$document->documentElement is NULL

[Khurram664]

I am using PHP 8 and I have installed simplesamlphp 2.0.0 on the server. I have checked the version of saml2 which is 4.6.5. I am seeing an error related to DOMText. But the root cause of the error is below:

In src/SAML2/HTTPPOST.php :

$document = DOMDocumentFactory::fromString($msgStr); Utils::getContainer()->debugMessage($document->documentElement, 'in'); if (!$document->firstChild instanceof \DOMElement) { throw new \Exception('Malformed SAML message received.'); } $msg = Message::fromXML($document->firstChild);

It fails to make $document->documentElement as it is coming out as NULL. Although I can see $document is a DOM type and contains the SAML related information . the subsequent function calls Utils::getContainer()->debugMessage And Message::fromXML($document->firstChild); both are getting failed. My question is is this related to version of libxml or some other extension? Or some encoding issue. I have verified that XML response from SAML is coming through and having a valid response. I can also provide the whole stack trace of the Error. Thanks.

[thijskh]

A full stack trace is appreciated together with the XML that triggers this (or even better a SAML Trace with the SAML Tracer).

[Khurram664]

Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] SimpleSAML\Error\Exception: Warning - Undefined property: DOMText::$wholeText at /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:170 Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] Backtrace: Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 17 /var/simplesamlphp/public/_include.php:86 (SimpleSAML_error_handler) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 16 /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:170 (SimpleSAML\Utils\XML::formatDOMElement) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 15 /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:220 (SimpleSAML\Utils\XML::formatDOMElement) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 14 /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:253 (SimpleSAML\Utils\XML::formatXMLString) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 13 /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:137 (SimpleSAML\Utils\XML::debugSAMLMessage) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 12 /var/simplesamlphp/src/SimpleSAML/Compat/SspContainer.php:54 (SimpleSAML\Compat\SspContainer::debugMessage) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 11 /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPRedirect.php:42 (SAML2\HTTPRedirect::getRedirectURL) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 10 /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPRedirect.php:88 (SAML2\HTTPRedirect::send) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 9 /var/simplesamlphp/modules/saml/src/Auth/Source/SP.php:657 (SimpleSAML\Module\saml\Auth\Source\SP::sendSAML2AuthnRequest) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 8 /var/simplesamlphp/modules/saml/src/Auth/Source/SP.php:641 (SimpleSAML\Module\saml\Auth\Source\SP::startSSO2) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 7 /var/simplesamlphp/modules/saml/src/Auth/Source/SP.php:690 (SimpleSAML\Module\saml\Auth\Source\SP::startSSO) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 6 /var/simplesamlphp/modules/saml/src/Auth/Source/SP.php:779 (SimpleSAML\Module\saml\Auth\Source\SP::authenticate) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 5 /var/simplesamlphp/src/SimpleSAML/Auth/Source.php:195 (SimpleSAML\Auth\Source::initLogin) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 4 /var/simplesamlphp/src/SimpleSAML/Auth/Simple.php:167 (SimpleSAML\Auth\Simple::login) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 3 [builtin] (call_user_func_array) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 2 /var/simplesamlphp/src/SimpleSAML/HTTP/RunnableResponse.php:72 (SimpleSAML\HTTP\RunnableResponse::sendContent) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 1 /var/simplesamlphp/vendor/symfony/http-foundation/Response.php:394 (Symfony\Component\HttpFoundation\Response::send) Mar 16 08:32:52 usawodlbclapp03 simplesamlphp[3690490]: 3 [26a3491dc4] 0 /var/simplesamlphp/public/module.php:14 (N/A) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] SimpleSAML\Error\Exception: Warning - Undefined property: DOMDocument::$documentElement at /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php:110 Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] Backtrace: Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 7 /var/simplesamlphp/public/_include.php:86 (SimpleSAML_error_handler) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 6 /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php:110 (SAML2\HTTPPost::receive) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 5 /var/simplesamlphp/modules/saml/src/Controller/ServiceProvider.php:209 (SimpleSAML\Module\saml\Controller\ServiceProvider::assertionConsumerService) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 4 /var/simplesamlphp/vendor/symfony/http-kernel/HttpKernel.php:163 (Symfony\Component\HttpKernel\HttpKernel::handleRaw) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 3 /var/simplesamlphp/vendor/symfony/http-kernel/HttpKernel.php:75 (Symfony\Component\HttpKernel\HttpKernel::handle) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 2 /var/simplesamlphp/vendor/symfony/http-kernel/Kernel.php:202 (Symfony\Component\HttpKernel\Kernel::handle) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 1 /var/simplesamlphp/src/SimpleSAML/Module.php:234 (SimpleSAML\Module::process) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 0 /var/simplesamlphp/public/module.php:14 (N/A) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] SimpleSAML\Error\Error: UNHANDLEDEXCEPTION Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] Backtrace: Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 2 /var/simplesamlphp/public/_include.php:28 (SimpleSAML_exception_handler) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 1 /var/simplesamlphp/vendor/symfony/error-handler/ErrorHandler.php:607 (Symfony\Component\ErrorHandler\ErrorHandler::handleException) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 0 [builtin] (N/A) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] Caused by: InvalidArgumentException: Invalid input parameters. Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] Backtrace: Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 8 /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:100 (SimpleSAML\Utils\XML::debugSAMLMessage) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 7 /var/simplesamlphp/src/SimpleSAML/Compat/SspContainer.php:54 (SimpleSAML\Compat\SspContainer::debugMessage) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 6 /var/simplesamlphp/vendor/simplesamlphp/saml2/src/SAML2/HTTPPost.php:110 (SAML2\HTTPPost::receive) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 5 /var/simplesamlphp/modules/saml/src/Controller/ServiceProvider.php:209 (SimpleSAML\Module\saml\Controller\ServiceProvider::assertionConsumerService) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 4 /var/simplesamlphp/vendor/symfony/http-kernel/HttpKernel.php:163 (Symfony\Component\HttpKernel\HttpKernel::handleRaw) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 3 /var/simplesamlphp/vendor/symfony/http-kernel/HttpKernel.php:75 (Symfony\Component\HttpKernel\HttpKernel::handle) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 2 /var/simplesamlphp/vendor/symfony/http-kernel/Kernel.php:202 (Symfony\Component\HttpKernel\Kernel::handle) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 1 /var/simplesamlphp/src/SimpleSAML/Module.php:234 (SimpleSAML\Module::process) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] 0 /var/simplesamlphp/public/module.php:14 (N/A) Mar 16 08:32:55 usawodlbclapp03 simplesamlphp[3709159]: 3 [26a3491dc4] Error report with id 106682b9 generated.

