Engineblock 6.3.3 - Issue accessing Google Suite or Office 365

8 views
Skip to first unread message

Domingos Gonçalves

unread,
Sep 22, 2020, 10:19:58 AM9/22/20
to OpenConext Community
Hi,

we detected a problem accessing two services Google Suite and Office 365 using the Engineblock 6.3.3 

The error we have on logs are the following:

Sep 22 14:18:22 papp03.rctsaai.pt EBLOG[32584]: [2020-09-22 14:18:21] app.INFO: Handling incoming request: POST /authentication/idp/single-sign-on/3aeed03ed80ba4a42b961e8cef0c7ee9 {"session_id":null,"request_id":"5f69f99dc78ff"} []
Sep 22 14:18:22 papp03.rctsaai.pt EBLOG[32584]: [2020-09-22 14:18:21] request.INFO: Matched route "authentication_idp_sso_idphash". {"session_id":null,"request_id":"5f69f99dc78ff"} {"route":"authentication_idp_sso_idphash","route_parameters":{"_controller":"engineblock.controller.authentication.identity_provider:singleSignOnAction","keyId":null,"domain":"rctsaai.pt","idpHash":"3aeed03ed80ba4a42b961e8cef0c7ee9","_route":"authentication_idp_sso_idphash"},"request_uri":"https://engine.rctsaai.pt/authentication/idp/single-sign-on/3aeed03ed80ba4a42b961e8cef0c7ee9","method":"POST"}
Sep 22 14:18:22 papp03.rctsaai.pt EBLOG[32584]: [2020-09-22 14:18:21] security.INFO: Populated the TokenStorage with an anonymous Token. {"session_id":null,"request_id":"5f69f99dc78ff"} []
Sep 22 14:18:22 papp03.rctsaai.pt EBLOG[32584]: [2020-09-22 14:18:22] app.ERROR: Argument 2 passed to EngineBlock_Corto_Module_Bindings::_verifyKnownSP() must be of the type string, null given, called in /opt/openconext/OpenConext-engineblock-6.3.3/library/EngineBlock/Corto/Module/Bindings.php on line 188 {"session_id":"dfc9gd2ii55gk3ejprhr6rpvr2","request_id":"5f69f99dc78ff"} {"exception":"[object] (TypeError(code: 0): Argument 2 passed to EngineBlock_Corto_Module_Bindings::_verifyKnownSP() must be of the type string, null given, called in /opt/openconext/OpenConext-engineblock-6.3.3/library/EngineBlock/Corto/Module/Bindings.php on line 188 at /opt/openconext/OpenConext-engineblock-6.3.3/library/EngineBlock/Corto/Module/Bindings.php:520)"}
Sep 22 14:18:22 papp03.rctsaai.pt EBLOG[32584]: [2020-09-22 14:18:22] app.NOTICE: An error was caught {"session_id":"dfc9gd2ii55gk3ejprhr6rpvr2","request_id":"5f69f99dc78ff"} []
Sep 22 14:18:22 papp03.rctsaai.pt Apache-EB: 193.137.196.29 - - [22/Sep/2020:14:18:21 +0100] "POST /authentication/idp/single-sign-on/3aeed03ed80ba4a42b961e8cef0c7ee9 HTTP/1.1" 200 84 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.87 Safari/537.36 Edg/80.0.361.50" "193.136.44.97"



The function _verifyKnownSP(string $messageIssuer, string $destination = '') has changed to define the parameters has strings .If me rollback that function _verifyKnownSP($messageIssuer, $destination = '')  


Changing again to that function it works fine!

