{"id":23859242,"url":"https://github.com/openconext/openconext-profile","last_synced_at":"2025-09-08T19:41:25.127Z","repository":{"id":3243207,"uuid":"44533794","full_name":"OpenConext/OpenConext-profile","owner":"OpenConext","description":"Shows user's attributes and other profile information","archived":false,"fork":false,"pushed_at":"2025-07-08T18:46:26.000Z","size":9339,"stargazers_count":2,"open_issues_count":1,"forks_count":0,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-07-25T20:51:31.076Z","etag":null,"topics":["attributes","openconext","profile","user"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenConext.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-10-19T12:42:43.000Z","updated_at":"2025-07-08T18:45:45.000Z","dependencies_parsed_at":"2025-07-25T15:43:13.314Z","dependency_job_id":"1e6aa118-aa9b-4e50-8ba0-9f1fc02716f2","html_url":"https://github.com/OpenConext/OpenConext-profile","commit_stats":null,"previous_names":[],"tags_count":78,"template":false,"template_full_name":null,"purl":"pkg:github/OpenConext/OpenConext-profile","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-profile","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-profile/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-profile/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-profile/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenConext","download_url":"https://codeload.github.com/OpenConext/OpenConext-profile/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FOpenConext-profile/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274231434,"owners_count":25245585,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-08T02:00:09.813Z","response_time":121,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attributes","openconext","profile","user"],"created_at":"2025-01-03T03:33:22.656Z","updated_at":"2025-09-08T19:41:24.423Z","avatar_url":"https://github.com/OpenConext.png","language":"PHP","readme":"OpenConext-profile\n==================\n\n[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/OpenConext/OpenConext-profile/badges/quality-score.png?b=develop)](https://scrutinizer-ci.com/g/OpenConext/OpenConext-profile/?branch=develop)\n\nOpenConext Profile can present a logged in user with an overview of all the\nattributes their IdP provides, a list of applications they have logged in to\nand any other information that is known about the user.\n\nIt can be used for informational purposes, to provide users insight into what\ndata is kept and exchanged by OpenConext, and for debugging. Also the user\ncan opt to ask to remove the information that OpenConext has stored about\nthem.\n\nProfile is basically a SAML SP which displays the attributes it receives\nfrom the IdP (OpenConext Engineblock) and requests and displays additional\ninformation via EngineBlock's internal API.\n\n## Requirements\n- PHP 8.2\n- EngineBlock 5.6 \u003e= 5.6.7 \n- EngineBlock 5.7 \u003e= 5.7.1\n- EngineBlock must be configured to release an unspecified NameID to Profile\n\n## Development\n\nYou can use docker to start a development environment.\n\n1. Clone the repo\n2. Go to the devconf core\n3. Run `/start-dev-env.sh profile:\u003cpath to your local profile development directory\u003e`\n4. Run `docker exec -it core-profile-1 bash`\n5. Run `composer install`\n6. Run `bin/console c:c`\n7. Install npm dependencies: `yarn install`\n8. Run a build: `yarn encore dev`\n9. Ensure the var folder has the correct rights. If not, run: `chmod -R 777 var/`\n\n## Attribute aggregation support\nSupported attribute aggregation attributes can be configured in the config.yml file. The example below uses\nthe orcid as a configuration example.\n\n```yaml\nopen_conext_profile:\n    # Other config values are ommitted\n    \n    attribute_aggregation_supported_attributes:\n        # The identifier of the attribute, should match the Attribute Aggregation API's definition\n        ORCID:\n            # The relative path to an image. Starting from the /web folder\n            logo_path: %attribute_aggregation_orcid_logo_path%\n            # The Url where the attribute can be connected\n            connect_url: %attribute_aggregation_orcid_connect_url%\n```\n\n## User Lifecycle support\nBy enabling the User Lifecyle API integration, you enable users of the platform to download an overview of their \npersonal data stored by SURFconext. To enable the API add the following configuration to the `parameters.yaml`\n\n```yaml\n    user_lifecycle_enabled: true\n    user_lifecycle_api_base_url: 'https://user-lifecycle.example.com/' # the application knows the location of the endpoint\n    user_lifecycle_api_username: userlifecycle\n    user_lifecycle_api_password: secret\n    user_lifecycle_api_verify_ssl: false\n``` \n\nMake sure to fill all parameters, also when the `user_lifecycle_enabled` toggle is disabled.\n\nSee the User Lifecycle project on [GitHub](https://github.com/OpenConext/OpenConext-user-lifecycle) for more information.\n\n## EngineBlock consent removal support\nIn order to allow user to retract consent for a given application. You can enable the remove consent feature in the \n`parameters.yaml`. By setting `remove_consent_enabled` to `true`, every application in the 'my applications' page will have a \ndelete button. Clicking this button will retract consent for only that application.\n\nIn order for this feature to work, you need to have an EngineBlock instance that supports this feature. See the\nEngineBlock docs for more information on enabling the feature on the EngineBlock Api.\n\n## OpenConext Invite roles\n\nBy setting the `invite_roles_enabled` flag to `true`, Profile will display the Invite Roles assigned to the logged in \nuser. By default the roles page is disabled.\n\nSee: https://github.com/OpenConext/OpenConext-Invite\n\n## Release strategy\nPlease read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management for more information on the release strategy used in Openconext projects.\n\n## Deployment\nRun `./bin/makeRelease.sh` with the version number of the relevant release to create a deployable tar-ball.\n\nDuring deployment, unpack the tar on the deployment target and configure the\napplication by placing the required `parameters.yaml` and\n`global_view_parameters.yaml` files in the `config/legacy` directory.\nTo prepare the application environment, run `composer prepare-env` on the\ndeployment target.\n\nMake sure to set the correct Symfony environment by setting or exporting\n`SYMFONY_ENV`.\n\nRunning the release script can be run on bare metal, but this might result in side effects as certain extensions or PHP version do not match up with versions used in the containers.\n\nTo have reproducible results, run the release script in your container:\n\n`docker run -v ~/Releases/:/root/Releases/ -v $PWD/bin/makeRelease.sh:/root/Releases/makeRelease.sh ghcr.io/openconext/openconext-containers/openconext-phpfpm-dev:latest /root/Releases/makeRelease.sh`\n\nNote that the release script is run automatically on pushing a new semver tag to Github. The release script builds the release artifacts and uploads them to the release page.\n\n## Texts and translations\n\nWhen adding translatable keys, the easiest way to work is to add them in the twig templates first (eg. `'some.key'|trans`) and then add them to the translations files (see `\u003croot\u003e/translations`).\n\n### Overriding translations\n\nTranslations can be overriden by adding an `overrides.\u003clang\u003e.php` file in the `\u003croot\u003e /translations/overrides` folder.  A sample content of such a file:\n```php\n\u003c?php\n\nreturn [\n    'general' =\u003e [\n        'suite_name' =\u003e 'Unseen university',\n    ]\n];\n```\n\nThis would override the `general.suite_name` key.\n\nThe suite name and the organisation noun can be used as 'magic' translation parameters in the translation files. This\ncan be achieved by using `%suiteName%` and `%organisationNoun%` in your translations. These translations are \nautomatically replaced in the i18n Twig extension.\n\n#### Example:\n\nIn your translation file (php based in this case)\n```php\n'general' =\u003e [\n    'suite_name' =\u003e 'Unseen university',\n    'organisation_noun' =\u003e 'library',\n]\n'introduction' =\u003e 'With %suiteName% you log in with all different applications used by your %organisationNoun%';\n```\n\nIn your twig template:\n```twig\n\u003cp\u003e{{ 'introduction'|trans }}\u003c/p\u003e {# Note that no suiteName or orgNoun translation parameters are passed! #}\n```\n\nResults in the following translation\n\n`With Unseen university you log in with all different applications used by your library`\n\n\n## Common tasks\n\n### Running tests\nQA tooling is installed for this project. A collection of code quality checks can be performed using the\n\n`composer run tests` \n\ncommand. These tests will also be run when GitHub Actions runs the test-integration workflow.\n\nIndividual tests can be run using the shell scripts that are found in the `ci` folder.\n\n### Working on the front-end\n\n* We use the Twig template engine. See the excellent Twig documentation to get started with Twig.\n* Symfony Webpack Encore is used to build/pack/minify/optimize the front-end resources.\n   * After installation of Profile, please run `npm install` to pull all the build tooling and front-end dependencies.\n   * Building the front-end can be done by running: `npm run encore dev` (for development, includes debug friendly features like sourcemaps)and `npm run build` for a production build.\n   * Watch mode can be used, by using `npm run watch`, your mileage may vary as we are developing on a remote machine and fs changes might be noticed with a noticeable delay.\n* Front-end dependencies are tracked using NPM. Enabling us to keep track of known vulnerabilities and making updating packages easier. Feel free to use Yarn as an alternative, but please do not commit the Yarn lockfile as we chose to use the NPM solution.\n* Dialects: we use [SASS](https://sass-lang.com/) and [vanilla JavaScript](https://vanilla.js.org/).\n\n### Add support for new Attribute Aggregation source\nIn EngineBlock ARP, attributes can be derived from a source other than the IdP. Whenever a source other than\nthe IdP is configured. Profile will not (yet) attempt to retrieve the value for that attribute. But will show only a\nsummation of the attribute names for each given source. \n\nWhen a new source is added in Manage it must also be added to Profile.  \n1. Add translation entry in `translations.html.twig`. At the bottom of the file:\n    ```twig\n    {{ 'profile.table.source_description.voot'|trans }}\n    {{ 'profile.table.source_description.orcid'|trans }}\n    {{ 'profile.table.source_description.sab'|trans }}\n    {{ 'profile.table.source_description.sabrest'|trans }}\n    \n    {# Add your new source here, make sure the source name complies with the sourcename specified in Manage. #}\n    ```\n2. Extract the new translation and translate them in the available `messages.LANG.yml` translation files.\n3. Done.\n\nTo test your change. Modify one of the SP's already present in the 'My Applications' overview with the newly added source. \nDo this by changing the source of one of the attributes to the newly added source. You might need to add the source to \nthe SR/Manage configuration first. \n\n### Catching mail\nTwo 'hidden' (unlinked) support pages can send a mail to the service desk. These are found on the `profile.attribute_support_overview` \nand `profile.information_request_overview` routes.\n\nIn order to receive these messages in a dev or test environment, the docker-compose file includes a `mailcatcher` service. This service can be \nviewed on `http://0.0.0.0:1080`. \n\nIn order to get the profile application to send the message using mailcatcher, configure your `parameters.yml` to use the correct `mailer_url`. In  my case this was:\n\n```yaml\nmailer_url: 'smtp://profile_mailcatcher:1025' # Note, we use the hostname as specified in the docker-compose.yml\n```\n\nAny mail send by the application can now be viewed on the aforementioned mailcatcher http interface.\n\n```\nhttp://0.0.0.0:1080\n```\n\n# License\nThis project is licensed under version 2.0 of the Apache License, as described\nin the file [LICENSE](LICENSE).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fopenconext-profile","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenconext%2Fopenconext-profile","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fopenconext-profile/lists"}