SMUI exception during SAML auth

[jweiss3034]

After configuring SAML auth to Entra per the documentation, SMUI properly redirects to Entra for auth and then during the call back an error occurs. I was able to obtain the following stack from the docker console during the process. Which looks to be a serializion error related to the "notOnOrAfter" value from the SAML token.

`[error] o.p.c.u.s.JsonSerializer - Cannot encode object com.fasterxml.jackson.databind.exc.InvalidDefinitionException: Type id handling not implemented for type java.lang.Object (by serializer of type com.fasterxml.jackson.databind.ser.impl.UnsupportedTypeSerializer) (through reference chain: java.util.HashMap["pac4jUserProfiles"]->java.util.LinkedHashMap["SAML2Client"]->org.pac4j.saml.profile.SAML2Profile["attributes"]->java.util.HashMap["notOnOrAfter"]) at com.fasterxml.jackson.databind.exc.InvalidDefinitionException.from(InvalidDefinitionException.java:77) at com.fasterxml.jackson.databind.SerializerProvider.reportBadDefinition(SerializerProvider.java:1308) at com.fasterxml.jackson.databind.DatabindContext.reportBadDefinition(DatabindContext.java:414) at com.fasterxml.jackson.databind.JsonSerializer.serializeWithType(JsonSerializer.java:160) at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeTypedFields(MapSerializer.java:1027) at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeFields(MapSerializer.java:779) at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeWithoutTypeInfo(MapSerializer.java:764) at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeWithType(MapSerializer.java:733) at com.fasterxml.jackson.databind.ser.std.MapSerializer.serializeWithType(MapSerializer.java:35) at com.fasterxml.jackson.databind.ser.BeanPropertyWriter.serializeAsField(BeanPropertyWriter.java:734) [error] p.a.h.DefaultHttpErrorHandler -

! @86pdoh1ha - Internal server error, for (POST) [/callback?client_name=SAML2Client] ->

play.api.UnexpectedException: Unexpected exception[CompletionException: java.lang.NullPointerException: Cannot invoke "String.getBytes(java.nio.charset.Charset)" because the return value of "org.pac4j.core.util.serializer.AbstractSerializer.internalSerializeToString(Object)" is null] at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:384) at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:267) at play.core.server.PekkoHttpServer$$anonfun$invokeAction$1$1.applyOrElse(PekkoHttpServer.scala:482) at play.core.server.PekkoHttpServer$$anonfun$invokeAction$1$1.applyOrElse(PekkoHttpServer.scala:474) at scala.concurrent.impl.Promise$Transformation.run(Promise.scala:490) at org.apache.pekko.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:73) at org.apache.pekko.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:110) at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.scala:18) at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:94) at org.apache.pekko.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:110) Caused by: java.util.concurrent.CompletionException: java.lang.NullPointerException: Cannot invoke "String.getBytes(java.nio.charset.Charset)" because the return value of "org.pac4j.core.util.serializer.AbstractSerializer.internalSerializeToString(Object)" is null at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(Unknown Source) at java.base/java.util.concurrent.CompletableFuture.completeThrowable(Unknown Source) at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source) at play.core.j.ClassLoaderExecutionContext.$anonfun$execute$1(ClassLoaderExecutionContext.scala:64) at org.apache.pekko.dispatch.TaskInvocation.run(AbstractDispatcher.scala:59) at org.apache.pekko.dispatch.ForkJoinExecutorConfigurator$PekkoForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:57) at java.base/java.util.concurrent.ForkJoinTask.doExec(Unknown Source) at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(Unknown Source) at java.base/java.util.concurrent.ForkJoinPool.scan(Unknown Source) at java.base/java.util.concurrent.ForkJoinPool.runWorker(Unknown Source) Caused by: java.lang.NullPointerException: Cannot invoke "String.getBytes(java.nio.charset.Charset)" because the return value of "org.pac4j.core.util.serializer.AbstractSerializer.internalSerializeToString(Object)" is null at org.pac4j.core.util.serializer.AbstractSerializer.internalSerializeToBytes(AbstractSerializer.java:53) at org.pac4j.core.util.serializer.AbstractSerializer.serializeToBytes(AbstractSerializer.java:43) at org.pac4j.play.store.PlayCookieSessionStore.putSessionValues(PlayCookieSessionStore.java:115) at org.pac4j.play.store.PlayCookieSessionStore.set(PlayCookieSessionStore.java:109) at org.pac4j.core.profile.ProfileManager.saveAll(ProfileManager.java:211) at org.pac4j.core.profile.ProfileManager.save(ProfileManager.java:185) at org.pac4j.core.engine.DefaultCallbackLogic.saveUserProfile(DefaultCallbackLogic.java:128) at org.pac4j.core.engine.DefaultCallbackLogic.perform(DefaultCallbackLogic.java:100) at org.pac4j.play.CallbackController.lambda$callback$0(CallbackController.java:48) at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(Unknown Source)`

[mkr]

Thanks @jweiss3034 , this is a regression from the Play 3.0 upgrade. I didn't have time to fix it yet, you'd need to downgrade to 4.1.2 for now.

[mkr]

This will be addressed once the fix for https://github.com/pac4j/play-pac4j/issues/705 is released.

[epugh]

That's great news that the update will be out in November!