The Shibboleth IdP 3.4 installed by this project is extended to act as a OpenID Connect provider.
The maven project needs to be built first. The ansible scipts will then perform first installation of Shibboleth Idp V3, after which the extensions are installed.
git clone https://github.com/CSCfi/shibboleth-idp-oidc-extension cd shibboleth-idp-oidc-extension/ mvn package vagrant up
You need to be root to access all the necessary files.
vagrant ssh sudo su -
By following log entries it should be possible to get an idea of the execution.
tail -f /opt/shibboleth-idp/logs/idp-process.log
Self Test Page
Fastest way to test installation is to use preconfigured mod_auth_openidc client for authentication sequence that may be triggered on self test page https://192.168.0.150
By modifying both the authentication request - /etc/httpd/conf.d/auth_openidc.conf - and the Shib OIDC OP extension configuration as described in Wiki you should be able to try different response types and claim sets just to name few.
LDAP User to authenticate with
The LDAP user is Ted Tester, in Finnish: