SAMLY integration not working on production. Error: malformed request, a Poison.SyntaxError exception

Please i’m having issue getting samly (https://github.com/handnot2/samly) to work on production everything works fine on dev but i get error 502 bad request error with distillery build.

After using curl to call the endpoint i found out that cowboy could not process the request to the error:

malformed request, a Poison.SyntaxError exception was raised with message "Unexpected token at position 1:"

<h5 class="struct">
   Plug.Parsers.ParseError
   <small>at POST</small>
   <small class="path">/sso/auth/signin/entidp</small>
</h5>
<h1 class="title">malformed request, a Poison.SyntaxError exception was raised with message "Unexpected token at position 1: "</h1>

Please how can i resolve this issue?

As a very blind guess, I’d say Poison receives a JSON document that is BOM’d and can’t deal with it. But as you say its working from dev, I’m wondering where this BOM would have been inserted…

Can you log and inspect the JSON you want to parse? Or please check if the first bytes in the response body are one of those in this table:

If so, a function like the following should be able to strip them:

Enum.each([<<239, 187, 191>>, <<254, 255>>, <<255, 254>>, …], fn bom ->
  def strip_bom(unquote(bom) <> rest), do: rest
end)
def strip_bom(binary) when is_binary(binary), do: binary

Of course you need to complete the list…

Also, if the body is encoded in the wrong format encoding, it might of course break due to that…

Thanks so much @Nobbz for your response.

I’m using Samly package so I really don’t know the JSON that’s being passed. Also the url from the browser returns 502 gateway error.

I was able to get the error details by using curl directly within the server. e.g curl 127.0.0.1:port_number/…

Please how do you think i could log JSON parse?

Thanks @Nobbz. I found out the issue was with the browser cookies. It worked fine after clearing the cookies.

Thank you so much.