true. direct access to user_saml/saml/metadata (how adfs does it) doesnt return the frist one adding ?idp=1(or number) for that works tho
blacklight
commented
2 years ago @KoffeinKaio thanks for nailing this! Could you also please check the behaviour in case a user has multiple providers? I had created an extra mock provider previously (just to prevent the issue with the 1-indexed ID), and after applying your fix I'm not able to remove it.
KoffeinKaio
commented
2 years ago Might have found a better way:
public function getOneLoginSettingsArray(int $idp): array {
$this->ensureConfigurationsLoaded($idp);to
public function getOneLoginSettingsArray($idp): array {
if (empty($idp))
$idp = 1;
$this->ensureConfigurationsLoaded($idp);Deleting a provider works for me, could you dump the ids you get via occ saml:config:get?
blacklight
commented
2 years ago Deleting a provider works for me, could you dump the ids you get via occ saml:config:get?
Eventually it worked (probably the interface still had the other provider cached and didn't delete it properly), but I got another 500 upon login.
I've just tried your new backend patch and that seems to work instead - probably it's worth making a PR if other users can also confirm that it works.
Hello,
I'm trying to setup the
SAML Authenticationusing the Ianum Identity Provider.I fill all the Identity Provider's information and I see the error message saying
Invalid Metadata. If I click onDownload Metadata, the server shows an error page.Checking the official documentation I noticed that the Identity Provider is not officially supported and tested but it should be supported since it implements the SAML 2.0 protocol.
Server configuration
Operating system: Ubuntu 18.04.6 LTS
Web server: Apache
Database: MySQL
PHP version: 7.2.24
Nextcloud version: 18.0.5
Updated from an older Nextcloud/ownCloud or fresh install: Fresh install
Nextcloud log (data/nextcloud.log)
Nextcloud log
``` [index] Error: OneLogin\Saml2\Error: Invalid array settings: idp_entityId_not_found, idp_sso_not_found, idp_cert_or_fingerprint_not_found_and_required at <