Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove apply_conf.sh script #103

Merged
merged 4 commits into from
Jan 22, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions Docker-compose/.env
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
MONGO_DBUSER=satosa
MONGO_DBPASSWORD=thatpassword
HOSTNAME=localhost
KEYS_FOLDER=./pki
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@salvatorelaiso metti qui tutte le variabili con dati di esempio per la demo?
ti risolvi problemi durante i collaudi per i campi richiesti dal metadata

i collaudi ovviamente richiedono i test su spid-saml-check

56 changes: 31 additions & 25 deletions Docker-compose/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,7 @@ services:
- SATOSA_BY_DOCKER=1

- SATOSA_BASE=https://$HOSTNAME
- SATOSA_BASE_STATIC=https://$HOSTNAME/static
- SATOSA_DISCO_SRV=https://$HOSTNAME/static/disco.html
- SATOSA_UNKNOW_ERROR_REDIRECT_PAGE=https://$HOSTNAME/static/error_page.html

Expand All @@ -74,32 +75,37 @@ services:

- SATOSA_CONTACT_PERSON_EMAIL_ADDRESS=support.example@organization.org
- SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER=+3906123456789
# - SATOSA_CONTACT_PERSON_FISCALCODE=01234567890
# - SATOSA_CONTACT_PERSON_GIVEN_NAME=Name
# - SATOSA_ENCRYPTION_KEY=
- SATOSA_CONTACT_PERSON_FISCALCODE=01234567890
- SATOSA_CONTACT_PERSON_GIVEN_NAME=Name
- SATOSA_CONTACT_PERSON_IPA_CODE=ispra_rm
- SATOSA_CONTACT_PERSON_MUNICIPALITY=H501
- SATOSA_ENCRYPTION_KEY=CHANGE_ME!

# - SATOSA_ORGANIZATION_DISPLAY_NAME_EN=Resource provided by Example Organization
# - SATOSA_ORGANIZATION_DISPLAY_NAME_IT=Resource provided by Example Organization
# - SATOSA_ORGANIZATION_NAME_EN=Resource provided by Example Organization
# - SATOSA_ORGANIZATION_NAME_IT=Resource provided by Example Organization
# - SATOSA_ORGANIZATION_URL_EN=https://example_organization.org
# - SATOSA_ORGANIZATION_URL_IT=https://example_organization.org
# - SATOSA_PRIVATE_KEY=
# - SATOSA_PUBLIC_KEY=
# - SATOSA_SALT=
# - SATOSA_STATE_ENCRYPTION_KEY
# - SATOSA_UI_DESCRIPTION_EN=Resource description
# - SATOSA_UI_DESCRIPTION_IT=Resource description
# - SATOSA_UI_DISPLAY_NAME_EN=Resource Display Name
# - SATOSA_UI_DISPLAY_NAME_IT=Resource Display Name
# - SATOSA_UI_INFORMATION_URL_EN=https://example_organization.org/information_url_en
# - SATOSA_UI_INFORMATION_URL_IT=https://example_organization.org/information_url_en
# - SATOSA_UI_LOGO_HEIGHT=60
# - SATOSA_UI_LOGO_URL=https://example_organization.org/logo.png
# - SATOSA_UI_LOGO_WIDTH=80
# - SATOSA_UI_PRIVACY_URL_EN=https://example_organization.org/privacy_en
# - SATOSA_UI_PRIVACY_URL_IT=https://example_organization.org/privacy_en
# - SATOSA_USER_ID_HASH_SALT
- SATOSA_ORGANIZATION_DISPLAY_NAME_EN=Resource provided by Example Organization
- SATOSA_ORGANIZATION_DISPLAY_NAME_IT=Resource provided by Example Organization
- SATOSA_ORGANIZATION_NAME_EN=Resource provided by Example Organization
- SATOSA_ORGANIZATION_NAME_IT=Resource provided by Example Organization
- SATOSA_ORGANIZATION_URL_EN=https://example_organization.org
- SATOSA_ORGANIZATION_URL_IT=https://example_organization.org
- SATOSA_PRIVATE_KEY=${KEYS_FOLDER}/privkey.pem
- SATOSA_PUBLIC_KEY=${KEYS_FOLDER}/cert.pem
- SATOSA_SALT=CHANGE_ME!
- SATOSA_STATE_ENCRYPTION_KEY=CHANGE_ME!
- SATOSA_UI_DESCRIPTION_EN=Resource description
- SATOSA_UI_DESCRIPTION_IT=Resource description
- SATOSA_UI_DISPLAY_NAME_EN=Resource Display Name
- SATOSA_UI_DISPLAY_NAME_IT=Resource Display Name
- SATOSA_UI_INFORMATION_URL_EN=https://example_organization.org/information_url_en
- SATOSA_UI_INFORMATION_URL_IT=https://example_organization.org/information_url_en
- SATOSA_UI_LOGO_HEIGHT=60
- SATOSA_UI_LOGO_URL=https://example_organization.org/logo.png
- SATOSA_UI_LOGO_WIDTH=80
- SATOSA_UI_PRIVACY_URL_EN=https://example_organization.org/privacy_en
- SATOSA_UI_PRIVACY_URL_IT=https://example_organization.org/privacy_en
- SATOSA_USER_ID_HASH_SALT=CHANGE_ME!
- SATOSA_REQUESTED_ATTRIBUTES=[]

- GET_IDEM_MDQ_KEY=true
expose:
- 10000
ports:
Expand Down
176 changes: 0 additions & 176 deletions example/apply_conf.sh

This file was deleted.

