I am using SSOCircle to test out my SAML implementation with Codeigniter. The current steps are:
- Access website.com
- Redirected to SSOCircle Consent Page
- Verify identity
- Pass user data back to website.com
However, after step 3, it goes to step 4 and back to step 3 immediately.
This is my code:
public function index()
{
$data['languages']= get_all_languages();
$sp_auth = 'default-sp';
try {
$auth = new SimpleSAML_Auth_Simple($sp_auth);
$auth->requireAuth(array(
'ReturnTo' => $this->data['controller'],
'KeepPost' => FALSE,
));
$attributes = $auth->getAttributes();
var_dump($attributes);
} catch (Error $e) {
print_r($e);
}
}
I have considered that my redirect may be the reason it keeps calling the consent page. However when added another url for it to access with this function
public function auth(){
$attributes = $auth->getAttributes();
var_dump($attributes);
}
I get this error:
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
1 www/_include.php:45 (SimpleSAML_exception_handler)
0 [builtin] (N/A)
Caused by: SimpleSAML_Error_Exception: No authentication source with id 'Login/Auth' found.
Backtrace:
2 lib/SimpleSAML/Auth/Source.php:335 (SimpleSAML_Auth_Source::getById)
1 modules/saml/www/sp/saml2-acs.php:12 (require)
0 www/module.php:135 (N/A)
Update
I recently noticed that SSOCircle actually returns back to my login page. However, it immediately redirects it back to the SSOCircle page. Not sure if this helps
Update 2
I just checked the logs and I have received this warning
Mar 12 23:26:26 simplesamlphp WARNING [da20d4a7a3] Could not load state specified by InResponseTo: NOSTATE Processing response as unsolicited.
I was told that this is because of lost state information. However I have checked my cookie names and they match up. What else have I missed?
https://github.com/simplesamlphp/simplesamlphp/wiki/State-Information-Lost