How to fix error. sso saml

I confix saml and sign in sso example login success and redirect url : https://lms.domain/auth/complete/tpa-saml/ status 500

and logs error

tutor_local-lms-1            | 2024-11-27 06:11:21,107 INFO 25 [openedx.core.djangoapps.cors_csrf.helpers] [user None] [ip 10.152.253.166] helpers.py:64 - Origin 'https://sso-uat-web' was not in `CORS_ORIGIN_WHITELIST`; full referer was 'https://sso-uat-web/' and requested host was 'lms.domain'; CORS_ORIGIN_ALLOW_ALL=False
tutor_local-lms-1            | 2024-11-27 06:11:21,128 ERROR 25 [root] [user None] [ip None] signals.py:22 - Uncaught exception from None
tutor_local-lms-1            | Traceback (most recent call last):
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
tutor_local-lms-1            |     response = get_response(request)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/core/handlers/base.py", line 181, in _get_response
tutor_local-lms-1            |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
tutor_local-lms-1            |   File "/opt/pyenv/versions/3.8.15/lib/python3.8/contextlib.py", line 75, in inner
tutor_local-lms-1            |     return func(*args, **kwds)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
tutor_local-lms-1            |     response = view_func(request, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
tutor_local-lms-1            |     return view_func(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_django/utils.py", line 46, in wrapper
tutor_local-lms-1            |     return func(request, backend, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_django/views.py", line 31, in complete
tutor_local-lms-1            |     return do_complete(request.backend, _do_login, user=request.user,
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/actions.py", line 45, in do_complete
tutor_local-lms-1            |     user = backend.complete(user=user, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
tutor_local-lms-1            |     return self.auth_complete(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/edx-platform/common/djangoapps/third_party_auth/saml.py", line 93, in auth_complete
tutor_local-lms-1            |     return super().auth_complete(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/saml.py", line 315, in auth_complete
tutor_local-lms-1            |     auth.process_response()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/auth.py", line 110, in process_response
tutor_local-lms-1            |     self.__nameid = response.get_nameid()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/response.py", line 491, in get_nameid
tutor_local-lms-1            |     nameid_data = self.get_nameid_data()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/response.py", line 475, in get_nameid_data
tutor_local-lms-1            |     raise OneLogin_Saml2_ValidationError(
tutor_local-lms-1            | onelogin.saml2.errors.OneLogin_Saml2_ValidationError: The SPNameQualifier value mistmatch the SP entityID value.
tutor_local-lms-1            | 2024-11-27 06:11:21,159 ERROR 25 [django.request] [user None] [ip 10.152.253.166] log.py:224 - Internal Server Error: /auth/complete/tpa-saml/
tutor_local-lms-1            | Traceback (most recent call last):
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/core/handlers/exception.py", line 47, in inner
tutor_local-lms-1            |     response = get_response(request)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/core/handlers/base.py", line 181, in _get_response
tutor_local-lms-1            |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
tutor_local-lms-1            |   File "/opt/pyenv/versions/3.8.15/lib/python3.8/contextlib.py", line 75, in inner
tutor_local-lms-1            |     return func(*args, **kwds)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
tutor_local-lms-1            |     response = view_func(request, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
tutor_local-lms-1            |     return view_func(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_django/utils.py", line 46, in wrapper
tutor_local-lms-1            |     return func(request, backend, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_django/views.py", line 31, in complete
tutor_local-lms-1            |     return do_complete(request.backend, _do_login, user=request.user,
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/actions.py", line 45, in do_complete
tutor_local-lms-1            |     user = backend.complete(user=user, *args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
tutor_local-lms-1            |     return self.auth_complete(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/edx-platform/common/djangoapps/third_party_auth/saml.py", line 93, in auth_complete
tutor_local-lms-1            |     return super().auth_complete(*args, **kwargs)
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/social_core/backends/saml.py", line 315, in auth_complete
tutor_local-lms-1            |     auth.process_response()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/auth.py", line 110, in process_response
tutor_local-lms-1            |     self.__nameid = response.get_nameid()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/response.py", line 491, in get_nameid
tutor_local-lms-1            |     nameid_data = self.get_nameid_data()
tutor_local-lms-1            |   File "/openedx/venv/lib/python3.8/site-packages/onelogin/saml2/response.py", line 475, in get_nameid_data
tutor_local-lms-1            |     raise OneLogin_Saml2_ValidationError(
tutor_local-lms-1            | onelogin.saml2.errors.OneLogin_Saml2_ValidationError: The SPNameQualifier value mistmatch the SP entityID value.
tutor_local-lms-1            | [pid: 25|app: 0|req: 127/281] xxx.xxx.xxx.xxx () {72 vars in 1731 bytes} [Wed Nov 27 06:11:21 2024] POST /auth/complete/tpa-saml/ => generated 9241 bytes in 153 msecs (HTTP/1.1 500) 7 headers in 406 bytes (1 switches on core 0)

How to fix. Thank you

I resolved it by aligning the SAML IdP attributes to match correctly.

and install plugin this

from tutor import hooks
hooks.Filters.ENV_PATCHES.add_item(
    (
        "openedx-cms-common-settings",
        'CORS_ORIGIN_WHITELIST.append("https://sso-uat-web")'
    )
)


hooks.Filters.ENV_PATCHES.add_item(
    (
        "openedx-lms-common-settings",
        'CORS_ORIGIN_WHITELIST.append("https://sso-uat-web")'
    )
)