Commit 084473ee authored by Jacob Priddy's avatar Jacob Priddy 👌

Add simplesaml integration

parent 142d7bb5
Pipeline #728 passed with stages
in 1 minute and 34 seconds

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.
......@@ -15,6 +15,15 @@ services:
volumes:
- ./src/web:/var/www
- ./nginx/conf.d/:/etc/nginx/conf.d/
# Saml config
- ./simplesamlphp-1.18.3:/var/simplesamlphp
- ./simple-saml/cert:/var/simplesamlphp/cert
- ./simple-saml/config:/var/simplesamlphp/config
- ./simple-saml/metadata:/var/simplesamlphp/metadata
- ./simplesamlphp-1.18.3:/var/simplesamlphp-idp
- ./simple-saml-idp/cert:/var/simplesamlphp-idp/cert
- ./simple-saml-idp/config:/var/simplesamlphp-idp/config
- ./simple-saml-idp/metadata:/var/simplesamlphp-idp/metadata
networks:
- doorcode
postgres:
......@@ -51,6 +60,15 @@ services:
volumes:
- ./src/web:/var/www
- ./php/dev.ini:/usr/local/etc/php/conf.d/local.ini
# Map saml files to the php-fpm server so it has access to them as well
- ./simplesamlphp-1.18.3:/var/simplesamlphp
- ./simple-saml/cert:/var/simplesamlphp/cert
- ./simple-saml/config:/var/simplesamlphp/config
- ./simple-saml/metadata:/var/simplesamlphp/metadata
- ./simplesamlphp-1.18.3:/var/simplesamlphp-idp
- ./simple-saml-idp/cert:/var/simplesamlphp-idp/cert
- ./simple-saml-idp/config:/var/simplesamlphp-idp/config
- ./simple-saml-idp/metadata:/var/simplesamlphp-idp/metadata
ports:
- "9000:9000"
networks:
......
......@@ -12,6 +12,31 @@ server {
access_log /var/log/nginx/access.log;
root /var/www/frontend;
location ^~ /simplesaml {
alias /var/simplesamlphp/www;
location ~ \.php(/|$) {
include fastcgi_params;
fastcgi_pass api:9000;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PATH_INFO $fastcgi_path_info if_not_empty;
}
}
location ^~ /simplesaml-idp {
alias /var/simplesamlphp-idp/www;
location ~ \.php(/|$) {
include fastcgi_params;
fastcgi_pass api:9000;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PATH_INFO $fastcgi_path_info if_not_empty;
}
}
location /api {
proxy_pass http://localhost.api/;
}
......@@ -21,6 +46,7 @@ server {
}
}
server {
listen 80;
index index.php index.html;
......
-----BEGIN CERTIFICATE-----
MIIEwTCCAymgAwIBAgIUWlixu/uHDLux2Txl3HGBngrYZxQwDQYJKoZIhvcNAQEL
BQAwcDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xFjAUBgNVBAcM
DUNvbGxlZ2UgUGxhY2UxHzAdBgNVBAoMFldhbGxhIFdhbGxhIFVuaXZlcnNpdHkx
EzARBgNVBAsMCktyZXRzY2htYXIwHhcNMjAwMTIxMTAyNjQxWhcNMzAwMTIwMTAy
NjQxWjBwMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEWMBQGA1UE
BwwNQ29sbGVnZSBQbGFjZTEfMB0GA1UECgwWV2FsbGEgV2FsbGEgVW5pdmVyc2l0
eTETMBEGA1UECwwKS3JldHNjaG1hcjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCC
AYoCggGBALhJUyYFwJRwiYzXnuR4dGkEUF6hjnbXxKnkwfuRO0Apy7G3RGtkqq+v
GOTn2MymUpYOxXNCsz6cAwrrADjnW9cRUERkqR0KSnrTsATzF6rvnodM27hREysQ
EKVW+dcKIklrXxOaSRJuCoYXV+QuSK/Qph6qDYimxdLl4CWTuWtu2Pytr5ABcewY
oawf816ErcNVw2pP2gxAB+OxyoERlo2E+6b4yk6e1V/StFdRgeABuMAPAgip49PP
d7u0hUkay0fplB5fqg7xnuwMsJRffBJRRd5bZjMRz7M3OHL8kvhjCAWn54ERf8zY
JJLaG+D96TPT7fNbyfylDzWS64wwwdo/iX3R9cwpPatAmh6ke2MGgypE1Xv2EUmq
