0

First we took the SAML code sample references from https://github.com/onelogin/php-saml and set up the integration with our project.

Before going to company SSO, we created trial account with a third party service provider one login, to test our code for Single sign on is proper.

On local this worked perfectly. We deployed same on GCP with changed references and test failed. Next we went with our company SSO on GCP with certificates and necessary changes. It failed in similar manner as as not authenticated

  1. When the site is accessed redirection to company sso OK
  2. Successful Authentication at company SSO and redirection back to Application OK
  3. Validating the response from company SSO in the application NO

On using SAML Tracer it was clear that the authentication at the company SSO side was proper, only that our code wasn’t able to receive it properly.

Since on local things are working as intended we doubt with respect to GAE/PHP we may be missing something as the application cannot verify the object returned from SSO, may be losing cache/session.

we are using Google app engine standard with our application being PHP 7.4

user5722923
  • 33
  • 1
  • 5
  • Can you share with me any errors you have found? – Badala Prashanth Dec 09 '21 at 08:28
  • there are no errors in app engine logs, since the session variable is empty the single sign on code just throws the default exception message which is invalid_response Not authenticated – user5722923 Dec 13 '21 at 11:01
  • Have you checked firewall rules in the app engine? In the browser inspect what is the status code of the url which is throwing invalid response? And have you gone through the [stack overflow link](https://stackoverflow.com/questions/50853352/session-variables-not-working-after-require-simplesamlphp)? – Badala Prashanth Dec 15 '21 at 06:36

0 Answers0