How to change Simplesamlphp v1 simplesaml.nameidattribute to v2 authproc

55 Views Asked by JAyenGreen At 07 November 2023 at 16:59

I receive the Drupal error:

Drupal\simplesamlphp_auth\Exception\SimplesamlphpAttributeException: Error in simplesamlphp_auth.module: no valid "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" attribute set. in Drupal\simplesamlphp_auth\Service\SimplesamlphpAuthManager->getAttribute() (line 284 of /var/www/html/docroot/modules/contrib/simplesamlphp_auth/src/Service/SimplesamlphpAuthManager.php).

In researching this, I found that this line in the sp config should be changed to an authproc.

'simplesaml.nameidattribute' => 'eduPersonTargetedID',

I found that simplesamlphp comes with some authprocs, one being saml:NameIDAttribute.

I note that the example has the entire sp section dedicated to the authproc, whereas mine has other entries in it. It's at this point I'm unclear how to proceed...whether I should comment out just the simplesaml.nameidattribute member, or the NameIDFormat one as well, etc. This is what I currently have in the sp section of the config in authsources.php:

  'default-sp' => [
    'saml:SP',

    // The entity ID of this SP.
    // Can be NULL/unset, in which case an entity ID
    // is generated based on the metadata URL.
    'entityID' => 'https://www.example.com',

    // The entity ID of the IdP this SP should contact.
    // Can be NULL/unset, in which case the user will be shown
    // a list of available IdPs.
    'idp' => 'http://adfs.example.com/adfs/services/trust',

    // The URL to the discovery service.
    // Can be NULL/unset, in which case a builtin
    // discovery service will be used.
    'discoURL' => NULL,
    'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
    'NameIDPolicy' => [],
//    'simplesaml.nameidattribute' => 'myPersonTargetedID',
    'authproc' => [
      20 => [
        'class' => 'saml:NameIDAttribute',
        'format' => '%V',
      ],
    ],  ],
];

and still receive the same error message.

Postscript

Based on another example, I changed part of the array as follows:

    'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
    'NameIDPolicy' => [],
//    'simplesaml.nameidattribute' => 'eduPersonTargetedID',
    'authproc' => [
      3 => [
        'class' => 'saml:NameIDAttribute',
        'format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
        'attribute' => 'uid',
      ],

Original Q&A

How to change Simplesamlphp v1 simplesaml.nameidattribute to v2 authproc

There are 0 best solutions below

Related Questions in SIMPLESAMLPHP

Trending Questions

Popular # Hahtags

Popular Questions