Merge pull request #1 from silinternational/develop

Deliver prod release

Author: longrunningprocess

.gitignore

@@ -0,0 +1,3 @@
+.idea/
+vendor/
+composer.lock

Makefile

@@ -0,0 +1,11 @@
+start: 
+	docker-compose up -d
+
+errors: 
+	docker-compose exec hub cat /var/log/apache2/error.log
+	docker-compose exec idp1 cat /var/log/apache2/error.log
+	docker-compose exec idp2 cat /var/log/apache2/error.log
+
+clean:
+	docker-compose kill
+	docker-compose rm -f

README.md

@@ -3,20 +3,81 @@ Material Design theme for use with SimpleSAMLphp
 ## Installation
 
 ```
-composer.phar require silinternational/simplesamlphp-module-theme-material:dev-master
+composer.phar require silinternational/simplesamlphp-module-material:dev-master
 ```
 
 ## Configuration
 
 Update `/simplesamlphp/config/config.php`:
 
 ```
-'theme.use' => 'themematerial:material'
+'theme.use' => 'material:material'
 ```
 
+### Google reCAPTCHA
+If a site key has been provided in `$this->data['recaptcha.siteKey']`, the 
+username/password page may require the user prove his/her humanity.
+
+### Branding
+Update `/simplesamlphp/config/config.php`:
+
+```
+'theme.color-scheme' => ['indigo-purple'|'blue_grey-teal'|'red-teal'|'orange-light_blue']
+```
+
+### Analytics
+Update `/simplesamlphp/config/config.php`:
+
+```
+'analytics.trackingId' => 'UA-some-unique-id-for-your-site'
+```
+
+### Announcements
+If something is found in `$this->data['announcement']` an alert will be shown to the user filled with the 
+content of that announcement.  HTML is supported.
+
 ## Testing theme
 
-1. Login to simplesaml's admin page, `//yourhost/module.php/core/loginuserpass.php`
-2. Click **Authentication** tab
-3. Click **Test configured authentication sources**
-4. Click **auth-choices** (this list is built up from `config/authsources.php`)
+[Make](https://www.gnu.org/software/make/), [Docker](https://www.docker.com/products/overview) and 
+[Docker Compose](https://docs.docker.com/compose/install/) are required.
+
+### Setup 
+
+1. Setup `localhost` aliases for `ssp-hub.local`, `ssp-hub-idp1.local`, and `ssp-hub-idp2.local`.  This is typically done in `/etc/hosts`.
+2. Start test environment, e.g., `make` from the command line.
+3. Goto [http://ssp-hub.local](http://ssp-hub.local).
+4. Login as hub administrator, e.g., username=admin & password=abc123
+
+### Hub
+1. Click **Authentication** tab
+2. Click **Test configured authentication sources**
+3. Click **hub-discovery**
+
+### Error
+1. Click **Configuration** tab
+
+### Logout
+1. Click **Authentication** tab
+2. Click **Test configured authentication sources**
+3. Click **admin**
+4. Click **Logout**
+
+### Login
+1. Click **Authentication** tab
+2. Click **Test configured authentication sources**
+3. Click **hub-discovery**
+4. Click **Login with idp1** (NOTE: login page should NOT have material design)
+5. Login as idp1 administrator, e.g., username=admin & password=a
+6. Click **Logout**
+7. Click **Authentication** tab
+8. Click **Test configured authentication sources**
+9. Click **hub-discovery**
+10. Click **Login with idp2** (NOTE: login page should have material design)
+11. Login as idp2 administrator, e.g., username=admin & password=b
+
+## i18n support
+Translations are categorized by page in definition files located in the `dictionaries` directory.
+
+Localization is affected by the configuration setting `language.available`.  Only language codes found in this property will be utilized.  
+For example, if a translation is provided in Afrikaans for this module, the configuration must be adjusted to make 'af' an available
+language.  If that's not done, the translation function will not utilize the translations even if provided.

composer.json

@@ -1,5 +1,5 @@
 {
-  "name": "silinternational/simplesamlphp-module-theme-material",
+  "name": "silinternational/simplesamlphp-module-material",
   "description": "Material Design theme for IdP Hub based on SimpleSAMLphp",
   "type": "simplesamlphp-module",
   "license": "MIT",
@@ -13,7 +13,7 @@
   "require": {
     "php": ">=5.4",
     "roave/security-advisories": "dev-master",
-    "simplesamlphp/composer-module-installer": "~1.1",
-    "silinternational/ssp-utilities": "dev-develop"
+    "simplesamlphp/composer-module-installer": "^1.1.5",
+    "simplesamlphp/simplesamlphp": "^1.14.10"
   }
 }

