Gitlab cannot parse Azure SAML AuthnStatement without namespace (saml or saml2)
Summary
Gitlab CE cannot parse / find the xml tags for the saml response from Azure
<AuthnContext><AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef></AuthnContext>
This is due to it not having any namespace on the tags.
Steps to reproduce
Configure in Azure AD an enterprise application and select SAML. The response will not include any namespace on the AuthContext making the code not match.
Example Project
Attached sanitized file
What is the current bug behavior?
Authenticates but two factor is still used. I have verified that the value returned by azure is inside of the omniauth/omnibus config. It logs in fine but still ask for two factor.
What is the expected correct behavior?
It should read the value and if it matches the omnibus / omniauth config don't ask for a two factor.
Relevant logs and/or screenshots
Output of checks
(If you are reporting a bug on GitLab.com, write: This bug happens on GitLab.com)
Results of GitLab environment info
Results of GitLab application Check
Possible fixes
This bug report had suggested adding a xpath that would have solved this issue. https://gitlab.com/gitlab-org/gitlab-ce/issues/53102
//*[local-name() = 'AuthnStatement']/*[local-name() = 'AuthnContext']/*[local-name() = 'AuthnContextClassRef']/text()