Hi, I’m not very familiar with SSO/SAML in detail but I’m trying to configure correctly an integration between Auth0 and Black Duck for a POC.
I had this working before with another instance, but, when I tried to setup again from scratch on a new Black Duck instance, it’s not working the way I expect.
When I add the “Identity Provider Login URL”, Black Duck accuses that it’s invalid, with the logs saying “Failed to validate Idp metadata”. “Unable to parse inputstream, it contained invalid XML” (I got the URL directly from the usage tab on the application configuration).
However, if I download the “Identify provided metadata” in XML, the authentication works, but, the user ID field goes with the field user_id (“Auth 0 | 65e2258f65215f17aa509955”), and I want it to be the nickname.
As I mentioned, it was working fine the exactly the way I intend with a previous instance of Black Duck about 4 weeks ago (using the URL instead of the XML and the username on Black Duck (Login) had the nickname).
My configuration is:
- New application
- Application Login URI: https://blackduck-url
- Allowed Callback URLs: https://blackduck-url/saml/SSO
- Addons: SAML2, settings:
{
“mappings”: {
“nickname”: “Login”,
“email”: “Email”,
“given_name”: “FirstName”,
“family_name”: “LastName”
}
}
User configuration (user_metadata):
{
“family_name”: “Smith”,
“given_name”: “Jonathan”
}
Custom library: Add user data (added to the login flow):
exports.onExecutePostLogin = async (event, api) => {
const { given_name, family_name } = event.user.user_metadata;
if (event.authorization) {
// Set claims
api.idToken.setCustomClaim(given_name, given_name);
api.idToken.setCustomClaim(family_name, family_name);
}
};
Does anyone have any idea of what I missed while configuring?
Thanks!