Skip to content

Google IdP "metadata not found" pages are not recognised correctly

Summary

For Google-based IdPs who did not configure the required SP metadata, the ECCS checks return "WARNING / Unable-to-Check", despite the presence of a metadata-not-found like page which should result in ERROR / No-SP-Metadata-Error

Steps to reproduce

Observe the result of the check

https://technical.edugain.org/eccs/api/getsamlreq?idp=https://accounts.google.com/o/saml2?idpid=C02ws9ruj&sp=https://sp-demo.idem.garr.it/shibboleth

What is the current bug behavior?

Check result is WARNING / Unable-To-Check

This is incorrect because this result should by definition be issued only in the case '... and do not return messages like "/No return endpoint available for relying party/" or "/No metadata found for relying party/"'.

What is the expected correct behavior?

Check result should be ERROR / No-SP-Metadata-Error

This would be correct because the definition for this case is 'IdPs that return a message like "No return endpoint available for relying party" or "No metadata found for relying party" instead of the Login Page.'

Relevant logs and/or screenshots

Error message on the Google page:

"Error: app_not_configured_for_user

Service is not configured for this user."

Possible fixes