silinternational / simplesamlphp-module-material
Material Design theme for IdP Hub based on SimpleSAMLphp
Installs: 2 194
Dependents: 1
Suggesters: 0
Security: 0
Stars: 9
Watchers: 7
Forks: 5
Open Issues: 0
Type:simplesamlphp-module
Requires
- php: >=7.0
- ext-json: *
- silinternational/ssp-utilities: ^1.0
- simplesamlphp/composer-module-installer: ^1.1.5
- simplesamlphp/simplesamlphp: ~1.18.6 || ~1.19.0
Requires (Dev)
- roave/security-advisories: dev-master
- dev-develop
- 8.1.2
- 8.1.1
- 8.1.0
- 8.0.3
- 8.0.2
- 8.0.1
- 8.0.0
- 7.6.2
- 7.6.1
- 7.6.0
- 7.5.1
- 7.5.0
- 7.4.3
- 7.4.2
- 7.4.1
- 7.4.0
- 7.3.9
- 7.3.8
- 7.3.7
- 7.3.6
- 7.3.5
- 7.3.4
- 7.3.3
- 7.3.2
- 7.3.1
- 7.3.0
- 7.2.1
- 7.2.0
- 7.1.0
- 7.0.0
- 6.1.0
- 6.0.0
- 5.2.2
- 5.2.1
- 5.2.0
- 5.1.0
- 5.0.0
- 4.0.6
- 4.0.5
- 4.0.4
- 4.0.3
- 4.0.2
- 4.0.1
- 4.0.0
- 3.1.1
- 3.1.0
- 3.0.0
- 2.3.1
- 2.3.0
- 2.2.1
- 2.2.0
- 2.1.1
- 2.1.0
- 2.0.0
- 1.0.2
- 1.0.1
- 1.0.0
- dev-master
- dev-feature/interum-design
- dev-feature/interum-layout
- dev-feature/update-selectidp-links
- dev-l10n_develop
- dev-feature/ssp-1-19
- dev-whitesource/configure
This package is auto-updated.
Last update: 2024-07-25 05:20:54 UTC
README
This repository is no longer maintained. It has been included directly in https://github.com/silinternational/ssp-base.
--
Material Design theme for use with SimpleSAMLphp
Installation
composer.phar require silinternational/simplesamlphp-module-material:dev-master
Configuration
Update /simplesamlphp/config/config.php
:
'theme.use' => 'material:material'
ssp-base provides a convenience by loading this config with whatever is in the environment variable THEME_USE
.
Google reCAPTCHA
If a site key has been provided in $this->data['recaptcha.siteKey']
, the
username/password page may require the user prove his/her humanity.
Branding
Update /simplesamlphp/config/config.php
:
'theme.color-scheme' => ['indigo-purple'|'blue_grey-teal'|'red-teal'|'orange-light_blue'|'brown-orange'|'teal-blue']
The login page looks for /simplesamlphp/www/logo.png
which is NOT provided by default.
Analytics
Update /simplesamlphp/config/config.php
:
'analytics.trackingId' => 'G-some-unique-id-for-your-site'
ssp-base provides a convenience by loading this config with whatever is in the environment variable ANALYTICS_ID
.
Announcements
Update /simplesamlphp/announcement/announcement.php
:
return 'Some <strong>important</strong> announcement';
ssp-utilities provides whatever is returned by /simplesamlphp/announcement/announcement.php
.
If provided, an alert will be shown to the user filled with the content of that announcement. HTML is supported.
Testing theme
Make, Docker and Docker Compose are required.
Setup
- Setup
localhost
(or192.168.62.54
, if using Vagrant) aliases forssp-hub1.local
,ssp-hub2.local
,ssp-idp1.local
,ssp-idp2.local
,ssp-idp3.local
,ssp-idp4.local
,ssp-sp1.local
andssp-sp2.local
. This is typically done in/etc/hosts
. Example line:0.0.0.0 ssp-hub1.local ssp-idp1.local ssp-idp2.local ssp-idp4.local ssp-hub2.local ssp-idp3.local ssp-sp1.local ssp-sp2.local
- Start test environment, i.e.,
make
from the command line.
Hub page
- Goto Hub 1
Error page
- Goto Hub 1
- Click Federation tab
- Click either Show metadata link
- Login as hub administrator:
username=
adminpassword=
abc123
Logout page
- Goto Hub 1
- Click Authentication tab
- Click Test configured authentication sources
- Click admin
- Login as hub administrator:
username=
adminpassword=
abc123 - Click Logout
Login page
Without theme in place
- Goto SP 1
- Click idp1 (first one)
- login page should NOT have material design
With theme in place
- Goto SP 1
- Click idp2 (second one)
- login page SHOULD have material design
Forgot password functionality
- Goto SP 1
- Click idp2 (second one)
- Forgot password link should be visible
Helpful links functionality
- Goto SP 1
- Click idp4 (third one)
- Help link should be visible under login form
- Profile link should be visible under login form
Expiry functionality
About to expire page (expires in one day)
Note: This nag only works once since choosing later will simply set the nag date into the future a little. If needed, use a new private/incognito browser window to retry.
