From 4d62a4205e71f9c87fb8a039c5a807e5187f5e33 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Thu, 18 Dec 2014 09:24:49 +0000 Subject: [PATCH 1/7] Initial Commit --- README.md | 123 ++++++++ composer.json | 6 + composer.lock | 272 ++++++++++++++++++ frog-federation/config/authsources.php | 19 ++ .../metadata/saml20-idp-remote.php | 27 ++ setup.sh | 23 ++ www/index.php | 21 ++ 7 files changed, 491 insertions(+) create mode 100644 README.md create mode 100644 composer.json create mode 100644 composer.lock create mode 100644 frog-federation/config/authsources.php create mode 100644 frog-federation/metadata/saml20-idp-remote.php create mode 100755 setup.sh create mode 100644 www/index.php diff --git a/README.md b/README.md new file mode 100644 index 0000000..c295d86 --- /dev/null +++ b/README.md @@ -0,0 +1,123 @@ +Example 3rd Party App Authentication +------------------------------------ + +This is an example PHP application authenticated using a FrogLearn user. + +You can obtain the latest version of this code either using: +a) git: `git clone https://github.com/frogeducation/example-3rd-party-app-authentication.git` +b) download the code from here: [https://github.com/frogeducation/example-3rd-party-app-authentication/archive/master.zip][1] and extract + +[1]: https://github.com/frogeducation/example-3rd-party-app-authentication/archive/master.zip + +Reqirements +=========== +PHP >= 5.3.3 + +PHP Extensions: +\- curl +\- dom +\- gmp +\- mcrypt +\- openssl + +Automatic Setup +=============== +Run the provided setup.sh: +`./setup.sh` +This is a shell script intended to be run on a Unix Box, which will automatically run all steps in the "Composer Setup" section. + +Composer Setup +============== +To install using composer you need to do the following: + +1. [Install Composer][2] by following the instructions [here][2] +2. Run `composer install` to download SimpleSAMLPHP and it's dependencies +3. Run the following commands: + `cd vendor/simplesamlphp/simplesamlphp/` + `mkdir {config,metadata}` + `cp config-templates/{config,authsources}.php config/` + `cp metadata-templates/saml20-idp-remote.php metadata/` + `cd ../../../www` + `ln -s ../vendor/simplesamlphp/simplesamlphp/www .` + +[2]: https://getcomposer.org/ + +Manual Setup +============ +1. Download SimpleSAMLPHP from [here][3] and extract at the root directory. + Arrange these packages so you have the following directory structure: + `/frog-federation` + `/simplesamlphp` + `/www` +2. Create a symbolic link from simplesamlphp/www to www/saml e.g. + `cd www && ln -s ../simplesamlphp/www saml` +3. Update index.php to use the following: + `require_once '../simplesaml/lib/_autoload.php';` + rather than: + `require_once '../vendor/autoload.php';` + +[3]: https://simplesamlphp.org/download + +Getting Up & Running +==================== +After the above, you need to create a virtual host in your webserver to point to `/www`. + +The next step is to configure SimpleSAMLPHP. We have provided example configuration files in the `frog-federation/config` and `frog-federation/metadata` folders. The least you should do is to secure your deployment by altering the following properties in `simplesamlphp/config/config.php`: +\- `'baseurlpath'`: should be set to `'saml/'` in-line with the symbolic link created during the setup stage +\- `'auth.adminpassword'`: should be changed as this is your admin authentication password +\- `'admin.protectindexpage'`: should be set to true +\- `'admin.protectmetadata'`: should be set to true +\- `'secretsalt'`: should be changed from the default value +\- `'technicalcontact_name'`: The name of the individual