tngan
commented
8 years ago @CatBakun What is the requestQuery ? Also, you can checkout and try the Onelogin demo repository here.
Closed CatBakun closed 7 years ago
tngan
commented
8 years ago @CatBakun What is the requestQuery ? Also, you can checkout and try the Onelogin demo repository here.
tngan
commented
7 years ago @CatBakun Since it is not updated for at least one month, I will close this issue. Please re-open if it is needed later on.
AlexeySafronov
commented
7 years ago Hi! I have this issue too. I changed parserType value from 'LogoutResponse' to 'SAMLResponse' ('LogoutRequest' to 'SAMLRequest') and everything started to work. Perhaps, OneLogin changed the response template.
My requestQuery is:
/sso/slo/callback?SAMLRequest=nZE9b4MwEIb%2FCpsnwGCgiQWolbIgpR3aqmt1OCZBAh%2F1HVJ%2Ffp2PIerQoeNJ%0Az73Pe7qaYJ4Wvccjrvxqv1ZLHH1YTyO6RuSJFNH3PDnSF64Rq3cagUbSDmZL%0Amo1%2Be3re60DqxSOjwUlE3a4RnzIroagqGZtSDrHMVBGb7QCxzHuVD6YHBSqg%0ARKvtHDE4DkKZPQQ0zst3udUq00Uu2vrs1hfQ37X5uwwQWc%2FhCtGemBfSaQrL%0AkqCzEx5Hlxic03NKOluGAzCkVbbZKFmnd7ab%2BiWkd7v%2FqA%2Bjt4bRP7INa9An%0AI94E18z2Ov16QPsD%0A
Tests on the latest 'SAML Test Connector (IdP w/ attr w/ sign response) ' app templete.
Thanks for your work!
tngan
commented
7 years ago @AlexeySafronov I also find out there is problem in the account management in OneLogin, so the link for OneLogin in sp1 example doesn't work, and it should work properly now.
tngan
commented
7 years ago @AlexeySafronov How do you handle sso/slo endpoint ? Are you using SP-initiated Logout or IdP-initiated Logout ? Feel free to open a new thread if you think it's better.
AlexeySafronov
commented
7 years ago @tngan, according to the description on the wiki page, requestQuery must have only SAMLRequest or SAMLResponse string parameter. It is a kind of standard, although I could not find confirmation of this in the RFC. I think that OneLogin just switched to this standard. I hope you can do it.
I changed parserType value from 'LogoutResponse' to 'SAMLResponse' ('LogoutRequest' to 'SAMLRequest') and everything started to work.
That i fixed IdP-initiated Logout. I could not find how to do SP-initiated Logout -> method sendLogoutRequest is available only for IdentityProvider.js. How can i tell to IDP that SP is logged out?
Thanks!
tngan
commented
7 years ago @CatBakun @AlexeySafronov Yes, the string parameter should be only SAMLRequest /SAMLResponse instead of LogoutRequest/LogoutResponse, which are the message body but not the query parameter, thank you for pointing out, will update it soon.
Hi there, first of al tnx for the great lib and examples.
Now, I am having an issue trying to do logout, the problem seems to be this line: https://github.com/tngan/express-saml2/blob/master/lib/Entity.js#L329
that value for parser type is causing this error to be thrown: https://github.com/tngan/express-saml2/blob/master/lib/Entity.js#L164
because, the only key in requestQuery object is 'SAMLResponse', there is not 'LogoutResponse' key in the object. I don't know if this lib should be updated to handle that situation or if I am doing something wrong and that is why I am not getting 'LogoutResponse' key in the requestQuery object.
What do you think?