- Goto SP 1
- Click idp2 (second one)
- Login as an "about to expire" user:
username=
near_futurepassword=
a - Click Later
- Click Logout
About to expire page (expires in three days)
Note: This nag only works once since choosing later will simply set the nag date into the future a little. If needed, use a new private/incognito browser window to retry.
- Goto SP 1
- Click idp2 (second one)
- Login as an "about to expire" user:
username=
near_futurepassword=
a - Click Later
- Click Logout
Expired page
- Goto SP 1
- Click idp2 (second one)
- Login as an "expired" user:
username=
already_pastpassword=
a
Multi-factor authentication (MFA) functionality
Nag about missing MFA setup
- Goto SP 1
- Click idp4 (third one)
- Login as an "unprotected" user:
username=
nag_for_mfapassword=
a - The "learn more" link should be visible
- Click Enable
- Click your browser's back button
- Click Remind me later
- Click Logout
Nag about missing password recovery methods
- Goto SP 1
- Click idp4 (third one)
- Login as a user without any methods:
username=
nag_for_methodpassword=
a - Enter one of the following codes to verify (
94923279, 82743523, 77802769, 01970541, 37771076
) - Click Add
- Click your browser's back button
- Click Remind me later
- Click Logout
Force MFA setup
- Goto SP 1
- Click idp4 (third one)
- Login as an "unsafe" user:
username=
must_set_up_mfapassword=
a
Backup code
- Goto SP 1
- Click idp4 (third one)
- Login as a "backup code" user:
username=
has_backupcodepassword=
a - Enter one of the following codes to verify (
94923279, 82743523, 77802769, 01970541, 37771076
) - Click Logout
- In order to see the "running low on codes" page, simply log back in and use another code.
- In order to see the "out of codes" page, simply log back in and out repeatedly until there are no more codes.
TOTP code
- Goto SP 1
- Click idp4 (third one)
- Login as a "totp" user:
username=
has_totppassword=
a - You should see the form to enter a totp code.
- Set up an app using this secret,
JVRXKYTMPBEVKXLS
- Enter code from app to verify
- Click Logout
Key (U2F)
- Goto SP 1
- Click idp4 (third one)
- Login as a "u2f" user:
username=
has_u2fpassword=
a - Insert key and press
- Click Logout
Key (WebAuthn)
- Goto SP 1
- Click idp4 (third one)
- Login as a "webauthn" user:
username=
has_webauthnpassword=
a - Insert key and press
- Click Logout
Multiple options
- Goto SP 1
- Click idp4 (third one)
- Login as a "multiple option" user:
username=
has_allpassword=
a - Click MORE OPTIONS
Multiple options (legacy, with U2F)
- Goto SP 1
- Click idp4 (third one)
- Login as a "multiple option" user:
username=
has_all_legacypassword=
a - Click MORE OPTIONS
Manager rescue
- Goto SP 1
- Click idp4 (third one)
- Login as a "multiple option" user:
username=
has_allpassword=
a - Click MORE OPTIONS
- Click the help option
- Choose Send
NOTE: At this time, the correct code is not known and can't be tested locally (it's only available in an email to the manager)
Announcements functionality
- Goto SP 2
- The announcement should be displayed on the hub
- Click idp3 (first one)
- The announcement should be displayed at the login screen
SP name functionality
- Goto SP 1
- The sp name should appear in the banner
Profile review functionality
- Goto SP 1
- Click idp4 (third one)
- Login as a "Review needed" user:
username=
needs_reviewpassword=
a - Enter one of the following printable codes to verify (
94923279, 82743523, 77802769, 01970541, 37771076
) - Click the button to update the profile
- Click the button to continue
- Click Logout
i18n support
Translations are categorized by page in definition files located in the dictionaries
directory.
Localization is affected by the configuration setting language.available
. Only language codes found in this property will be utilized.
For example, if a translation is provided in Afrikaans for this module, the configuration must be adjusted to make 'af' an available
language. If that's not done, the translation function will not utilize the translations even if provided.
Debugging
Xdebug can be enabled by doing the following:
- Define
REMOTE_DEBUG_IP
inlocal.env
. This should be the IP address of your development machine, i.e. the one that is running your IDE. If you're using Linux as your Docker host, you can use 172.17.0.1 here. Note that the IP address shown in your containers' logs may not be your machines actual IP address (it could be for a VM, for example). - Map run-debug.sh into the container you wish to debug. For example:
volumes: - ./development/run-debug.sh:/data/run.sh
- Enable debugging in your IDE. See the next section for PhpStorm setup.
Configuring PhpStorm for remote debugging
In PhpStorm go to: Preferences > PHP > Debug > DBGp Proxy and set the following settings:
- Host: (your IP address or hostname)
- Port: 9000
Set path mappings in: Preferences > PHP > Servers
- Add a server, giving it your IP address and a port of 9000, and map the project folder to '/data/vendor/simplesamlphp/simplesamlphp/modules/material'
- Map other directories as needed. PhpStorm should prompt when an unrecognized path is encountered.
Then start listening by clicking the "listen" button on the PhpStorm toolbar.