By: Darrell Breeden user 18 Jan 2021 at 8:29 a.m. CST

5 Responses

## Summary Gluu 4.2 is deployed into Kubernetes and is working fine for traditional authenticaiton. SAML provider is added to gluu-passport for our Okta provider. `passport_saml` successfully initiates the login with Okta, but after the login at Okta is handed back to passport, an error is generated. ## Expected Behavior User would have been mapped, created in gluu and logged in ## Actual Behavior `An error has occurred` along with: ``` 2021-01-15T16:55:14.574Z [ERROR] Unknown Error: TypeError: Cannot read property 'RelayState' of undefined 2021-01-15T16:55:14.574Z [ERROR] TypeError: Cannot read property 'RelayState' of undefined at Object.process (/opt/gluu/node/passport/server/idp-initiated.js:94:25) at processIdpInitiated (/opt/gluu/node/passport/server/routes.js:146:15) at Layer.handle [as handle_request] (/opt/gluu/node/passport/node_modules/express/lib/router/layer.js:95:5) at next (/opt/gluu/node/passport/node_modules/express/lib/router/route.js:137:13) at complete (/opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:268:13) at /opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:275:15 at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:431:14) at Authenticator.transformAuthInfo (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:453:5) at /opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:272:22 at /opt/gluu/node/passport/node_modules/passport/lib/http/request.js:52:7 at /opt/gluu/node/passport/node_modules/passport/lib/sessionmanager.js:26:5 at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:277:43) at serialized (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:286:7) at passport.serializeUser (/opt/gluu/node/passport/server/app.js:52:2) at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:294:9) at Authenticator.serializeUser (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:299:5) at SessionManager.logIn (/opt/gluu/node/passport/node_modules/passport/lib/sessionmanager.js:14:8) at IncomingMessage.req.login.req.logIn (/opt/gluu/node/passport/node_modules/passport/lib/http/request.js:50:33) at Strategy.strategy.success (/opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:253:13) at verified (/opt/gluu/node/passport/node_modules/passport-saml/lib/passport-saml/strategy.js:63:14) at processProfile (/opt/gluu/node/passport/server/providers.js:30:9) at Strategy.uncurried (/opt/gluu/node/passport/server/providers.js:65:10) ``` ## Details ### Full Log Stack ``` 2021-01-15T16:55:08.189Z [INFO] ::ffff:10.0.2.124 - GET /passport/auth/mrg-okta-saml/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqd3QiOiJmOGFjM2VmOS01YjcxLTRiMzYtOTdhMi02Y2Q4ZWQ5ODRhMTUiLCJpYXQiOjE2MTA3Mjk3MDgsImV4cCI6MTYxMDcyOTgyOH0.iQQwzHZX87pvmE-NIXsbuNzPQMVy-RUQaE_ehRdyfHg HTTP/1.1 302 0 - 2.430 ms 2021-01-15T16:55:14.543Z [VERBOSE] Authenticating request against mrg-okta-saml 2021-01-15T16:55:14.573Z [INFO] Applying mapping 'saml_ldap_profile' to profile 2021-01-15T16:55:14.573Z [DEBUG] Resulting profile data is { "provider": "mrg-okta-saml" } 2021-01-15T16:55:14.573Z [DEBUG] RelayState value: MRGSAML1 2021-01-15T16:55:14.573Z [DEBUG] SAML reponse in body: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48c2FtbDJwOlJlc3BvbnNlIERlc3RpbmF0aW9uPSJodHRwczovL2lkcGRldi5tZXR3b3J4LmNvbS9wYXNzcG9ydC9hdXRoL3NhbWwvbXJnLW9rdGEtc2FtbC9jYWxsYmFjayIgSUQ9ImlkODY5NDY3NDkwNjg4NDc5NzE2NDM2ODg5NDAiIEluUmVzcG9uc2VUbz0iX2IyZmI1ZTE5YmJhNjQxOWYxZTJhIiBJc3N1ZUluc3RhbnQ9IjIwMjEtMDEtMTVUMTY6NTU6MTQuMzgwWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMnA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrNzd6aG5oZFU0VkxNdG4zNTc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDg2OTQ2NzQ5MDY4ODQ3OTcxNjQzNjg4OTQwIj48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48ZHM6RGlnZXN0VmFsdWU+SEZXTUFMVGNMNHNvVHRoakcva0dYRmx2VTkvZDkrQ3p6SUNMRXpwZ2JJND08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+STFGVWN0Qk40aFIxN2xpd25mVEdYZDFuYW9jR1pWMW16RTRuaDVnOStzaHZHMDg5NkdWZGRFR3lTM1ZTSG42WHEwR2MrZ241eTNUM2pSMWlwTGJKb2lxWXViTnZiMWllcnRySDFMNEc1VFAyQ2xVY3VPTitSS1V6VjVtNGZmQ3o1YTI1ckZGeHhQLzZkKzY4NGlzS2psQW52L2ZDK2hnT0o1RUkrVzZINnYvS1cyeEthKzAyU0IvYktXbkZIYVFnUnpYQjVuUUVGb1lwTUZnVE1hYXRZak12QUdRbklJYUpIVEJFNEdxZHMzMEFZVko2dWdRNkd5TW1jVC9CVm1OYlVnc09NL3hzQ0liU2RwNVM4N3QrNCttK0FkZndOVkhTOXBHVGxZaHpHVDFrZjJ1U2FxZlVvQmtaWTJNMmNrdWZCODdCV1pxSGhvTlhDc0ErbzU5N3NBPT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURvRENDQW9pZ0F3SUJBZ0lHQVd6ZWR4OFpNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR1FNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUcKQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHQTFVRUNnd0VUMnQwWVRFVQpNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RVRBUEJnTlZCQU1NQ0cxbGRISjFiWEpuTVJ3d0dnWUpLb1pJaHZjTkFRa0JGZzFwCmJtWnZRRzlyZEdFdVkyOXRNQjRYRFRFNU1EZ3lPVEUzTXprME5Gb1hEVEk1TURneU9URTNOREEwTkZvd2daQXhDekFKQmdOVkJBWVQKQWxWVE1STXdFUVlEVlFRSURBcERZV3hwWm05eWJtbGhNUll3RkFZRFZRUUhEQTFUWVc0Z1JuSmhibU5wYzJOdk1RMHdDd1lEVlFRSwpEQVJQYTNSaE1SUXdFZ1lEVlFRTERBdFRVMDlRY205MmFXUmxjakVSTUE4R0ExVUVBd3dJYldWMGNuVnRjbWN4SERBYUJna3Foa2lHCjl3MEJDUUVXRFdsdVptOUFiMnQwWVM1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDZG8rR2EKUXVZM1lCN1BQTjRzb0lwR2hETnc4bEd3dWtxSEw2a1pLS0w4amdhbUZIay9TM3A0UnBTOE5ZMEhyTEdxWThtS2hrME14dzZzMGRCaQpYb2ZOR3FEWU1RN3pyMVI0SDhKUU15K1EyVTZrYUJQcFI4Z2RPZ29McjV5WmJwS2kvSWRlalhvdGNWUTRBbC8yd0MrUVBFend6b0orCkE3dm1ib0NNNlE3UTRjR3ZBMS93NmVBTjUrMVRVNFlLYWdjRU40NVVYZTg3TWRvZlVIaUdzSWVsci9kY1d5MmxxQnJnTmQ4NkpnTUQKbFhvaGpXcjlGWm51azdzV1hSZ0RWckVDTlFWbDE1OWxuRGhPREczdWdVZE5oM3BYTTkvNWF4N1hwZy9pbUY4WXRjemIvOXMrSFV2YwpNUndhcDVqWnh0MFNBRHZyb2pSMVVTNmN2Y1BPMTJ5YkFnTUJBQUV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUpiZW1VeDlBYThlCjB0TGtVdnBXWHV4OTUzWEIxTm1IdXRjcFU2SFJ0Z3ZFKzQ3cE8xUElzVW1KMjhWeW5sMnNBVEt5TEI0a0M3YVpLOWNrZUZMOHE2djcKaDRLUUJGMWw1NTJjOFg4M3ZVMExucCt1NFlyOWNHS1FiUVYxTWorSFZqQThqSGNjMC81b2ZwYU01SXIwQkJ4bUlrWUhZRlowN1ZoVQp3WWtoTm0rQ201VUVlc1lIOXR5cllzYTZhbE1NdW5aYkF0dVNKUkpzWnYzaUZURWZMSmMrYWp2Q2gwc2F6WHhQNVNFVFBZWnVHM280CkVYcXFYc0g0ZFlENi9FckVaVXBUK1FjWGVUZS9xbDZ0Z0tkZkJHZE4zTDFGZ21SS1loTHg5M3NscVBxeGpaTUxMV0xVdkVtSjlDREEKcmwyUllWV3VUMTM1VVFoQ1p6WHVSMFpZb0xzPTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMnA6U3RhdHVzIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDJwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbDJwOlN0YXR1cz48c2FtbDI6QXNzZXJ0aW9uIElEPSJpZDg2OTQ2NzQ5MDY5ODM0NTAxNjgxNDU0NTk2IiBJc3N1ZUluc3RhbnQ9IjIwMjEtMDEtMTVUMTY6NTU6MTQuMzgwWiIgVmVyc2lvbj0iMi4wIiB4bWxuczpzYW1sMj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWwyOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHA6Ly93d3cub2t0YS5jb20vZXhrNzd6aG5oZFU0VkxNdG4zNTc8