Stepup Middleware
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app
bin
docs
src/Surfnet
web
.gitignore
.scrutinizer.yml
.travis.yml
CHANGELOG.md
LICENSE
README.md
app_dev.php.dist
app_test.php.dist
build.xml
composer.json
composer.lock
phpcs.xml
phpmd-pre-commit.xml
phpmd.xml
travis.php.ini

README.md

Step-up Middleware

Build Status Scrutinizer Code Quality SensioLabs Insight

This component is part of "Step-up Authentication as-a Service". See Stepup-Deploy for an overview and installation instructions for a complete Stepup system, including this component. The requirements and installation instructions below cover this component only.

Requirements

  • PHP 5.6+ or PHP7
  • Composer
  • A web server (Apache, Nginx)
  • MariaDB 10
  • A working Gateway

Installation

Clone the repository or download the archive to a directory. Install the dependencies by running composer install and fill out the database credentials et cetera.

Make sure to run database migrations using app/console middleware:migrations:migrate.

Management API

Some of the configuratio of the components is static (i.e. stored in parameteres.yml). The configuration that is expected to change during the operation of a Stepup system is managed through an API on the middleware. This provides one place and action to change the configuration and allows changing of this configuration without having to modify the configuration of several components on several servers.

  • The API calls are documented in the middleware API documentation.
  • The configuration itself is elaborate and is described in detail in the Middlware configuration.
  • The andible Stepup-Middleware role write scripts in /opt/stepup/ for pushing the configuration to the middleware component

Development Notes

Adding new events

Whenever adding a new event, be sure to update app/config/events.yml. This is a list of events that is shown when replaying events. Also be sure to create or update the event serialization/deserialization tests, for example see EventSerializationAndDeserializationTest for Configuration events

Mocking time

Due to a limitation of mocking of static methods, to mock time, the helper DateTimeHelper::stubNow(DateTime $now) was created. Call ::stubNow($now) to set a fixed date/time, and call ::stubNow(null) to disable stubbing. It is recommended to run tests in a separate process when using this helper so the stub value doesn't persist between tests.

/** @runTestInSeparateProcess */
public function testItWorks()
{
    # Trick `DateTime::now()` into thinking it is 1970.
    DateTimeHelper::stubNow(new DateTime('@0'));

    $this->assertEquals('1970-01-01T00:00:00+00:00', (string) \Surfnet\Stepup\DateTime\DateTime::now());
}

Adding support for a new Generic SAML Second Factor biometric, by example

gssp_allowed_sps:
   - (...)
   - 'https://ss-dev.stepup.coin.surf.net/app_dev.php/registration/gssf/biometric/metadata'
   - 'https://ra-dev.stepup.coin.surf.net/app_dev.php/vetting-procedure/gssf/biometric/metadata'
  • Configure these SPs through the Middleware configuration API.

Release strategy

Please read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management fro more information on the release strategy used in Stepup projects.