to contact upon issues +\- `'technicalcontact_email'`: The e-mail address of the individual to contact upon issues +Further documentation on the SimpleSAMLPHP config file can be found [here][4] + +The two other files you need are `simplesamlphp/config/authsources.php` and `simplesamlphp/metadata/saml20-idp-remote.php`. +The examples provided under `frog-federation/config/authsources.php` and `frog-federation/metadata/saml20-sp-remote.php` will work with the development federation provided by frog (mentioned later). +To use these simply run the following: +`cp frog-federation/config/authsources.php simplesamlphp/config/authsources.php` +`cp frog-federation/metadata/saml20-sp-remote.php simplesamlphp/metadata/saml20-idp-remote.php` + +***Please Note***: The authsources.php and saml20-idp-remote.php provided are for development against the frog **development** federation. When configuring your application against the production federation these will require changes. Please contact the Partners support team at FrogEducation to acquire these and setup your application against the production federation. + +So that your app will work with the Frog Development Federation you will need to provided us with your metadata. To do this you need to do the following: + +1. Go to the saml instance via your browser and login with the `'auth.adminpassword'` you setup earlier. This should be under https://your-domain.com/saml/ +2. Go to https://your-domain.com/saml/module.php/saml/sp/metadata.php/FrogFederation?output=xhtml +3. Copy the code in the entry corresponding to “In simpleSAMLphp flat file format” +4. Send this code to the Partners support team at FrogEducation. + +[4]: https://simplesamlphp.org/docs/1.13/simplesamlphp-install + +Testing The App +=============== +We have three boxes setup for you to develop against: + +Development Frog Federation: [https://federation-misc.frogosdev.co.uk/][5] +Example Secondary School: [https://secondaryexternal-misc.frogosdev.co.uk/][6] +Example Primary School: [https://primaryexternal-misc.frogosdev.co.uk/][7] + +In your browser go to: https://your-domain.com/ +Provided a correct server software setup this should run the provided index.php and re-direct you to a selection page on [https://federation-misc.frogosdev.co.uk/][5] which will look like the following: + +![](https://openmerchantaccount.com/img/frogeducation-simplesaml-development-discovery.png) + +Select the type of FrogLearn instance you'd like to test login with, and you'll be transferred to the correct instance for authentication: + +![](https://openmerchantaccount.com/img/frogeducation-simplesaml-development-froglearn.png) + +We have provided 10 users for authentication with these boxes: +These follow the pattern of: + +usernames: other1, other2, etc. +password: other1pass, other2pass, etc. + +With the users other1 to other 10 being enabled for your testing purposes. + +If you authenticate correctly you'll be redirected back to your test application with the user attributes provided: + +![](https://openmerchantaccount.com/img/frogeducation-simplesaml-development-user-attributes.png) + +[5]: https://federation-misc.frogosdev.co.uk/ +[6]: https://secondaryexternal-misc.frogosdev.co.uk/ +[7]: https://primaryexternal-misc.frogosdev.co.uk/ diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..358e2c8 --- /dev/null +++ b/composer.json @@ -0,0 +1,6 @@ +{ + "require": { + "simplesamlphp/simplesamlphp": "1.