Want I want is a simply SAML2.0 setup, where default-sp uses the example-userpass for logins such that I can use it development, seems simply, but I've had zero luck.
Even simply testing via the UI, the 'default-sp' source dopes not work.
Test Authentication Sources
admin
example-userpass
default-sp
the first 2 are fine, but the third one always fails. On my 4th or 5th complete redo and I'm stuck. Searching is not finding any explanation (or any good helpful one) either.
admin and example-userpass both work as expected.
SimpleSAML\Error\MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => 'v2-2350161.unknown.co')Backtrace:6 src/SimpleSAML/Metadata/MetaDataStorageHandler.php:331 (SimpleSAML\Metadata\MetaDataStorageHandler::getMetaData)5 src/SimpleSAML/Metadata/MetaDataStorageHandler.php:348 (SimpleSAML\Metadata\MetaDataStorageHandler::getMetaDataConfig)4 modules/saml/src/IdP/SAML2.php:411 (SimpleSAML\Module\saml\IdP\SAML2::receiveAuthnRequest)3 [builtin] (call_user_func_array)2 src/SimpleSAML/HTTP/RunnableResponse.php:68 (SimpleSAML\HTTP\RunnableResponse::sendContent)1 vendor/symfony/http-foundation/Response.php:423 (Symfony\Component\HttpFoundation\Response::send)0 public/saml2/idp/SSOService.php:30 (N/A)I'm confused as to why this is showing IO have a entityID defined named: '
v2-2350161.unknown.co', I'm unsure what file it is even coming from, as '
v2-2350161.unknown.co' is defined in the
config/authsources.php and maps to entities in both saml20-idp-remote.php and saml20-idp-hosted.php. saml20-sp-remote.php is empty as that seems to be what the samples all do (which seems odd).
My configures are:# cat config/authsources.php
<?php
$config = array(
'admin' => [
'core:AdminPassword',
],
'example-userpass' => [
...... <removed for size> .....
],
'default-sp' => [
'saml:SP',
'entityID' => 'v2-2350161.unknown.co',
'privatekey' => 'server.pem',
'certificate' => 'server.crt',
'idp' => 'v2-2350161.unknown.co',
],
);
# cat metadata/saml20-idp-remote.php
<?php
$metadata['v2-2350161.unknown.co'] = [
'SingleSignOnService' => [
[
'Location' => 'https://unknown.co:9443/simplesaml/saml2/idp/SSOService.php/default-sp',
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
],
],
'SingleLogoutService' => [
[
'Location' => 'https://unknown.co:9443/simplesaml/saml2/idp/SingleLogoutService.php/default-sp',
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
],
],
'certificate' => 'server.pem',
];# cat metadata/saml20-idp-hosted.php
<?php
$metadata['
v2-2350161.unknown.co '] = [
'host' => '__DEFAULT__',
'privatekey' => 'server.pem',
'certificate' => 'server.crt',
'auth' => 'example-userpass',
'contacts' => [
[
'contactType' => 'support',
'emailAddress' => 'root@localhost',
'givenName' => 'root',
'surName' => 'user',
'company' => 'unknown.co',
],
],
];
# cat metadata/saml20-sp-remote.php
<?php
/**
* SAML 2.0 remote SP metadata for SimpleSAMLphp.
*/ Is empty as the examples do nothing with it.
I can get metadata, under federation, but it does not work in my app, I'm assuming the issue is not the app as it can connect to Okta for example, so I'm figuring the error above is a (or the) cause.
Thanks,
ERIC