BookStack icon indicating copy to clipboard operation
BookStack copied to clipboard

Published 20 hours ago verified publisher icon BookStackApp

SAML2 authorization issue with AD FS Microsoft

Open Kol8bok opened this issue 3 years ago • 2 comments

Attempted Debugging

  • [X] I have read the debugging page

Searched GitHub Issues

  • [X] I have searched GitHub for the issue.

Describe the Scenario

Hello,

I try to configure SAML with AD FS. Tell me how to solve the problem I set everything up, but the error keeps popping up My config .env:

AUTH_METHOD=saml2
AUTH_AUTO_INITIATE=false
SAML2_NAME=BOOKSTACK
SAML2_EMAIL_ATTRIBUTE=email
SAML2_EXTERNAL_ID_ATTRIBUTE=id
SAML2_DISPLAY_NAME_ATTRIBUTES=firstName|lastName
SAML2_IDP_ENTITYID=https://data-centre.siecom.pro/FederationMetadata/2007-06/Fe$
SAML2_AUTOLOAD_METADATA=true
SAML2_IDP_SSO=https://data-centre.siecom.pro/adfs/ls/
#SAML2_IDP_SLO=https://data-centre.siecom.pro/adfs/ls/

SAML2_IDP_x509="-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgITFgAAAA/znQbmfG8ocwABAAAADzANBgkqhkiG9w0BAQsF
ADA8MRMwEQYKCZImiZPyLGQBGRYDcHJvMRgwFgYKCZImiZPyLGQBGRYIdXNlcmdh
dGUxCzAJBgNVBAMTAkNBMB4XDTIyMDkxNjA2Mzg1N1oXDTIzMDkxNjA2Mzg1N1ow
ADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKrSC+w1KKqIjKRqqB+O
..........................................................."
SAML2_IDP_AUTHNCONTEXT=true

On the AD FS: The file with metadata https://wiki.siecom.pro/saml2/metadata in AD FS was installed well, there were no problems with this

Set up the attributes as follows: LDAP | Party trust wizard E-Mail-Addresses | email Given-Name | lastName User-Principal-Name | id Surname | firstName

Gives error on debug: Invalid ACS Response: invalid_response

Tell me what I'm doing wrong?

Exact BookStack Version

v22.09

Log Content

Debug:

#0 /var/www/bookstack/app/Http/Controllers/Auth/Saml2Controller.php(119): BookStack\Auth\Access\Saml2Service->processAcsResponse()
https://github.com/BookStackApp/BookStack/issues/1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\Saml2Controller->processAcs()
https://github.com/BookStackApp/BookStack/issues/2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction()
https://github.com/BookStackApp/BookStack/issues/3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch()
https://github.com/BookStackApp/BookStack/issues/4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
https://github.com/BookStackApp/BookStack/issues/5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run()
https://github.com/BookStackApp/BookStack/issues/6 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing{closure}()
https://github.com/BookStackApp/BookStack/issues/7 /var/www/bookstack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/8 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle()
https://github.com/BookStackApp/BookStack/issues/9 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/10 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle()
https://github.com/BookStackApp/BookStack/issues/11 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/12 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle()
https://github.com/BookStackApp/BookStack/issues/13 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle()
https://github.com/BookStackApp/BookStack/issues/15 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle()
https://github.com/BookStackApp/BookStack/issues/17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
https://github.com/BookStackApp/BookStack/issues/19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
https://github.com/BookStackApp/BookStack/issues/21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
https://github.com/BookStackApp/BookStack/issues/23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle()
https://github.com/BookStackApp/BookStack/issues/24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/25 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
https://github.com/BookStackApp/BookStack/issues/26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle()
https://github.com/BookStackApp/BookStack/issues/28 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle()
https://github.com/BookStackApp/BookStack/issues/30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then()
https://github.com/BookStackApp/BookStack/issues/32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack()
https://github.com/BookStackApp/BookStack/issues/33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute()
https://github.com/BookStackApp/BookStack/issues/34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute()
https://github.com/BookStackApp/BookStack/issues/35 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch()
https://github.com/BookStackApp/BookStack/issues/36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http{closure}()
https://github.com/BookStackApp/BookStack/issues/37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/38 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle()
https://github.com/BookStackApp/BookStack/issues/39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle()
https://github.com/BookStackApp/BookStack/issues/40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
https://github.com/BookStackApp/BookStack/issues/42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
https://github.com/BookStackApp/BookStack/issues/43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
https://github.com/BookStackApp/BookStack/issues/45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
https://github.com/BookStackApp/BookStack/issues/47 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline{closure}()
https://github.com/BookStackApp/BookStack/issues/48 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then()
https://github.com/BookStackApp/BookStack/issues/49 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
https://github.com/BookStackApp/BookStack/issues/50 /var/www/bookstack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle()
https://github.com/BookStackApp/BookStack/issues/51 {main}

PHP Version

No response

Hosting Environment

Ubuntu 18.04

Kol8bok avatar Sep 19 '22 05:09 Kol8bok

PHP Version: 7.4.30 BookStack Version: v22.09

Kol8bok avatar Sep 20 '22 02:09 Kol8bok

Hi @Kol8bok, I've just released BookStack v22.09.1, which within I added additional debug detail intended for this specific scenario. Please could you update to v22.09.1 then re-attempt the scenario and share the new error message that's shown/logged? It should now provide much better guidance into the reason that the SAML response is found to be invalid.

ssddanbrown avatar Sep 20 '22 12:09 ssddanbrown

Since there's been no follow-up I'm going to close this. If the issue remains and is something you still require to be fixed respond to my previous comment and this can then be re-opened.

ssddanbrown avatar Sep 26 '22 17:09 ssddanbrown

Hello @ssddanbrown, I'm experiencing the same issue. Could you help please?

RidaLeFou avatar Sep 28 '22 07:09 RidaLeFou

@RidaLeFou Please open a new support issue to focus on your exact error message and system configuration.

ssddanbrown avatar Sep 28 '22 07:09 ssddanbrown

Hi @Kol8bok, I've just released BookStack v22.09.1, which within I added additional debug detail intended for this specific scenario. Please could you update to v22.09.1 then re-attempt the scenario and share the new error message that's shown/logged? It should now provide much better guidance into the reason that the SAML response is found to be invalid.

Hi, @ssddanbrown Dan, I apologize for not answering for a long time, I don’t have time to deal with this problem a lot, so I finally found the time :) Updated Bookstack l to version v22.09.1, the error also persists, files with metadata are transferred well, without any obvious problems. But when authorizing on the AD FS server, the following debug appears. It seems that everything is set up correctly, AD FS works correctly.

The debug is the following:

Invalid ACS Response; Errors: invalid_response; Reason: The status code of the Response was not Success, was Requester -> urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy

PHP Version: 7.4.30 BookStack Version: v22.09.1 Theme Configured:

#1 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): BookStack\Http\Controllers\Auth\Saml2Controller->processAcs()
#2 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction()
#3 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(262): Illuminate\Routing\ControllerDispatcher->dispatch()
#4 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Route.php(205): Illuminate\Routing\Route->runController()
#5 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(721): Illuminate\Routing\Route->run()
#6 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#7 /var/www/bookstack/app/Http/Middleware/CheckGuard.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#8 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckGuard->handle()
#9 /var/www/bookstack/app/Http/Middleware/Localization.php(45): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#10 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\Localization->handle()
#11 /var/www/bookstack/app/Http/Middleware/RunThemeActions.php(26): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#12 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\RunThemeActions->handle()
#13 /var/www/bookstack/app/Http/Middleware/CheckEmailConfirmed.php(47): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#14 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\CheckEmailConfirmed->handle()
#15 /var/www/bookstack/app/Http/Middleware/PreventAuthenticatedResponseCaching.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#16 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\PreventAuthenticatedResponseCaching->handle()
#17 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(78): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#18 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
#19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\Session\Middleware\StartSession->handleStatefulRequest()
#23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Session\Middleware\StartSession->handle()
#24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#25 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(67): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#27 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#28 /var/www/bookstack/app/Http/Middleware/ApplyCspRules.php(33): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#29 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\ApplyCspRules->handle()
#30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(723): Illuminate\Pipeline\Pipeline->then()
#32 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router->runRouteWithinStack()
#33 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\Routing\Router->runRoute()
#34 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Routing/Router.php(651): Illuminate\Routing\Router->dispatchToRoute()
#35 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(167): Illuminate\Routing\Router->dispatch()
#36 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#37 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(39): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#38 /var/www/bookstack/app/Http/Middleware/TrustProxies.php(41): Illuminate\Http\Middleware\TrustProxies->handle()
#39 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): BookStack\Http\Middleware\TrustProxies->handle()
#40 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#41 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(40): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#42 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\TrimStrings->handle()
#43 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#44 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
#45 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(86): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#46 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance->handle()
#47 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#48 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(142): Illuminate\Pipeline\Pipeline->then()
#49 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(111): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#50 /var/www/bookstack/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle()
#51 {main}```

Kol8bok avatar Sep 30 '22 05:09 Kol8bok

Hi @Kol8bok, Based upon that, It seems like your ADFS system is not accepting the urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress NameIDFormat that BookStack wants to use.

I'm not too familiar with ADFS, and it's been a while since I last tested on an ADFS setup, so can't provide much more guidance myself, although I vaguely remember playing about with transform rules to get things working in the right format.

ssddanbrown avatar Sep 30 '22 11:09 ssddanbrown

More precisely, you need to look towards AD FS? Is the email attribute being passed incorrectly?

Kol8bok avatar Oct 03 '22 02:10 Kol8bok

@Kol8bok I'm afraid I'm not familiar enough with ADFS to make an advisory, I'm not sure if the email attribute is controlled independently from the nameid-format. I can only advise a search along these lines.

ssddanbrown avatar Oct 03 '22 13:10 ssddanbrown

@ssddanbrown ok, got it. Thank you! I will investigate further....

Kol8bok avatar Oct 05 '22 09:10 Kol8bok