django-social-auth icon indicating copy to clipboard operation
django-social-auth copied to clipboard
verified publisher icon omab

social_core.exceptions.AuthFailed: Authentication failed: SAML login failed: ['invalid_response']

Open daveisagit opened this issue 4 years ago • 1 comments

I have this module working fine using SAML auth with Google to my django app and now trying to port the same setup into a kubernetes environment. There is an issue around the port number being added to the host.

Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/django/core/handlers/base.py", line 179, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/social_django/utils.py", line 49, in wrapper
    return func(request, backend, *args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/social_django/views.py", line 31, in complete
    return do_complete(request.backend, _do_login, user=request.user,
  File "/usr/local/lib/python3.8/site-packages/social_core/actions.py", line 45, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
    return self.auth_complete(*args, **kwargs)
  File "/usr/local/lib/python3.8/site-packages/social_core/backends/saml.py", line 320, in auth_complete
    raise AuthFailed(
social_core.exceptions.AuthFailed: Authentication failed: SAML login failed: ['invalid_response'] (The response was received at <site redacted>:8000/complete/saml/ instead of <site redacted>/complete/saml/)

I can't see any possible way to overcome this using the settings available, I have tried using ideas from Appears to be the same issue USE_X_FORWARDED_PORT = True but still get the same problem

Why is the port (8000 in my case the local port in the cluster for django/gunicorn) getting added in the container based implementation. Very frustrating maybe it is better to switch to oAuth?

daveisagit avatar Dec 24 '20 10:12 daveisagit

I am getting this same error. Is there a way to remove the port from the ACS URL?

dshinzie avatar Mar 07 '22 03:03 dshinzie