*", + "openid/php-openid": "dev-master#ee669c6a9d4d95b58ecd9b6945627276807694fb as 2.2.2" + } +} diff --git a/composer.lock b/composer.lock new file mode 100644 index 0000000..5cf8c7f --- /dev/null +++ b/composer.lock @@ -0,0 +1,272 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", + "This file is @generated automatically" + ], + "hash": "78507b9b62d38ea500b856e1f63332a2", + "packages": [ + { + "name": "openid/php-openid", + "version": "dev-master", + "source": { + "type": "git", + "url": "https://github.com/openid/php-openid.git", + "reference": "ee669c6a9d4d95b58ecd9b6945627276807694fb" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/openid/php-openid/zipball/fff9217fb1acda132702730b66b10981ea9d4cac", + "reference": "ee669c6a9d4d95b58ecd9b6945627276807694fb", + "shasum": "" + }, + "require": { + "ext-curl": "*", + "ext-dom": "*", + "ext-gmp": "*", + "php": ">=4.3" + }, + "type": "library", + "autoload": { + "classmap": [ + "Auth" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "include-path": [ + "." + ], + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "JanRain Inc.", + "homepage": "http://www.openidenabled.com" + } + ], + "description": "OpenID library for PHP5", + "homepage": "http://github.com/openid/php-openid", + "keywords": [ + "Authentication", + "OpenId", + "auth", + "yadis" + ], + "time": "2013-10-03 21:21:20" + }, + { + "name": "psr/log", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/php-fig/log.git", + "reference": "fe0936ee26643249e916849d48e3a51d5f5e278b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/log/zipball/fe0936ee26643249e916849d48e3a51d5f5e278b", + "reference": "fe0936ee26643249e916849d48e3a51d5f5e278b", + "shasum": "" + }, + "type": "library", + "autoload": { + "psr-0": { + "Psr\\Log\\": "" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "http://www.php-fig.org/" + } + ], + "description": "Common interface for logging libraries", + "keywords": [ + "log", + "psr", + "psr-3" + ], + "time": "2012-12-21 11:40:51" + }, + { + "name": "simplesamlphp/saml2", + "version": "v0.6.1", + "source": { + "type": "git", + "url": "https://github.com/simplesamlphp/saml2.git", + "reference": "64826f28255dcc065e638b172e157da3e88640d9" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/simplesamlphp/saml2/zipball/64826f28255dcc065e638b172e157da3e88640d9", + "reference": "64826f28255dcc065e638b172e157da3e88640d9", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "ext-mcrypt": "*", + "ext-openssl": "*", + "php": ">=5.3.3", + "psr/log": "~1.0", + "simplesamlphp/xmlseclibs": "~1.3.1" + }, + "require-dev": { + "mockery/mockery": "~0.9", + "phpmd/phpmd": "~1.5", + "phpunit/phpunit": "~3.7", + "satooshi/php-coveralls": "~0.6.1", + "sebastian/phpcpd": "~1.4", + "sensiolabs/security-checker": "~1.1", + "squizlabs/php_codesniffer": "~1.4" + }, + "type": "library", + "autoload": { + "psr-0": { + "SAML2_": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-2.1" + ], + "authors": [ + { + "name": "Andreas Åkre Solberg", + "email": "andreas.solberg@uninett.no" + } + ], + "description": "SAML2 PHP library from SimpleSAMLphp", + "time": "2014-12-04 13:30:27" + }, + { + "name": "simplesamlphp/simplesamlphp", + "version": "v1.13.2", + "source": { + "type": "git", + "url": "https://github.com/simplesamlphp/simplesamlphp.git", + "reference": "d7867692130c052f8c73f531f5e8ad17f925da0a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/simplesamlphp/simplesamlphp/zipball/d7867692130c052f8c73f531f5e8ad17f925da0a", + "reference": "d7867692130c052f8c73f531f5e8ad17f925da0a", + "shasum": "" + }, + "require": { + "openid/php-openid": "dev-master#ee669c6a9d4d95b58ecd9b6945627276807694fb as 2.2.2", + "php": "~5.3", + "simplesamlphp/saml2": "~0.3", + "simplesamlphp/xmlseclibs": "~1.3.2" + }, + "type": "project", + "autoload": { + "psr-0": { + "SimpleSAML_": "lib/" + }, + "files": [ + "lib/_autoload_modules.