devise_saml_authenticatable icon indicating copy to clipboard operation
devise_saml_authenticatable copied to clipboard
verified publisher icon apokalipto

Signin on Localhost

Open pducks32 opened this issue 7 years ago • 3 comments

Using this library has been an absolute charm. In Google Admin's SAML App setting I can click "Open App" and it will open my Google login and then redirect properly to https://localhost:SSLPORT/users/saml/auth and it works great. But when I direct people to /users/saml/sign_in` Google gives me an error which is weird. I thought it had to do with my use of localhost but don't understand the SAML sign in process well enough to know. Any ideas?

pducks32 avatar Nov 16 '18 18:11 pducks32

Thanks for your patience while I was busy and not watching issues! It's very possible that Google doesn't like a localhost URL. I've used localhost with OneLogin but not with any other IdP.

Do you still have the error and can you share it?

adamstegman avatar Dec 11 '18 00:12 adamstegman

Yea so I still have the error. I can probably better debug it if I can understand the flow? When I send a user to the sign_in route which should redirect to Google, does Google send a request to get some type of verification or is all the needed information stored in that initial redirect?

pducks32 avatar Dec 17 '18 22:12 pducks32

The controller redirects to Google using the SAML config from config/initializers/devise.rb. It's a little abstracted but here's where it happens: https://github.com/apokalipto/devise_saml_authenticatable/blob/master/app/controllers/devise/saml_sessions_controller.rb#L16. Google shows a login form if one is needed, and then redirects back (hopefully to /users/saml/auth) with a SAMLResponse parameter containing the user information.

adamstegman avatar Dec 20 '18 04:12 adamstegman