configs were missing to test expirycheck logic.

Author: Billy Clark

development/idp2/authsources.php

@@ -1,6 +1,42 @@
 <?php
 $config = [
-    'admin' => [
-        'core:AdminPassword',
+    'example-userpass' => [
+        'exampleauth:UserPass',
+        'distant_future:a' => [
+            'eduPersonPrincipalName' => ['[email protected]'],
+            'eduPersonTargetID' => ['11111111-1111-1111-1111-111111111111'],
+            'sn' => ['Future'],
+            'givenName' => ['Distant'],
+            'mail' => ['[email protected]'],
+            'employeeNumber' => ['11111'],
+            'cn' => ['DISTANT_FUTURE'],
+            'schacExpiryDate' => [
+                gmdate('YmdHis\Z', strtotime('+6 months')), // Distant future
+            ],
+        ],
+        'near_future:b' => [
+            'eduPersonPrincipalName' => ['[email protected]'],
+            'eduPersonTargetID' => ['22222222-2222-2222-2222-222222222222'],
+            'sn' => ['Future'],
+            'givenName' => ['Near'],
+            'mail' => ['[email protected]'],
+            'employeeNumber' => ['22222'],
+            'cn' => ['NEAR_FUTURE'],
+            'schacExpiryDate' => [
+                gmdate('YmdHis\Z', strtotime('+1 day')), // Very soon
+            ],
+        ],
+        'already_past:c' => [
+            'eduPersonPrincipalName' => ['[email protected]'],
+            'eduPersonTargetID' => ['33333333-3333-3333-3333-333333333333'],
+            'sn' => ['Past'],
+            'givenName' => ['Already'],
+            'mail' => ['[email protected]'],
+            'employeeNumber' => ['33333'],
+            'cn' => ['ALREADY_PAST'],
+            'schacExpiryDate' => [
+                gmdate('YmdHis\Z', strtotime('-1 day')), // In the past
+            ],
+        ],
     ],
-];
+];

development/idp2/enable

@@ -0,0 +1 @@
+used to enable simplesaml modules.

development/idp2/saml20-idp-hosted.php

@@ -1,7 +1,21 @@
 <?php
+use Sil\PhpEnv\Env;
+use Sil\Psr3Adapters\Psr3SamlLogger;
+
 $metadata['http://ssp-hub-idp2.local:8086'] = [
 	'host' => '__DEFAULT__',
 	'privatekey' => 'ssp-hub-idp2.pem',
 	'certificate' => 'ssp-hub-idp2.crt',
-	'auth' => 'admin',
-];
+	'auth' => 'example-userpass',
+    'authproc' => [
+        10 => [
+            'class' => 'expirychecker:ExpiryDate',
+            'accountNameAttr' => 'cn',
+            'expiryDateAttr' => 'schacExpiryDate',
+            'changePwdUrl' => Env::get('CHANGE_PWD_URL'),
+            'warnDaysBefore' => 14,
+            'dateFormat' => 'Y-m-d',
+            'loggerClass' => Psr3SamlLogger::class,
+        ]
+    ]
+];

docker-compose.yml

@@ -39,9 +39,10 @@ services:
       SECRET_SALT: "8yC5mb4wqANaU+Rxrl4DHkfKzikeieXkltfFd+YDzx8="
       IDP_NAME: "Idp 1"
   idp2:
-    image: silintl/ssp-base:develop
+    image: silintl/ssp-base:feature_add-expirychecker-0-1-0
     volumes:
       - ./development/idp2/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
+      - ./development/idp2/enable:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/enable
       - ./development/idp2/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php
       - ./development/idp2/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php
       - ./development/idp2/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
@@ -58,3 +59,4 @@ services:
       SECRET_SALT: "edI4GGkYfkzD6/OXFvHBHb9Meu9hdKXQpNFg4q/GGfY="
       IDP_NAME: "Idp 2"
       ANALYTICS_ID: "UA-XXXX-Y"
+      CHANGE_PWD_URL: "http://example.org"