Example Generic SAML Stepup Provider.
This repository can be used for reference material or as a base project setup for new IdP SecondFactor application.
The SAML logic for receiving authentication request (AuthnRequest) and sending authentication response back is placed inside the Symfony bundle stepup-gssp-bundle. The state of the application is stored inside PHP sessions, each new request will invalidate the current session state.
The default locale is based on the user agent. When the user switches its locale the selected preference is stored inside a browser cookie (stepup_locale). The cookie is set on naked domain of the requested domain (for demogssp.dev.openconext.local this is example.com).
The application provides internal (SpBundle) and a remote service provider. Instructions for this are given on the homepage of this example project Homepage.
There are two ways to approach this.
One of the benefits of using this repository is that it contains many pre-configured tools:
- Metrics & test tooling testing.md
- Development environment provisioned by Vagrant
- Pre-configured travis.yml for CI integration
- Default SurfContext styling frontend_tooling.md
- Clone and checkout this repository
- Change the project configuration variables:
- composer.json name and description
- this readme.md file
- Replace 'demogssp.dev.openconext.local' in all files with your own hostename
- Install the copied project. (See Development environment section of this README.md file)
- Implement your authentication & registration logic in DefaultController::registrationAction and DefaultController::authenticateAction.
- Feel free to rename and change this example clone for your needs.
- Install Symfony
- Follow the instructions from the GSSP bundle
There are 2 ways you can influence the desired Symfony application environment.
- Set the
app_env
parameter inconfig/openconext/parameters.yaml
todev
,test
orprod
- Override the
app_env
param by providing an environment variable namedAPP_ENV
- The default value for the application environment will be
prod
- Do not try to use a .env file to override the
app_env
param. That file will not be evaluated by Symfony as we decided not use the DotEnv component.
The purpose of the development environment is only for running the different test and metric tools.
To get started, first setup the development environment. The development environment is a docker container. That is controlled via the OpenConext-devconf project.
Every task described below should be run from that container.
- Docker
- OpenConext-devconf
Copy the parameters.yaml
$ cp config/openconext/parameters.yaml.dist config/openconext/parameters.yaml
Bring up the container in dev-mode
From you dev-conf installation start the stepup
dev-env with AzureMFA in dev mode
For example:
cd stepup
./start-dev-env.sh demogssp:../../OpenConext-stepup/Stepup-gssp-example
Building frontend assets:
$ yarn encore dev
or
$ yarn encore prod
for production
If everything goes as planned you can go to:
https://demogssp.dev.openconext.local
Xdebug is configured when provisioning your development Vagrant box. It's configured with auto connect IDE_KEY=phpstorm.
To run all required test you can run the following commands from the dev env:
composer test
Every part can be run separately. Check "scripts" section of the composer.json file for the different options.
Please read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management for more information on the release strategy used in Stepup projects.