EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' of https://gitlab.com/isard/isard-apps

root 2021-05-04 08:31:46 +02:00
parent c37e27eb70 c07a856c11
commit ed77ce9ce0
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
SAML_README.md
View File

@ -7,7 +7,7 @@
# Moodle
1. Activate SAML2 plugin
2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php
2. Regenerate SP certificate: https://moodle.<domain>/auth/saml2/regenerate.php and lock it down
3. Download SAML2 Service Provider xml: https://moodle.<domain>/auth/saml2/sp/metadata.php
4. Import this SP in keycloak IDP: https://sso.<domain>/auth/admin/master/console/#/create/client/poc
5. Add builtin email, givenname and surname field mappers (https://sso.<domain>/auth/admin/master/console/#/realms/poc/clients/b7781aac-5aa5-441a-8af5-aca7cc0a1daf/mappers)
@ -117,8 +117,8 @@ TODO: Does not map email nor friendlyname (display name). Also not tested to add
1. x509: public.key (generated before)
2. Private key: private.key (generated before)
3. Identity Provider Data
1. Identifier of the IdP: https://sso.<domain>/auth/realms/poc
2. URL target of the IdP: https://sso.<domain>/auth/realms/poc/protocol/saml
1. Identifier of the IdP: https://sso.<domain>/auth/realms/master
2. URL target of the IdP: https://sso.<domain>/auth/realms/master/protocol/saml
3. URL Location of the IdP SLO request: https://sso.<domain>/auth/realms/poc/protocol/saml
4. Public X.509 certificate: (The RSA Certificate from keycloak at step 1).
4. Attribute mapping
@ -197,9 +197,9 @@ Client Id in keycloak has to be 'php-saml' if not set at wordpress saml plugin.
1. Enable
3. IDENTITY PROVIDER SETTINGS
1. iDp ENTITY ID: Anything you want
1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml
2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/poc/protocol/saml
3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/poc/keys) without the begin/end lines in the cert.
1. SSO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
2. SLO Service Url: https://sso.digitaldemocratic.net/auth/realms/master/protocol/saml
3. X.509 Certificate: Copy the Certificate (not the Public key) from the keycloak realm (https://sso.digitaldemocratic.net/auth/admin/master/console/#/realms/master/keys) without the begin/end lines in the cert.
4. OPTIONS
1. Create user if not exists
2. Update user data

2
docker/wordpress/plugins/saml

@ -1 +1 @@
Subproject commit dc3ceb5a583bfe1a70e85c84c69ccbd505d95f46
Subproject commit 0b869d355ade9ea90397e4f99838e270ccf29532

2
docker/wordpress/src

@ -1 +1 @@
Subproject commit a3314672f30af2c0d9a214931976e3769a0cd8c2
Subproject commit f28be63bfe19671f5628a57bd8135dec0cb153d2