7 changes: 6 additions & 1 deletion example/entrypoint.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
#!/bin/bash

bash apply_conf.sh
# get IDEM MDQ key
if [[ $GET_IDEM_MDQ_KEY == true ]]; then
wget https://mdx.idem.garr.it/idem-mdx-service-crt.pem -O $KEYS_FOLDER/idem-mdx-service-crt.pem
wget https://registry.spid.gov.it/metadata/idp/spid-entities-idps.xml -O metadata/idp/spid-entities-idps.xml
echo "Downloaded IDEM MDQ key"
fi

uwsgi --ini /satosa_proxy/uwsgi_setup/uwsgi/uwsgi.ini.docker
58 changes: 29 additions & 29 deletions example/plugins/backends/ciesaml2_backend.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ config:
# idp_blacklist_file: /path/to/blacklist.json

# error templates
static_storage_url: "https://localhost/static"
static_storage_url: !ENV SATOSA_BASE_STATIC
error_template: "spid_login_error.html"
template_folder: "templates" # project root

Expand All @@ -28,33 +28,33 @@ config:
# "https://identity.infocert.it": 'https://www.spid.gov.it/SpidL1'

sp_config:
key_file: ./pki/privkey.pem
cert_file: ./pki/cert.pem
key_file: !ENV SATOSA_PRIVATE_KEY
cert_file: !ENV SATOSA_PUBLIC_KEY
encryption_keypairs:
- {'key_file': ./pki/privkey.pem, 'cert_file': ./pki/cert.pem}
- {'key_file': !ENV SATOSA_PRIVATE_KEY, 'cert_file': !ENV SATOSA_PUBLIC_KEY}

attribute_map_dir: 'attributes-map'

organization:
display_name:
- [ 'change with $SATOSA_ORGANIZATION_DISPLAY_NAME_EN', 'en']
- [ 'change with $SATOSA_ORGANIZATION_DISPLAY_NAME_IT', 'it']
- [ !ENV SATOSA_ORGANIZATION_DISPLAY_NAME_EN, 'en']
- [ !ENV SATOSA_ORGANIZATION_DISPLAY_NAME_IT, 'it']
name:
- [ 'change with $SATOSA_ORGANIZATION_NAME_EN', 'en']
- [ 'change with $SATOSA_ORGANIZATION_NAME_IT', 'it']
- [ !ENV SATOSA_ORGANIZATION_NAME_EN, 'en']
- [ !ENV SATOSA_ORGANIZATION_NAME_IT, 'it']
url:
- [ 'https://change_with_SATOSA_ORGANIZATION_URL_EN', 'en']
- [ 'https://change_with_SATOSA_ORGANIZATION_URL_IT', 'it']
- [ !ENV SATOSA_ORGANIZATION_URL_EN, 'en']
- [ !ENV SATOSA_ORGANIZATION_URL_IT, 'it']

contact_person:
- contact_type: 'administrative'
company: change_with_SATOSA_ORGANIZATION_NAME_IT
email_address: [email protected]
telephone_number: change_with_SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER
company: !ENV SATOSA_ORGANIZATION_NAME_IT
email_address: !ENV SATOSA_CONTACT_PERSON_EMAIL_ADDRESS
telephone_number: !ENV SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER
cie_info:
Public: ''
IPACode: ispra_rm
Municipality: H501
IPACode: !ENV SATOSA_CONTACT_PERSON_IPA_CODE
Municipality: !ENV SATOSA_CONTACT_PERSON_MUNICIPALITY


metadata:
Expand All @@ -72,28 +72,28 @@ config:
ui_info:
display_name:
- lang: en
text: change with $SATOSA_UI_DISPLAY_NAME_EN
text: !ENV SATOSA_UI_DISPLAY_NAME_EN
- lang: it
text: change with $SATOSA_UI_DISPLAY_NAME_IT
text: !ENV SATOSA_UI_DISPLAY_NAME_IT
description:
- lang: en
text: change with $SATOSA_UI_DESCRIPTION_EN
text: !ENV SATOSA_UI_DESCRIPTION_EN
- lang: it
text: change with $SATOSA_UI_DESCRIPTION_IT
text: !ENV SATOSA_UI_DESCRIPTION_IT
information_url:
- lang: en
text: change with $SATOSA_UI_INFORMATION_URL_EN
- lang: it
text: change with $SATOSA_UI_INFORMATION_URL_IT
text: !ENV SATOSA_UI_INFORMATION_URL_EN
- lang: it
text: !ENV SATOSA_UI_INFORMATION_URL_IT
privacy_statement_url:
- lang: en
text: change with $SATOSA_UI_PRIVACY_URL_EN
text: !ENV SATOSA_UI_PRIVACY_URL_EN
- lang: it
text: change with $SATOSA_UI_PRIVACY_URL_IT
text: !ENV SATOSA_UI_PRIVACY_URL_IT
logo:
text: change with $SATOSA_UI_LOGO_URL
width: change with $SATOSA_UI_LOGO_WIDTH
height: change with $SATOSA_UI_LOGO_HEIGHT
text: !ENV SATOSA_UI_LOGO_URL
width: !ENV SATOSA_UI_LOGO_WIDTH
height: !ENV SATOSA_UI_LOGO_HEIGHT

# sign dig and enc
authn_requests_signed: true
Expand Down Expand Up @@ -124,7 +124,7 @@ config:
'dateOfBirth',
'fiscalNumber',
]

requested_attributes: !ENV SATOSA_REQUESTED_ATTRIBUTES
#optional_attributes: ['gender',
# 'companyName',
# 'registeredOffice',
Expand All @@ -147,4 +147,4 @@ config:
- [<base_url>/<name>/disco, 'urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol']

# disco_srv must be defined if there is more than one IdP in the metadata specified above
disco_srv: "https://sso.isprambiente.it/static/disco.html"
disco_srv: !ENV SATOSA_DISCO_SRV
Loading
Loading