Comments (19)
from django-saml2-auth.
Did you get a chance to solve this? I have the same error!
from django-saml2-auth.
Every 500 comes with error logs, could you post the relevant error logs here?
from django-saml2-auth.
I'm afraid you need to check the django log.
Usually it was configured in both django settings and uwsgi config.
from django-saml2-auth.
Internal Server Error: /saml2_auth/acs/
Traceback (most recent call last):
File "/usr/local/lib/python3.5/dist-packages/django/core/handlers/exception.py", line 35, in inner
response = get_response(request)
File "/usr/local/lib/python3.5/dist-packages/django/core/handlers/base.py", line 128, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python3.5/dist-packages/django/core/handlers/base.py", line 126, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python3.5/dist-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/usr/local/lib/python3.5/dist-packages/django_saml2_auth/views.py", line 151, in acs
user_email = user_identity[settings.SAML2_AUTH.get('ATTRIBUTES_MAP', {}).get('email', 'Email')][0]
KeyError: 'Email'
from django-saml2-auth.
What is the SAML2 user profile you're using? Looks like it does not include 'Email' entry.
from django-saml2-auth.
I'm using Azure AD attributes
I tried to edit my django app attr. to match the AD in vain
from django-saml2-auth.
Can you also provide your SAML2_AUTH settings?
from django-saml2-auth.
SAML2_AUTH = {
# Required setting
'METADATA_AUTO_CONF_URL': 'https://login.microsoftonline.com/XXXXXXXXXXXX/federationmetadata/2007-06/federationmetadata.xml?appid=XXXXXXXXXXXXXX',
# Optional settings below
'DEFAULT_NEXT_URL': '/admin', # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.
'NEW_USER_PROFILE': {
'USER_GROUPS': [], # The default group name when a new user logs in
'ACTIVE_STATUS': True, # The default active status for new users
'STAFF_STATUS': True, # The staff status for new users
'SUPERUSER_STATUS': False, # The superuser status for new users
},
'ATTRIBUTES_MAP': { # Change Email/UserName/FirstName/LastName to corresponding SAML2 userprofile attributes.
'email': 'emailaddress',
'username': 'emailaddress',
'first_name': 'givenname',
'last_name': 'surename',
},
'TRIGGER': {
'CREATE_USER': 'path.to.your.new.user.hook.method',
'BEFORE_LOGIN': 'path.to.your.login.hook.method',
},
'ASSERTION_URL': 'https://XXXXXXX.com', # Custom URL to validate incoming SAML requests against
'ENTITY_ID': 'https://sts.windows.net/XXXXXXXXXXXXXXXX/', # Populates the Issuer element in authn request
'NAME_ID_FORMAT': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', # Sets the Format property of authn NameIDPolicy element
}
from django-saml2-auth.
I see. yes it was caused by the default assumed field "Email".
This mapping was configured in ATTRIBUTES_MAP. please take a look at the README and tweak your mappings.
Probably you want to try:
'ATTRIBUTES_MAP': {
'email': 'emailaddress',
'username': 'name',
'first_name': 'givenname',
'last_name': 'surname',
}
```.
from django-saml2-auth.
And,
- If you don't need trigger, remove the whole key "TRIGGER".
- NEW_USER_PROFILE.USER_GROUPS is required so make sure you have a default group.
- Remove whole key ASSERTION_URL if you don't know that.
from django-saml2-auth.
Hope that helps. please attach the error logs again if you got problem, or let me know if it goes well. 😃
from django-saml2-auth.
Thanks. I will spend more time to investigate. Still stuck with the same error but now with KeyError: 'emailaddress'
from django-saml2-auth.
Any updates?
from django-saml2-auth.
Please raise another issue if this one persistence.
from django-saml2-auth.
Thanks. I will spend more time to investigate. Still stuck with the same error but now with KeyError: 'emailaddress'
Are you able to solve this issue?
from django-saml2-auth.
Did you manage to solve the problem?
from django-saml2-auth.
I solved the problem following @fangli instructions (#52 (comment)):
-
I went to views.py and add print(user_identity) in line 171
-
I checked the user_identity, which is as follows:
{(...),
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname': ['Xxx'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname': ['Xxx'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': ['[email protected]'],
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': ['[email protected]']}
- And I changed the attribute maps:
'ATTRIBUTES_MAP': {
'email': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress',
'username': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name',
'first_name': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname',
'last_name': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname',
},
from django-saml2-auth.
Hii,
I am facing the same issue, tried printing the user_identity as mentioned.. getting user_identity as empty dictionary({})... Can someone please help me to fix this.
Thanks in advance
from django-saml2-auth.
Related Issues (20)
- Dependabot couldn't authenticate with https://pypi.python.org/simple/
- Is this project being maintained? HOT 1
- User Identity Information read HOT 9
- ValueError at /saml2_auth/acs/
- replace djangorestframework-jwt HOT 2
- Pass custom attributes to IDP
- infinite redirect loop after login
- Running SAML2 for Okta on a local server pointing to the production database
- MissingKey error HOT 2
- Hooks should be passed the User instance
- Binding problem
- Getting Error Unknown AssertionConsumerServiceURL
- KeyError at /saml2_auth/acs/ 'email'
- KeyError at /saml2_auth/acs/ HOT 2
- Django Saml2 Auth Single Sign on
- 🚀 Maintained fork of the `django-saml2-auth` HOT 6
- Signature error with xmlsec on Windows HOT 1
- Extract metadata file/URL with django-saml2-auth
- Sorry, you are not allowed to access this app while login http://127.0.0.1:8000/saml2_auth/acs
- Exception at /saml2_auth/acs/ HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from django-saml2-auth.