Renew session is looping when using SAML auth on OP.
Concerned version
Version: %2.0.11
Platform: docker image UserDB OIDC/SAMLv2/Demo
Summary
It asks me to renew session in a loop when I use SAML module to do so.
I have 3 SSO LLNG.
The first SSO1 is an OIDC RP connected with the second. The second SSO2 is an OIDC OP and a SAML SP in relationship with the third The thid SSO3 is a SAML IDP.
SSO1 | SSO2 | SSO3 | ||||
---|---|---|---|---|---|---|
RP | <-> | OIDC | <-> | SAML | <-> | IDP |
SSO2 proposes as choices login/pwd or SAML in order to authenticate. I want to force SAML authentication if a user wants to use OIDC RP. In order to do that, I force to renew OIDC session. I set prompt=login into my 1st SSO configuration. And on SSO2 I force only SAML if URL is on authorize or renewsession.
In order to reproduce:
- I logged-in on the SSO2 with login/pwd or SAML (can reproduce on both). I do the same on SSO3, I logged-in.
- I go on SSO1.
- I authenticate with OIDC from SSO1
- I'm redirected to 2nd SSO, it asks me to renew my session (because I'm already connected). I agree.
- Then I choose SAML to renew my session as auth module. I'm redirected by SAML to SSO3, I'm already logged in, then I'm redirected back to the SSO2
- SSO2 asks me again to renew my session.
- If I agree again and then I choose again SAML, I have the SAML exchange with SSO3 then I will come back on SSO2 with the same message in order to renew session...
- Apparently, anyway I looged-in by login/pwd or SAML on SSO2, renewing session with SAML does not work. If I renew session with login/pwd then it works.
I also tried using upgrade session and auth level. Asking a level 4 to use the OIDC RP and trying to level-up the user by using SAML module. Same result, SSO2 asks me in a loop to upgrade my session.
Logs
From SSO2. When I click on "Connect" on SSO1 until I loop the 2nd time on renew session page.
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Get configuration 19.
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Get session 283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec from Handler::Main::Run
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Check session validity from Handler
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Session timeout -> 72000
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Session _utime -> 1633709493
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] now -> 1633710038
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Session timeoutActivityInterval -> 60
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Session TTL = 71455
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] No URL authentication level found...
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] auth.fournisseur.intermediaire: Apply default rule
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] removing cookie
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Cookies -> llnglanguage=fr; lemonldap=283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638008_5455%22%2C%22issuerTs%22%3A1633709888%2C%22targetAuthnLevel%22%3A1%2C%22_choice%22%3A%22SAML%22%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%7D
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] CookieName -> lemonldap
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] newCookies -> llnglanguage=fr; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638008_5455%22%2C%22issuerTs%22%3A1633709888%2C%22targetAuthnLevel%22%3A1%2C%22_choice%22%3A%22SAML%22%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%7D
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] User dwho was granted to access to /oauth2/authorize/?lmAuth=SAML&response_type=code&client_id=fournisseur-services&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.fournisseur.services%2F%3Fopenidconnectcallback%3D1&state=1633710038_41074&nonce=1633710038_10010&display=&prompt=login
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Start routing oauth2
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing _forAuthUser
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Restoring request to oauth2 issuer
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Trying to load token 1633638008_5455
[Fri Oct 8 16:20:38 2021] [LLNG:82] [notice] Bad (or expired) token 1633638008_5455
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Cleaning pdata
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Removing issuerRequestoauth2 key from pdata
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Removing issuerRequestoauth2Path from keepPdata
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing importHandlerData
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing controlUrl
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing code ref
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Launching ::Auth::Choice::_forAuthUser
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing code ref
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Launching ::UserDB::Choice::_forAuthUser
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing code ref
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Launching ::Password::Demo::_modifyPassword
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Processing code ref
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Searching for previously registered Relying Parties...
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Convert Relying Party Consent(s)...