    /**
     * Verify if a message has an issuer that is known as an SP to us. If not, it
     * throws a Corto_Module_Bindings_VerificationException.
     * @param string $messageIssuer
     * @param string $destination
     * @return AbstractRole Remote Entity that issued the message
     * @throws EngineBlock_Exception_UnknownServiceProvider
     */

   
protected function _verifyKnownSP($messageIssuer, $destination = '')
   
{
        $remoteEntity
= $this->_server->getRepository()->findServiceProviderByEntityId($messageIssuer);


       
if ($remoteEntity) {
           
return $remoteEntity;
       
}


        $this
->_logger->notice(
            sprintf
(
               
'Tried to verify a message from issuer "%s", but there is no known SP with that ID.',
                $messageIssuer
           
)
       
);


       
throw new EngineBlock_Exception_UnknownServiceProvider(
            sprintf
('Issuer "%s" is not a known remote entity? (please add SP to Remote Entities)', $messageIssuer),
            $messageIssuer
,
            $destination
       
);
   
}


Best regards,

Domingos Gonçalves








Thijs Kinkhorst

unread,
Sep 22, 2020, 10:55:53 AM9/22/20
to openc...@googlegroups.com
Hi Domingos,

Op 22-09-2020 om 16:19 schreef Domingos Gonçalves:
> we detected a problem accessing two services *Google Suite* and *Office
> 365* using the *Engineblock 6.3.3* 
>
> The error we have on logs are the following:

What a coincidence, I was actually just investigating the same issue and
created a fix just now:

https://github.com/OpenConext/OpenConext-engineblock/pull/898


Cheers,
Thijs

Domingos Gonçalves

unread,
Sep 22, 2020, 12:03:31 PM9/22/20
to OpenConext Community
What a coincidence!! :)

Those two services escape our validation in Pre-Production.

With these we will wait a new release when possible.

Thanks for you support.

Best regards,

Domingos Gonçalves

Michiel Kodde

unread,
Sep 23, 2020, 2:44:07 AM9/23/20
to openc...@googlegroups.com
Thanks guys! I've reviewed Thijs' PR and things are looking good. This bugfix should land in a new 6.3 release soon.

With kind regards,
Michiel

--
OpenConext - Open For Collaboration
---
You received this message because you are subscribed to the Google Groups "OpenConext Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openconext+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openconext/bf32fe87-0f72-48f1-ab9a-c89d4b18b1b0o%40googlegroups.com.

Michiel Kodde

unread,
Sep 23, 2020, 4:23:38 AM9/23/20
to openc...@googlegroups.com
Hi Domingos,

The bugfix was released just now


Hope this helps!
Michiel

Domingos Gonçalves

unread,
Sep 23, 2020, 9:24:51 AM9/23/20
to OpenConext Community
Hi Michiel,

I already tested that new version 6.3.5 in our environment and so far so good. It's working fine!

We will made some additional tests to specific services to validate the compatibility.

Thanks a lot guys!

Domingos Gonçalves


quarta-feira, 23 de Setembro de 2020 às 09:23:38 UTC+1, Michiel Kodde escreveu:
Hi Domingos,

The bugfix was released just now


Hope this helps!
Michiel

On Wed, 23 Sep 2020 at 08:43, Michiel Kodde <mko...@ibuildings.nl> wrote:
Thanks guys! I've reviewed Thijs' PR and things are looking good. This bugfix should land in a new 6.3 release soon.

With kind regards,
Michiel

On Tue, 22 Sep 2020 at 18:03, Domingos Gonçalves <domingos...@gmail.com> wrote:
What a coincidence!! :)

Those two services escape our validation in Pre-Production.

With these we will wait a new release when possible.

Thanks for you support.

Best regards,

Domingos Gonçalves

terça-feira, 22 de Setembro de 2020 às 15:55:53 UTC+1, Thijs Kinkhorst escreveu:
Hi Domingos,

Op 22-09-2020 om 16:19 schreef Domingos Gonçalves:
> we detected a problem accessing two services *Google Suite* and *Office
> 365* using the *Engineblock 6.3.3* 
>
> The error we have on logs are the following:

What a coincidence, I was actually just investigating the same issue and
created a fix just now:

https://github.com/OpenConext/OpenConext-engineblock/pull/898


Cheers,
Thijs

--
OpenConext - Open For Collaboration
---
You received this message because you are subscribed to the Google Groups "OpenConext Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openc...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages