SAML Configuration giving error

Aamir · May 23, 2019, 1:42pm

Issue Summary

Installed the latest version of Redash and tried setting up SAML configuration with OKTA through the application itself.
Previously for version 2, had the setting in the environment file which was working fine.

Technical details:

Redash Version: 7.0.0+b18042 on Linux.
at okta end we have passed ‘http://redash.example/default/saml/callback’ as the URl for the fields:

Single Sign On URL
Recipient URL
Destination URL
Audience URI

For Redash settings we followed the instructions in the setup document:

Log attached:
[2019-05-23 11:48:56,287][PID:11][INFO][saml2.entity] HTTP REDIRECT
[2019-05-23 11:48:56,288][PID:11][INFO][metrics] method=GET path=/saml/login endpoint=saml_auth_sp_initiated status=302 content_type=text/html; charset=utf-8 content_length=1587 duration=177.47 query_count=1 query_duration=1.83
[2019-05-23 11:48:57,572][PID:13][INFO][metrics] method=POST path=/default/saml/callback endpoint=unknown status=405 content_type=text/html content_length=178 duration=0.42 query_count=0 query_duration=0.00
[2019-05-23 11:48:57,919][PID:11][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.53 query_count=0 query_duration=0.00
[2019-05-23 11:48:58,084][PID:13][INFO][metrics] method=GET path=/login endpoint=redash_login status=200 content_type=text/html; charset=utf-8 content_length=1958 duration=5.33 query_count=1 query_duration=1.65
[2019-05-23 11:50:12,011][PID:13][INFO][metrics] method=GET path=/logout endpoint=redash_logout status=302 content_type=text/html; charset=utf-8 content_length=219 duration=0.32 query_count=0 query_duration=0.00
[2019-05-23 11:50:12,169][PID:15][INFO][metrics] method=GET path=/login endpoint=redash_login status=200 content_type=text/html; charset=utf-8 content_length=1947 duration=4.67 query_count=1 query_duration=1.44
[2019-05-23 11:50:14,592][PID:11][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:14,592][PID:11][INFO][metrics] method=POST path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.24 query_count=0 query_duration=0.00
[2019-05-23 11:50:14,881][PID:13][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:50:15,093][PID:11][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:15,094][PID:11][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.10 query_count=0 query_duration=0.00
[2019-05-23 11:50:23,067][PID:17][INFO][metrics] method=GET path=/ endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=317 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:50:23,212][PID:17][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:23,212][PID:17][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.21 query_count=0 query_duration=0.00
[2019-05-23 11:50:23,457][PID:13][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:50:23,602][PID:15][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:23,604][PID:15][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=2.00 query_count=0 query_duration=0.00
[2019-05-23 11:50:31,375][PID:15][INFO][metrics] method=GET path=/ endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=317 duration=0.55 query_count=0 query_duration=0.00
[2019-05-23 11:50:31,542][PID:11][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:31,543][PID:11][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.18 query_count=0 query_duration=0.00
[2019-05-23 11:50:31,932][PID:13][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:50:32,076][PID:11][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:32,077][PID:11][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.15 query_count=0 query_duration=0.00
[2019-05-23 11:50:37,262][PID:15][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:37,262][PID:15][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.16 query_count=0 query_duration=0.00
[2019-05-23 11:50:37,564][PID:13][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.53 query_count=0 query_duration=0.00
[2019-05-23 11:50:37,822][PID:13][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:50:37,822][PID:13][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.14 query_count=0 query_duration=0.00
[2019-05-23 11:51:21,710][PID:15][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:51:21,710][PID:15][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.21 query_count=0 query_duration=0.00
[2019-05-23 11:51:22,086][PID:13][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:51:22,265][PID:13][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:51:22,266][PID:13][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.19 query_count=0 query_duration=0.00
[2019-05-23 11:51:28,485][PID:13][INFO][metrics] method=GET path=/ endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=317 duration=0.51 query_count=0 query_duration=0.00
[2019-05-23 11:51:28,627][PID:17][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:51:28,628][PID:17][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.17 query_count=0 query_duration=0.00
[2019-05-23 11:51:28,894][PID:11][INFO][metrics] method=GET path=/favicon.ico endpoint=redash_index status=302 content_type=text/html; charset=utf-8 content_length=339 duration=0.52 query_count=0 query_duration=0.00
[2019-05-23 11:51:29,127][PID:13][WARNING][flask-limiter] ratelimit 50 per 1 hour (10.0.6.222) exceeded at endpoint: redash.login
[2019-05-23 11:51:29,127][PID:13][INFO][metrics] method=GET path=/login endpoint=redash_login status=429 content_type=text/html content_length=141 duration=1.19 query_count=0 query_duration=0.00

Aamir · June 4, 2019, 9:20pm

Updated LOG:

[2019-05-23 13:58:07,465][PID:13][ERROR][redash] Exception on /saml/login [GET]
Traceback (most recent call last):
File “/usr/local/lib/python2.7/dist-packages/flask/app.py”, line 1988, in wsgi_app
response = self.full_dispatch_request()
File “/usr/local/lib/python2.7/dist-packages/flask/app.py”, line 1641, in full_dispatch_request
rv = self.handle_user_exception(e)
File “/usr/local/lib/python2.7/dist-packages/flask_restful/init.py”, line 271, in error_router
return original_handler(e)
File “/usr/local/lib/python2.7/dist-packages/flask/app.py”, line 1544, in handle_user_exception
reraise(exc_type, exc_value, tb)
File “/usr/local/lib/python2.7/dist-packages/flask/app.py”, line 1639, in full_dispatch_request
rv = self.dispatch_request()
File “/usr/local/lib/python2.7/dist-packages/flask/app.py”, line 1625, in dispatch_request
return self.view_functionsrule.endpoint
File “/app/redash/authentication/saml_auth.py”, line 106, in sp_initiated
saml_client = get_saml_client(current_org)
File “/app/redash/authentication/saml_auth.py”, line 56, in get_saml_client
sp_config.load(saml_settings)
File “/usr/local/lib/python2.7/dist-packages/saml2/config.py”, line 356, in load
self.load_complex(cnf, metadata_construction=metadata_construction)
File “/usr/local/lib/python2.7/dist-packages/saml2/config.py”, line 296, in load_complex
self.load_metadata(cnf[“metadata”]))
File “/usr/local/lib/python2.7/dist-packages/saml2/config.py”, line 400, in load_metadata
mds.imp(metadata_conf)
File “/usr/local/lib/python2.7/dist-packages/saml2/mdstore.py”, line 922, in imp
self.load(key, **val)
File “/usr/local/lib/python2.7/dist-packages/saml2/mdstore.py”, line 910, in load
_md.load()
File “/usr/local/lib/python2.7/dist-packages/saml2/mdstore.py”, line 757, in load
raise SourceNotFound(self.url)

aharonen · July 2, 2019, 2:00pm

Hello, we are getting the same error, is there any one out there that found a solution for that?

aharonen · July 2, 2019, 2:06pm

what does it mean?
SourceNotFound: https://accounts.google.com/o/saml2/idp?idpid=XXXXXX

▼Categories

▼Tags

SAML Configuration giving error

Issue Summary

Technical details: