Move remote vetting parameters to dist file

The remote vetting parameters need to be moved to be independent
of install. This was not done during development to keep
all parameters the same during development.

app/config/parameters.yml.dist

@@ -62,3 +62,73 @@ parameters:
 
     session_max_absolute_lifetime: 3600 # 1 hours * 60 minutes * 60 seconds
     session_max_relative_lifetime: 600  # 10 minutes * 60 seconds
+
+    # remote vetting
+    saml_rv_publickey: /src/Stepup-SelfService/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.crt
+    saml_rv_privatekey: /src/Stepup-SelfService/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.key
+    remote_vetting_idps:
+        - name: "IRMA"
+          logo: "/images/remote-vetting/irma.png"
+          description:
+            nl_NL: Met IRMA kunt u op een privacy-vriendelijke, beveiligde manier eigenschappen (attributen) van uzelf onthullen.
+            en_GB: IRMA is a unique privacy-friendly identity platform for both authentication and signing.
+          slug: irma
+          entityId: https://selfservice.stepup.example.com/mock/metadata
+          ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
+          certificateFile: "%saml_rv_publickey%"
+          privateKey: "%saml_rv_privatekey%"
+          attributeMapping:
+            givenName: firstName
+            surname: lastName
+        - name: "ReadId"
+          logo: "/images/remote-vetting/readid.png"
+          description:
+            nl_NL: ReadID® verifieert identiteitsbewijzen uitgerust met NFC op een smartphone.
+            en_GB: ReadID® verifies identity documents with NFC on a smartphone
+          slug: readid
+          entityId: https://selfservice.stepup.example.com/mock/metadata
+          ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
+          certificateFile: "%saml_rv_publickey%"
+          privateKey: "%saml_rv_privatekey%"
+          attributeMapping:
+            givenName: firstName
+            surname: lastName
+        - name: "iDIN"
+          logo: "/images/remote-vetting/idin.png"
+          description:
+            nl_NL: iDIN is een dienst van de banken waarmee consumenten zich bij andere organisaties met de veilige en vertrouwde inlogmiddelen van hun eigen bank kunnen identificeren.
+            en_GB: iDIN is a service offered by banks which allows consumers to use their bank’s secure and reliable login methods to carry out the following actions on the websites of other organisations.
+          slug: idin
+          entityId: https://selfservice.stepup.example.com/mock/metadata
+          ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
+          certificateFile: '%saml_rv_publickey%'
+          privateKey: '%saml_rv_privatekey%'
+          attributeMapping:
+            givenName: firstName
+            surname: lastName
+    remote_vetting_sp:
+      entityId: https://selfservice.stepup.example.com/saml/metadata
+      assertionConsumerUrl: https://selfservice.stepup.example.com/second-factor/acs
+      privateKey: '%saml_rv_privatekey%'
+
+    identity_encryption_configuration:
+      encryption_public_key: |
+        -----BEGIN CERTIFICATE-----
+        MIIC6jCCAdICCQC9cRx5wiwWOjANBgkqhkiG9w0BAQsFADA3MRwwGgYDVQQDDBNT
+        ZWxmU2VydmljZSBTQU1MIFNQMRcwFQYDVQQKDA5EZXZlbG9wbWVudCBWTTAeFw0x
+        ODA3MzAxMjMwNDdaFw0yMzA3MjkxMjMwNDdaMDcxHDAaBgNVBAMME1NlbGZTZXJ2
+        aWNlIFNBTUwgU1AxFzAVBgNVBAoMDkRldmVsb3BtZW50IFZNMIIBIjANBgkqhkiG
+        9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhbI0Xy682DuvWchg6FYnI+DNwLXef2XExM4
+        YVRBaMMsOZ3rBtQUTMSqYan6SK/BOEXLs0rNiJjyM0dn+F98wg3fv5zIADlvfk3L
+        BVdcGsrpVfFUWtSa73yMgbROy8/RJADbUJE/HUB3ZmdjdiuD2Cui2aoWwT2HR8uk
+        Jwmoxiu45IWFPbqPQ7/1mH644JPOWTPLTv4OGGLQo8MNrP1oRCiZ0IEL4CQeGOOj
+        u5rfIJ0bTVm0UmelT4hGaqZovBMwXp3QV41akJ7UEMEBK2YMnLQy47Xuzi7aTDhJ
+        lvHcJ8mfH2NbjRh7hJoACVRTvQloxajgkr1iGMiWiiqT0e+YYwIDAQABMA0GCSqG
+        SIb3DQEBCwUAA4IBAQBwZ0gRHvR8B8KivrXrhWNL9uLvWhEAH7OiDqo+fywkBp5K
+        EuDJcbbvEPftHunSAGylg7M2xKuBIGamFpp74WDJccrtZ1jJ4qqnacUDRQrTLqqM
+        ZKqGpFOU0xjKkSxSGRuMtGN9/7er/TeonjQ0XBvjYvTomy3b5aCLVWRvEfKu2g1s
+        Dd8uhr62RY/HfMgidEt7LHDolkCVg+6JzY3OTcgeHga3cvYObOYPplxw1YPq5+Bq
+        qxaUW4nfb5DtK33bZBYMeyV6BZtSggc5Z/19aPx/s0bf6ySTUyB3lRqe5d3etCns
+        4bGidORCl/6EZiXwVcPvmYmxYXqmuNWfps7isUvo
+        -----END CERTIFICATE-----
+      storage_location: '%kernel.project_dir%/app/rv'

