Search code examples
phpsimplesamlphp

Could not retrieve the required option 'entityID' on very basic configuration with openIdP

I receive this error while test the authentication in the admin panel of ssPhp or while open federation tab.

Caused by: SimpleSAML\Assert\AssertionFailedException: authsources['sp-test']: Could not retrieve the required option 'entityID'.

Im trying to set up a simplesamlphp 2.0.3 SP on PHP 8.1.17. I didnt configure Apache alias and just set in config.php the baseurlpath to mydomain.com/simplesamlphp/public/. I've created an account on openIdP and then finaly set in

authsources.php

'sp-test' => array(
  'saml:SP',
  'entityId' => 'https://openidp.feide.no',
  'idp' => 'https://openidp.feide.no',
),

and in saml20-idp-remote.php

 $metadata['https://openidp.feide.no'] = array (
    'metadata-set' => 'saml20-idp-remote',
    'entityid' => 'https://openidp.feide.no',
    'SingleSignOnService' => 
    array (
      0 => 
      array (
        'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
        'Location' => 'https://openidp.feide.no/simplesaml/saml2/idp/SSOService.php',
      ),
    ),
    'SingleLogoutService' => 
    array (
      0 => 
      array (
        'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
        'Location' => 'https://openidp.feide.no/simplesaml/saml2/idp/SingleLogoutService.php',
      ),
    ),
    'certData' => 'MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w==',
    'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
    'contacts' => 
    array (
      0 => 
      array (
        'emailAddress' => '[email protected]',
        'contactType' => 'technical',
        'givenName' => 'OpenIdP',
        'surName' => 'support',
      ),
    ),
  );

Its really basic setup so I dont understand whats wrong. The admin menu has all needed modules and php-extensions.

Solution

  • The classic case... a hard-to spot typo in the authsource array

    'sp-test' => array(
  'saml:SP',
  'entityId' => 'https://openidp.feide.no',
  'idp' => 'https://openidp.feide.no',
),

    Error message says authsources['sp-test']: Could not retrieve the required option 'entityID', indicating that the element int "sp-test" must be named entityID