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] 0 consent(s) converted
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] URL detected as an OpenID Connect AUTHORIZE URL
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter response_type: code
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store code in hidden key response_type
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter scope: openid profile
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store openid profile in hidden key scope
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter client_id: fournisseur-services
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store fournisseur-services in hidden key client_id
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter state: 1633710038_41074
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store 1633710038_41074 in hidden key state
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter redirect_uri: http://auth.fournisseur.services/?openidconnectcallback=1
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store http://auth.fournisseur.services/?openidconnectcallback=1 in hidden key redirect_uri
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter nonce: 1633710038_10010
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store 1633710038_10010 in hidden key nonce
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC request parameter prompt: login
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store login in hidden key prompt
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Calling hook oidcGotRequest
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] OIDC authorizationcode flow requested (response type: code)
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Request from client id fournisseur-services
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Client id fournisseur-services matches RP fournisseur-services
[Fri Oct 8 16:20:38 2021] [LLNG:82] [notice] User dwho is authorized to access to fournisseur-services
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] [notice] User dwho is authorized to access to fournisseur-services
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Reauthentication required by Relying Party in prompt parameter
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Store issuer request
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Token 1633638158_38682 created
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Returned error: 85 (PE_RENEWSESSION)
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Skin returned: upgradesession
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Calling sendHtml with template upgradesession
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Starting HTML generation using /usr/share/lemonldap-ng/portal/templates/bootstrap/upgradesession.tpl
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Sending /usr/share/lemonldap-ng/portal/templates/bootstrap/upgradesession.tpl
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Apply following CORS policy :
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Allow-Origin
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] *
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Allow-Credentials
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] true
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Allow-Headers
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] *
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Allow-Methods
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] POST,GET
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Expose-Headers
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] *
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Access-Control-Max-Age
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] 86400
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Required Params URL : aHR0cDovL2F1dGguZm91cm5pc3NldXIuaW50ZXJtZWRpYWlyZS8vb2F1dGgyL2F1dGhvcml6ZS8=
[Fri Oct 8 16:20:38 2021] [LLNG:82] [debug] Apply following CSP : default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action *;frame-ancestors 'none';
172.17.0.5 - - [08/Oct/2021:16:20:38 +0000] "GET /oauth2/authorize/?lmAuth=SAML&response_type=code&client_id=fournisseur-services&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.fournisseur.services%2F%3Fopenidconnectcallback%3D1&state=1633710038_41074&nonce=1633710038_10010&display=&prompt=login HTTP/1.1" 200 1812 "http://auth.fournisseur.services/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0"
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Get configuration from cache without verification.
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Get session 283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec from Handler::Main::Run
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Check session validity from Handler
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Session timeout -> 72000
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Session _utime -> 1633709493
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] now -> 1633710062
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Session timeoutActivityInterval -> 60
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Session TTL = 71431
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] No URL authentication level found...
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] auth.fournisseur.intermediaire: Apply default rule
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] removing cookie
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Cookies -> llnglanguage=fr; lemonldap=283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec; lemonldappdata=%7B%22issuerTs%22%3A1633710038%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22_choice%22%3A%22SAML%22%2C%22targetAuthnLevel%22%3A1%2C%22issuerRequestoauth2%22%3A%221633638158_38682%22%7D
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] CookieName -> lemonldap
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] newCookies -> llnglanguage=fr; lemonldappdata=%7B%22issuerTs%22%3A1633710038%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22_choice%22%3A%22SAML%22%2C%22targetAuthnLevel%22%3A1%2C%22issuerRequestoauth2%22%3A%221633638158_38682%22%7D
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] User dwho was granted to access to /renewsession
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Start routing renewsession
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing controlUrl
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Confirm parameter accepted 1
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Required URL (param: urldc | value: http://auth.fournisseur.intermediaire//oauth2/authorize/ | alias: http://auth.fournisseur.intermediaire)
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] No URL authentication level found...
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Token 1633638182_62152 created
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Store 1633638182_62152 in hidden key upgrading
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing checkUnauthLogout
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing controlUrl
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Required URL (param: urldc | value: http://auth.fournisseur.intermediaire//oauth2/authorize/ | alias: http://auth.fournisseur.intermediaire)
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] No URL authentication level found...