development/hub/authsources.php

@@ -0,0 +1,11 @@
+<?php
+$config = [
+    'admin' => [
+        'core:AdminPassword',
+    ],
+    'hub-discovery' => [
+        'saml:SP',
+        'entityID' => 'ssp-hub.local',
+        'discoURL'  => null,
+    ],
+];

development/hub/cert/ssp-hub.crt

@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIJANuvVcQPANecMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNV
+BAYTAlVTMQswCQYDVQQIDAJOQzEPMA0GA1UEBwwGV2F4aGF3MQwwCgYDVQQKDANT
+SUwxDTALBgNVBAsMBEdUSVMxDjAMBgNVBAMMBVN0ZXZlMSQwIgYJKoZIhvcNAQkB
+FhVzdGV2ZV9iYWd3ZWxsQHNpbC5vcmcwHhcNMTYxMDE3MTIzMTEyWhcNMjYxMDE3
+MTIzMTEyWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTkMxDzANBgNVBAcMBldh
+eGhhdzEMMAoGA1UECgwDU0lMMQ0wCwYDVQQLDARHVElTMQ4wDAYDVQQDDAVTdGV2
+ZTEkMCIGCSqGSIb3DQEJARYVc3RldmVfYmFnd2VsbEBzaWwub3JnMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAimEkw4Teyf/gZelL7OuQYg/JbDIKHP
+XJhLPBm/HK6pM5ZZKydVXTdMgMqkl4xK+xZ2CnkozsUiMLhAuWBsX9Dcz1M4SkPR
+wk4puFhXzsp7fKIVP43zUhF7p2TmbernrrIQHjg6PuegKmCGyiKUpukcYvf2RXNw
+HwJx+Uq0zLP4PgBSrQ2t1eKZ1jQ+noBb1NqOuy969WRYmN4EmjXDuJB9d+b3Gwtb
+ZToWgiFxFjd/NN9BFJXZEaLzRj5LAq5bu2vPPDZDarHFMRUzVJ91eafoaz6zpR1i
+UGj9zR+y2sUPxD/fJMZ+4AHWA2LOrTBBIuuWbp96yvcJ4WjmlfhcFQIDAQABo1Aw
+TjAdBgNVHQ4EFgQUkJFAMJdr2lXsuezS6pDXHnmJspMwHwYDVR0jBBgwFoAUkJFA
+MJdr2lXsuezS6pDXHnmJspMwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC
+AQEAOEPbchaUr45L5i+ueookevsABYnltwJZ4rYJbF9VURPcEhB6JxTMZqb4s113
+ftHvVYfoAfLYZ9swETaHL+esx41yAebf0kWpQ3f63S5F2FcrTj+HP0XsvW/EDrva
+TKM9jnKPNmbXrpq06eaUZfkVL0TAUsxYTKkttTSTiESEzp5wzYyhp7l3kpHhEvGO
+lh5suYjnZ2HN0uxscCR6PS47H6TMMEZuG032DWDC016/JniWvERtpf4Yw26V+I9x
+evp2E2MPcZne31Pe3sCh4Wpe4cV/SCFqZHlpnH96ncz4F+KvmmhbEx5VPhQSJNFI
+WEvI86k+lTNQOqj6YVvGvq95LQ==
+-----END CERTIFICATE-----

