Add production-ready configuration examples in documentation
ryan-lane opened this issue Β· comments
We have quickstart docs, but no examples for production deployment.
Would really appreciate docs on OneLogin SAML integration - have been beating my head against it today..
Hey there. I think we can work up an example for SAML, but it probably won't be until next week.
I'm stuck, getting this error from confidant:
{
"errors": [
"invalid_response"
],
"message": "SAML request failed",
"reason": "No AuthNRequest ID from SP found to match with InResponseTo of response"
}
Even a very quick and dirty example would be really helpful - I think I've got things in the right places, but clearly I'm still not doing it right.
We're working on an example that should be ready in a day or two. I'd share something quick and dirty, but I don't have anything off-hand right now.
Really looking forward to seeing this example! Struggling with OneLogon...
@egeland I don't think I've seen your error before. You've probably already got this far, but it looks like your SAML is error-ing here: https://github.com/lyft/confidant/blob/master/confidant/authnz/userauth.py#L573-L582
The session token is being set here: https://github.com/lyft/confidant/blob/master/confidant/authnz/userauth.py#L818
This occurs right after the SAML request is initiated (and therefore it is able to get a request ID to store and check later). You might want to put a break point here and check that auth.get_request_id()
is actually returning a valid id. You'll also need a SESSION_SECRET (https://github.com/lyft/confidant/blob/master/confidant/settings.py#L326-L329) set in order for sessions to work properly.
I pulled and built an image from current HEAD ( 95065eb ) and got logged in via SAML.. so, some progress!