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing code ref
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing code ref
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Launching ::Issuer::OpenIDConnect::exportRequestParameters
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Processing extractFormInfo
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Choice SAML selected from pdata
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] No IDP selected
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Selecting the only defined SAML IDP: http://auth.fournisseur.identites/saml/metadata
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] http://auth.fournisseur.identites/saml/metadata match fournisseur-identites-saml IDP in configuration
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Use method REDIRECT with IDP fournisseur-identites-saml for SSO profile
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Set 97b43b5ce7d439ab21390fba5eccfa42fbd9ece31f97aa64a5d754d44b2056b4 in RelayState
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Do not allow this request to be proxied
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] SSO request signature according to metadata
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Request urn:oasis:names:tc:SAML:2.0:ac:classes:Password context
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Authentication request created
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Keep request ID _C7A79E27998A9E848BB78ECBBF1A4CE8 in assertion session ffde38e4127c9353476b220536d8d31f4b6ad57a4012f132fdf88c56d286e62f
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Redirect user to http://auth.fournisseur.identites/saml/singleSignOn?SAMLRequest=fVNdj9owEPwrkd8hCTqVYEGkEDgJqR%2BIq%2FrQl8qKl7uV%2FJF6Nz3u39cJOUrb4x49u%2BOdmbWXpKxpZdXxkzvAzw6Ik5M1juRQWIkuOOkVIUmnLJDkRj5Unz7K2TSTbfDsG2%2FEFeV9hiKCwOidSHablfhRz6v5YjubLxZFtdgWd8V6PS%2B29Xp9n1d39bYQyTcIFPtXItIjiaiDnSNWjiOUzfJJnk2y4mv%2BQc5ymc2%2Bi2QTPaBTPLCemFuZpir6mx59lIZRQRemqMExMlDai04J3aOBB3x0X6K0ex8aGCJZiaMyBP3gfdSOv%2BAVKZc9UQ6CQnlzjGMIFjQqDHAeZYGVVqyW6fUFy%2FMePsfEdpu9N9i89DKs4tuB5tN8QFBPjkOrBKvQVFoHIBJJZYx%2FrgMojqo5dCDSUXXtncY%2BIBqBffCnl0MMLmDT4yNcdRrBNXDb398x%2FuPtQn%2Bd2jkus7F4Po2H%2F%2Benbwpt5fhIQQ%2F7iXWGEye1t60KSP3KLTq0nRUXD3%2F6ahOXeIBj%2Be4bbWTT90W43%2FmzD%2Fri542rzrUbwi7V6w9W%2FgY%3D&RelayState=97b43b5ce7d439ab21390fba5eccfa42fbd9ece31f97aa64a5d754d44b2056b4&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=BxxVE1MqP0yGjTtmeXlz6CJgOkAHVMMOj%2FmOGNlzLMyDXasT4NJFtvikC%2BFxJiB4ysO3dJa7R%2FnqfqkmndjXAwJJ6SgNwdIGErlq7uxIL1WlwlObvUVZfhsQZENQ73mYFY8WQp1VXk%2Fn2YoGKd1oibSZMQ9g9czxj4qVYuzSdJZR%2FeVPnmArK9kT%2B4c4RnSfi2E0a7JOxUEe%2Fy6u4E%2B49FnyinyLREUEd%2BpMQFD58rbS5UPQkSk9JJdZcW8is25Yl5QcnPghCdGF2c%2Fb4pIut1uUSm47LC0ni15a4P6CxcXgUXcpA9lEciGAcGP4KprZpMxVdVQADl46f23R3JVFmw%3D%3D
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Returned status: -2 (PE_REDIRECT)
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Calling autoredirect
[Fri Oct 8 16:21:02 2021] [LLNG:84] [debug] Building redirection to