Hi
I’m trying to get saml sso working but I get an error. Someone an idea what’s wrong?
lnms config:get auth.socialite
{
“redirect”: false,
“register”: true,
“configs”: {
“saml2”: {
“metadata”: “***”,
“listener”: “\SocialiteProviders\Saml2\Saml2ExtendSocialite”,
“idp_binding_method”: “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”,
“sp_default_binding_method”: “urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”
}
}
}
Configuration in config.php:
$config[‘auth_mechanism’] = “sso”;
$config[‘sso’][‘mode’] = “env”;
$config[‘sso’][‘group_strategy’] = ‘map’;
$config[‘sso’][‘user_attr’] = ‘OIDC_CLAIM_preferred_username’;
$config[‘sso’][‘email_attr’] = ‘OIDC_CLAIM_email’;
$config[‘sso’][‘group_attr’] = ‘OIDC_CLAIM_groups’;
$config[‘sso’][‘group_delimiter’] = ‘,’;
$config[‘sso’][‘group_level_map’] = [‘SysadminsSenior’ => 10, ‘DevelopmentSenior’ => 5, ‘DevelopmentJunior’ => 1];
The error I get in librenms.log after the redirect to my idp looks like this:
[2022-10-06T11:34:02.404392+02:00] production.ERROR: {“exception”:"[object] (Laravel\Socialite\Two\InvalidStateException(code: 0): at /opt/librenms/vendor/socialiteproviders/saml2/Provider.php:445)"}
validate.php
librenms@librenms01-gs:~$ ./validate.php
| Component | Version |
|---|---|
| LibreNMS | 22.9.0-34-ge4fdbbd82 (2022-10-03T19:55:49+02:00) |
| DB Schema | 2022_09_03_091314_update_ports_adsl_table_with_defaults (246) |
| PHP | 8.1.6 |
| Python | 3.9.2 |
| Database | MariaDB 10.5.15-MariaDB-0+deb11u1 |
| RRDTool | 1.7.2 |
| SNMP | 5.9 |
===========================================
[OK] Composer Version: 2.4.2
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database Schema is current
[OK] SQL Server meets minimum requirements
[OK] lower_case_table_names is enabled
[OK] MySQL engine is optimal
[OK]
[OK] Database schema correct
[OK] MySQl and PHP time match
[OK] Active pollers found
[OK] Dispatcher Service not detected
[OK] Locks are functional
[OK] Python poller wrapper is polling
[OK] Redis is unavailable
[OK] rrd_dir is writable
[OK] rrdtool version ok