Missing library for SSO
Solved
Baserow
-
wrote on May 31, 2023, 1:39 PM last edited by
Hello,
Davide from Baserow here. I'm having some issues configuring my Baserow application with SSO.
Looking at the logs it seems like the
xmlsec1
library is missing in the docker image. I think aapt install xmlsec1
should solve the problem, but I'm not sure how to verify it.Here the logs I'm seeing:
May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /_nuxt/687aa44.js HTTP/1.1" 200 551 "https://libtest.cloudron-test.getbaserow.com/login/error?error=errorInvalidSamlRequest" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /api/sso/saml/login/ HTTP/1.1" 302 0 "https://libtest.cloudron-test.getbaserow.com/login/saml?original" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /fonts/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1" 304 0 "https://libtest.cloudron-test.getbaserow.com/login/error?error=errorInvalidSamlRequest" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" May 31 15:18:36 172.18.0.1 - - [31/May/2023:13:18:36 +0000] "GET /login/error?error=errorInvalidSamlRequest HTTP/1.1" 200 49833 "https://libtest.cloudron-test.getbaserow.com/login/saml?original" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" May 31 15:18:36 > File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 304, in get_sign_in_url May 31 15:18:36 File "/app/code/backend/src/baserow/api/decorators.py", line 172, in func_wrapper May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/api/sso/saml/views.py", line 171, in get May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/api/sso/utils.py", line 43, in wrapper May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 275, in get_sign_in_url_for_auth_provider May 31 15:18:36 File "/app/code/enterprise/backend/src/baserow_enterprise/sso/saml/handler.py", line 69, in prepare_saml_client May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/rest_framework/views.py", line 506, in dispatch May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 271, in load_complex May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 337, in load May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/config.py", line 384, in load_metadata May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/mdstore.py", line 1024, in __init__ May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/sigver.py", line 205, in get_xmlsec_binary May 31 15:18:36 File "/app/code/env/lib/python3.10/site-packages/saml2/sigver.py", line 951, in security_context May 31 15:18:36 idp_sign_in_url = SamlAuthProviderHandler.get_sign_in_url(query_params) May 31 15:18:36 mds = MetadataStore( May 31 15:18:36 raise SigverError(f"Cannot find {bin_name}") May 31 15:18:36 response = handler(request, *args, **kwargs) May 31 15:18:36 return cls.get_sign_in_url_for_auth_provider( May 31 15:18:36 return func(*args, **kwargs) May 31 15:18:36 return func(*args, **kwargs) May 31 15:18:36 saml2.sigver.SigverError: Cannot find ['xmlsec1'] May 31 15:18:36 saml_client = cls.prepare_saml_client(saml_auth_provider) May 31 15:18:36 self.load_complex(cnf) May 31 15:18:36 self.security = security_context(config) May 31 15:18:36 self.setattr("", "metadata", self.load_metadata(cnf["metadata"])) May 31 15:18:36 sp_config.load(saml_settings) May 31 15:18:36 xmlsec_binary = get_xmlsec_binary(_path) May 31 15:18:36 │ │ └ {} May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.get_sign_in_url at 0x7f596b49d7e0>)> May 31 15:18:36 │ └ [] May 31 15:18:36 │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ... May 31 15:18:36 │ └ <function Config.load at 0x7f596b46c5e0> May 31 15:18:36 │ │ │ └ {} May 31 15:18:36 │ │ └ () May 31 15:18:36 │ └ <rest_framework.request.Request: GET '/api/sso/saml/login/'> May 31 15:18:36 │ │ └ {'query_params': {}} May 31 15:18:36 │ │ └ {} May 31 15:18:36 │ └ (<baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200>, <rest_framework.request.Reque... May 31 15:18:36 │ └ (<baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200>, <rest_framework.request.Reque... May 31 15:18:36 │ │ │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ... May 31 15:18:36 │ │ │ └ <function Config.load_metadata at 0x7f596b46c790> May 31 15:18:36 │ │ └ <saml2.config.Config object at 0x7f596a19f940> May 31 15:18:36 │ │ └ {'entityid': 'https://libtest.cloudron-test.getbaserow.com/api/sso/saml/acs/', 'metadata': {'inline': ['<md:EntityDescriptor ... May 31 15:18:36 │ │ │ └ <saml2.config.Config object at 0x7f596a19f940> May 31 15:18:36 │ │ └ <function security_context at 0x7f596b74a830> May 31 15:18:36 │ └ <function Config.load_complex at 0x7f596b46c550> May 31 15:18:36 │ └ <function Config.setattr at 0x7f596b46c3a0> May 31 15:18:36 │ └ None May 31 15:18:36 │ │ └ <SamlAuthProviderModel: SamlAuthProviderModel object (2)> May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.get_sign_in_url_for_auth_provider at 0x7f596b49d750>)> May 31 15:18:36 │ └ <classmethod(<function SamlAuthProviderHandler.prepare_saml_client at 0x7f596b49d090>)> May 31 15:18:36 └ <baserow_enterprise.api.sso.saml.views.BaserowInitiatedSingleSignOn object at 0x7f5969e1a200> May 31 15:18:36 └ <bound method map_sso_exceptions.<locals>.decorator.<locals>.wrapper of <baserow_enterprise.api.sso.saml.views.BaserowInitiat... May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'> May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'> May 31 15:18:36 └ <class 'baserow_enterprise.sso.saml.handler.SamlAuthProviderHandler'> May 31 15:18:36 └ <class 'saml2.mdstore.MetadataStore'> May 31 15:18:36 └ <class 'saml2.sigver.SigverError'> May 31 15:18:36 └ <function BaserowInitiatedSingleSignOn.get at 0x7f596b49e4d0> May 31 15:18:36 └ <function get_xmlsec_binary at 0x7f596b7492d0> May 31 15:18:36 └ <function validate_query_parameters.<locals>.validate_decorator.<locals>.func_wrapper at 0x7f596b49e560> May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940> May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940> May 31 15:18:36 └ <saml2.config.Config object at 0x7f596a19f940> May 31 15:18:36 └ <saml2.mdstore.MetadataStore object at 0x7f596a1f4370>
Please let me know if we can do anything to fix it.
Thanks,
davide -
-
I've responded for a start at https://git.cloudron.io/cloudron/baserow-app/-/issues/1
-
@davide I have published a new baserow package with the missing library. Thanks!
-