IDP Metadata not found

Created on 25 October 2024, about 2 months ago

Problem/motivation

We are running a dev-test-prod context. We've upgraded from Drupal 10.2.5 to Drupal 10.3.6 on dev server, in a php 8.3 environment. I'm trying to make sure simplesamlphp_auth works with Drupal 10.3.6 before upgrading Drupal on the production server.

On the dev server, I have installed simplesamlphp and https://[website]/simplesaml returns clean. I have installed simplesamlphp_auth via composer and activated it with the same settings as on production. When I click the "Federated Login" button, however, I'm getting a 500 error. The message says:

SimpleSAML\Error\MetadataNotFound: METADATANOTFOUND('%ENTITYID%' => 'urn:[blah:blah:blah.edu]') in SimpleSAML\Metadata\MetaDataStorageHandler->getMetaData() (line 331 of /var/www/html/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/Metadata/MetaDataStorageHandler.php).

Backtrace looks like this:

#0 /var/www/html/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/Metadata/MetaDataStorageHandler.php(348): SimpleSAML\Metadata\MetaDataStorageHandler->getMetaData()
#1 /var/www/html/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php(325): SimpleSAML\Metadata\MetaDataStorageHandler->getMetaDataConfig()
#2 /var/www/html/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php(712): SimpleSAML\Module\saml\Auth\Source\SP->getIdPMetadata()
#3 /var/www/html/vendor/simplesamlphp/simplesamlphp/modules/saml/src/Auth/Source/SP.php(806): SimpleSAML\Module\saml\Auth\Source\SP->startSSO()
#4 /var/www/html/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/Auth/Source.php(193): SimpleSAML\Module\saml\Auth\Source\SP->authenticate()
#5 /var/www/html/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/Auth/Simple.php(165): SimpleSAML\Auth\Source->initLogin()
#6 /var/www/html/vendor/simplesamlphp/simplesamlphp/src/SimpleSAML/Auth/Simple.php(104): SimpleSAML\Auth\Simple->login()
#7 /var/www/html/web/modules/contrib/simplesamlphp_auth/src/Service/SimplesamlphpAuthManager.php(131): SimpleSAML\Auth\Simple->requireAuth()
#8 /var/www/html/web/modules/contrib/simplesamlphp_auth/src/Controller/SimplesamlphpAuthController.php(200): Drupal\simplesamlphp_auth\Service\SimplesamlphpAuthManager->externalAuthenticate()
#9 [internal function]: Drupal\simplesamlphp_auth\Controller\SimplesamlphpAuthController->authenticate()
#10 /var/www/html/web/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(123): call_user_func_array()
#11 /var/www/html/web/core/lib/Drupal/Core/Render/Renderer.php(638): Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}()
#12 /var/www/html/web/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(121): Drupal\Core\Render\Renderer->executeInRenderContext()
#13 /var/www/html/web/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php(97): Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->wrapControllerExecutionInRenderContext()
#14 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(181): Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}()
#15 /var/www/html/vendor/symfony/http-kernel/HttpKernel.php(76): Symfony\Component\HttpKernel\HttpKernel->handleRaw()
#16 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/Session.php(53): Symfony\Component\HttpKernel\HttpKernel->handle()
#17 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/KernelPreHandle.php(48): Drupal\Core\StackMiddleware\Session->handle()
#18 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/ContentLength.php(28): Drupal\Core\StackMiddleware\KernelPreHandle->handle()
#19 /var/www/html/web/core/modules/page_cache/src/StackMiddleware/PageCache.php(191): Drupal\Core\StackMiddleware\ContentLength->handle()
#20 /var/www/html/web/core/modules/page_cache/src/StackMiddleware/PageCache.php(128): Drupal\page_cache\StackMiddleware\PageCache->fetch()
#21 /var/www/html/web/core/modules/page_cache/src/StackMiddleware/PageCache.php(82): Drupal\page_cache\StackMiddleware\PageCache->lookup()
#22 /var/www/html/vendor/asm89/stack-cors/src/Cors.php(53): Drupal\page_cache\StackMiddleware\PageCache->handle()
#23 /var/www/html/web/core/modules/ban/src/BanMiddleware.php(50): Asm89\Stack\Cors->handle()
#24 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php(48): Drupal\ban\BanMiddleware->handle()
#25 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/NegotiationMiddleware.php(51): Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle()
#26 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/AjaxPageState.php(36): Drupal\Core\StackMiddleware\NegotiationMiddleware->handle()
#27 /var/www/html/web/core/lib/Drupal/Core/StackMiddleware/StackedHttpKernel.php(51): Drupal\Core\StackMiddleware\AjaxPageState->handle()
#28 /var/www/html/web/core/lib/Drupal/Core/DrupalKernel.php(741): Drupal\Core\StackMiddleware\StackedHttpKernel->handle()
#29 /var/www/html/web/index.php(19): Drupal\Core\DrupalKernel->handle()
#30 {main}

I have been over my metadata settings multiple times, as well as file and server permissions and don't see what the issue might be.

Steps to reproduce

  1. Install Drupal 10.3.6 running on php8.3 on RHEL 8.10
  2. Install simplesamlphp 2.2.2 and configure config.php, authsources.php, saml20-idp-remote.php, apache conf and cert files
  3. Install simplesamlphp_auth v. 4.0.0 and configure SAML attributes and settings
  4. Go to https://[website]/user and click he Federated Login button

Any help appreciated.

πŸ’¬ Support request
Status

Active

Version

4.0

Component

Miscellaneous

Created by

πŸ‡ΊπŸ‡ΈUnited States ealtman Northridge, CA

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @ealtman
  • πŸ‡ΊπŸ‡ΈUnited States ealtman Northridge, CA

    Upon further searching on issues, this looks like the same issue as https://www.drupal.org/project/simplesamlphp_auth/issues/3057851 β†’ , where the SETENV variable in httpd.conf is being ignored.

    In my production instance running 10.2.5, I fixed this with

    $settings['simplesamlphp_dir'] = '/var/simplesamlphp';

    in my drupal settings.php.

    However, when I put this in my 10.3.6 site, I get a fatal error having to do with twig processing:

    Twig\Error\SyntaxError: An exception has been thrown during the compilation of a template ("Attribute "twig_callable" does not exist for Node "Twig\Node\Expression\FilterExpression".") in "core/modules/node/templates/field--node--title.html.twig". in Twig\Environment->compileSource() (line 549 of /var/simplesamlphp/vendor/twig/twig/src/Environment.php).

    Thinking that maybe there was a TWIG mismatch ("twig_callable" will be removed from TWIG 4.0, but this shouldn't be an issue for either the app or the module), I upgraded simplesamlphp to 2.3.2, and now the Federated Login button in simplesamlphp redirects back to /user.

    Still need help.

Production build 0.71.5 2024