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHM6U2lnbmVkSW5mbz48ZHM6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2Ii8+PGRzOlJlZmVyZW5jZSBVUkk9IiNpZDg2OTQ2NzQ5MDY5ODM0NTAxNjgxNDU0NTk2Ij48ZHM6VHJhbnNmb3Jtcz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz48ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kczpUcmFuc2Zvcm1zPjxkczpEaWdlc3RNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGVuYyNzaGEyNTYiLz48ZHM6RGlnZXN0VmFsdWU+Q28wd1RlSzJNVi9NeGN3bGlLcUlsZnJjZ0pnc1QzVUdhbFR5bk5sRm5EMD08L2RzOkRpZ2VzdFZhbHVlPjwvZHM6UmVmZXJlbmNlPjwvZHM6U2lnbmVkSW5mbz48ZHM6U2lnbmF0dXJlVmFsdWU+T2lnQmlFNWJtY1kwNXIxSE5wTU1GZ1NkYUNFdnQzQ29xOXMxdTFrNk16U3lobXphTVE3MGxPSUhPZ0U2Rjk5cFg1TlRkZW83Q0cxVHcrZmI3Y2pieEwrblhNOWp6OUdtNFJKZVpyZWJHQ2IvaUhoRG0rdisrQnZXSEZMTlVCWkx2Z3FJNXJSYVJOYkV6NllLaXlNMTVyR3B4OTNqWUVzclNJTUpPRFQ4WmZ3YkJ6b2lQNDc1Qk1EM3dxZjEwakVaeWdZSUNMei8wWEZSb1pEMWlBWFFteGphUGlUamtrR3dhOHo2amtKa3ZiWE5FUkFETHE3ZjBiR015bE1tcmVJREZvRVVvV29CSGJWbXlGajJFVjFtdFBEcTlMTk5VSXg5cTdlOVVPNjBjU2p4ZWdrbmw0dVBobkFBN3NOTDRRU3FyRU00VGptVGdaUW43R0JzVlgwVDN3PT08L2RzOlNpZ25hdHVyZVZhbHVlPjxkczpLZXlJbmZvPjxkczpYNTA5RGF0YT48ZHM6WDUwOUNlcnRpZmljYXRlPk1JSURvRENDQW9pZ0F3SUJBZ0lHQVd6ZWR4OFpNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1JR1FNUXN3Q1FZRFZRUUdFd0pWVXpFVE1CRUcKQTFVRUNBd0tRMkZzYVdadmNtNXBZVEVXTUJRR0ExVUVCd3dOVTJGdUlFWnlZVzVqYVhOamJ6RU5NQXNHQTFVRUNnd0VUMnQwWVRFVQpNQklHQTFVRUN3d0xVMU5QVUhKdmRtbGtaWEl4RVRBUEJnTlZCQU1NQ0cxbGRISjFiWEpuTVJ3d0dnWUpLb1pJaHZjTkFRa0JGZzFwCmJtWnZRRzlyZEdFdVkyOXRNQjRYRFRFNU1EZ3lPVEUzTXprME5Gb1hEVEk1TURneU9URTNOREEwTkZvd2daQXhDekFKQmdOVkJBWVQKQWxWVE1STXdFUVlEVlFRSURBcERZV3hwWm05eWJtbGhNUll3RkFZRFZRUUhEQTFUWVc0Z1JuSmhibU5wYzJOdk1RMHdDd1lEVlFRSwpEQVJQYTNSaE1SUXdFZ1lEVlFRTERBdFRVMDlRY205MmFXUmxjakVSTUE4R0ExVUVBd3dJYldWMGNuVnRjbWN4SERBYUJna3Foa2lHCjl3MEJDUUVXRFdsdVptOUFiMnQwWVM1amIyMHdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFDZG8rR2EKUXVZM1lCN1BQTjRzb0lwR2hETnc4bEd3dWtxSEw2a1pLS0w4amdhbUZIay9TM3A0UnBTOE5ZMEhyTEdxWThtS2hrME14dzZzMGRCaQpYb2ZOR3FEWU1RN3pyMVI0SDhKUU15K1EyVTZrYUJQcFI4Z2RPZ29McjV5WmJwS2kvSWRlalhvdGNWUTRBbC8yd0MrUVBFend6b0orCkE3dm1ib0NNNlE3UTRjR3ZBMS93NmVBTjUrMVRVNFlLYWdjRU40NVVYZTg3TWRvZlVIaUdzSWVsci9kY1d5MmxxQnJnTmQ4NkpnTUQKbFhvaGpXcjlGWm51azdzV1hSZ0RWckVDTlFWbDE1OWxuRGhPREczdWdVZE5oM3BYTTkvNWF4N1hwZy9pbUY4WXRjemIvOXMrSFV2YwpNUndhcDVqWnh0MFNBRHZyb2pSMVVTNmN2Y1BPMTJ5YkFnTUJBQUV3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUpiZW1VeDlBYThlCjB0TGtVdnBXWHV4OTUzWEIxTm1IdXRjcFU2SFJ0Z3ZFKzQ3cE8xUElzVW1KMjhWeW5sMnNBVEt5TEI0a0M3YVpLOWNrZUZMOHE2djcKaDRLUUJGMWw1NTJjOFg4M3ZVMExucCt1NFlyOWNHS1FiUVYxTWorSFZqQThqSGNjMC81b2ZwYU01SXIwQkJ4bUlrWUhZRlowN1ZoVQp3WWtoTm0rQ201VUVlc1lIOXR5cllzYTZhbE1NdW5aYkF0dVNKUkpzWnYzaUZURWZMSmMrYWp2Q2gwc2F6WHhQNVNFVFBZWnVHM280CkVYcXFYc0g0ZFlENi9FckVaVXBUK1FjWGVUZS9xbDZ0Z0tkZkJHZE4zTDFGZ21SS1loTHg5M3NscVBxeGpaTUxMV0xVdkVtSjlDREEKcmwyUllWV3VUMTM1VVFoQ1p6WHVSMFpZb0xzPTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0IHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5kYXJyZWxsYkBtZXRydW1yZy5jb208L3NhbWwyOk5hbWVJRD48c2FtbDI6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sMjpTdWJqZWN0Q29uZmlybWF0aW9uRGF0YSBJblJlc3BvbnNlVG89Il9iMmZiNWUxOWJiYTY0MTlmMWUyYSIgTm90T25PckFmdGVyPSIyMDIxLTAxLTE1VDE3OjAwOjE0LjM4MFoiIFJlY2lwaWVudD0iaHR0cHM6Ly9pZHBkZXYubWV0d29yeC5jb20vcGFzc3BvcnQvYXV0aC9zYW1sL21yZy1va3RhLXNhbWwvY2FsbGJhY2siLz48L3NhbWwyOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sMjpTdWJqZWN0PjxzYW1sMjpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAyMS0wMS0xNVQxNjo1MDoxNC4zODBaIiBOb3RPbk9yQWZ0ZXI9IjIwMjEtMDEtMTVUMTc6MDA6MTQuMzgwWiIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPjxzYW1sMjpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sMjpBdWRpZW5jZT5tcmctb2t0YS1zYW1sPC9zYW1sMjpBdWRpZW5jZT48L3NhbWwyOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sMjpDb25kaXRpb25zPjxzYW1sMjpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjEtMDEtMTVUMTY6NTU6MTMuNjE4WiIgU2Vzc2lvbkluZGV4PSJfYjJmYjVlMTliYmE2NDE5ZjFlMmEiIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDI6QXV0aG5Db250ZXh0PjxzYW1sMjpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3NlczpQYXNzd29yZFByb3RlY3RlZFRyYW5zcG9ydDwvc2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sMjpBdXRobkNvbnRleHQ+PC9zYW1sMjpBdXRoblN0YXRlbWVudD48L3NhbWwyOkFzc2VydGlvbj48L3NhbWwycDpSZXNwb25zZT4= 2021-01-15T16:55:14.574Z [ERROR] Unknown Error: TypeError: Cannot read property 'RelayState' of undefined 2021-01-15T16:55:14.574Z [ERROR] TypeError: Cannot read property 'RelayState' of undefined at Object.process (/opt/gluu/node/passport/server/idp-initiated.js:94:25) at processIdpInitiated (/opt/gluu/node/passport/server/routes.js:146:15) at Layer.handle [as handle_request] (/opt/gluu/node/passport/node_modules/express/lib/router/layer.js:95:5) at next (/opt/gluu/node/passport/node_modules/express/lib/router/route.js:137:13) at complete (/opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:268:13) at /opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:275:15 at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:431:14) at Authenticator.transformAuthInfo (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:453:5) at /opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:272:22 at /opt/gluu/node/passport/node_modules/passport/lib/http/request.js:52:7 at /opt/gluu/node/passport/node_modules/passport/lib/sessionmanager.js:26:5 at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:277:43) at serialized (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:286:7) at passport.serializeUser (/opt/gluu/node/passport/server/app.js:52:2) at pass (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:294:9) at Authenticator.serializeUser (/opt/gluu/node/passport/node_modules/passport/lib/authenticator.js:299:5) at SessionManager.logIn (/opt/gluu/node/passport/node_modules/passport/lib/sessionmanager.js:14:8) at IncomingMessage.req.login.req.logIn (/opt/gluu/node/passport/node_modules/passport/lib/http/request.js:50:33) at Strategy.strategy.success (/opt/gluu/node/passport/node_modules/passport/lib/middleware/authenticate.js:253:13) at verified (/opt/gluu/node/passport/node_modules/passport-saml/lib/passport-saml/strategy.js:63:14) at processProfile (/opt/gluu/node/passport/server/providers.js:30:9) at Strategy.uncurried (/opt/gluu/node/passport/server/providers.js:65:10) ``` I haven't been able to make heads or tails of what is undefined. The RelayState is present in the logs from either route.js or idp-initiated.js. It's kind of hard to tell which since they have the exact same log messages. Secondly the Relay state is clearly present in the debug logs and the body of the SAML response is present as it's being displayed. I'm wondering if there's something small I'm missing.

Ubuntu 18.04

closed

By Darrell Breeden user 19 Jan 2021 at 10:41 a.m. CST

Copy

The problem is coming from ```js function process(req, res, next) { let user = req.user, relayState = req.body.RelayState ``` When process is called, the req is present but the `body` field does not exist as a member of the request

By Darrell Breeden user 19 Jan 2021 at 10:46 a.m. CST

Copy

```js function processIdpInitiated(req, res, next) { let user = req.user, relayState = req.body.RelayState logger.log2('debug', `RelayState value: ${relayState}`) logger.log2('debug', `SAML reponse in body:\n${req.body.SAMLResponse}`) abortIfProfileMissing(req, res, user) idpInitiated.process(user, relayState, global.iiconfig, res, next) } ``` When IDP Initiated requests start, user is processed as `req.user`. That's handed down as the request, which does not have a body. You can fairly easily fix this by setting the body onto it from the raw request: ```js let user = req.user, relayState = req.body.RelayState logger.log2('debug', `RelayState value: ${relayState}`) logger.log2('debug', `SAML reponse in body:\n${req.body.SAMLResponse}`) abortIfProfileMissing(req, res, user) user.body = req.body idpInitiated.process(user, relayState, global.iiconfig, res, next) ```

By Michael Schwartz Account Admin 24 Jan 2021 at 8:50 a.m. CST

Copy

This support ticket is beyond the scope of community support. Please contact sales about a VIP support contract.

By Darrell Breeden user 26 Jan 2021 at 10:43 a.m. CST

Copy

Just to clarify or add knowledge in case anyone comes across this, it was a rather large effort to go through and manually resolve the code issues myself, and the further I got into it, I realized it had to have already been solved. Our production environment was deployed on a newer version of gluu (4.2.1) and was completely unaffected. We were able to setup SAML integration both IDP Inititated and Gluu-Initiated without issue. As such, we'll simply tear down our development instance and re-deploy with 4.2.1. Basically we upgraded from 4.2.0 to 4.2.1

By Michael Schwartz Account Admin 26 Jan 2021 at 10:52 a.m. CST

Copy

Thanks for the note.

You need to Login in order to post an answer

Unknown Error: TypeError: Cannot read property 'RelayState' of undefined

By: Darrell Breeden user 18 Jan 2021 at 8:29 a.m. CST

Answers

By Darrell Breeden user 19 Jan 2021 at 10:41 a.m. CST

By Darrell Breeden user 19 Jan 2021 at 10:46 a.m. CST

By Michael Schwartz Account Admin 24 Jan 2021 at 8:50 a.m. CST

By Darrell Breeden user 26 Jan 2021 at 10:43 a.m. CST

By Michael Schwartz Account Admin 26 Jan 2021 at 10:52 a.m. CST

Post an answer