Kite crazy slots reddit,999 slot Game myanmar.REGISTER NOW GET FREE 888 PESOS REWARDS!

Forum Replies Created

Viewing 2 replies - 1 through 2 (of 2 total)

Forum: Plugins
In reply to: [WP SAML Auth] SSO connects me to the IdP, but doesn’t log me in WordPress when redirected back

Thread Starter tsykes

(@tsykes)

6 years, 5 months ago

Solution:

First the redirect wasn’t going to:

‘assertionConsumerService’ => array(
‘url’ => $spBaseUrl . ‘/wp-login.php?action=wp-saml-auth’,
),

Without the query param it didn’t look like the plugin was starting up..

and the otherside was the IdP response. It threw us off that the IdP was returning keys as urls.

I.e. <saml:Attribute Name=”https://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname”>
<saml:AttributeValue>John</saml:AttributeValue>
</saml:Attribute>

But replacing the login attributes with:
‘user_email_attribute’ => ‘https://schemas.company.com/identity/claims/cloudemailaddress’,

was actually correct.

Forum: Plugins
In reply to: [WP SAML Auth] SSO connects me to the IdP, but doesn’t log me in WordPress when redirected back

Thread Starter tsykes

(@tsykes)

6 years, 5 months ago

Stripped down version of the idp response if it helps:

<?xml version="1.0" encoding="UTF-8"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_61e6f0c2-f96e-49a7-96b8-80cb4000001" InResponseTo="ONELOGIN_0f6b2a83dfc0727b5c335008e82097d" Version="2.0" IssueInstant="2018-09-20T11:22:47.097Z" Destination="https://mywebsite.com/wp-login">
   <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">ofis:company:broker:s</saml:Issuer>
   <Signature xmlns="https://www.w3.org/2000/09/xmldsig#">
      <SignedInfo>
         <CanonicalizationMethod Algorithm="https://www.w3.org/2001/10/xml-exc-c14n#" />
         <SignatureMethod Algorithm="https://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
         <Reference URI="#_61e6f0c2-f96e-49a7-96b8-80cb40443631">
            <Transforms>
               <Transform Algorithm="https://www.w3.org/2000/09/xmldsig#enveloped-signature" />
               <Transform Algorithm="https://www.w3.org/2001/10/xml-exc-c14n#">
                  <InclusiveNamespaces xmlns="https://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default samlp saml ds xs xsi" />
               </Transform>
            </Transforms>
            <DigestMethod Algorithm="https://www.w3.org/2001/04/xmlenc#sha256" />
            <DigestValue>myDigestValue=</DigestValue>
         </Reference>
      </SignedInfo>
      <SignatureValue>mysignature</SignatureValue>
      <KeyInfo>
         <X509Data>
            <X509Certificate>mycertificate</X509Certificate>
         </X509Data>
      </KeyInfo>
   </Signature>
   <samlp:Status>
      <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
   </samlp:Status>
   <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Version="2.0" ID="_0fb59bea-d901-4210-a1b1-6d60af2b54b9" IssueInstant="2018-09-20T11:22:47.097Z">
      <saml:Issuer>ofis:company:broker:s</saml:Issuer>
      <saml:Subject>
         <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">[email protected]</saml:NameID>
         <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
            <saml:SubjectConfirmationData NotOnOrAfter="2018-09-20T12:22:47.097Z" Recipient="https://mywebsite.com/wp-login" InResponseTo="ONELOGIN_0f6b2a8baac46e553dfc0727b5c335008e82097d" />
         </saml:SubjectConfirmation>
      </saml:Subject>
      <saml:Conditions NotBefore="2018-09-20T10:22:47.097Z" NotOnOrAfter="2018-09-20T12:22:47.097Z">
         <saml:AudienceRestriction>
            <saml:Audience>https://mywebsite.com</saml:Audience>
         </saml:AudienceRestriction>
      </saml:Conditions>
      <saml:AuthnStatement AuthnInstant="2018-09-20T11:22:47.097Z" SessionIndex="_0fb59bea-d901-4210-a1b1-6d60af2b54b9">
         <saml:AuthnContext>
            <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
         </saml:AuthnContext>
      </saml:AuthnStatement>
      <saml:AttributeStatement>
         <saml:Attribute Name="https://schemas.company.com/identity/claims/authlevel">
            <saml:AttributeValue>CERT</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.company.com/identity/claims/cloudemailaddress">
            <saml:AttributeValue>[email protected]</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
            <saml:AttributeValue>John</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
            <saml:AttributeValue>John Doe</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.company.com/identity/claims/companyusertype">
            <saml:AttributeValue>Internal</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
            <saml:AttributeValue>Doe</saml:AttributeValue>
         </saml:Attribute>
         <saml:Attribute Name="https://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier">
            <saml:AttributeValue>[email protected]</saml:AttributeValue>
         </saml:Attribute>
      </saml:AttributeStatement>
   </saml:Assertion>
</samlp:Response>

Viewing 2 replies - 1 through 2 (of 2 total)