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-2.1" + ], + "authors": [ + { + "name": "Olav Morken", + "email": "olav.morken@uninett.no" + }, + { + "name": "Andreas Åkre Solberg", + "email": "andreas.solberg@uninett.no" + } + ], + "description": "A PHP implementation of SAML 2.0 service provider and identity provider functionality. And is also compatible with Shibboleth 1.3 and 2.0.", + "homepage": "http://simplesamlphp.org", + "keywords": [ + "OpenId", + "SAML2", + "aselect", + "idp", + "oauth", + "shibboleth", + "sp", + "ws-federation" + ], + "time": "2014-11-05 16:45:18" + }, + { + "name": "simplesamlphp/xmlseclibs", + "version": "v1.3.2", + "source": { + "type": "git", + "url": "https://github.com/simplesamlphp/xmlseclibs.git", + "reference": "734e80899ade295b979de08553161cad63c2dd98" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/simplesamlphp/xmlseclibs/zipball/734e80899ade295b979de08553161cad63c2dd98", + "reference": "734e80899ade295b979de08553161cad63c2dd98", + "shasum": "" + }, + "replace": { + "cdatazone/xmlseclibs": "self.version", + "fr3d/xmlseclibs": "self.version", + "robrichards/xmlseclibs": "self.version" + }, + "suggest": { + "ext/mcrypt": "", + "ext/openssl": "" + }, + "type": "library", + "autoload": { + "files": [ + "xmlseclibs.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Rob Richards" + } + ], + "description": "A PHP library for XML Security", + "homepage": "http://code.google.com/p/xmlseclibs/", + "keywords": [ + "certificate", + "security", + "signature", + "signing", + "x.509", + "xml", + "xmlsec" + ], + "time": "2013-06-19 00:00:00" + } + ], + "packages-dev": [], + "aliases": [ + { + "alias": "2.2.2", + "alias_normalized": "2.2.2.0", + "version": "9999999-dev", + "package": "openid/php-openid" + } + ], + "minimum-stability": "stable", + "stability-flags": { + "openid/php-openid": 20 + }, + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [] +} diff --git a/frog-federation/config/authsources.php b/frog-federation/config/authsources.php new file mode 100644 index 0000000..03a9b37 --- /dev/null +++ b/frog-federation/config/authsources.php @@ -0,0 +1,19 @@ + array( + 'saml:SP', + + // The entity ID of this SP. + // Can be NULL/unset, in which case an entity ID is generated based on the metadata URL. + 'entityID' => null, + + // The entity ID of the IdP this should SP should contact. + // Can be NULL/unset, in which case the user will be shown a list of available IdPs. + 'idp' => 'https://federation-misc.frogosdev.co.uk/saml2/idp/metadata.php', + + // The URL to the discovery service. + // Can be NULL/unset, in which case a builtin discovery service will be used. + 'discoURL' => null, + ), +); diff --git a/frog-federation/metadata/saml20-idp-remote.php b/frog-federation/metadata/saml20-idp-remote.php new file mode 100644 index 0000000..121538a --- /dev/null +++ b/frog-federation/metadata/saml20-idp-remote.php @@ -0,0 +1,27 @@ + 'saml20-idp-remote', + 'entityid' => 'https://federation-misc.frogosdev.co.uk/saml2/idp/metadata.php', + 'SingleSignOnService' => array( + 0 => array( + 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', + 'Location' => 'https://federation-misc.frogosdev.co.uk/saml2/idp/SSOService.php', + ), + ), + 'SingleLogoutService' => array( + 0 => array( + 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect', + 'Location' => 'https://federation-misc.frogosdev.co.uk/saml2/idp/SingleLogoutService.php', + ), + ), + 'certData' => 'MIIDfzCCAmegAwIBAgIJAKnl9D1Rgap3MA0GCSqGSIb3DQEBBQUAMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTAeFw0xMjA5MjgxMDQ0MzdaFw0yMjA5MjgxMDQ0MzdaMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOK9U0iYHhsRxrH1Q7Auz8kMR+oLN7HzLiyLiqSJK6RpPj5VZ83nO5EE6Jaws2uzeuRSQ5lNTk2PtlWqv2r0oXkMmVvFXozY/sPRWNH04XwMXiyv7cjjwBBhvj4vcrZ9ysQEg2I9iZ88QCj6n9SUpwyfsWmeEppgmPwoXCTP6w4IhOV5XOjTL87NB609lT1sLANy9uSr/RK3Wzqb+WKGemF8itEmmnbkU9p6yLmsSxVyQK2l35DU6JpFiLTkzuy1FLB6/M7HBrzaxsXzhzys+WiznH+DqQFMgLi2VcPzqZxMVtfMxKl/AOlTIt+XQ5XHshl6mrbCZUqUYToDEBG23vcCAwEAAaNQME4wHQYDVR0OBBYEFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMB8GA1UdIwQYMBaAFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGuN+ABo0bi22aC9AXEoKKKXFsp9P85plgcyvlkWKXrRu7iC7C3d6TfP36OmflxaibFuBTf6KfzkgOXTj2A/z1uP9lKvIDZ3FzjYNHi68rz1N2SVuXcUxDPvsGzeSBy1SaUzlAyYBtBKqntZBfxlH5EZ1T9yNfnbmhCMlr/e45ILf8BGdkaNz/TdYhepkhQ77DU2D6bNyq345B4zGb6wOg1fQEMv8bC8Ylt0wIBgJYSrOkCipWKNqCLL+GbYD1+sNn8e+W2h3o9J482BzxVRw9V2DFR6/9I54rzI4bvZKcXk6imGhO+577qzZgffQnaI/SgjPVJIBuWxL3JJ+86COAc=', + 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient', +); diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..3a79473 --- /dev/null +++ b/setup.sh @@ -0,0 +1,23 @@ +#!/bin/sh + +test_error() +{ + if [[ $? != "0" ]]; then + echo $1 + exit 1 + fi +} + +curl -sS https://getcomposer.org/installer | php +test_error "Couldn't Download Composer" +php composer.phar install +test_error "Composer Install Failed" +rm -f composer.phar + +cd vendor/simplesamlphp/simplesamlphp/ +mkdir {config,metadata} +cp config-templates/{config,authsources}.php config/ +cp metadata-templates/saml20-idp-remote.php metadata/ +cd ../../../www +ln -s ../vendor/simplesamlphp/simplesamlphp/www . + diff --git a/www/index.php b/www/index.php new file mode 100644 index 0000000..5d83b22 --- /dev/null +++ b/www/index.php @@ -0,0 +1,21 @@ +requireAuth(); + +$attributes = $as->getAttributes(); + +?> + + + + Probably the simplest Service Provider in PHP + + +

Example Web App

+

Your attributes:

+
+ logout + + From 773c0fef8fbcde3afb3e684f5488a7e178578c78 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Thu, 18 Dec 2014 09:31:18 +0000 Subject: [PATCH 2/7] Remove erroneous whitespace --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c295d86..6dda74f 100644 --- a/README.md +++ b/README.md @@ -112,7 +112,7 @@ These follow the pattern of: usernames: other1, other2, etc. password: other1pass, other2pass, etc. -With the users other1 to other 10 being enabled for your testing purposes. +With the users other1 to other10 being enabled for your testing purposes. If you authenticate correctly you'll be redirected back to your test application with the user attributes provided: From 8acf42c6c2d215db753e48376cb017ba69f950a9 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Thu, 18 Dec 2014 13:39:44 +0000 Subject: [PATCH 3/7] Add in Frog Federation XML Metadata --- .../metadata/saml20-idp-remote.xml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 frog-federation/metadata/saml20-idp-remote.xml diff --git a/frog-federation/metadata/saml20-idp-remote.xml b/frog-federation/metadata/saml20-idp-remote.xml new file mode 100644 index 0000000..9379059 --- /dev/null +++ b/frog-federation/metadata/saml20-idp-remote.xml @@ -0,0 +1,27 @@ + + + + + + + MIIDfzCCAmegAwIBAgIJAKnl9D1Rgap3MA0GCSqGSIb3DQEBBQUAMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTAeFw0xMjA5MjgxMDQ0MzdaFw0yMjA5MjgxMDQ0MzdaMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOK9U0iYHhsRxrH1Q7Auz8kMR+oLN7HzLiyLiqSJK6RpPj5VZ83nO5EE6Jaws2uzeuRSQ5lNTk2PtlWqv2r0oXkMmVvFXozY/sPRWNH04XwMXiyv7cjjwBBhvj4vcrZ9ysQEg2I9iZ88QCj6n9SUpwyfsWmeEppgmPwoXCTP6w4IhOV5XOjTL87NB609lT1sLANy9uSr/RK3Wzqb+WKGemF8itEmmnbkU9p6yLmsSxVyQK2l35DU6JpFiLTkzuy1FLB6/M7HBrzaxsXzhzys+WiznH+DqQFMgLi2VcPzqZxMVtfMxKl/AOlTIt+XQ5XHshl6mrbCZUqUYToDEBG23vcCAwEAAaNQME4wHQYDVR0OBBYEFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMB8GA1UdIwQYMBaAFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGuN+ABo0bi22aC9AXEoKKKXFsp9P85plgcyvlkWKXrRu7iC7C3d6TfP36OmflxaibFuBTf6KfzkgOXTj2A/z1uP9lKvIDZ3FzjYNHi68rz1N2SVuXcUxDPvsGzeSBy1SaUzlAyYBtBKqntZBfxlH5EZ1T9yNfnbmhCMlr/e45ILf8BGdkaNz/TdYhepkhQ77DU2D6bNyq345B4zGb6wOg1fQEMv8bC8Ylt0wIBgJYSrOkCipWKNqCLL+GbYD1+sNn8e+W2h3o9J482BzxVRw9V2DFR6/9I54rzI4bvZKcXk6imGhO+577qzZgffQnaI/SgjPVJIBuWxL3JJ+86COAc= + + + + + + + MIIDfzCCAmegAwIBAgIJAKnl9D1Rgap3MA0GCSqGSIb3DQEBBQUAMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTAeFw0xMjA5MjgxMDQ0MzdaFw0yMjA5MjgxMDQ0MzdaMFYxCzAJBgNVBAYTAlVLMRAwDgYDVQQHDAdIYWxpZmF4MRYwFAYDVQQKDA1Gcm9ndHJhZGUgTHRkMR0wGwYDVQQDDBRzYW1sc3AuZnJvZ3RyYWRlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOK9U0iYHhsRxrH1Q7Auz8kMR+oLN7HzLiyLiqSJK6RpPj5VZ83nO5EE6Jaws2uzeuRSQ5lNTk2PtlWqv2r0oXkMmVvFXozY/sPRWNH04XwMXiyv7cjjwBBhvj4vcrZ9ysQEg2I9iZ88QCj6n9SUpwyfsWmeEppgmPwoXCTP6w4IhOV5XOjTL87NB609lT1sLANy9uSr/RK3Wzqb+WKGemF8itEmmnbkU9p6yLmsSxVyQK2l35DU6JpFiLTkzuy1FLB6/M7HBrzaxsXzhzys+WiznH+DqQFMgLi2VcPzqZxMVtfMxKl/AOlTIt+XQ5XHshl6mrbCZUqUYToDEBG23vcCAwEAAaNQME4wHQYDVR0OBBYEFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMB8GA1UdIwQYMBaAFJWPPbP4N3wMT8PuLD9q6Z6eaFzNMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGuN+ABo0bi22aC9AXEoKKKXFsp9P85plgcyvlkWKXrRu7iC7C3d6TfP36OmflxaibFuBTf6KfzkgOXTj2A/z1uP9lKvIDZ3FzjYNHi68rz1N2SVuXcUxDPvsGzeSBy1SaUzlAyYBtBKqntZBfxlH5EZ1T9yNfnbmhCMlr/e45ILf8BGdkaNz/TdYhepkhQ77DU2D6bNyq345B4zGb6wOg1fQEMv8bC8Ylt0wIBgJYSrOkCipWKNqCLL+GbYD1+sNn8e+W2h3o9J482BzxVRw9V2DFR6/9I54rzI4bvZKcXk6imGhO+577qzZgffQnaI/SgjPVJIBuWxL3JJ+86COAc= + + + + + urn:oasis:names:tc:SAML:2.0:nameid-format:transient + + + + Frogtrade + Ltd + support@frogtrade.com + + From a765f3b84f4e69fe2f06e0f48c014b5181773c63 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Sat, 14 Feb 2015 10:01:29 +0000 Subject: [PATCH 4/7] Correct name of symbolic link created --- README.md | 2 +- setup.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 6dda74f..d14c083 100644 --- a/README.md +++ b/README.md @@ -38,7 +38,7 @@ To install using composer you need to do the following: `cp config-templates/{config,authsources}.php config/` `cp metadata-templates/saml20-idp-remote.php metadata/` `cd ../../../www` - `ln -s ../vendor/simplesamlphp/simplesamlphp/www .` + `ln -s ../vendor/simplesamlphp/simplesamlphp/www saml` [2]: https://getcomposer.org/ diff --git a/setup.sh b/setup.sh index 3a79473..32e58c7 100755 --- a/setup.sh +++ b/setup.sh @@ -19,5 +19,5 @@ mkdir {config,metadata} cp config-templates/{config,authsources}.php config/ cp metadata-templates/saml20-idp-remote.php metadata/ cd ../../../www -ln -s ../vendor/simplesamlphp/simplesamlphp/www . +ln -s ../vendor/simplesamlphp/simplesamlphp/www saml From 6fe799fa820863df45323c536db29792c3e1a4c0 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Tue, 24 Feb 2015 11:06:44 +0000 Subject: [PATCH 5/7] Update test frog learn instance hostnames as they've been moved to a separate domain --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d14c083..ae8ac22 100644 --- a/README.md +++ b/README.md @@ -94,8 +94,8 @@ Testing The App We have three boxes setup for you to develop against: Development Frog Federation: [https://federation-misc.frogosdev.co.uk/][5] -Example Secondary School: [https://secondaryexternal-misc.frogosdev.co.uk/][6] -Example Primary School: [https://primaryexternal-misc.frogosdev.co.uk/][7] +Example Secondary School: [https://secondaryexternal-misc.frogtest.co.uk/][6] +Example Primary School: [https://primaryexternal-misc.frogtest.co.uk/][7] In your browser go to: https://your-domain.com/ Provided a correct server software setup this should run the provided index.php and re-direct you to a selection page on [https://federation-misc.frogosdev.co.uk/][5] which will look like the following: @@ -119,5 +119,5 @@ If you authenticate correctly you'll be redirected back to your test application ![](https://openmerchantaccount.com/img/frogeducation-simplesaml-development-user-attributes.png) [5]: https://federation-misc.frogosdev.co.uk/ -[6]: https://secondaryexternal-misc.frogosdev.co.uk/ -[7]: https://primaryexternal-misc.frogosdev.co.uk/ +[6]: https://secondaryexternal-misc.frogtest.co.uk/ +[7]: https://primaryexternal-misc.frogtest.co.uk/ From 414f8a9de2b998961880cc0f5ba32979eb9881b1 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Tue, 14 Apr 2015 08:37:24 +0100 Subject: [PATCH 6/7] Corrections to typos in documentation --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ae8ac22..7927582 100644 --- a/README.md +++ b/README.md @@ -73,10 +73,10 @@ The next step is to configure SimpleSAMLPHP. We have provided example configurat Further documentation on the SimpleSAMLPHP config file can be found [here][4] The two other files you need are `simplesamlphp/config/authsources.php` and `simplesamlphp/metadata/saml20-idp-remote.php`. -The examples provided under `frog-federation/config/authsources.php` and `frog-federation/metadata/saml20-sp-remote.php` will work with the development federation provided by frog (mentioned later). +The examples provided under `frog-federation/config/authsources.php` and `frog-federation/metadata/saml20-idp-remote.php` will work with the development federation provided by frog (mentioned later). To use these simply run the following: `cp frog-federation/config/authsources.php simplesamlphp/config/authsources.php` -`cp frog-federation/metadata/saml20-sp-remote.php simplesamlphp/metadata/saml20-idp-remote.php` +`cp frog-federation/metadata/saml20-idp-remote.php simplesamlphp/metadata/saml20-idp-remote.php` ***Please Note***: The authsources.php and saml20-idp-remote.php provided are for development against the frog **development** federation. When configuring your application against the production federation these will require changes. Please contact the Partners support team at FrogEducation to acquire these and setup your application against the production federation. From 7aad21cf783f4d263f0d69c18ee40eeca9cd5c76 Mon Sep 17 00:00:00 2001 From: Tom Chapman Date: Tue, 6 Oct 2015 09:03:45 +0100 Subject: [PATCH 7/7] Add in License --- LICENSE.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 LICENSE.md diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..ca99d78 --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,27 @@ +BSD 3-Clause License + +Copyright (c) 2015 Frog Education Ltd + +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are +permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, this list of conditions +and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, this list of +conditions and the following disclaimer in the documentation and/or other materials provided with +the distribution. + +3. Neither the name of the copyright holder nor the names of its contributors may be used to +endorse or promote products derived from this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR +IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR +CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY +WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE