We are encountering an error when attempting to use SAML2 authentication with LibreNMS.
Error Message:
SocialiteProviders\Saml2\Provider::getFirstAssertion(): Return value must be of type LightSaml\Model\Assertion\Assertion, null returned {"exception":"[object] (TypeError(code: 0): SocialiteProviders\\Saml2\\Provider::getFirstAssertion(): Return value must be of type LightSaml\\Model\\Assertion\\Assertion, null returned at /librenms/vendor/socialiteproviders/saml2/Provider.php:482)"}
System Information:
- LibreNMS Version: librenms-24.7.0v0
- Operating System: OpenBSD 7.5
- PHP Version: php-8.2.22
SAML2 Setup Details:
We have configured the SAML2 authentication by following these steps:
- LibreNMS Configuration: We executed the following commands to configure SAML2:
lnms config:set auth.socialite.redirect false
lnms config:set auth.socialite.register true
lnms config:set auth.socialite.configs.saml2.listener "\SocialiteProviders\Saml2\Saml2ExtendSocialite"
lnms config:set auth.socialite.configs.saml2.metadata "$(cat metadata-file.xml)"
lnms config:set auth.socialite.configs.saml2.sp_default_binding_method urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST lnms config:clear`
-
services.php Configuration: We added the following SAML2 configuration to our
services.php
file:'saml2' => [ 'sp_certificate' => file_get_contents('/etc/saml2/certs/certs/our-cert.crt'), 'sp_private_key' => file_get_contents('/etc/saml2/certs/private/our-key.pem'), 'sp_sign_assertions' => true, // or false to disable assertion signing 'sp_acs' => 'auth/saml2/callback', 'listener' => '\SocialiteProviders\Saml2\Saml2ExtendSocialite', ],
-
app.php Configuration: Additionally, we modified
app.php
as follows:'providers' => ServiceProvider::defaultProviders()->merge([ Laravel\Socialite\SocialiteServiceProvider::class, \SocialiteProviders\Manager\ServiceProvider::class, ... ])
Additional Notes:
- The necessary plugin was pre-installed during the package build using
composer require socialiteproviders/saml2
.
Do you have any suggestions or advice to offer us?