Hi everyone! I hope you’re doing well.
I’m using a SAML proxy as the IdP in my Indico instance. Single Sign-On is working fine, but when I try to perform a Single Logout, I get an error page:
(its in portuguese, the translation: Something went wrong. report the error. return to the main page.)
The funny thing is, the logout actually works — I can log in again afterward — but I don’t understand why I’m seeing this error page.
I tried to investigate the issue using SAML tracer, and I can see:
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
So the problem is probably related to how Indico handles the response.
the full error:
Call stack:
File "/opt/indico/.venv/lib/python3.12/site-packages/sentry_sdk/integrations/flask.py", line 85, in sentry_patched_wsgi_app
return SentryWsgiMiddleware(lambda *a, **kw: old_app(self, *a, **kw))(
File "/opt/indico/.venv/lib/python3.12/site-packages/sentry_sdk/integrations/wsgi.py", line 108, in __call__
rv = self.app(
File "/opt/indico/.venv/lib/python3.12/site-packages/sentry_sdk/integrations/flask.py", line 85, in <lambda>
return SentryWsgiMiddleware(lambda *a, **kw: old_app(self, *a, **kw))(
File "/opt/indico/.venv/lib/python3.12/site-packages/flask/app.py", line 1536, in __call__
return self.wsgi_app(environ, start_response)
File "/opt/indico/.venv/lib/python3.12/site-packages/werkzeug/middleware/proxy_fix.py", line 183, in __call__
return self.app(environ, start_response)
File "/opt/indico/.venv/lib/python3.12/site-packages/flask/app.py", line 1511, in wsgi_app
response = self.full_dispatch_request()
File "/opt/indico/.venv/lib/python3.12/site-packages/flask/app.py", line 919, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/opt/indico/.venv/lib/python3.12/site-packages/flask/app.py", line 809, in handle_user_exception
return self.ensure_sync(handler)(e) # type: ignore[no-any-return]
File "/opt/indico/.venv/lib/python3.12/site-packages/indico/web/flask/errors.py", line 113, in handle_exception
Logger.get('flask').exception(str(exc) or 'Uncaught Exception')
File "/usr/local/lib/python3.12/logging/__init__.py", line 1574, in exception
self.error(msg, *args, exc_info=exc_info, **kwargs)
File "/usr/local/lib/python3.12/logging/__init__.py", line 1568, in error
self._log(ERROR, msg, args, **kwargs)
File "/usr/local/lib/python3.12/logging/__init__.py", line 1684, in _log
self.handle(record)
File "/usr/local/lib/python3.12/logging/__init__.py", line 1700, in handle
self.callHandlers(record)
File "/opt/indico/.venv/lib/python3.12/site-packages/sentry_sdk/integrations/logging.py", line 100, in sentry_patched_callhandlers
return old_callhandlers(self, record)
Message: 'SAML logout failed'
Arguments: ()