omniauth-wsfed
omniauth-wsfed copied to clipboard
Published
20 hours ago •
kbeckman
kbeckman
Callback handling does not work
Setup: ADFS 3.0 SAML: 2.0
NoMethodError (undefined method `text' for nil:NilClass):
omniauth-wsfed (0.3.3.pre.beta) lib/omniauth/strategies/wsfed/saml_2_token.rb:23:in `issuer'
omniauth-wsfed (0.3.3.pre.beta) lib/omniauth/strategies/wsfed/auth_callback.rb:50:in `issuer'
omniauth-wsfed (0.3.3.pre.beta) lib/omniauth/strategies/wsfed/auth_callback_validator.rb:32:in `validate_issuer!'
omniauth-wsfed (0.3.3.pre.beta) lib/omniauth/strategies/wsfed/auth_callback_validator.rb:21:in `validate!'
omniauth-wsfed (0.3.3.pre.beta) lib/omniauth/strategies/wsfed.rb:41:in `callback_phase'
omniauth (1.3.1) lib/omniauth/strategy.rb:227:in `callback_call'
omniauth (1.3.1) lib/omniauth/strategy.rb:184:in `call!'
omniauth (1.3.1) lib/omniauth/strategy.rb:164:in `call'
omniauth (1.3.1) lib/omniauth/builder.rb:63:in `call'
Content of "document":
<t:RequestSecurityTokenResponse xmlns:t='http://schemas.xmlsoap.org/ws/2005/02/trust'><t:Lifetime><wsu:Created xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>2016-01-11T20:33:42.797Z</wsu:Created><wsu:Expires xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>2016-01-11T21:33:42.797Z</wsu:Expires></t:Lifetime><wsp:AppliesTo xmlns:wsp='http://schemas.xmlsoap.org/ws/2004/09/policy'><wsa:EndpointReference xmlns:wsa='http://www.w3.org/2005/08/addressing'><wsa:Address>https://projectctrl.myurl.com/</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><t:RequestedSecurityToken><saml:Assertion AssertionID='_2b6b8086-4373-4013-a48b-0532501fb68f' IssueInstant='2016-01-11T20:33:42.797Z' Issuer='http://logon.myurl.com/adfs/services/trust' MajorVersion='1' MinorVersion='1' xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion'><saml:Conditions NotBefore='2016-01-11T20:33:42.797Z' NotOnOrAfter='2016-01-11T21:33:42.797Z'><saml:AudienceRestrictionCondition><saml:Audience>https://projectctrl.myurl.com/</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AttributeStatement><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute AttributeName='emailaddress' AttributeNamespace='http://schemas.xmlsoap.org/ws/2005/05/identity/claims'><saml:AttributeValue>[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName='givenname' AttributeNamespace='http://schemas.xmlsoap.org/ws/2005/05/identity/claims'><saml:AttributeValue>Max</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName='surname' AttributeNamespace='http://schemas.xmlsoap.org/ws/2005/05/identity/claims'><saml:AttributeValue>Mustermann</saml:AttributeValue></saml:Attribute></saml:AttributeStatement><saml:AuthenticationStatement AuthenticationInstant='2016-01-11T15:03:46.092Z' AuthenticationMethod='urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport'><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'><ds:SignedInfo><ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/><ds:SignatureMethod Algorithm='http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'/><ds:Reference URI='#_2b6b8086-4373-4013-a48b-0532501fb68f'><ds:Transforms><ds:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/><ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/></ds:Transforms><ds:DigestMethod Algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/><ds:DigestValue>mKcHkXOnOY9zCse42Vl8+ymsTZL82SctlREp8MhUS2o=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>RfN7wW//IF3MvDv+5okhnaAjrRRObZe27TjT+3J2pP3YcQjX8VJ6pKVoDv8+V3et901iU6GIeLTjq7obXJoQP4hdpEDohhqEw1CLDZGLZ93mUUS+k9WWnK9NsCUyrFeG43reJHj3B7Pu7ke1LdpHDk2kFrFX0ZYZ2gKJM+bXygn8QuMO+EoLAM3VvXydFg4nbBOIGwA8cmTsB/cg7bjAHqkaAbK4gUldtzfKhtlNriUJHTNNPTgSe6e/JI37my+B9vg0ReS02Y7tlVKQLBrkwNJr3JlFxI80/Y2iUGKI6wHi3jjgeuLj3l3d1oW/LANDqQXtGMS253r7woRJiH9vWw==</ds:SignatureValue><KeyInfo xmlns='http://www.w3.org/2000/09/xmldsig#'><X509Data><X509Certificate>MIIC6DCCAdCgAwIBAgIQE2ZrrwJtJ5lAZPJDuYsjyTANBgkqhkiG9w0BAQsFADAwMS4wLAYDVQQDEyVBREZTIFNpZ25pbmcgLSBsb2dvbi5iZWFyaW5ncG9pbnQuY29tMB4XDTE1MDQyODAzMjAzM1oXDTE3MDQyNzAzMjAzM1owMDEuMCwGA1UEAxMlQURGUyBTaWduaW5nIC0gbG9nb24uYmVhcmluZ3BvaW50LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALR6YvbB03eQjO6JYhrFdS1rsQq9ewM27rVgaNDu9gTt5MsYnb7aabQKExhN5+UQFMAw3kKkyXeGktWZ6KMTH23Efb5FHjIVWDLCLBT/gq+58Z475PfXGtOV4CgMP0OrHqcM1mYyykuZem454zgotnLmGOSi+FTApNA5vOJLXiuUm9njKUbWF3DmQV3RJR3xqgtMAbhvI8rBiD8Rs08JuzELjW5gMlYpRuz6HDDsAqNZXo/oll2cHPsJvtN41zw44MVP8hVN1kbJs487cKu9AiJfSx+5PoFnzIY29emwK1KVt0ZLRVoTa7KVgTK8KTLCA0GHsGsy0iozt6s6PPa9teMCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAnyrFiciczAQOs4loHxR1z1bImSeAZhEipiqTSY8PD48O+ljkblxU6gvZToaR7cgaC6tMVFcUEkg94xGvb6nu+1VrdhUPiD7XKW31EC541NpR8DCssmrwtfe8cqqAiPV+SD65yIf7ThnGHvomNX6depDRUgDyF4oZQciCDXQkoScU+TgUKNiguAy6mCnUg6xsnuDMxhdpQytR2551W2fe4o62npsPr1Ct/j4pEk/s9XLCCYZ0trDbmHngQKVGEx4eahp1Tf8QARHyhPEsfHI0PixXaofNPwetTjRm5dQt7lK5pcG12cTXI+/wSvxYOK7OhnXDFxSG5XleNjFAjw3cAQ==</X509Certificate></X509Data></KeyInfo></ds:Signature></saml:Assertion></t:RequestedSecurityToken><t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType><t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType><t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType></t:RequestSecurityTokenResponse>