development/hub/cert/ssp-hub.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDECKYSTDhN7J/+
+Bl6Uvs65BiD8lsMgoc9cmEs8Gb8crqkzllkrJ1VdN0yAyqSXjEr7FnYKeSjOxSIw
+uEC5YGxf0NzPUzhKQ9HCTim4WFfOynt8ohU/jfNSEXunZOZt6ueushAeODo+56Aq
+YIbKIpSm6Rxi9/ZFc3AfAnH5SrTMs/g+AFKtDa3V4pnWND6egFvU2o67L3r1ZFiY
+3gSaNcO4kH135vcbC1tlOhaCIXEWN38030EUldkRovNGPksCrlu7a888NkNqscUx
+FTNUn3V5p+hrPrOlHWJQaP3NH7LaxQ/EP98kxn7gAdYDYs6tMEEi65Zun3rK9wnh
+aOaV+FwVAgMBAAECggEAWgaixcptHRQrEYy5SNQruXrgET/nUogc46go/OvSAYkQ
+uVk1kATbRhjMMGVfmx1Znd/dy8eCfxq3LeqgBsIKYyJXFXthYXGt1e7xZ/BiOtxw
+Q3doDKzS7oCK6gADdr0nMuohTs+BqDvVKUD1BcVFwTVSzPyVA6YU+piz4Ml3KH46
+rQDHtr5pHZFLYvk3NmNlRNTsikMoB7beB8nvQE/HUgAyDNQfP+m8n+cyGK9cTGhb
+6gOkpPYeFrHyHH3mqXRf5G87MO7IvgA6iWPRmmy+ATulBjw+L2xKc98TvSAJVuTL
+9q+Uxc4VjpJO/hZRsYOidaBM4VufjdpG0bBkaPERIQKBgQD8Xpuy40nMtQy3ieQO
+rJ1ssuZ8N1GFW3kwcHyGsU8AmnVdXvFOxTuI+XUc+u5zBPaQ57uxfr6Cy6JMeWL8
+JbiTCFN3Dm9UC1mUyHGV6j7mG0ZVYV2T+X4e1toRdd73XW7wumP0EwiKPSHCLDZr
+kNXh28DeCFON6gqbIPKMCuMDPQKBgQDG2pMrpSNTFMDzlpKQsY07dkdQ08X8yi55
+ZC+FDXWPqu7AAcVv9VAyJg6indZ7sSYvkDppEwPWzoD7DiW3PDMXT+Ynm++yoCi/
+XGnIqDhbmjbSZkjSvxrc5KRnW+P0kHcBiUNlcqrMImeFAdpeBpNGwxCaZNinsCk8
+L1ewd2NpuQKBgB+afWb+fYxsE8acNvn7dc9Z6/EcQFIx7VA6le2MILeToCTsMc3K
+dzUlABx79AZlVbc5vdBxbcwVUiK/hLzMwHtxLHqZTSm6LiKqo0bBydSpD7q7cauJ
+L9kO0Mok96IEilMNFF1JUOV22FZnkP0RaydYjKOBaW05JNDeZGFTL7CFAoGAYXcc
+j1XfnIcdk8cHi3gbGzv79Hf4INEQOluKlxJjvskvQFkd5qQ8bHgO0FHAoNvRNZrh
+pkK1rQGGYocqoUcWW6TD0EI0GD87+Z9YEguxo+RQXovXwcP9bKt8kVSOxH5SdiRL
+LlwnrupmBuFDoLZkVViiuKoZLwe/Dkq+FjZOObECgYEA8kj+rlLcw0xI50SKLQtL
+Jg++TiUxugYoQt1qVVbNDTL33Ar3nXBss/vWSWInC7LUo7A5/FIA72HwK3vOyD7G
+GDY96Z5na22U4TqImhxA42fgz9BMIr8WM5l/W4qubt5jvaZuxLCWsd/Xv47WZkPx
+U6cvpCy7lsAaD4U6XYCtadM=
+-----END PRIVATE KEY-----

development/hub/saml20-idp-hosted.php

@@ -0,0 +1,7 @@
+<?php
+$metadata['ssp-hub.local'] = [
+	'host' => 'ssp-hub.local',
+	'privatekey' => 'ssp-hub.pem',
+	'certificate' => 'ssp-hub.crt',
+	'auth' => 'hub-discovery',
+];