http://auth.fournisseur.identites/saml/singleSignOn?SAMLRequest=fVNdj9owEPwrkd8hCTqVYEGkEDgJqR%2BIq%2FrQl8qKl7uV%2FJF6Nz3u39cJOUrb4x49u%2BOdmbWXpKxpZdXxkzvAzw6Ik5M1juRQWIkuOOkVIUmnLJDkRj5Unz7K2TSTbfDsG2%2FEFeV9hiKCwOidSHablfhRz6v5YjubLxZFtdgWd8V6PS%2B29Xp9n1d39bYQyTcIFPtXItIjiaiDnSNWjiOUzfJJnk2y4mv%2BQc5ymc2%2Bi2QTPaBTPLCemFuZpir6mx59lIZRQRemqMExMlDai04J3aOBB3x0X6K0ex8aGCJZiaMyBP3gfdSOv%2BAVKZc9UQ6CQnlzjGMIFjQqDHAeZYGVVqyW6fUFy%2FMePsfEdpu9N9i89DKs4tuB5tN8QFBPjkOrBKvQVFoHIBJJZYx%2FrgMojqo5dCDSUXXtncY%2BIBqBffCnl0MMLmDT4yNcdRrBNXDb398x%2FuPtQn%2Bd2jkus7F4Po2H%2F%2Benbwpt5fhIQQ%2F7iXWGEye1t60KSP3KLTq0nRUXD3%2F6ahOXeIBj%2Be4bbWTT90W43%2FmzD%2Fri542rzrUbwi7V6w9W%2FgY%3D&RelayState=97b43b5ce7d439ab21390fba5eccfa42fbd9ece31f97aa64a5d754d44b2056b4&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=BxxVE1MqP0yGjTtmeXlz6CJgOkAHVMMOj%2FmOGNlzLMyDXasT4NJFtvikC%2BFxJiB4ysO3dJa7R%2FnqfqkmndjXAwJJ6SgNwdIGErlq7uxIL1WlwlObvUVZfhsQZENQ73mYFY8WQp1VXk%2Fn2YoGKd1oibSZMQ9g9czxj4qVYuzSdJZR%2FeVPnmArK9kT%2B4c4RnSfi2E0a7JOxUEe%2Fy6u4E%2B49FnyinyLREUEd%2BpMQFD58rbS5UPQkSk9JJdZcW8is25Yl5QcnPghCdGF2c%2Fb4pIut1uUSm47LC0ni15a4P6CxcXgUXcpA9lEciGAcGP4KprZpMxVdVQADl46f23R3JVFmw%3D%3D
172.17.0.5 - - [08/Oct/2021:16:21:02 +0000] "POST /renewsession HTTP/1.1" 302 5 "http://auth.fournisseur.intermediaire/oauth2/authorize/?lmAuth=SAML&response_type=code&client_id=fournisseur-services&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.fournisseur.services%2F%3Fopenidconnectcallback%3D1&state=1633710038_41074&nonce=1633710038_10010&display=&prompt=login" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0"
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Get configuration from cache without verification.
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Get session 283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec from Handler::Main::Run
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Check session validity from Handler
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Session timeout -> 72000
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Session _utime -> 1633709493
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] now -> 1633710067
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Session timeoutActivityInterval -> 60
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Session TTL = 71426
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] No URL authentication level found...
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] auth.fournisseur.intermediaire: Apply default rule
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] removing cookie
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Cookies -> llnglanguage=fr; lemonldap=283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638158_38682%22%2C%22_url%22%3A%22aHR0cDovL2F1dGguZm91cm5pc3NldXIuaW50ZXJtZWRpYWlyZS8vb2F1dGgyL2F1dGhvcml6ZS8%3D%22%2C%22issuerTs%22%3A1633710038%2C%22targetAuthnLevel%22%3A1%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22_choice%22%3A%22SAML%22%7D
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] CookieName -> lemonldap
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] newCookies -> llnglanguage=fr; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638158_38682%22%2C%22_url%22%3A%22aHR0cDovL2F1dGguZm91cm5pc3NldXIuaW50ZXJtZWRpYWlyZS8vb2F1dGgyL2F1dGhvcml6ZS8%3D%22%2C%22issuerTs%22%3A1633710038%2C%22targetAuthnLevel%22%3A1%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22_choice%22%3A%22SAML%22%7D
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] User dwho was granted to access to /saml/proxySingleSignOnPost
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Start routing saml
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing importHandlerData
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing restoreArgs
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing controlUrl
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Required URL (param: urldc | value: http://auth.fournisseur.intermediaire//oauth2/authorize/ | alias: http://auth.fournisseur.intermediaire)
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] No URL authentication level found...
