Host both service provider and identity provider for local dev

2025-12-17 14:18:30 +09:00
parent 3d07547f80
commit 19c49b4a00
15 changed files with 1573 additions and 13 deletions
--- a/nix/shell.nix
+++ b/nix/shell.nix
@@ -12,6 +12,7 @@ pkgs.mkShellNoCC {
    php84Packages.php-cs-fixer
    sqlite-interactive
    sql-formatter
+    openssl
  ];

  # Prepare dev environment with sqlite and config files
@@ -21,16 +22,32 @@ pkgs.mkShellNoCC {
    declare -a PROJECT_ROOT="$("${lib.getExe pkgs.git}" rev-parse --show-toplevel)"

    mkdir -p "$PROJECT_ROOT/www/galleri/bilder/slideshow"
-    test -e "$PROJECT_ROOT/pvv.sqlite" || sqlite3 "$PROJECT_ROOT/pvv.sqlite" < "$PROJECT_ROOT/dist/pvv_sqlite.sql"
+    test -e "$PROJECT_ROOT/pvv.sqlite" || sqlite3 "$PROJECT_ROOT/pvv.sqlite" < "$PROJECT_ROOT/dist/sql/pvv_sqlite.sql"
    test -e "$PROJECT_ROOT/config.php" || cp -v "$PROJECT_ROOT/dist/config.local.php" "$PROJECT_ROOT/config.php"

    if [ ! -d "$PROJECT_ROOT/vendor" ] ; then
      pushd "$PROJECT_ROOT"
      composer install || exit $?

-      cp dist/simplesamlphp-authsources.php vendor/simplesamlphp/simplesamlphp/config/authsources.php
-      cp dist/simplesamlphp-idp.php vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php
-      cp dist/simplesamlphp-config.php vendor/simplesamlphp/simplesamlphp/config/config.php
+      # Set up SimpleSAMLphp identity provider (for local testing)
+      install -m644 dist/simplesaml-dev/authsources.php -t vendor/simplesamlphp/simplesamlphp/config/
+      install -m644 dist/simplesaml-dev/config.php -t vendor/simplesamlphp/simplesamlphp/config/
+      install -m644 dist/simplesaml-dev/saml20-idp-remote.php -t vendor/simplesamlphp/simplesamlphp/metadata/
+      install -m644 dist/simplesaml-dev/saml20-idp-hosted.php -t vendor/simplesamlphp/simplesamlphp/metadata/
+      install -m644 dist/simplesaml-dev/saml20-sp-remote.php -t vendor/simplesamlphp/simplesamlphp/metadata/
+
+      # See session.phpsession.savepath in config.php
+      mkdir -p vendor/simplesamlphp/simplesamlphp/sessions/
+
+      openssl req \
+        -newkey rsa:4096 \
+        -new \
+        -x509 \
+        -days 3652 \
+        -nodes \
+        -out vendor/simplesamlphp/simplesamlphp/cert/localhost.crt \
+        -keyout vendor/simplesamlphp/simplesamlphp/cert/localhost.pem \
+        -subj "/C=NO/ST=Trondheim/L=Trondheim/O=Programvareverkstedet/CN=localhost"

      cp dist/config.local.php config.php