app/config/remote_vetting.yml

@@ -1,74 +1,3 @@
-parameters:
-  saml_rv_publickey: '%kernel.project_dir%/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.crt'
-  saml_rv_privatekey: '%kernel.project_dir%/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.key'
-
-  remote_vetting_idps:
-      - name: "IRMA"
-        logo: "/images/remote-vetting/irma.png"
-        description:
-          nl_NL: Met IRMA kunt u op een privacy-vriendelijke, beveiligde manier eigenschappen (attributen) van uzelf onthullen.
-          en_GB: IRMA is a unique privacy-friendly identity platform for both authentication and signing.
-        slug: irma
-        entityId: https://selfservice.stepup.example.com/mock/metadata
-        ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
-        certificateFile: "%saml_rv_publickey%"
-        privateKey: "%saml_rv_privatekey%"
-        attributeMapping:
-          givenName: firstName
-          surname: lastName
-      - name: "ReadId"
-        logo: "/images/remote-vetting/readid.png"
-        description:
-          nl_NL: ReadID® verifieert identiteitsbewijzen uitgerust met NFC op een smartphone.
-          en_GB: ReadID® verifies identity documents with NFC on a smartphone
-        slug: readid
-        entityId: https://selfservice.stepup.example.com/mock/metadata
-        ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
-        certificateFile: "%saml_rv_publickey%"
-        privateKey: "%saml_rv_privatekey%"
-        attributeMapping:
-          givenName: firstName
-          surname: lastName
-      - name: "iDIN"
-        logo: "/images/remote-vetting/idin.png"
-        description:
-          nl_NL: iDIN is een dienst van de banken waarmee consumenten zich bij andere organisaties met de veilige en vertrouwde inlogmiddelen van hun eigen bank kunnen identificeren.
-          en_GB: iDIN is a service offered by banks which allows consumers to use their bank’s secure and reliable login methods to carry out the following actions on the websites of other organisations.
-        slug: idin
-        entityId: https://selfservice.stepup.example.com/mock/metadata
-        ssoUrl: https://selfservice.stepup.example.com/second-factor/mock/sso
-        certificateFile: '%saml_rv_publickey%'
-        privateKey: '%saml_rv_privatekey%'
-        attributeMapping:
-          givenName: firstName
-          surname: lastName
-  remote_vetting_sp:
-    entityId: https://selfservice.stepup.example.com/saml/metadata
-    assertionConsumerUrl: https://selfservice.stepup.example.com/second-factor/acs
-    privateKey: '%saml_rv_privatekey%'
-
-  identity_encryption_configuration:
-    encryption_public_key: |
-      -----BEGIN CERTIFICATE-----
-      MIIC6jCCAdICCQC9cRx5wiwWOjANBgkqhkiG9w0BAQsFADA3MRwwGgYDVQQDDBNT
-      ZWxmU2VydmljZSBTQU1MIFNQMRcwFQYDVQQKDA5EZXZlbG9wbWVudCBWTTAeFw0x
-      ODA3MzAxMjMwNDdaFw0yMzA3MjkxMjMwNDdaMDcxHDAaBgNVBAMME1NlbGZTZXJ2
-      aWNlIFNBTUwgU1AxFzAVBgNVBAoMDkRldmVsb3BtZW50IFZNMIIBIjANBgkqhkiG
-      9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhbI0Xy682DuvWchg6FYnI+DNwLXef2XExM4
-      YVRBaMMsOZ3rBtQUTMSqYan6SK/BOEXLs0rNiJjyM0dn+F98wg3fv5zIADlvfk3L
-      BVdcGsrpVfFUWtSa73yMgbROy8/RJADbUJE/HUB3ZmdjdiuD2Cui2aoWwT2HR8uk
-      Jwmoxiu45IWFPbqPQ7/1mH644JPOWTPLTv4OGGLQo8MNrP1oRCiZ0IEL4CQeGOOj
-      u5rfIJ0bTVm0UmelT4hGaqZovBMwXp3QV41akJ7UEMEBK2YMnLQy47Xuzi7aTDhJ
-      lvHcJ8mfH2NbjRh7hJoACVRTvQloxajgkr1iGMiWiiqT0e+YYwIDAQABMA0GCSqG
-      SIb3DQEBCwUAA4IBAQBwZ0gRHvR8B8KivrXrhWNL9uLvWhEAH7OiDqo+fywkBp5K
-      EuDJcbbvEPftHunSAGylg7M2xKuBIGamFpp74WDJccrtZ1jJ4qqnacUDRQrTLqqM
-      ZKqGpFOU0xjKkSxSGRuMtGN9/7er/TeonjQ0XBvjYvTomy3b5aCLVWRvEfKu2g1s
-      Dd8uhr62RY/HfMgidEt7LHDolkCVg+6JzY3OTcgeHga3cvYObOYPplxw1YPq5+Bq
-      qxaUW4nfb5DtK33bZBYMeyV6BZtSggc5Z/19aPx/s0bf6ySTUyB3lRqe5d3etCns
-      4bGidORCl/6EZiXwVcPvmYmxYXqmuNWfps7isUvo
-      -----END CERTIFICATE-----
-    storage_location: '%kernel.project_dir%/app/rv'
-
 services:
   Surfnet\StepupSelfService\SelfServiceBundle\Service\RemoteVetting\IdentityProviderFactory:
     arguments:

