GSSP implementation of Tiqr. https://tiqr.org/documentation/
Project is based on example GSSP project https://github.com/OpenConext/Stepup-gssp-example
Locale user preference
The default locale is based on the user agent. When the user switches its locale the selected preference is stored inside a browser cookie (stepup_locale). The cookie is set on naked domain of the requested domain (for tiqr.example.com this is example.com).
Authentication and registration flows
The application provides internal (SpBundle) and a remote service provider. Instructions for this are given on the homepage of this Tiqr project Homepage.
To get started, first setup the development environment. The dev env is a virtual machine. Every task described here is required to run from that machine.
- ansible 2.x
- vagrant 1.9.x
See one of the following guides:
Tests and metrics
To run all required test you can run the following commands from the dev env:
composer test composer behat
Every part can be run separately. Check "scripts" section of the composer.json file for the different options.
Test Tiqr Api's
Demo sp is available on https://tiqr.example.com/app_dev.php/demo/sp
Fetch registration link automatically from /app_dev.php/registration/qr/dev
./bin/console test:registration <./qr_file.png>
./bin/console test:authentication <./qr_file.png>
Authentication can also be done in 'offline' mode, so you need to fill in your 'one time password'.
./bin/console test:authentication --offline=true ./<qr_file.png>
Currently we support three user storage solutions. Which are file system storage, ldap and database storage. The
filesystem storage is used by default and stores the registered users in the
To use the database storage you will need to change some settings:
parametes.yml, in the
tiqr_library_options.storage.userstorage section configure:
tiqr_library_options: storage: userstorage: type: pdo arguments: table: user dsn: 'mysql:host=tiqr.example.com;dbname=tiqr' username: tiqr-user password: tiqr-secret
The database schema can be found here:
Or if you want to use the filesystem storage use this:
tiqr_library_options: storage: userstorage: type: 'file' arguments: path: '/tmp' encryption: 'dummy' # mcrypt is also supported, dummy will not encrypt the entries in the user storage file
Finally to use the LDAP backend provide the following options:
tiqr_library_options: storage: userstorage: type: 'ldap' # The argument values equal the default values set when the arguments are omitted. So all arguments are # optional. arguments: userClass: 'tiqrPerson' dnPattern: '%s' idAttr: 'dn' displayNameAttr: 'sn' secretAttr: 'tiqrSecret' notificationTypeAttr: 'tiqrNotificationType' notificationAddressAttr: 'tiqrNotificationAddress' isBlockedAttr: 'tiqrIsBlocked' loginAttemptsAttr: 'tiqrLoginAttempts' temporaryBlockAttemptsAttr: 'tiqrTemporaryBlockAttempts' temporaryBlockTimestampAttr: 'tiqrTemporaryBlockTimestamp' attributes: null
Please read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management fro more information on the release strategy used in Stepup projects.