SAML plugin not working correctly with SimpleSamlPhp 1.15

Bug #1744797 reported by Robert Lyon on 2018-01-22
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Critical
Robert Lyon
16.10
Critical
Unassigned
17.04
Critical
Unassigned
17.10
Critical
Unassigned
18.04
Critical
Robert Lyon

Bug Description

There are couple of problems

1) Plugin stop working and shows this error
 [SimpleSAML_Error_UnserializableException]: [ARRAY]: The option 'Format' is not a valid string value

We used to set 'NameIDPolicy' to NULL, but we just need to not set this option any more

2) The POST redirect to the IdP requires a special post.js file that exists in the extlib 'resources' section - we need to copy this to our sp section so the file can be accessed

Robert Lyon (robertl-9) on 2018-01-22
Changed in mahara:
status: New → In Progress
importance: Undecided → Critical
assignee: nobody → Robert Lyon (robertl-9)
milestone: none → 18.04.0
Robert Lyon (robertl-9) on 2018-01-22
description: updated

Reviewed: https://reviews.mahara.org/8460
Committed: https://git.mahara.org/mahara/mahara/commit/0405658c143d3c73c7004295dfc65a99516703a2
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 0405658c143d3c73c7004295dfc65a99516703a2
Author: Cecilia Vela Gurovic <email address hidden>
Date: Fri Jan 19 13:36:21 2018 +1300

Bug 1744797: Fixes for ssphp 1.15.0

Stop the error: [SimpleSAML_Error_UnserializableException]:
[ARRAY]: The option 'Format' is not a valid string value

And allow the js submit form for the redirect of the POST to IdP

behatnotneeded

Change-Id: Id617e51722d55c286e9b5340cdc3f5922f7320bc

Adjusting ssphp to copy the extlib www/resources/ files into sp/resources/

Change-Id: Ie347d43b64638b4b36a198c5904cee6128ea6f7f
Signed-off-by: Robert Lyon <email address hidden>

Mahara Bot (dev-mahara) wrote :

Patch for "17.04_STABLE" branch: https://reviews.mahara.org/8463

Mahara Bot (dev-mahara) wrote :

Patch for "16.10_STABLE" branch: https://reviews.mahara.org/8464

Reviewed: https://reviews.mahara.org/8462
Committed: https://git.mahara.org/mahara/mahara/commit/23c7c7795c8e233586ac1db92d97ba8dfa88e059
Submitter: Robert Lyon (<email address hidden>)
Branch: 17.10_STABLE

commit 23c7c7795c8e233586ac1db92d97ba8dfa88e059
Author: Cecilia Vela Gurovic <email address hidden>
Date: Fri Jan 19 13:36:21 2018 +1300

Bug 1744797: Fixes for ssphp 1.15.0

Stop the error: [SimpleSAML_Error_UnserializableException]:
[ARRAY]: The option 'Format' is not a valid string value

And allow the js submit form for the redirect of the POST to IdP

behatnotneeded

Change-Id: Id617e51722d55c286e9b5340cdc3f5922f7320bc

Adjusting ssphp to copy the extlib www/resources/ files into sp/resources/

Change-Id: Ie347d43b64638b4b36a198c5904cee6128ea6f7f
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 0405658c143d3c73c7004295dfc65a99516703a2)

Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/8464
Committed: https://git.mahara.org/mahara/mahara/commit/c2996df98579f7d6561f2d2a2b92cb5dd18ecd86
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.10_STABLE

commit c2996df98579f7d6561f2d2a2b92cb5dd18ecd86
Author: Cecilia Vela Gurovic <email address hidden>
Date: Fri Jan 19 13:36:21 2018 +1300

Bug 1744797: Fixes for ssphp 1.15.0

Stop the error: [SimpleSAML_Error_UnserializableException]:
[ARRAY]: The option 'Format' is not a valid string value

And allow the js submit form for the redirect of the POST to IdP

behatnotneeded

Change-Id: Id617e51722d55c286e9b5340cdc3f5922f7320bc

Adjusting ssphp to copy the extlib www/resources/ files into sp/resources/

Change-Id: Ie347d43b64638b4b36a198c5904cee6128ea6f7f
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit 0405658c143d3c73c7004295dfc65a99516703a2)

Yaju Mahida (yvm) wrote :

Adjusting ssphp to copy the extlib www/resources/ files into sp/resources/ is a wrong path! It should go to auth/saml/resources.

The /htdocs/auth/saml/extlib/simplesamlphp/templates/post.php code snippet load these files from baseurlpath/resoures/post.js and baseurlpath/resoures/post.css

<head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <title>POST data</title>
    <script type="text/javascript" src="/<?php echo $this->data['baseurlpath']; ?>resources/post.js"></script>
    <link
        type="text/css" rel="stylesheet" href="/<?php echo $this->data['baseurlpath']; ?>resources/post.css" />
</head>

Robert Lyon (robertl-9) wrote :

Hi Yaju, what is set for your 'baseurlpath' in htdocs/auth/saml/config/config.php ?

The default setting is:
 'baseurlpath' => get_config('wwwroot') . 'auth/saml/sp/'

Is yours set to something else?

If so you can adjust your version of Makefile to suit

Cheers
Robert

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers