Skip to content

simplexx/simplesamlphp-module-material

 
 

Repository files navigation

Material Design theme for use with SimpleSAMLphp

Installation

composer.phar require silinternational/simplesamlphp-module-material:dev-master

Configuration

Update /simplesamlphp/config/config.php:

'theme.use' => 'material:material'

ssp-base provides a convenience by loading this config with whatever is in the environment variable THEME_USE.

Google reCAPTCHA

If a site key has been provided in $this->data['recaptcha.siteKey'], the username/password page may require the user prove his/her humanity.

Branding

Update /simplesamlphp/config/config.php:

'theme.color-scheme' => ['indigo-purple'|'blue_grey-teal'|'red-teal'|'orange-light_blue'|'brown-orange'|'teal-blue']

The login page looks for /simplesamlphp/www/logo.png which is NOT provided by default.

Analytics

Update /simplesamlphp/config/config.php:

'analytics.trackingId' => 'UA-some-unique-id-for-your-site'

ssp-base provides a convenience by loading this config with whatever is in the environment variable ANALYTICS_ID.

Announcements

Update /simplesamlphp/announcement/announcement.php:

 return 'Some <strong>important</strong> announcement';

ssp-utilities provides whatever is returned by /simplesamlphp/announcement/announcement.php.

If provided, an alert will be shown to the user filled with the content of that announcement. HTML is supported.

Testing theme

Make, Docker and Docker Compose are required.

Setup

  1. Setup localhost (or 192.168.62.54, if using Vagrant) aliases for ssp-hub1.local, ssp-hub2.local, ssp-idp1.local, ssp-idp2.local, ssp-idp3.local, ssp-idp4.local, ssp-sp1.local and ssp-sp2.local. This is typically done in /etc/hosts. Example line: 0.0.0.0 ssp-hub1.local ssp-idp1.local ssp-idp2.local ssp-idp4.local ssp-hub2.local ssp-idp3.local ssp-sp1.local ssp-sp2.local
  2. Start test environment, i.e., make from the command line.

Hub page

  1. Goto Hub 1

Error page

  1. Goto Hub 1
  2. Click Federation tab
  3. Click either Show metadata link
  4. Login as hub administrator: username=admin password=abc123

Logout page

  1. Goto Hub 1
  2. Click Authentication tab
  3. Click Test configured authentication sources
  4. Click admin
  5. Login as hub administrator: username=admin password=abc123
  6. Click Logout

Login page

Without theme in place

  1. Goto SP 1
  2. Click idp1 (first one)
  3. login page should NOT have material design

With theme in place

  1. Goto SP 1
  2. Click idp2 (second one)
  3. login page SHOULD have material design

Forgot password functionality

  1. Goto SP 1
  2. Click idp2 (second one)
  3. Forgot password link should be visible

Helpful links functionality

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Help link should be visible under login form
  4. Profile link should be visible under login form

Expiry functionality

About to expire page

Note: This nag only works once since choosing later will simply set the nag date into the future a little.

  1. Goto SP 1
  2. Click idp2 (second one)
  3. Login as an "about to expire" user: username=near_future password=a
  4. Click Later
  5. Click Logout

Expired page

  1. Goto SP 1
  2. Click idp2 (second one)
  3. Login as an "expired" user: username=already_past password=a

Multi-factor authentication (MFA) functionality

Nag about missing MFA setup

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as an "unprotected" user: username=nag_for_mfa password=a
  4. The "learn more" link should be visible
  5. Click Enable
  6. Click your browser's back button
  7. Click Remind me later
  8. Click Logout

Nag about missing password recovery methods

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a user without any methods: username=nag_for_method password=a
  4. Enter one of the following codes to verify (94923279, 82743523, 77802769, 01970541, 37771076)
  5. Click Add
  6. Click your browser's back button
  7. Click Remind me later
  8. Click Logout

Force MFA setup

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as an "unsafe" user: username=must_set_up_mfa password=a

Backup code

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "backup code" user: username=has_backupcode password=a
  4. Enter one of the following codes to verify (94923279, 82743523, 77802769, 01970541, 37771076)
  5. Click Logout
  6. In order to see the "running low on codes" page, simply log back in and use another code.
  7. In order to see the "out of codes" page, simply log back in and out repeatedly until there are no more codes.

TOTP code

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "totp" user: username=has_totp password=a
  4. Set up an app using this secret, JVRXKYTMPBEVKXLS
  5. Enter code from app to verify
  6. Click Logout

Key (U2F)

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "u2f" user: username=has_u2f password=a
  4. Insert key and press
  5. Click Logout

Multiple options

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "multiple option" user: username=has_all password=a
  4. Click MORE OPTIONS

Manager rescue

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "multiple option" user: username=has_all password=a
  4. Click MORE OPTIONS
  5. Click the help option
  6. Choose Send

NOTE: At this time, the correct code is not known and can't be tested locally (it's only available in an email to the manager)

Announcements functionality

  1. Goto SP 2
  2. The announcement should be displayed on the hub
  3. Click idp3 (first one)
  4. The announcement should be displayed at the login screen

SP name functionality

  1. Goto SP 1
  2. The sp name should appear in the banner

Profile review functionality

  1. Goto SP 1
  2. Click idp4 (third one)
  3. Login as a "Review needed" user: username=needs_review password=a
  4. Enter one of the following printable codes to verify (94923279, 82743523, 77802769, 01970541, 37771076)
  5. Click the button to update the profile
  6. Click the button to continue
  7. Click Logout

i18n support

Translations are categorized by page in definition files located in the dictionaries directory.

Localization is affected by the configuration setting language.available. Only language codes found in this property will be utilized.
For example, if a translation is provided in Afrikaans for this module, the configuration must be adjusted to make 'af' an available language. If that's not done, the translation function will not utilize the translations even if provided.

About

Partial Material Design theme for use with SimpleSAMLphp

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • PHP 78.0%
  • JavaScript 17.2%
  • CSS 4.4%
  • Makefile 0.4%