[thijskh]

It seems you are receving is an invalid XML message and what causes the exceptions is the attempt of logging the saml message because debug['saml'] is set to true. We might need to improve that such that we better log what we receive even if we cannot parse it.

But the real cause seems to be a message that cannot be parsed, so if you can provide the message in question that would be great.

[tvdijen]

Undefined property: DOMText::$wholeText at /var/simplesamlphp/src/SimpleSAML/Utils/XML.php:170

This means your PHP installation is broken.

Type php --ini and fix any issues that are reported. A common cause for this error is that the dom-extension is being loaded twice

[Khurram664]

`<samlp:response id="_089130d8-c3d4-42b7-a1dc-ed4571bd9b92" version="2.0" issueinstant="2023-03-16T13:30:37.030Z" destination="TESTSERVER/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" inresponseto="_01cdd646adba8c95cb625515c620d61d27e809f01f" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">IDPID

IDPID NV6YyS1PeCCe1KmLg+5uUpv9uXLiit/PNsbKMNYoopE= EP6kYqv4RpjRb6tjXB00yoZJ/kmoaEdpUzeI06YBYt0nJp1sWqu1GeKy5VvPLoDO0HWHyQ0RD1+HQtIHGnimZG3Q6E+MCw7v9EV7hBT5MT+85ifjDOfD4m9HlzDB32J/8hSAHTfLceHQ6/e29i3qjzTTJjcluZPwL3tA3q2Q5MAjQ0lrLgODp0p+Ao3DmIR2tUgTlQ3/Dr20QOrtHeZO6E7kV9qGIsepi98IgcMh2H6tbymm1yPVp1BTfnlqHvQkEoaSODvbGKNUqPxzvjVGY6BnIO1NSe3qL0uJQXzS3WfM+BMo+rFmExf+hZJW5gvm3P7j+HEvffq8maQ8AFljHA== IDPCERT cQkLN4sv3zQBrLr1574CmCGvkjAHod5M4WTJkJysU48= TESTSERVER/simplesaml/module.php/saml/sp/metadata.php/default-sp 76we624f-e27a-4b03-8702-L6fpa389e009 80we624f-e33a-4c03-8702-L6olk389e009 IDPID http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/password http://schemas.microsoft.com/claims/multipleauthn kbangash@test.com Khurram TESTCompany Bangash US 000000007 urn:oasis:names:tc:SAML:2.0:ac:classes:Password `

[Khurram664]

I have pasted the XML response above. I have obscured some things like Certificate , IDPID, And server as TESTSERVER @tvdijen Hi Tim. I will meanwhile check the php --ini thing.

[Khurram664]

A common cause for this error is that the dom-extension is being loaded twice

That exactly was the issue. Thanks @tvdijen you were of great help. Closing this issue and hoping it will help someone one day.

[thijskh]

Why is that possible and does it not create an explicit error?

[tvdijen]

Beats me. We had the same question in Slack, so apparently it's easy to put PHP in a broken state. @Khurram664 Any idea how you got into this state?

[Khurram664]

I am not sure. The platform is RHEL 8 and originally I was working with PHP7.4 and SAML 1.19. I upgraded to PHP 8 and SAML 2.0.0 but was seeing the exact same errors. I have no idea how come dom was being loaded twice but when I commented out the dom extension in php.ini , I saw it working. Before that I had no idea an extension bein loaded twice can cause issues.

[tvdijen]

Ah, makes sense! When you upgrade PHP you will not get the new config templates, but instead the new templates are installed as .conf.dist files. So basically you have been running PHP 8 with PHP 7.4 configuration. I can recommend using the REMI-repository for PHP. It will allow you to run multiple versions of PHP simultaneously, and their configs will be completely isolated. The author of the repo is a Red Hat employee, so it's not a sketchy repo.