Django SAML2 idp saml2.response.IncorrectlySigned Internal Server Error: /idp/login/process/

Я реализую SSO с SAML2, но у меня возникают проблемы. Я использую эти библиотеки: https://github.com/OTA-Insight/djangosaml2idp

https://github.com/IdentityPython/djangosaml2

SP работает хорошо, проблема с idp

Это ошибка, которую я получаю:

 raise IncorrectlySigned()
saml2.response.IncorrectlySigned
Internal Server Error: /idp/login/process/

и это мой шаблон url

urlpatterns = [
    path('accounts/', include('django.contrib.auth.urls')),
    path('idp/', include('djangosaml2idp.urls')),
    path('', TemplateView.as_view(template_name="index.html")),
]

и это мой settings.py файл

import saml2
import os
from saml2.saml import NAMEID_FORMAT_EMAILADDRESS, NAMEID_FORMAT_UNSPECIFIED
from saml2.sigver import get_xmlsec_binary



LOGIN_URL = '/accounts/login/'
BASE_URL = 'http://localhost:8000/idp'

SAML_IDP_CONFIG = {
    'debug' : DEBUG,
    'xmlsec_binary': get_xmlsec_binary(['/opt/local/bin', '/usr/bin']),
    'entityid': '%s/metadata' % BASE_URL,
    # 'entityid': os.path.join(BASE_DIR, 'metadata'),
    'description': 'Example IdP setup',

    'service': {
        'idp': {
            'name': 'Django localhost IdP',
            'endpoints': {
                'single_sign_on_service': [
                    ('http://localhost:8000/idp/sso/post/', saml2.BINDING_HTTP_POST),
                    ('http://localhost:8000/idp/sso/redirect/', saml2.BINDING_HTTP_REDIRECT),
                ],
                "single_logout_service": [
                    ("http://localhost:8000/idp/slo/post/", saml2.BINDING_HTTP_POST),
                    ("http://localhost:8000/idp/slo/redirect/", saml2.BINDING_HTTP_REDIRECT)
                ],
            },
            'name_id_format': [NAMEID_FORMAT_EMAILADDRESS, NAMEID_FORMAT_UNSPECIFIED],
            'sign_response': True,
            'sign_assertion': True,
            'want_authn_requests_signed': True,
        },
    },

    # Signing
    'key_file': os.path.join(BASE_DIR, 'certificates/private.key'),
    'cert_file': os.path.join(BASE_DIR, 'certificates/public.cert'),
    # Encryption
    'encryption_keypairs': [{
        'key_file': os.path.join(BASE_DIR, 'certificates/private.key'),
        'cert_file': os.path.join(BASE_DIR, 'certificates/public.cert'),
    }],
    'valid_for': 365 * 24,

    "metadata": {
        "local": [
            os.path.join(BASE_DIR, 'metadata')
        ],
    },
}


# Each key in this dictionary is a SP our IDP will talk to

SAML_IDP_SPCONFIG = {
    'http://localhost:8000/saml2/metadata': {
        'processor': 'djangosaml2idp.processors.BaseProcessor',
        'attribute_mapping': {
            'email': 'email',
            'first_name': 'first_name',
            'last_name': 'last_name',
            'is_staff': 'is_staff',
            'is_superuser':  'is_superuser',
        }
    }
}

Все работает хорошо, но когда он перенаправляет на /idp/login/process/ url, то выдает ошибку. Может ли кто-нибудь помочь мне решить эту проблему?

Вернуться на верх

Последние вопросы и ответы

iOS/web Auth Client ID Handling for Google Sign In

Flaky Circle CI tests (django): ImportError: cannot import name "task" from "app.tasks" (unknown location)

KeyError 'email' for django-authtools UserCreationForm

Django check at runtime if code is executed under "runserver command" or not

Django REST project doesn’t detect apps inside the “apps” directory when running makemigrations

Cannot query "admin": Must be "ChatMessage" instance in Django

Is it reasonable to use Cloud storage for async webhook processing on Cloud Run

Django ORM: Add integer days to a DateField to annotate next_service and filter it (PostgreSQL)

Stuck with django asgi server (dpahne) and aws eb (with docker)

unable to access my EC2 ubuntu server with public ip:8000 [closed]

Django SAML2 idp saml2.response.IncorrectlySigned Internal Server Error: /idp/login/process/

Последние вопросы и ответы

Рекомендуемые записи по теме