configurationName is NULL

SAML for ASP.NET Core
1

I’m using ComponentSpace v5.0.0
I have a multi-tenant application so I’m setting the configurationName to then obtaing it in my custom class SamlConfigurationResolver, the implementation has been working fine for months, but in the last two weeks I have expereicned an issue by wich the configurationName is arriving as (null) on GetLocalServiceProviderConfigurationAsync(), the issue starts suddenly and gone after recycling its IIS app pool.
here is the code:

builder.Services.AddSaml();
builder.Services.AddTransient<ISamlConfigurationResolver, SamlConfigurationResolver>();

[HttpPost(“/{customerId}/saml/login”)]
public async Task LoginSaml(string customerId)
{
return !ModelState.IsValid
? BadRequest()
: await LoginSamlPost(customerId);
}

private async Task LoginSamlPost(string customerId)
{
await _samlServiceProvider.SetConfigurationNameAsync(customerId);
ssoResult = await _samlServiceProvider.ReceiveSsoAsync();
}

public class SamlConfigurationResolver : ISamlConfigurationResolver
{
public Task GetLocalServiceProviderConfigurationAsync(string configurationName = null)
{
string customerId = configurationName;
	try
	{
		string localCertificate = GetLocalCertificate(customerId);

		HttpRequest request = _httpContextAccessor.HttpContext.Request;
		string requestUrl = string.Concat("https://", request.Host.ToUriComponent(), request.Path.ToUriComponent());

		LocalServiceProviderConfiguration localServiceProviderConfiguration = new()
		{
			Name = localCertificate,
			AssertionConsumerServiceUrl = requestUrl,
			LocalCertificates =
			[
				new()
				{
					SubjectName = localCertificate
				}
			]
		};
		return Task.FromResult(localServiceProviderConfiguration);
	}
	catch (Exception ex)
	{
		string errorMessage = $"An error occurred while retrieving the SDP configuration: {ex.Message}";
		throw new ArgumentException(errorMessage);
	}
}

public Task<PartnerIdentityProviderConfiguration> GetPartnerIdentityProviderConfigurationAsync(string configurationName = null, string partnerName = null)
{
	string customerId = configurationName;
	
	if (configurationName != partnerName)
	{
		_logger.LogWarning("partnerName: '{PartnerName}', and configurationName: {ConfigurationName} values are not the same.", partnerName, configurationName);
		throw new ArgumentException("Parameters provided in the Saml configuration do not match.");
	}
	try
	{
		string digestAlgorithm = GetDigestAgorith(customerId);
		string signatureAlgorithm = GetSignatureAlgorithm(customerId);
		string partnerCertificate = GetPartnerCertificate(customerId);

		PartnerIdentityProviderConfiguration partnerIdentityProviderConfiguration = new()
		{
			Name = partnerName,
			PartnerCertificates =
			[
				new()
				{
					String = partnerCertificate
				}
			],
			WantDigestAlgorithm = digestAlgorithm,
			WantSignatureAlgorithm = signatureAlgorithm
		};

		return Task.FromResult(partnerIdentityProviderConfiguration);
	}
	catch (Exception ex)
	{
		string errorMessage = $"An error occurred while retrieving the IDP configuration: {ex.Message}";
		throw new ArgumentException(errorMessage);
	}

}

}
2

I suggest adding some test logic in your LoginSamlPost method to confirm the customerId isn’t null.

If that looks ok, it’s possible the SAML session state, which is where the configuration name is saved, is being lost. This state is indexed by a saml-session cookie which is marked as Secure and SameSite=None. It’s possible this cookie isn’t being sent by the browser under certain conditions. This can be investigated using the browser developer tools.

It’s interesting that recycling the app pool resolves the issue.

If the issue can be reproduced easily, I suggest enabling SAML trace and sending the log file, along with a reference to your forum post, to support@componentspace.com.