TPnlTIgxRxX4Y+N3sQibDtat1KhDIWZFk1YAkJpOarWaXolzUt/7wsYnocA51/RE
EDoIlVwa0xLDpGAMVHpzCmOMk62C047ptUVAKwPRKwVTRo44wyK2OOOvTWef3oeG
LjQU0ICX2wIDAQABo1MwUTAdBgNVHQ4EFgQUGwOm6LVLEeLxGMOiqVHjcehg1YQw
HwYDVR0jBBgwFoAUGwOm6LVLEeLxGMOiqVHjcehg1YQwDwYDVR0TAQH/BAUwAwEB
/zANBgkqhkiG9w0BAQsFAAOCAYEAfrz2N8cMRnDpD8H6o63Sa6aVJc0soSy5dzlS
c/MLh9TvOuztWSovaDmfsshMTBH6ChZQ+XifZWwKJaf+fFaYGgcFDFwQVslzGjoS
Y2VXYSKmcfSIOpb4jkKvc4mjuxLxhi/WcKga7IVb7/xNw5uqWfJI+ndtz45AwJ/z
pzQjvAMipZwjtwAgryXhcAdBlzhSRNdysPPCDCxjQWqaI+SSWMa0Ud/frXgYeOP9
ID73qOf9rKrSjftJKXCYpXsjGykkv9GrCjJxe+usRSHXw6ddrO7aYfl7mXjsXQh+
OlhuKog8MGUOQMa2I14qn8qTPKNmMl62Qu06pYFgDez9oLPM40mEilRpNQHO/lDq
wS8J6x8Ir/Ub8a38s+VkIWGHsnvLDR/tHW0VI+RGsL10hsUbV2geIQ0CkDOJMo9k
ohlLqBf0WKr+sSRH7n/M/Kd0bccERTnr9NYl76Wuddo3v4JcIf48vYE8pUFDmCTG
RwnTN6vCnNZLvWa/+WwYLpN8KhYW
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQC4SVMmBcCUcImM
157keHRpBFBeoY5218Sp5MH7kTtAKcuxt0RrZKqvrxjk59jMplKWDsVzQrM+nAMK
6wA451vXEVBEZKkdCkp607AE8xeq756HTNu4URMrEBClVvnXCiJJa18TmkkSbgqG
F1fkLkiv0KYeqg2IpsXS5eAlk7lrbtj8ra+QAXHsGKGsH/NehK3DVcNqT9oMQAfj
scqBEZaNhPum+MpOntVf0rRXUYHgAbjADwIIqePTz3e7tIVJGstH6ZQeX6oO8Z7s
DLCUX3wSUUXeW2YzEc+zNzhy/JL4YwgFp+eBEX/M2CSS2hvg/ekz0+3zW8n8pQ81
kuuMMMHaP4l90fXMKT2rQJoepHtjBoMqRNV79hFJqkz55UyIMUcV+GPjd7EImw7W
rdSoQyFmRZNWAJCaTmq1ml6Jc1Lf+8LGJ6HAOdf0RBA6CJVcGtMSw6RgDFR6cwpj
jJOtgtOO6bVFQCsD0SsFU0aOOMMitjjjr01nn96Hhi40FNCAl9sCAwEAAQKCAYEA
hvnltcamy9I1XPwcu9hh4v0u5HDOCMt2lr0fO2OfExrJv6usqD/+KFlGEXqitxnn
CVNeWVJ0OJpKPDftXMBP6xEaSk2z87oy3Q2pMabfIesJoK2xjKmNMZA9sOwoZ9Fb
VY0YASKS/LWubZIxZMZlpKhc077X1MvZvuNxrfQp7b8tnLyWBxKX30YXPBvWw9bH
8nchfv9nhGttm97/pFM+gv7w1tYIT1dUjy+juQTQ7EI2kC0t3yyX2u5tEwVgTjAZ
j4ZNfULgro/FOB5QLZkktcKJhfkyJVBMpwOmxc/eLsT5nUR9TTXLm71E94ZEyFvU
WrOWwlYKhFLrv4StgvjJJpvo8hpzQl8HU1EbUWB5eMehyl9o9mabwVcuvifuRcdS
KvVP+v/aH+KMKhMjtoRt5iNv4bGnullGQz0xsO/ChtVeseMmpwBJtIohj+q5Ffn9
7a/UMODYce6VTxNlFGCJokwSFTiDjA4iYtCIPZA5fkxTt38kbNbJCmc4fYISp38J
AoHBAOBK/BBfkh34epifG5Y18p9HvFLp5l9g0aBlgo9UmgdiQiHZRbKLoDXbRF49
72XW3yD4Lksbv8Gu+m/+rFfoNbID2Er9A55a4t7ShoUsy11usC58hPyMKivd8HMm
TBCv2fZyGHrRdPtNXeAYfz2N3+hBN+TUClLWhxy51xsvFnjLuUFeXdfSLdd05ane
Cq9blQjQOPI9O83+U9vU7x3f2LZuV9Z43NT3KoDTy8MtWabNDViWYp+ltyi3h0Il
b0GgZwKBwQDSVogJOEeBhx0KkspR93+88vXSiAgTzhR+IfXsPT0aGDtXleTqkIOe
8LZYnQaCsL6jQtJGocWkpF140NUG6CCkg08e21avOHM5DgQ5/6XyL1aESmJ2BNJH
nyrRpGyRRGdgtcK0uomZMhYT6hh/TID4d0x3OAwghRBuS0+pGExjj8ViqkFJ1SLC
+NQvn2c7V0sCz5uS0OW0inoCs/piby2fxns7tFS+w9L6OrJhfKmn6S5A6bfwjRsl
RWLfjcU21G0CgcEAu3tSWWlZnP2/lGWizJuJk8SF0ZS8QUuPzhAr4x0npzZl6x9P
mCAIKhx/eHsy6iCC4G8zWwr17bMSmZz6eHycrZFzMbNuW+bCrtixIw6/avkEAceJ
7gRHl+VrgQUpHeWwPsU+WyNMMmeIKbKwYUZ/PAeP7hGkE3xI8iURfiKNGSnJT6/O
p4GDWg7XjncQ3WWjHPvYLfwrSlPlyuKhgYpD/rIbcCYVCVsVRxxCvYHh54CNQFhs
VeBSSpGmWQ8rgWLPAoHAQ5QJoOy0DKmcawk+d5dNMyfcUwfhkHtlmiDPIleKihe+
+STvp21G3In6C/5nWRXwKgQOCyNunLcyUN7HkrCBzFlj0kYmU6WPX4VhVkEM0ALl
iRtdBw4FgX1iBHkPaJzRmgDLzcUg8FdnQH614DB0P2AU8TjQrKIT5VvM/EcSQ+qt
QEXzNAWGZZ4MjkBoqmghcYXCNilno9nZ2YR5raaKwgrDDSujDqdb4Yl6RlgHKiuA
8NomfuLXFeJ1Id4qvrMBAoHAEA72uhRfmdJqRrZNfJ4ysUndtnQRtJAfaQH9MVbU