Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SLO support #22

Open
deepakprabhakara opened this issue Apr 10, 2022 · 1 comment
Open

Add SLO support #22

deepakprabhakara opened this issue Apr 10, 2022 · 1 comment
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@deepakprabhakara
Copy link
Member

deepakprabhakara commented Apr 10, 2022
edited
Loading

From dnoliver:

Found a bug? Please fill out the sections below. 👍

Issue Summary

A summary of the issue. This needs to be a clear detailed-rich summary.

Not sure if this is a bug!
I am trying to use https://mocksaml.com as a mock for my idp for single sign on and single log out.
I am using the metadata url to configure my saml library https://github.com/SAML-Toolkits/python3-saml
So because the https://mocksaml.com metadata file doesn't have an SLO item, my lib tells me that SLO is not supported by the idp (which make sense).
But I also found some PRs and issues resolved related to slo (boxyhq/jackson#128, and boxyhq/saml20#14), so wanted to check if this is something that should be supported but its just missed from the public metadata file.

Steps to Reproduce

Well, for me, this is how I implemented SLO with the library I referenced.
The last line of the snippet throws: onelogin.saml2.errors.OneLogin_Saml2_Error: The IdP does not support Single Log Out

    from onelogin.saml2.auth import OneLogin_Saml2_Auth
    from onelogin.saml2.idp_metadata_parser import OneLogin_Saml2_IdPMetadataParser

    def logout(self, request):
        """Initialize SAML logout"""
        req = self.__prepare_tornado_request(request)
        idp_data = OneLogin_Saml2_IdPMetadataParser.parse_remote(
            self.saml_idp_metadata, timeout=5
        )
        self.saml_settings["idp"] = idp_data["idp"]
        auth = OneLogin_Saml2_Auth(req, self.saml_settings)
        return auth.logout(name_id=None, session_index=None)

But also, a simple way to show this problem is just to go to https://mocksaml.com/api/saml/metadata, and check for the following missing properties:

<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="<URL>"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="<URL>"/>

Any other relevant information. For example, why do you consider this a bug and what did you expect to happen instead?

I consider this a bug because I couldn't find docs saying if mocksaml supports slo or not, but I could find prs and issues referencing the support for slo. Maybe a "this service doesn't support slo" would be nice if that is the expectation

Technical details

  • Browser version: You can use https://www.whatsmybrowser.org/ to find this out.: Chrome 120
  • Node.js version: N/A (not using this as a lib, I'm using the service)
  • Anything else that you think could be an issue.

Thanks for doing this! It has been super helpful to develop and test SAML integration so far!
@deepakprabhakara deepakprabhakara added enhancement New feature or request good first issue Good for newcomers labels Apr 10, 2022
@Stunext
Copy link

Stunext commented Apr 22, 2023

Any update on this?

@deepakprabhakara deepakprabhakara mentioned this issue Feb 11, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@deepakprabhakara @Stunext