Skip to content
Snippets Groups Projects
Normal view History Permalink
README.md 2.23 KiB
Newer Older
Mark's avatar
Initial commit
Mark committed
1 2 
# Install
Mark's avatar
Rewrite install and configuration instructions  
Mark committed
3 4 5 6 7 
Clone the repo  and make sure to also fetch the submodules.
```
git submodule update --init
```
Mark's avatar
Add comments and update README  
Mark committed
8 
Installation should be done via the helm using the helmchart contained in `./helmchart`.
Mark's avatar
Add README to chart  
Mark committed
9 10 11 
Make sure to edit the values in `./helmchart/single-sign-on/values.yaml` according to your needs

For Details on how to configure the chart. Refer to `./helmchart/single-sign-on/README.md`
Mark's avatar
Initial commit
Mark committed
12 13 14 

# Using SSO
Mark's avatar
Add comments and update README  
Mark committed
15 16 17 
To use OpenID Connect or oAuth you need to set up an oAuth Client for every application that
needs to authenticate it's users. You can leverage the Hydra Admin API to create oAuth clients.
As a starting point, you can have a look at the script provided in `test/`.
Mark's avatar
Initial commit
Mark committed
18
Mark's avatar
Typo  
Mark committed
19 
To use SSO, configure your oAuth client (for example nextcloud) and create a new oAuth client object.
Mark's avatar
Rewrite install and configuration instructions  
Mark committed
20 
After your server is running, refer to `https://sso.<YOUR.DOMAIN>/.well-known/openid-configuration` as a reference on how to configure your openID Connect or oAuth client.
Mark's avatar
Add comments and update README  
Mark committed
21 22 23 24 

# Testing

In order to run tests locally, you can start the environment via `docker-compose`.
Mark's avatar
Improve instructions  
Mark committed
25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 
Install docker-compose via `pip install docker-compose` after you [insalled
docker](https://docs.docker.com/v17.12/install/) on your machine.
Running `docker-compose up --build` after that builds and starts all containers.
The default configuration works if you are running the setup on your local
machine. You need to change the following values in the docker-compose.yml file in case
you run the containers on a remote machine:

```
    environment:
      - URLS_SELF_ISSUER=http://YOUR_SERVER_FQDN:4444/
      - URLS_CONSENT=http://YOUR_SERVER_FQDN:5001/
      - URLS_LOGIN=http://YOUR_SERVER_FQDN:5000/
      - URLS_LOGOUT=http://YOUR_SERVER_FQDN:5000/logout
      - URLS_POST_LOGOUT_REDIRECT=http://YOUR_SERVER_FQDN:5000/
```
Mark's avatar
Add comments and update README  
Mark committed
40 41 42 43 44 

Notice that you need to create users and applications before being able to login.
You can use the scripts located in `user-panel/utils` to create users for testing.

If you don't have a test application yourself, you can use the small OpeinID Connect
Mark's avatar
Add Reference to login_logout README  
Mark committed
45 46 
test application located at `test/login_logout/`. Instructions on how to run the test
application can be found in `test/login_logout/README.md`.
Mark's avatar
Add comments and update README  
Mark committed
47
Mark's avatar
Rewrite install and configuration instructions  
Mark committed
48 
Also refer to `.gitlab-ci.yml` to get an idea on how to run all of the tests that are
Mark's avatar
Add comments and update README  
Mark committed
49 
contained in this repository.