When attempting to use Google as a SAML provider I'm seeing the following exception:
<class 'onelogin.saml2.errors.OneLogin_Saml2_Error'>: Invalid dict settings: sp_acs_url_invalid,sp_sls_url_invalid
/usr/local/lib/python2.7/site-packages/onelogin/saml2/auth.py:52:__init__
/usr/local/lib/python2.7/site-packages/onelogin/saml2/settings.py:104:__init__
Without fully reverse-engineering the regex in validate_url() this appears to be due to a lack of query parameters in that validation regex. Google's Identity Provider URLs contain query parameters, for example https://accounts.google.com/o/saml2/idp?idpid=SomeIdentifier. Looking at but not reverse engineering the validation regex I'm under the impression the ?idpid= parameter portion is causing validation to fail.
When attempting to use Google as a SAML provider I'm seeing the following exception:
Without fully reverse-engineering the regex in validate_url() this appears to be due to a lack of query parameters in that validation regex. Google's Identity Provider URLs contain query parameters, for example https://accounts.google.com/o/saml2/idp?idpid=SomeIdentifier. Looking at but not reverse engineering the validation regex I'm under the impression the ?idpid= parameter portion is causing validation to fail.