app/config/services_test.yml

@@ -4,6 +4,10 @@
 parameters:
   middleware_credentials_password: secret
 
+  saml_rv_publickey: '%kernel.project_dir%/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.crt'
+  saml_rv_privatekey: '%kernel.project_dir%/src/Surfnet/StepupSelfService/SelfServiceBundle/Tests/Resources/test.key'
+
+
 services:
   surfnet_stepup_self_service_self_service.service.sms_second_factor:
     class: Surfnet\StepupSelfService\SelfServiceBundle\Tests\TestDouble\Service\SmsSecondFactorService

src/Surfnet/StepupSelfService/SelfServiceBundle/Service/RemoteVetting/IdentityProviderFactory.php

@@ -52,8 +52,8 @@ public function __construct(array $configuration)
             Assert::string($idpConfiguration['name'], 'name should be a string');
             Assert::url($idpConfiguration['entityId'], 'entityId should be an url');
             Assert::url($idpConfiguration['ssoUrl'], 'ssoUrl should be an url');
-            Assert::file($idpConfiguration['privateKey'], 'privateKey should be an url');
-            Assert::file($idpConfiguration['certificateFile'], 'certificateFile should be an url');
+            Assert::file($idpConfiguration['privateKey'], 'privateKey should be a file');
+            Assert::file($idpConfiguration['certificateFile'], 'certificateFile should be a file');
 
             $idpConfiguration['privateKeys'] = [new PrivateKey($idpConfiguration['privateKey'], PrivateKey::NAME_DEFAULT)];
             unset($idpConfiguration['privateKey']);