EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' of https://gitlab.com/isard/isard-apps

root 2021-05-04 08:31:46 +02:00
parent c37e27eb70 c07a856c11
commit ed77ce9ce0
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SAML_README.md
View File

@ -7,7 +7,7 @@
# Moodle # Moodle
1. Activate SAML2 plugin 1. Activate SAML2 plugin
2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php 2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php and lock it down
3. Download SAML2 Service Provider xml: https://moodle.<domain>/auth/saml2/sp/metadata.php 3. Download SAML2 Service Provider xml: https://moodle.<domain>/auth/saml2/sp/metadata.php
4. Import this SP in keycloak IDP: https://sso.<domain>/auth/admin/master/console/#/create/client/poc 4. Import this SP in keycloak IDP: https://sso.<domain>/auth/admin/master/console/#/create/client/poc
5. Add builtin email, givenname and surname field mappers (https://sso.<domain>/auth/admin/master/console/#/realms/poc/clients/b7781aac-5aa5-441a-8af5-aca7cc0a1daf/mappers) 5. Add builtin email, givenname and surname field mappers (https://sso.<domain>/auth/admin/master/console/#/realms/poc/clients/b7781aac-5aa5-441a-8af5-aca7cc0a1daf/mappers)
@ -117,8 +117,8 @@ TODO: Does not map email nor friendlyname (display name). Also not tested to add
1. x509: public.key (generated before) 1. x509: public.key (generated before)
2. Private key: private.key (generated before) 2. Private key: private.key (generated before)
3. Identity Provider Data 3. Identity Provider Data
1. Identifier of the IdP: https://sso.<domain>/auth/realms/poc 1. Identifier of the IdP: https://sso.<domain>/auth/realms/master
2. URL target of the IdP: https://sso.<domain>/auth/realms/poc/protocol/saml 2. URL target of the IdP: https://sso.<domain>/auth/realms/master/protocol/saml
3. URL Location of the IdP SLO request: https://sso.<domain>/auth/realms/poc/protocol/saml 3. URL Location of the IdP SLO request: https://sso.<domain>/auth/realms/poc/protocol/saml
4. Public X.509 certificate: (The RSA Certificate from keycloak at step 1). 4. Public X.509 certificate: (The RSA Certificate from keycloak at step 1).
4. Attribute mapping 4. Attribute mapping
@ -197,9 +197,9 @@ Client Id in keycloak has to be 'php-saml' if not set at wordpress saml plugin.
1. Enable 1. Enable
3. IDENTITY PROVIDER SETTINGS 3. IDENTITY PROVIDER SETTINGS
1. iDp ENTITY ID: Anything you want 1. iDp ENTITY ID: Anything you want
1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml 1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml 2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/poc/keys) without the begin/end lines in the cert. 3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/master/keys) without the begin/end lines in the cert.
4. OPTIONS 4. OPTIONS
1. Create user if not exists 1. Create user if not exists
2. Update user data 2. Update user data

2
docker/wordpress/plugins/saml

@ -1 +1 @@
Subproject commit dc3ceb5a583bfe1a70e85c84c69ccbd505d95f46 Subproject commit 0b869d355ade9ea90397e4f99838e270ccf29532

2
docker/wordpress/src

@ -1 +1 @@
Subproject commit a3314672f30af2c0d9a214931976e3769a0cd8c2 Subproject commit f28be63bfe19671f5628a57bd8135dec0cb153d2