2

I'm trying to authenticate to a website that uses SimpleSAML without the browser but simply using cURL commands.

Basically I'm using Chrome's dev tools to see the redirects and what information is sent with each request.

So far I'm able to reach the IDP login page https://idp.mycompany.com/simplesaml/module.php/core/login.php?, provide my credentials and send a post request to the IDP login url.
From there the request gets redirected to SSO login page https://login-page.mycompany.com/oam/server/fed/sp/sso where I need to select user role and which is on a different address. When using curl commands at this step I'm getting "State Information Lost" error.

I can see the SimpleSAML token present in Response headers in the browser after entering credentials on IDP page, which looks like SimpleSAMLAuthToken=_cc877254d02fd4dc408c85482640b8a583b73887f6; path=/; HttpOnly. And apparently when using cURL this gets lost when redirecting from IDP login page to SSO page.

Any suggestions how to solve the "State Information Lost" error would be highly appreciated.

SergioLeone
  • 734
  • 1
  • 10
  • 24
  • Why are you making such heavy weather with this and aren't simply using the browser? – Jan Köhler Feb 24 '18 at 10:17
  • 1
    Is this a question of whether it's more efficient to use browser or not? In any case I've managed to solve the issue and now able to authenticate to the server through CLI without use of browser. – SergioLeone Feb 24 '18 at 13:51
  • I'm reading this because I need this on a server system without a GUI where I can't install any software (but it has wget and curl). – reinierpost Feb 03 '20 at 15:55

1 Answers1

3

The solution was in telling curl to reuse cookies with -c and -b flags.

SergioLeone
  • 734
  • 1
  • 10
  • 24