Skip to content
develop
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
 
 
 
 
 
 
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Step-up Middleware

Build Status Scrutinizer Code Quality SensioLabs Insight

This component is part of "Step-up Authentication as-a Service". See Stepup-Deploy for an overview and installation instructions for a complete Stepup system, including this component. The requirements and installation instructions below cover this component only.

Requirements

  • PHP 5.6+ or PHP7
  • Composer
  • A web server (Apache, Nginx)
  • MariaDB 10
  • A working Gateway

Installation

Clone the repository or download the archive to a directory. Install the dependencies by running composer install and fill out the database credentials et cetera.

Make sure to run database migrations using bin/console middleware:migrations:migrate.

Management API

Some of the configuratio of the components is static (i.e. stored in parameteres.yml). The configuration that is expected to change during the operation of a Stepup system is managed through an API on the middleware. This provides one place and action to change the configuration and allows changing of this configuration without having to modify the configuration of several components on several servers.

  • The API calls are documented in the middleware API documentation.
  • The configuration itself is elaborate and is described in detail in the Middlware configuration.
  • The andible Stepup-Middleware role write scripts in /opt/stepup/ for pushing the configuration to the middleware component

Development Notes

Adding new events

Whenever adding a new event, be sure to update bin/config/events.yml. This is a list of events that is shown when replaying events. Also be sure to create or update the event serialization/deserialization tests, for example see EventSerializationAndDeserializationTest for Configuration events

Mocking time

Due to a limitation of mocking of static methods, to mock time, the helper DateTimeHelper::stubNow(DateTime $now) was created. Call ::stubNow($now) to set a fixed date/time, and call ::stubNow(null) to disable stubbing. It is recommended to run tests in a separate process when using this helper so the stub value doesn't persist between tests.

/** @runTestInSeparateProcess */
public function testItWorks()
{
    # Trick `DateTime::now()` into thinking it is 1970.
    DateTimeHelper::stubNow(new DateTime('@0'));

    $this->assertEquals('1970-01-01T00:00:00+00:00', (string) \Surfnet\Stepup\DateTime\DateTime::now());
}

Adding support for a new Generic SAML Second Factor biometric, by example

gssp_allowed_sps:
   - (...)
   - 'https://ss-dev.stepup.coin.surf.net/app_dev.php/registration/gssf/biometric/metadata'
   - 'https://ra-dev.stepup.coin.surf.net/app_dev.php/vetting-procedure/gssf/biometric/metadata'
  • Configure these SPs through the Middleware configuration API.

Release strategy

Please read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management fro more information on the release strategy used in Stepup projects.