Merge pull request #32 from silinternational/develop

2-Step Verification support

Dockerfile

@@ -38,6 +38,8 @@ RUN composer install --prefer-dist --no-interaction --no-dev --optimize-autoload
 ENV SSP_PATH /data/vendor/simplesamlphp/simplesamlphp
 RUN mv $SSP_PATH/www/index.php $SSP_PATH/www/ssp-index.php
 COPY dockerbuild/ssp-overrides/index.php $SSP_PATH/www/index.php
+RUN mv $SSP_PATH/www/saml2/idp/SingleLogoutService.php $SSP_PATH/www/saml2/idp/ssp-SingleLogoutService.php
+COPY dockerbuild/ssp-overrides/SingleLogoutService.php $SSP_PATH/www/saml2/idp/SingleLogoutService.php
 COPY dockerbuild/ssp-overrides/saml20-idp-remote.php $SSP_PATH/metadata/saml20-idp-remote.php
 COPY dockerbuild/ssp-overrides/saml20-sp-remote.php $SSP_PATH/metadata/saml20-sp-remote.php
 COPY dockerbuild/ssp-overrides/config.php $SSP_PATH/config/config.php

composer.json

@@ -13,14 +13,15 @@
   "require": {
     "php": ">=5.4",
     "roave/security-advisories": "dev-master",
-    "simplesamlphp/simplesamlphp": "1.14.15",
+    "simplesamlphp/simplesamlphp": "~1.14.17",
     "simplesamlphp/composer-module-installer": "1.1.6",
     "silinternational/simplesamlphp-module-expirychecker": "^2.0",
-    "silinternational/simplesamlphp-module-silauth": "^3.0",
+    "silinternational/simplesamlphp-module-silauth": "^4.0.0",
+    "silinternational/simplesamlphp-module-mfa": "^1.0.0",
     "silinternational/ssp-utilities": "^1.0",
-    "silinternational/simplesamlphp-module-material": "^3.1",
+    "silinternational/simplesamlphp-module-material": "^4.0.1",
     "silinternational/simplesamlphp-module-sildisco": "^1.0",
-    "silinternational/php-env": "^2.0"
+    "silinternational/php-env": "^2.1.1"
   },
   "require-dev": {
     "phpunit/phpunit": "^5.6.1"

docker-compose.yml

@@ -55,6 +55,7 @@ services:
       ADMIN_PROTECT_INDEX_PAGE: "false"
       SHOW_SAML_ERRORS: "true"
       THEME_USE: "material:material"
+      THEME_COLOR_SCHEME: "orange-light_blue"
       HUB_MODE: "true"
 
   idp1:

dockerbuild/rsyslog.conf

@@ -35,7 +35,7 @@ $KLogPermitNonKernelFacility on
 $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
 
 # Filter duplicated messages
-$RepeatedMsgReduction on
+$RepeatedMsgReduction off
 
 #
 # Set the default permissions for all log files.

dockerbuild/ssp-overrides/SingleLogoutService.php

@@ -0,0 +1,13 @@
+<?php
+require_once __DIR__ . '/../../../../../autoload.php';
+
+use Sil\PhpEnv\Env;
+
+/*
+ * Unset c1 and c2 cookies if present
+ */
+$secureCookie = Env::get('SECURE_COOKIE', true);
+setcookie('c1', '', 1, '/', null, $secureCookie, true);
+setcookie('c2', '', 1, '/', null, $secureCookie, true);
+
+require __DIR__ . '/ssp-SingleLogoutService.php';

dockerbuild/ssp-overrides/config.php

@@ -46,6 +46,10 @@
 $TIMEZONE = Env::get('TIMEZONE', 'GMT');
 $LOGGING_HANDLER = Env::get('LOGGING_HANDLER', 'syslog');
 $THEME_USE = Env::get('THEME_USE', 'material:material');
+
+// Options: https://github.com/silinternational/simplesamlphp-module-material/blob/develop/README.md#branding
+$THEME_COLOR_SCHEME = Env::get('THEME_COLOR_SCHEME', null); 
+
 $IDPDISCO_LAYOUT = Env::get('IDPDISCO_LAYOUT', 'links'); // Options: [links,dropdown]
 
 $SECURE_COOKIE = Env::get('SECURE_COOKIE', true);
@@ -507,6 +511,12 @@
      * Which theme directory should be used?
      */
     'theme.use' => $THEME_USE,
+
+    /*
+     * If using the material theme, which color scheme to use
+     * Options: https://github.com/silinternational/simplesamlphp-module-material/blob/develop/README.md#branding
+     */
+    'theme.color-scheme' => $THEME_COLOR_SCHEME,
 
 
     /*

tests/MetadataTest.php

@@ -311,6 +311,11 @@ public function testMetadataCerts()
         $badSps = [];
 
         foreach ($spEntries as $spEntityId => $spEntry) {
+
+            if ( ! empty($spEntry[self::SkipTestsKey])) {
+                continue;
+            }
+
             if (empty($spEntry['certData']) && empty($spEntry['certFingerprint'])) {
                 $badSps[] = $spEntityId;
             }