Git Product home page Git Product logo

Comments (3)

SteelWagstaff avatar SteelWagstaff commented on June 27, 2024

Things we attempt to log:

  1. email, net_id (uid), SAML settings after authentication (if net_id exists):

    pressbooks-saml-sso/inc/class-saml.php

    Lines 368 to 370 in 6b887a3

    $this->logData( 'email from SAML attributes', [ $email ] );
    $this->logData( 'net_id from SAML attributes', [ $net_id ] );
    $this->logData( 'SAML Settings', [ $this->getSettingsWithoutCertificatesAndPrivateKey() ] );
  2. Errors from SAML Auth, Last SAML Error Reason, during authentication if we have errors:

    pressbooks-saml-sso/inc/class-saml.php

    Lines 531 to 532 in 6b887a3

    $this->logData( 'Errors from SAML Auth', $errors );
    $this->logData( 'Last SAML Error Reason', [ $message ], true );
  3. NameID of the assertion, NameID SP NameQualifier of the assertion (after authentication):

    pressbooks-saml-sso/inc/class-saml.php

    Lines 541 to 542 in 6b887a3

    $this->logData( 'NameID of the assertion', [ $this->auth->getNameId() ] );
    $this->logData( 'NameID SP NameQualifier of the assertion', [ $this->auth->getNameIdSPNameQualifier() ], true );
  4. Auth SAML data (just after we storeAuthDataInSession):

    pressbooks-saml-sso/inc/class-saml.php

    Line 577 in 6b887a3

    $this->logData( 'Auth SAML data', $log_auth_data, true );
  5. Cookies, Username matched, Session after logged [Matched] after a matching user if found and logged in:

    pressbooks-saml-sso/inc/class-saml.php

    Lines 752 to 754 in 6b887a3

    $this->logData( 'Cookies', $this->getPartialCookies() );
    $this->logData( 'Username matched', [ $user->user_login ] );
    $this->logData( 'Session after logged [Matched]', [ $_SESSION ], true );
  6. User metadata stored (after a user has been linked to their SAML identity):

    pressbooks-saml-sso/inc/class-saml.php

    Line 861 in 6b887a3

    $this->logData( 'User metadata stored', [ $user_id, $condition ] );
  7. Cookies, Username associated, Session after logged [Associated] after a new user if created and logged in:

    pressbooks-saml-sso/inc/class-saml.php

    Lines 971 to 973 in 6b887a3

    $this->logData( 'Cookies', $this->getPartialCookies() );
    $this->logData( 'Username associated', [ $username ] );
    $this->logData( 'Session after logged [Associated]', [ $_SESSION ], true );

Things included in first log statement generated for each successful login attempt:

  • NameID of the assertion
  • NameID SP NameQualifier of the assertion (3rd item in list above only)

Things included in second log statement (generated at almost the same time as first statement)

  • NameID of the assertion
  • NameID SP NameQualifier of the assertion
  • Auth SAML data (3rd and 4th items in list above)

Things included in third log statement:
if user matched:

  • email
  • net_id (uid)
  • SAML settings
  • Cookies
  • Username matched
  • Session after logged [Matched] (1st and 5th items in list above)

if new user created

  • email
  • net_id (uid)
  • SAML settings
  • User metadata stored
  • Cookies
  • Username associated
  • Session after logged [Associated] (1st, 6th and 7th items in list above)

from pressbooks-saml-sso.

SteelWagstaff avatar SteelWagstaff commented on June 27, 2024

Logs look great for SamlTest on integrations. Will try to test with alternate IdP

from pressbooks-saml-sso.

SteelWagstaff avatar SteelWagstaff commented on June 27, 2024

Client IdP I hoped to test with is down. Without ability to test further, will consider the issue resolved.

from pressbooks-saml-sso.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.