mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-06-20 17:15:51 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Use newer nbgrp/onelogin-saml-bundle bundle for handling SAML

Browse source
This commit is contained in:
Jan Böhmer 2023-05-27 20:38:32 +02:00
parent edce70bc12
commit 9f52d364c9
6 changed files with 233 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

1
composer.json
View file

@ -29,6 +29,7 @@
"league/csv": "^9.8.0",
"league/html-to-markdown": "^5.0.1",
"liip/imagine-bundle": "^2.2",
"nbgrp/onelogin-saml-bundle": "^1.3",
"nelexa/zip": "^4.0",
"nelmio/security-bundle": "^3.0",
"nyholm/psr7": "^1.1",

167
composer.lock generated
View file

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "ef71583adf031fff76718bf97c9ca69c",
"content-hash": "bc9721bfdd7cdf88630f55f2ff97a28d",
"packages": [
{
"name": "beberlei/assert",
@ -3431,6 +3431,73 @@
],
"time": "2023-02-06T13:46:10+00:00"
},
{
"name": "nbgrp/onelogin-saml-bundle",
"version": "v1.3.2",
"source": {
"type": "git",
"url": "https://github.com/nbgrp/onelogin-saml-bundle.git",
"reference": "907a59431edcfbb962b2bb952d987693b63ca757"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/nbgrp/onelogin-saml-bundle/zipball/907a59431edcfbb962b2bb952d987693b63ca757",
"reference": "907a59431edcfbb962b2bb952d987693b63ca757",
"shasum": ""
},
"require": {
"onelogin/php-saml": "^4",
"php": "^8.1",
"psr/log": "^1 || ^2 || ^3",
"symfony/config": "^6",
"symfony/dependency-injection": "^6",
"symfony/deprecation-contracts": "^3",
"symfony/event-dispatcher-contracts": "^3",
"symfony/http-foundation": "^6",
"symfony/http-kernel": "^6",
"symfony/routing": "^6",
"symfony/security-bundle": "^6",
"symfony/security-core": "^6",
"symfony/security-http": "^6"
},
"conflict": {
"symfony/http-kernel": "<6.2",
"symfony/security-core": "<6.2"
},
"require-dev": {
"doctrine/orm": "^2.3 || ^3",
"symfony/event-dispatcher": "^6",
"symfony/phpunit-bridge": "^6"
},
"type": "symfony-bundle",
"autoload": {
"psr-4": {
"Nbgrp\\OneloginSamlBundle\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"authors": [
{
"name": "Alexander Menshchikov",
"email": "alexander.menshchikov@yandex.ru"
}
],
"description": "OneLogin SAML Symfony Bundle",
"keywords": [
"SSO",
"multiple IdP",
"onelogin",
"saml"
],
"support": {
"issues": "https://github.com/nbgrp/onelogin-saml-bundle/issues",
"source": "https://github.com/nbgrp/onelogin-saml-bundle/tree/v1.3.2"
},
"time": "2023-03-22T20:23:42+00:00"
},
{
"name": "nelexa/zip",
"version": "4.0.2",
@ -3933,6 +4000,62 @@
},
"time": "2023-04-24T09:09:02+00:00"
},
{
"name": "onelogin/php-saml",
"version": "4.1.0",
"source": {
"type": "git",
"url": "https://github.com/onelogin/php-saml.git",
"reference": "b22a57ebd13e838b90df5d3346090bc37056409d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/onelogin/php-saml/zipball/b22a57ebd13e838b90df5d3346090bc37056409d",
"reference": "b22a57ebd13e838b90df5d3346090bc37056409d",
"shasum": ""
},
"require": {
"php": ">=7.3",
"robrichards/xmlseclibs": ">=3.1.1"
},
"require-dev": {
"pdepend/pdepend": "^2.8.0",
"php-coveralls/php-coveralls": "^2.0",
"phploc/phploc": "^4.0 || ^5.0 || ^6.0 || ^7.0",
"phpunit/phpunit": "^9.5",
"sebastian/phpcpd": "^4.0 || ^5.0 || ^6.0 ",
"squizlabs/php_codesniffer": "^3.5.8"
},
"suggest": {
"ext-curl": "Install curl lib to be able to use the IdPMetadataParser for parsing remote XMLs",
"ext-dom": "Install xml lib",
"ext-openssl": "Install openssl lib in order to handle with x509 certs (require to support sign and encryption)",
"ext-zlib": "Install zlib"
},
"type": "library",
"autoload": {
"psr-4": {
"OneLogin\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"description": "OneLogin PHP SAML Toolkit",
"homepage": "https://developers.onelogin.com/saml/php",
"keywords": [
"SAML2",
"onelogin",
"saml"
],
"support": {
"email": "sixto.garcia@onelogin.com",
"issues": "https://github.com/onelogin/php-saml/issues",
"source": "https://github.com/onelogin/php-saml/"
},
"time": "2022-07-15T20:44:36+00:00"
},
{
"name": "paragonie/constant_time_encoding",
"version": "v2.6.3",
@ -5297,6 +5420,48 @@
},
"time": "2021-10-29T13:26:27+00:00"
},
{
"name": "robrichards/xmlseclibs",
"version": "3.1.1",
"source": {
"type": "git",
"url": "https://github.com/robrichards/xmlseclibs.git",
"reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/robrichards/xmlseclibs/zipball/f8f19e58f26cdb42c54b214ff8a820760292f8df",
"reference": "f8f19e58f26cdb42c54b214ff8a820760292f8df",
"shasum": ""
},
"require": {
"ext-openssl": "*",
"php": ">= 5.4"
},
"type": "library",
"autoload": {
"psr-4": {
"RobRichards\\XMLSecLibs\\": "src"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"BSD-3-Clause"
],
"description": "A PHP library for XML Security",
"homepage": "https://github.com/robrichards/xmlseclibs",
"keywords": [
"security",
"signature",
"xml",
"xmldsig"
],
"support": {
"issues": "https://github.com/robrichards/xmlseclibs/issues",
"source": "https://github.com/robrichards/xmlseclibs/tree/3.1.1"
},
"time": "2020-09-05T13:00:25+00:00"
},
{
"name": "s9e/regexp-builder",
"version": "1.4.6",