development/hub/saml20-idp-remote.php

@@ -0,0 +1,21 @@
+<?php
+$metadata['http://ssp-hub-idp1.local:8085'] = [
+    'metadata-set' => 'saml20-idp-remote',
+    'entityid' => 'http://ssp-hub-idp1.local:8085',
+    'name' => [
+        'en' => 'IdP 1'
+    ],
+    'SingleSignOnService'  => 'http://ssp-hub-idp1.local:8085/saml2/idp/SSOService.php',
+    'SingleLogoutService'  => 'http://ssp-hub-idp1.local:8085/saml2/idp/SingleLogoutService.php',
+    'certData' => 'MIIDzzCCAregAwIBAgIJAPlZYTAQSIbHMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOQzEPMA0GA1UEBwwGV2F4aGF3MQwwCgYDVQQKDANTSUwxDTALBgNVBAsMBEdUSVMxDjAMBgNVBAMMBVN0ZXZlMSQwIgYJKoZIhvcNAQkBFhVzdGV2ZV9iYWd3ZWxsQHNpbC5vcmcwHhcNMTYxMDE3MTIzMTQ1WhcNMjYxMDE3MTIzMTQ1WjB+MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTkMxDzANBgNVBAcMBldheGhhdzEMMAoGA1UECgwDU0lMMQ0wCwYDVQQLDARHVElTMQ4wDAYDVQQDDAVTdGV2ZTEkMCIGCSqGSIb3DQEJARYVc3RldmVfYmFnd2VsbEBzaWwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArssOaeKbdOQFpN6bBolwSJ/6QFBXA73Sotg60anx9v6aYdUTmi+b7SVtvOmHDgsD5X8pN/6Z11QCZfTYg2nW3ZevGZsj8W/R6C8lRLHzWUr7e7DXKfj8GKZptHlUs68kn0ndNVt9r/+irJe9KBdZ+4kAihykomNdeZg06bvkklxVcvpkOfLTQzEqJAmISPPIeOXes6hXORdqLuRNTuIKarcZ9rstLnpgAs2TE4XDOrSuUg3XFnM05eDpFQpUb0RXWcD16mLCPWw+CPrGoCfoftD5ZGfll+W2wZ7d0kQ4TbCpNyxQH35q65RPVyVNPgSNSsFFkmdcqP9DsFqjJ8YC6wIDAQABo1AwTjAdBgNVHQ4EFgQUD6oyJKOPPhvLQpDCC3027QcuQwUwHwYDVR0jBBgwFoAUD6oyJKOPPhvLQpDCC3027QcuQwUwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAA6tCLHJQGfXGdFerQ3J0wUu8YDSLb0WJqPtGdIuyeiywR5ooJf8G/jjYMPgZArepLQSSi6t8/cjEdkYWejGnjMG323drQ9M1sKMUhOJF4po9R3t7IyvGAL3fSqjXA8JXH5MuGuGtChWxaqhduA0dBJhFAtAXQ61IuIQF7vSFxhTwCvJnaWdWD49sG5OqjCfgIQdY/mw70e45rLnR/bpfoigL67sTJxy+Kx2ogbvMR6lITByOEQFMt7BYpMtXrwvKUM7k9NOo1jREmJacC8PTx//jRhCWwzUj1RsfIri24BuITrawwqMsYl8DZiiwMpjUf9m4NPaf4E7+QRpzo+MCcg==',
+];
+$metadata['http://ssp-hub-idp2.local:8086'] = [
+    'metadata-set' => 'saml20-idp-remote',
+    'entityid' => 'http://ssp-hub-idp2.local:8086',
+    'name' => [
+        'en' => 'IdP 2'
+    ],
+    'SingleSignOnService'  => 'http://ssp-hub-idp2.local:8086/saml2/idp/SSOService.php',
+    'SingleLogoutService'  => 'http://ssp-hub-idp2.local:8086/saml2/idp/SingleLogoutService.php',
+    'certData' => 'MIIDzzCCAregAwIBAgIJALBaUrvz1X5DMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOQzEPMA0GA1UEBwwGV2F4aGF3MQwwCgYDVQQKDANTSUwxDTALBgNVBAsMBEdUSVMxDjAMBgNVBAMMBVN0ZXZlMSQwIgYJKoZIhvcNAQkBFhVzdGV2ZV9iYWd3ZWxsQHNpbC5vcmcwHhcNMTYxMDE4MTQwMDUxWhcNMjYxMDE4MTQwMDUxWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTkMxDzANBgNVBAcMBldheGhhdzEMMAoGA1UECgwDU0lMMQ0wCwYDVQQLDARHVElTMQ4wDAYDVQQDDAVTdGV2ZTEkMCIGCSqGSIb3DQEJARYVc3RldmVfYmFnd2VsbEBzaWwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5mZNwjEnakJho+5etuFyx+2g9rs96iLX/LDC24aBAsdNxTNuIc1jJ7pxBxGrepEND4LkietLNBlOr1q50nq2+ddTrCfmoJB+9BqBOxcm9qWeqWbp8/arUjaxPzK3DfZrxJxIVFjzqFF7gI91y9yvEW/fqLRMhvnH1ns+N1ne59zr1y6h9mmHfBffGr1YXAfyEAuV1ich4AfTfjqhdwFwxhFLLCVnxA0bDbNw/0eGCSiA13N7a013xTurLeJu0AQaZYssMqvc/17UphH4gWDMEZAwy0EfRSBOsDOYCxeNxVajnWX1834VDpBDfpnZj996Gh8tzRQxQgT9/plHKhGiwIDAQABo1AwTjAdBgNVHQ4EFgQUApxlUQg26GrG3eH8lEG3SkqbH/swHwYDVR0jBBgwFoAUApxlUQg26GrG3eH8lEG3SkqbH/swDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEANhbm8WgIqBDlF7DIRVUbq04TEA9nOJG8wdjJYdoKrPX9f/E9slkFuD2StcK99RTcowa8Z2OmW7tksa+onyH611Lq21QXh4aHzQUAm2HbsmPQRZnkByeYoCJ/1tuEho+x+VGanaUICSBVWYiebAQVKHR6miFypRElibNBizm2nqp6Q9B87V8COzyDVngR1DlWDduxYaNOBgvht3Rk9Y2pVHqym42dIfN+pprcsB1PGBkY/BngIuS/aqTENbmoC737vcb06e8uzBsbCpHtqUBjPpL2psQZVJ2Y84JmHafC3B7nFQrjdZBbc9eMHfPo240Rh+pDLwxdxPqRAZdeLaUkCQ==',
+];

development/idp1/authsources.php

@@ -0,0 +1,6 @@
+<?php
+$config = [
+    'admin' => [
+        'core:AdminPassword',
+    ],
+];