2:47 p.m.
* Peter Schober <peter.schober at univie.ac.at> [2020-03-26 14:16]:
Another data point: When trying to start SAML SSO by
accessing the
discovery_response endpoint at <base>/<name>/disco I end up with the
exception raised in disco_response() from satosa/backends/saml2.py
("No IDP chosen for state" / "No IDP chosen")
FWIW, adding an IDP's entityID to the disco URL gets me further:
<base>/<name>/disco?entityID=some-idp-entityID
lets me see sent attributes and mapped attributes, e.g.
[2020-03-26 13:36:35,559] [DEBUG] [satosa.attribute_mapping.to_internal] backend attribute
['displayName'] mapped to displayname
[2020-03-26 13:36:35,559] [DEBUG] [satosa.attribute_mapping.to_internal] backend attribute
['mail'] mapped to mail
Though I still end up with an "Unkown error" from a yet another KeyError:
[2020-03-26 13:36:35,559] [ERROR] [satosa.base.run]
[urn:uuid:331aa86e-7f18-4a6f-81b2-f51f21d68c86] Uncaught exception
Traceback (most recent call last):
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
289, in run
resp = self._run_bound_endpoint(context, spec)
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
229, in _run_bound_endpoint
return spec(context)
File
"/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/backends/saml2.py",
line 353, in authn_response
return self.auth_callback_func(context, self._translate_response(authn_response,
context.state))
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
186, in _auth_resp_callback_func
internal_response.requester = context.state[STATE_KEY]["requester"]
File "/usr/local/venv/SATOSA/lib/python3.7/collections/__init__.py", line
1025, in __getitem__
raise KeyError(key)
KeyError: 'SATOSA_BASE'
[2020-03-26 13:36:35,561] [ERROR] [satosa.proxy_server.__call__] Unknown error
Traceback (most recent call last):
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
289, in run
resp = self._run_bound_endpoint(context, spec)
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
229, in _run_bound_endpoint
return spec(context)
File
"/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/backends/saml2.py",
line 353, in authn_response
return self.auth_callback_func(context, self._translate_response(authn_response,
context.state))
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
186, in _auth_resp_callback_func
internal_response.requester = context.state[STATE_KEY]["requester"]
File "/usr/local/venv/SATOSA/lib/python3.7/collections/__init__.py", line
1025, in __getitem__
raise KeyError(key)
KeyError: 'SATOSA_BASE'
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File
"/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/proxy_server.py",
line 117, in __call__
resp = self.run(context)
File "/usr/local/venv/SATOSA/lib/python3.7/site-packages/satosa/base.py", line
307, in run
raise SATOSAUnknownError("Unknown error") from err
satosa.exception.SATOSAUnknownError: Unknown error
I'm guessing this key value comes from satosa/base.py's
STATE_KEY="SATOSA_BASE"? Doesn't get me much closer, though.
At least the exception happening in _auth_resp_callback_func() is a
good sign, as this has this docstring to offer:
"This function is called by a backend module when the authorization is
complete."
So dispite all the tracebacks and exceptions I must be getting close. ;)
-peter