1
config/bundles.php
View file

@ -27,4 +27,5 @@ return [
Scheb\TwoFactorBundle\SchebTwoFactorBundle::class => ['all' => true],
SpomkyLabs\CborBundle\SpomkyLabsCborBundle::class => ['all' => true],
Webauthn\Bundle\WebauthnBundle::class => ['all' => true],
Nbgrp\OneloginSamlBundle\NbgrpOneloginSamlBundle::class => ['all' => true],
];

60
config/packages/hslavich_onelogin_saml.yaml
View file

@ -1,60 +0,0 @@
# See https://github.com/SAML-Toolkits/php-saml for more information about the SAML settings
hslavich_onelogin_saml:
# Basic settings
idp:
entityId: '%env(string:SAML_IDP_ENTITY_ID)%'
singleSignOnService:
url: '%env(string:SAML_IDP_SINGLE_SIGN_ON_SERVICE)%'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
singleLogoutService:
url: '%env(string:SAML_IDP_SINGLE_LOGOUT_SERVICE)%'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
x509cert: '%env(string:SAML_IDP_X509_CERT)%'
sp:
entityId: '%env(string:SAML_SP_ENTITY_ID)%'
assertionConsumerService:
url: '%partdb.default_uri%saml/acs'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
singleLogoutService:
url: '%partdb.default_uri%logout'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
x509cert: '%env(string:SAML_SP_X509_CERT)%'
privateKey: '%env(string:SAMLP_SP_PRIVATE_KEY)%'
# Optional settings
#baseurl: 'http://myapp.com'
strict: true
debug: false
security:
allowRepeatAttributeName: true
# nameIdEncrypted: false
authnRequestsSigned: true
logoutRequestSigned: true
logoutResponseSigned: true
# wantMessagesSigned: false
# wantAssertionsSigned: true
# wantNameIdEncrypted: false
# requestedAuthnContext: true
# signMetadata: false
# wantXMLValidation: true
# relaxDestinationValidation: false
# destinationStrictlyMatches: true
# rejectUnsolicitedResponsesWithInResponseTo: false
# signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
# digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256'
#contactPerson:
# technical:
# givenName: 'Tech User'
# emailAddress: 'techuser@example.com'
# support:
# givenName: 'Support User'
# emailAddress: 'supportuser@example.com'
# administrative:
# givenName: 'Administrative User'
# emailAddress: 'administrativeuser@example.com'
#organization:
# en:
# name: 'Part-DB-name'
# displayname: 'Displayname'
# url: 'http://example.com'

62
config/packages/nbgrp_onelogin_saml.yaml Normal file
View file

@ -0,0 +1,62 @@
# See https://github.com/SAML-Toolkits/php-saml for more information about the SAML settings
nbgrp_onelogin_saml:
onelogin_settings:
default:
# Basic settings
idp:
entityId: '%env(string:SAML_IDP_ENTITY_ID)%'
singleSignOnService:
url: '%env(string:SAML_IDP_SINGLE_SIGN_ON_SERVICE)%'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
singleLogoutService:
url: '%env(string:SAML_IDP_SINGLE_LOGOUT_SERVICE)%'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
x509cert: '%env(string:SAML_IDP_X509_CERT)%'
sp:
entityId: '%env(string:SAML_SP_ENTITY_ID)%'
assertionConsumerService:
url: '%partdb.default_uri%saml/acs'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
singleLogoutService:
url: '%partdb.default_uri%logout'
binding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'
x509cert: '%env(string:SAML_SP_X509_CERT)%'
privateKey: '%env(string:SAMLP_SP_PRIVATE_KEY)%'
# Optional settings
#baseurl: 'http://myapp.com'
strict: true
debug: false
security:
allowRepeatAttributeName: true
# nameIdEncrypted: false
authnRequestsSigned: true
logoutRequestSigned: true
logoutResponseSigned: true
# wantMessagesSigned: false
# wantAssertionsSigned: true
# wantNameIdEncrypted: false
# requestedAuthnContext: true
# signMetadata: false
# wantXMLValidation: true
# relaxDestinationValidation: false
# destinationStrictlyMatches: true
# rejectUnsolicitedResponsesWithInResponseTo: false
# signatureAlgorithm: 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
# digestAlgorithm: 'http://www.w3.org/2001/04/xmlenc#sha256'
#contactPerson:
# technical:
# givenName: 'Tech User'
# emailAddress: 'techuser@example.com'
# support:
# givenName: 'Support User'
# emailAddress: 'supportuser@example.com'
# administrative:
# givenName: 'Administrative User'
# emailAddress: 'administrativeuser@example.com'
#organization:
# en:
# name: 'Part-DB-name'
# displayname: 'Displayname'
# url: 'http://example.com'

3
symfony.lock
View file

@ -204,6 +204,9 @@
"monolog/monolog": {
"version": "1.24.0"
},
"nbgrp/onelogin-saml-bundle": {
"version": "v1.3.2"
},
"nelmio/security-bundle": {
"version": "2.4",
"recipe": {