Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Parameter "logout_requests_signed" in config not signing logout requests
See original GitHub issueCode Version
6.5.1
Expected Behavior
I’m using pysaml2 through djangosaml2 as an SP. The ADFS IdP requires logout requests to be signed.
With this configuration:
SAML_CONFIG = {
...
"service": {
"sp": {
"logout_requests_signed": True,
}
}
}
The logout requests (initiated by the SP) should be signed.
Current Behavior
The request is not signed and the IdP doesn’t accepts it.
Possible Solution
The djangosaml2 library calls the global_logout() method to initiate the logout, and doesn’t sets the sign argument. So either in global_logout() or do_logout() methods, the following could be added:
if sign is None:
sign = self.logout_requests_signed
Issue Analytics
- State:
- Created 2 years ago
- Comments:6 (4 by maintainers)
Top Results From Across the Web
(Optional) Enable signed logout requests
From the property Sign LogoutRequest. Set this property to true if the Identity Provider's SingleLogoutRequest service requires signed ...
Read more >AzureAD B2C - SAML LogoutRequest are not signed
Viewing the GET request built by B2C, it is indeed missing a Signature. It not a query parameter nor in the saml body....
Read more >SAML config for ADFS with logout
The isRequest parameter is set to true if a logout request is received and to false if a logout response is received. For...
Read more >SP initiated Single Logout with ADFS Help - request query ...
AADSTS90015: Requested query string is too long. This is strange as 1, we're not signing in we're signing out, and 2, why can't...
Read more >SAML Logout Request
Paste the Logout Request if you want to also validate its signature ... certificate of the entity that generated this request and the...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Hello,
I tested with the latest HEAD on my project and it is working as intended. Thanks for the fix!
Hello, I will create a release soon. Sorry this did not happen faster.