Giter VIP home page Giter VIP logo

Comments (9)

eccegordo avatar eccegordo commented on July 18, 2024

I should add I am getting

<UNDEFINED> ... </>

from

response.document.inspect

from ruby-saml.

naemono avatar naemono commented on July 18, 2024

Yeah I'm getting the same thing too...

@document=<UNDEFINED>

from response.rb:

@document = XMLSecurity::SignedDocument.new(@response)

The above line is returning nothing...

I get this hex data for @response:

x9DT\xDBn\x9B@\x10\xFD\x15\xC4;,w\eDP\xDDX\x95,\xD5I\x14Gy\xC8K\xB5,\x83M\x03,\xDD]\x1A\xE7\xEF;\v\xF1-M\xDD$\xD2J0\xC3\xCC\xEC\xE1\xCC\x99I%m\xEA.\xB9\x05\xD9\xF1V\x82\xB1\x98_\x98?\xBC \xF2\xC3`\x12X\xD4

Unsure exactly what to do with this.

If it matters, it's ADFS on windows 2012 R2

Anyone have any clues about this?

from ruby-saml.

pitbulk avatar pitbulk commented on July 18, 2024

@naemono Can you install the SAML Tracer Firefox Plugin (https://addons.mozilla.org/es/firefox/addon/saml-tracer/) and send as the base64 encoded SAML Response?

from ruby-saml.

naemono avatar naemono commented on July 18, 2024

Thanks for looking into this.

I assume you're wanting this:

nVVtb5swEP4riO9gQggkFkXLGk2KtLRVU%2fVDv0zGPhJWwJlt1vTf7wzNW9dm7aRIwcfd%2bbnnnjtSzepqQ29Bb2SjwZnPLtwfo2Qk4jBkHozykRfleeLlIhp6ybAoojicQBGOXecelC5lc%2bGGfuA6c61bmDfasMagKRhEXjDxBpO7QUzDMQ1iPxqPH1xnBtqUDTNd5NqYjaaExFE84TwXfrNS8tHnsiasNWtiwRHOqipn%2fNF1Li1Em75VDZVMl5o2rAZNDafL6eI7RSSU9060bfQGeFmUIFxnW1eNpl2t56M3ShrJZeVmaVeR6kPPBzGtQdmK3MxWhAVpLf2tXKlNX4soNEGX3yUHTYxqtUlJnz5L%2bwYsDTOtPj1dSgHOPataOH%2b97rzpsuWYXrsOyVJymnW6A9j3dxzkUT5mhZdEg4kXBdhflrChFxYCgmQ8ZHGYfKyj8cNrHXyOrheS%2f4O2ZZv%2fBG6y9Arzz2fON6lqdkYaA3%2fQWUrhFZ0rhZqV1VQIZUnLFgvZmJWsQT1%2f2UNISZ99fx0qsChttOVyAWYtxT%2fUWNMcmALlvpljxgxzrqS5bq7VtDCgXhM9HB5G5xblvCm7Afjk4FhFvHH7wZqlaBelNWqL5ysgSfBX13swie36%2b6CTYz%2fUXisQMwdcMUaVvL93Z8x%2bMe%2bJKQGNf0T6%2fu3h8SSaHMBiKoMv8taAFTvUSM%2bRzbH96%2bmy8uJrbLr2UaNaso0v1Yo8aRIGwYjgr0QYpjTPhFesrDXpBMJ2Ajkk7UbyPcG88joyHD8fY8V%2bNfuz0x3PTl04CZH%2fJYJCAuaNgO1HR%2frlMmTPwNacni4rHMtbKLKzk8spt35ovsG%2fJ6nEDS5MFBCIO8Vw40plbNPeyHtq3h2PiCD7LbXfX7vPUvYH

This is from the 302 back to my application:

https://tempapplication.com:443/auth/saml/callback?SAMLResponse=base64_string_above&Signature=another_base64_string

from ruby-saml.

naemono avatar naemono commented on July 18, 2024

I finally figured out what was going on. I was not hitting https://myapp/auth/saml to generate the saml2 request (302 to adfs), but hitting https://myadfs/adfs/ls/idpinitiatedsignon to generate the saml callback, which turned out to be generating saml1 responses, which was causing this error. The documentation is seriously lacking here for ADFS (I'll generate a pull request for omniauth-saml readme) There doesn't seem to be way to force adfs to use saml2 when hitting the idpinitiatedsignon page without this gem creating the proper parameters sent to adfs:

<samlp:AuthnRequest AssertionConsumerServiceURL='https://myapp/auth/saml/callback' Destination='https://myadfs/adfs/ls/idpinitiatedsignon.aspx?logintoRP='myapplication-name' ID='_0d369f40-2268-0132-029b-28cfe9164b7b' IssueInstant='2014-09-19T20:18:32Z' Version='2.0' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'><saml:Issuer xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'>https://myappname</saml:Issuer><samlp:NameIDPolicy AllowCreate='true' Format='urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress' xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'/></samlp:AuthnRequest>

Anyways, thanks for the work on this gem...

from ruby-saml.

Lordnibbler avatar Lordnibbler commented on July 18, 2024

thanks for the followup @naemono! going to close this for now.

from ruby-saml.

alperkokmen avatar alperkokmen commented on July 18, 2024

We were running into this issue as well when validating documents without a signature (//ds:X509Certificate). Even though our code handled OneLogin::RubySaml::ValidationError, this wouldn't be rescued since it's a NoMethodError.

#66 fixes this. Try upgrading to 0.7.3 or higher if you are running into a similar issue.

from ruby-saml.

tboyko avatar tboyko commented on July 18, 2024

Try upgrading to 0.7.3 or higher if you are running into a similar issue.

@alperkokmen Typo? 0.7.2 is the most recent version available.

from ruby-saml.

alperkokmen avatar alperkokmen commented on July 18, 2024

@tboyko nope, 0.7.3 was a release. It's fairly out-of-date at this point though. I would recommend using the latest version if you can.

from ruby-saml.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.