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing checkLogout
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Launching ::Auth::Choice::_forAuthUser
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Launching ::UserDB::Choice::_forAuthUser
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Launching ::Password::Demo::_modifyPassword
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Calling autoredirect
[Fri Oct 8 16:21:07 2021] [LLNG:86] [debug] Building redirection to http://auth.fournisseur.intermediaire//oauth2/authorize/
[Fri Oct 8 16:21:07 2021] [LLNG:86] [info] Force cleaning pdata
172.17.0.5 - - [08/Oct/2021:16:21:07 +0000] "POST /saml/proxySingleSignOnPost HTTP/1.1" 302 5 "http://auth.fournisseur.identites/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0"
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Get configuration from cache without verification.
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Get session 283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec from Handler::Main::Run
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Check session validity from Handler
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Session timeout -> 72000
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Session _utime -> 1633709493
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] now -> 1633710067
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Session timeoutActivityInterval -> 60
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Session TTL = 71426
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] No URL authentication level found...
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] auth.fournisseur.intermediaire: Apply default rule
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] removing cookie
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Cookies -> llnglanguage=fr; lemonldap=283245a8eecd6364d54d52696d76cd33a517dfcc0a167432f82a9c8453d92eec; lemonldappdata=%7B%22issuerTs%22%3A1633710038%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22issuerRequestoauth2%22%3A%221633638158_38682%22%2C%22_choice%22%3A%22SAML%22%2C%22targetAuthnLevel%22%3A1%7D
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] CookieName -> lemonldap
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] newCookies -> llnglanguage=fr; lemonldappdata=%7B%22issuerTs%22%3A1633710038%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%2C%22issuerRequestoauth2%22%3A%221633638158_38682%22%2C%22_choice%22%3A%22SAML%22%2C%22targetAuthnLevel%22%3A1%7D
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] User dwho was granted to access to /oauth2/authorize/
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Start routing oauth2
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing _forAuthUser
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restoring request to oauth2 issuer
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Trying to load token 1633638158_38682
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restoring request from 1633638158_38682
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore DOCUMENT_URI /index.psgi/oauth2/authorize/
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgix.cleanup 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.multithread
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_X_FORWARDED_SSL off
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_ACCEPT_ENCODING gzip, deflate
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.multiprocess 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore ipAddr 172.17.0.5
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REQUEST_METHOD GET
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore GATEWAY_INTERFACE CGI/1.1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REQUEST_SCHEME http
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore plack.cookie.string llnglanguage=fr; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638008_5455%22%2C%22issuerTs%22%3A1633709888%2C%22targetAuthnLevel%22%3A1%2C%22_choice%22%3A%22SAML%22%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%7D
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REQUEST_URI /oauth2/authorize/?lmAuth=SAML&response_type=code&client_id=fournisseur-services&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.fournisseur.services%2F%3Fopenidconnectcallback%3D1&state=1633710038_41074&nonce=1633710038_10010&display=&prompt=login
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore tokenSessionStartTimestamp 1633710038
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SERVER_ADDR 172.17.0.2
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SERVER_SOFTWARE nginx/1.14.2
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_X_REAL_IP 172.17.0.1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore DOCUMENT_ROOT /usr/share/lemonldap-ng/portal/htdocs
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_SEC_GPC 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SCRIPT_FILENAME /usr/share/lemonldap-ng/portal/htdocs/index.psgi
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_CONNECTION close
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SERVER_PORT 80
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_HOST auth.fournisseur.intermediaire
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore _utime 1633638158
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REMOTE_PORT 60658
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REMOTE_ADDR 172.17.0.5
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.nonblocking
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_ACCEPT_LANGUAGE fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SERVER_NAME auth.fournisseur.intermediaire
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_X_FORWARDED_PORT 80
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_DNT 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SCRIPT_NAME /index.psgi
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_USER_AGENT Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore PATH_INFO /oauth2/authorize/
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore REDIRECT_STATUS 200
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_X_FORWARDED_FOR 172.17.0.1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_UPGRADE_INSECURE_REQUESTS 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.run_once
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_REFERER http://auth.fournisseur.services/
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore _type token
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.url_scheme http
