Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add production-ready configuration examples in documentation #113

Open
ryan-lane opened this issue Feb 3, 2017 · 8 comments
Open

Add production-ready configuration examples in documentation #113

ryan-lane opened this issue Feb 3, 2017 · 8 comments
Labels
documentation medium

Comments

@ryan-lane
Copy link
Contributor

We have quickstart docs, but no examples for production deployment.
@egeland
Copy link
Contributor

egeland commented Feb 3, 2017

Would really appreciate docs on OneLogin SAML integration - have been beating my head against it today..

@ryan-lane
Copy link
Contributor Author

Hey there. I think we can work up an example for SAML, but it probably won't be until next week.

@egeland
Copy link
Contributor

egeland commented Feb 3, 2017 via email

@egeland
Copy link
Contributor

egeland commented Feb 7, 2017

I'm stuck, getting this error from confidant:

{
  "errors": [
    "invalid_response"
  ], 
  "message": "SAML request failed", 
  "reason": "No AuthNRequest ID from SP found to match with InResponseTo of response"
}

Even a very quick and dirty example would be really helpful - I think I've got things in the right places, but clearly I'm still not doing it right. 😓

@ryan-lane
Copy link
Contributor Author

We're working on an example that should be ready in a day or two. I'd share something quick and dirty, but I don't have anything off-hand right now.

@egeland
Copy link
Contributor

egeland commented Feb 8, 2017

Really looking forward to seeing this example! Struggling with OneLogon... 😓

@egeland egeland mentioned this issue Feb 9, 2017
Merged
@vivianho
Copy link
Contributor

vivianho commented Feb 9, 2017

@egeland I don't think I've seen your error before. You've probably already got this far, but it looks like your SAML is error-ing here: https://github.com/lyft/confidant/blob/master/confidant/authnz/userauth.py#L573-L582

The session token is being set here: https://github.com/lyft/confidant/blob/master/confidant/authnz/userauth.py#L818

This occurs right after the SAML request is initiated (and therefore it is able to get a request ID to store and check later). You might want to put a break point here and check that auth.get_request_id() is actually returning a valid id. You'll also need a SESSION_SECRET (https://github.com/lyft/confidant/blob/master/confidant/settings.py#L326-L329) set in order for sessions to work properly.

@egeland
Copy link
Contributor

egeland commented Feb 10, 2017

I pulled and built an image from current HEAD ( 95065eb ) and got logged in via SAML.. so, some progress! 👍

@vivianho vivianho mentioned this issue Feb 15, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@egeland @ryan-lane @vivianho