SAML response missing while trying to authenticate using azure.
I'm having some trouble getting saml to work correctly with gitlab and azure. I've followed the documentation and I can't find what I may have configured incorrectly. Doing some trouble shooting I tried modifying the omniauth_callbacks_controller.rb
but that made no difference. Below is my configuration in /etc/gitlab/gitlab.rb
### OmniAuth Settings
###! Docs: https://docs.gitlab.com/ce/integration/omniauth.html
gitlab_rails['omniauth_enabled'] = true
gitlab_rails['omniauth_allow_single_sign_on'] = ['saml']
gitlab_rails['omniauth_sync_email_from_provider'] = 'saml'
gitlab_rails['omniauth_sync_profile_from_provider'] = ['saml']
gitlab_rails['omniauth_sync_profile_attributes'] = ['email']
gitlab_rails['omniauth_auto_sign_in_with_provider'] = 'saml'
gitlab_rails['omniauth_block_auto_created_users'] = false
gitlab_rails['omniauth_auto_link_ldap_user'] = true
gitlab_rails['omniauth_auto_link_saml_user'] = false
gitlab_rails['omniauth_external_providers'] = ['azure_oauth2']
gitlab_rails['omniauth_providers'] = [
{
name: 'saml',
args: {
assertion_consumer_service_url: 'https://gitlab.penumbrainc.com/users/auth/saml/callback',
idp_cert_finger: '1C:AB:59:D9:55:82:48:36:5F:32:83:28:DD:6D:56:D8:37:91:48:F5',
idp_sso_target_url: 'https://login.microsoftonline.com/2cd2c5ee-f52c-4c71-8109-a90e40fa9c73/saml2',
issuer: 'https://gitlab.penumbrainc.com'
}
}
]
And here is the relevant information from production.log
Processing by OmniauthCallbacksController#failure as HTML
Parameters: {"SAMLResponse"=>"{{REDACTED BECAUSE ITS MASSIVE}}"}
Can't verify CSRF token authenticity
Completed 500 Internal Server Error in 2ms (ActiveRecord: 0.0ms | Elasticsearch: 0.0ms)
NoMethodError (undefined method `id' for nil:NilClass):
app/models/active_session.rb:62:in `block in destroy'
lib/gitlab/redis/wrapper.rb:17:in `block in with'
lib/gitlab/redis/wrapper.rb:17:in `with'
app/models/active_session.rb:61:in `destroy'
config/initializers/warden.rb:19:in `block (2 levels) in <top (required)>'
lib/gitlab/middleware/multipart.rb:95:in `call'
lib/gitlab/request_profiler/middleware.rb:14:in `call'
ee/lib/gitlab/jira/middleware.rb:15:in `call'
lib/gitlab/middleware/go.rb:17:in `call'
lib/gitlab/etag_caching/middleware.rb:11:in `call'
lib/gitlab/middleware/rails_queue_duration.rb:22:in `call'
lib/gitlab/metrics/rack_middleware.rb:15:in `block in call'
lib/gitlab/metrics/transaction.rb:53:in `run'
lib/gitlab/metrics/rack_middleware.rb:15:in `call'
lib/gitlab/middleware/read_only/controller.rb:28:in `call'
lib/gitlab/middleware/read_only.rb:16:in `call'
lib/gitlab/request_context.rb:18:in `call'
lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call'
lib/gitlab/middleware/release_env.rb:10:in `call'
I should be on the most recent version of gitlab as I run updates daily. My system is centOS.