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore QUERY_STRING lmAuth=SAML&response_type=code&client_id=fournisseur-services&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.fournisseur.services%2F%3Fopenidconnectcallback%3D1&state=1633710038_41074&nonce=1633710038_10010&display=&prompt=login
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore FCGI_ROLE RESPONDER
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgi.streaming 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore SERVER_PROTOCOL HTTP/1.1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore tokenTimeoutTimestamp 1633710158
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_COOKIE llnglanguage=fr; lemonldappdata=%7B%22issuerRequestoauth2%22%3A%221633638008_5455%22%2C%22issuerTs%22%3A1633709888%2C%22targetAuthnLevel%22%3A1%2C%22_choice%22%3A%22SAML%22%2C%22keepPdata%22%3A%5B%22issuerRequestoauth2%22%2C%22issuerRequestoauth2Path%22%5D%7D
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore HTTP_X_FORWARDED_PROTO http
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore LLTYPE psgi
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Restore psgix.harakiri 1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Cleaning pdata
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Removing issuerRequestoauth2 key from pdata
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Removing issuerRequestoauth2Path from keepPdata
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing importHandlerData
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing controlUrl
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Launching ::Auth::Choice::_forAuthUser
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Launching ::UserDB::Choice::_forAuthUser
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Launching ::Password::Demo::_modifyPassword
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Processing code ref
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Searching for previously registered Relying Parties...
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Convert Relying Party Consent(s)...
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] 0 consent(s) converted
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] URL detected as an OpenID Connect AUTHORIZE URL
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter response_type: code
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store code in hidden key response_type
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter scope: openid profile
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store openid profile in hidden key scope
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter client_id: fournisseur-services
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store fournisseur-services in hidden key client_id
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter state: 1633710038_41074
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store 1633710038_41074 in hidden key state
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter redirect_uri: http://auth.fournisseur.services/?openidconnectcallback=1
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store http://auth.fournisseur.services/?openidconnectcallback=1 in hidden key redirect_uri
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter nonce: 1633710038_10010
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store 1633710038_10010 in hidden key nonce
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC request parameter prompt: login
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store login in hidden key prompt
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Calling hook oidcGotRequest
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] OIDC authorizationcode flow requested (response type: code)
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Request from client id fournisseur-services
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Client id fournisseur-services matches RP fournisseur-services
[Fri Oct 8 16:21:07 2021] [LLNG:85] [notice] User dwho is authorized to access to fournisseur-services
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] [notice] User dwho is authorized to access to fournisseur-services
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Reauthentication required by Relying Party in prompt parameter
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Store issuer request
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Token 1633638187_10781 created
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Returned error: 85 (PE_RENEWSESSION)
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Skin returned: upgradesession
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Calling sendHtml with template upgradesession
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Starting HTML generation using /usr/share/lemonldap-ng/portal/templates/bootstrap/upgradesession.tpl
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Sending /usr/share/lemonldap-ng/portal/templates/bootstrap/upgradesession.tpl
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Apply following CORS policy :
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Allow-Origin
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] *
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Allow-Credentials
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] true
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Allow-Headers
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] *
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Allow-Methods
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] POST,GET
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Expose-Headers
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] *
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Access-Control-Max-Age
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] 86400
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Required Params URL : aHR0cDovL2F1dGguZm91cm5pc3NldXIuaW50ZXJtZWRpYWlyZS8vb2F1dGgyL2F1dGhvcml6ZS8=
[Fri Oct 8 16:21:07 2021] [LLNG:85] [debug] Apply following CSP : default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action *;frame-ancestors 'none';
172.17.0.5 - - [08/Oct/2021:16:21:07 +0000] "GET //oauth2/authorize/ HTTP/1.1" 200 1809 "http://auth.fournisseur.identites/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0"
172.17.0.5 - - [08/Oct/2021:16:21:09 +0000] "GET /static/common/favicon.ico HTTP/1.1" 200 99678 "http://auth.fournisseur.intermediaire//oauth2/authorize/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:93.0) Gecko/20100101 Firefox/93.0"
Backends used
Auth/userDB: OIDC/OIDC on SSO1 SAML/Demo (also tried with SAML/SAML) or Demo/Demo on SSO2 Demo/Demo on SSO3