Hello, I'm running into an issue with PluggableAuth and/or SimpleSAMLphp plugins that are beyond my meager ability to rectify.
Mediawiki version: 1.34.2
PluggableAuth version: REL1_34
SimpleSAMLphp (plugin) version: REL1_34
SimpleSAMLphp (application) version: 1.18.7
The SimpleSAMLphp application appears to be working correctly, I can access the web control panel, have exchanged metadata with our SAML administrator here on campus, and it successfully passes me through to the university's login page when I test authentication. However, Mediawiki is not handling something correctly. Very possibly due to bad configuration on my part.
When I attempt to log in with the PluggableAuth button I am taken to my university's login page but when I enter my credentials there I am shortly returned back to the MediaWiki login page with the error "could not find username attribute: uid" in a red box above fields for username and password. This error message will change depending on what value is in the "$wgSimpleSAMLphp_UsernameAttribute" variable. If that contains "username" the error says "username". If it contains "uid" then the error says "uid", etc.
When I sent this error to the SAML administrator he said "Hmm...for some reason it isn't finding the uid attribute in the SAML assertion. I know it's being released since I can see it in my logs."
Here are the relevant settings from my LocalSettings.php:
wfLoadExtension( 'PluggableAuth' );
$wgPluggableAuth_EnableAutoLogin = true;
$wgPluggableAuth_EnableLocalLogin = true;
$wgPluggableAuth_EnableLocalProperties = true;
//$wgPluggableAuth_ButtonLabelMessage = "PluggableAuth Login";
//$wgPluggableAuth_Class = 'SimpleSAMLphp';
wfLoadExtension( 'SimpleSAMLphp' );
$wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp";
$wgSimpleSAMLphp_AuthSourceId = "default-sp";
$wgSimpleSAMLphp_RealNameAttribute = "givenName";
$wgSimpleSAMLphp_EmailAttribute = "mail";
$wgSimpleSAMLphp_UsernameAttribute = "uid";
The wiki debug log contains the following seemingly relevant lines:
[PluggableAuth] In execute()
[PluggableAuth] Getting PluggableAuth singleton
[PluggableAuth] Class name: SimpleSAMLphp
[SimpleSAMLphp] Could not find username attribute: uid
[PluggableAuth] Authentication failure.
[PluggableAuth] ERROR: Could not find username attribute: uid
[session] SessionBackend "crqehku38g33i88npuilpc2r199rqmfs" data dirty due to dirty(): PluggableAuthLogin->execute/MediaWiki\Auth\AuthManager->setAuthenticationSessionData/MediaWiki\Session\Session->setSecret/MediaWiki\Session\Se ssion->set/MediaWiki\Session\SessionBackend->dirty
[session] SessionBackend "crqehku38g33i88npuilpc2r199rqmfs" save: dataDirty=1 metaDirty=0 forcePersist=0