Bug: Not able to run example setup #99
Comments
mksowmya
changed the title
|
Hi! I have same problem, after updated, metadata load dynamicly, simple solutions is:
good solution is add than sp metadata into migration) |
|
@mksowmya Did you sort this out? Although this is quite a generic issue. I think I ran into this because I changed the service provider often and the app did not pick up any changes I made, a restart did not help either. Deleting the service provider and re-adding it did help. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am struggling to run the example setup. I am getting error while authenticating via idp.
Error: saml2.response.IncorrectlySigned
Here is the traceback:
[18/Jun/2020 13:41:26] "GET /login/?next=/idp/login/process/ HTTP/1.1" 200 965
SSO requested to IDP with binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
--- SAML request [
<ns0:AuthnRequest xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" ID="id-TJfxWL3KnCY1jnvb1" Version="2.0" IssueInstant="2020-06-18T13:41:31Z" Destination="http://localhost:9000/idp/sso/post/" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://localhost:8000/saml2/acs/">
<ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://localhost:8000/saml2/metadata/</ns1:Issuer>
<ns2:Signature Id="Signature1">
ns2:SignedInfo
<ns2:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ns2:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ns2:Reference URI="#id-TJfxWL3KnCY1jnvb1">
ns2:Transforms
<ns2:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ns2:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ns2:Transforms>
<ns2:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
ns2:DigestValueqO5aq+5OQ4TSO6MJEYqR0mhWLXk=</ns2:DigestValue>
</ns2:Reference>
</ns2:SignedInfo>
ns2:SignatureValueEaeXe9FiFF/A+3fpWG+RsLEM/qMns9CXmVxE2Icjhbn6bII7M8E1bpoQbYtqjLuY
Ps6NOuUo1O/d1N4iQujn1fYQOCcBQgcoOlRndsHAbm/JDIKXvkV8rmI/+HR9Dezx
PQZ8pznF4qW8HcZ0rpsff3/Gz3dBvmQo6e/awl1clNxz1qmyN5/9TO/vF+0WI2RK
QLPBcDTkBpP9NM9Z3P1i+JGHwyOKhOjSK7glTguiIcz9PCbM8rwNiqm0qLF++T/N
NR+rXgwce+MZ6vJh4IQu2bJtqbWKdtSC5g1ftTuV8e3Heb4kngDHRg6YxOOM0J1Y
seod7jbza2umY3Gkt55N1g==</ns2:SignatureValue>
ns2:KeyInfo
ns2:X509Data
ns2:X509CertificateMIIDCTCCAfGgAwIBAgIJAL6KBRFZctKRMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAMMEHNwLmxvY2FsaG9zdC5jb20wHhcNMTgwODA4MTgxNzQ1WhcNMjgwODA1MTgxNzQ1WjAbMRkwFwYDVQQDDBBzcC5sb2NhbGhvc3QuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWvPHrAXZ8S5TrrPwPk744sQqIh8x8tX+PGtJpZJOidAVnB5vGnZZa5rvu6Es+M15CAD+cz1GAsBegAz4FVP12I3anotCwnbnb0BvdrCD8zVBeMfq8MhWFLm09HoAh7STWyDi0+0BAgCFPyCvfBvNK5j9N0HyJeMLDnju7PWAAHr7rget5FNw6NWxfjlJiowSPpqVfTSjJcKTcByttnmLn8MPs5N5YhPX2CqFWnn3mzl/s7Xc3AQH7xCHGfQX738060vkm72ufPIKi9+onABHJYMx3p5TI9j/O7g06YoypB4k839odCCyoxcfsJwjKGrZnvEB5Eo8ZQJbd3kfSLu5QIDAQABo1AwTjAdBgNVHQ4EFgQUEC1n3lbl5TZO9gjy4VeOuKvtqTswHwYDVR0jBBgwFoAUEC1n3lbl5TZO9gjy4VeOuKvtqTswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAKNPZhQA3028/tGF51RW8vBeHBry2AxSF3ZCgdZwszFMV6ls6/9ZwbYHE+yN2ehNXTxdOfbZIy90Vy0UHMfJk3syKPxQeAM7/1udWk53UfXbwWuyhwUSdDh02H8oXORMcM2MOj5Cl/qcW5X7dbhFkgzRfyTAebonhe8CSfN7uXGgkzO8ft7ndk1uK2hKL5VWH1e/gTegFYm/CMjB/Cwhr+226oz1bjulbU4VJ+RUkrlV6+puCcyBhcv8ZR3f6YAGHzsUt7RNjLeyEuqquA1QbwmlkfeV9NOO9aBpbA5SQc+43CunQe1rLsWoIpCcjSmxYH1qVD7tHLhI7yBqPv5RQUA==</ns2:X509Certificate>
</ns2:X509Data>
</ns2:KeyInfo>
</ns2:Signature>
<ns0:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="false"/>
</ns0:AuthnRequest>
] ---
[18/Jun/2020 13:41:31] "POST /idp/sso/post/ HTTP/1.1" 302 0
[18/Jun/2020 13:41:31] "GET /idp/login/process/ HTTP/1.1" 302 0
[18/Jun/2020 13:41:31] "GET /login/?next=/idp/login/process/ HTTP/1.1" 200 965
[18/Jun/2020 13:41:37] "POST /login/ HTTP/1.1" 302 0
Response was not correctly signed
{}
Traceback (most recent call last):
File "/home/sowmya/TestProjects/djangosaml2idp/example_setup/idp/djangosaml2idp/views.py", line 236, in get
req_info = idp_server.parse_authn_request(request.session['SAMLRequest'], binding)
File "/home/sowmya/.virtualenvs/idp/lib/python3.8/site-packages/saml2/server.py", line 230, in parse_authn_request
return self._parse_request(enc_request, AuthnRequest,
File "/home/sowmya/.virtualenvs/idp/lib/python3.8/site-packages/saml2/entity.py", line 846, in _parse_request
_request = _request.loads(xmlstr, binding, origdoc=enc_request,
File "/home/sowmya/.virtualenvs/idp/lib/python3.8/site-packages/saml2/request.py", line 95, in loads
return self._loads(xmldata, binding, origdoc, must,
File "/home/sowmya/.virtualenvs/idp/lib/python3.8/site-packages/saml2/request.py", line 59, in _loads
raise IncorrectlySigned()
saml2.response.IncorrectlySigned
Internal Server Error: /idp/login/process/
[18/Jun/2020 13:41:37] "GET /idp/login/process/ HTTP/1.1" 500 326
On debugging, I found the saml.mdstore.Metadata object is not getting entity_id
def certs(self, entity_id, descriptor, use="signing"):
'''
Returns certificates for the given Entity
'''
ent = self[entity_id]
Failing at this part
I do not know where I am erring, I have not touched any of the code and am running as is
Python 3.8.5
Django 3.0.7
Can anybody push me towards right direction?
The text was updated successfully, but these errors were encountered: