{"id":23859220,"url":"https://github.com/openconext/stepup-azuremfa","last_synced_at":"2025-02-22T10:53:36.416Z","repository":{"id":38107947,"uuid":"223965641","full_name":"OpenConext/Stepup-AzureMFA","owner":"OpenConext","description":" GSSP IdP for Stepup Authentication using Azure MFA","archived":false,"fork":false,"pushed_at":"2025-02-18T16:01:09.000Z","size":29499,"stargazers_count":0,"open_issues_count":10,"forks_count":1,"subscribers_count":11,"default_branch":"main","last_synced_at":"2025-02-18T16:35:49.181Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenConext.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-25T14:17:26.000Z","updated_at":"2025-02-18T15:58:20.000Z","dependencies_parsed_at":"2024-01-17T10:40:22.301Z","dependency_job_id":"ab9b9594-f278-408c-bb4f-f5591a31d530","html_url":"https://github.com/OpenConext/Stepup-AzureMFA","commit_stats":null,"previous_names":[],"tags_count":83,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-AzureMFA","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-AzureMFA/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-AzureMFA/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-AzureMFA/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenConext","download_url":"https://codeload.github.com/OpenConext/Stepup-AzureMFA/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240163548,"owners_count":19758028,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-03T03:32:58.806Z","updated_at":"2025-02-22T10:53:36.377Z","avatar_url":"https://github.com/OpenConext.png","language":"PHP","readme":"Stepup-AzureMFA\n===================\n\n[![Run QA tests (static analysis, lint and unit tests)](https://github.com/OpenConext/Stepup-AzureMFA/actions/workflows/test-integration.yml/badge.svg)](https://github.com/OpenConext/Stepup-AzureMFA/actions/workflows/test-integration.yml)\n[![Run acceptance tests (Behat)](https://github.com/OpenConext/Stepup-AzureMFA/actions/workflows/test-acceptance.yml/badge.svg)](https://github.com/OpenConext/Stepup-AzureMFA/actions/workflows/test-acceptance.yml)\n\nGSSP for Microsoft Azure MFA (Multi-factor authentication)\n\nLocale user preference\n----------------------\n\nThe default locale is based on the user agent. When the user switches its locale the selected preference is stored inside a\nbrowser cookie (stepup_locale). The cookie is set on naked domain of the requested domain (for azuremfa.stepup.example.com this is example.com).\n\nAuthentication and registration flows\n-------------------------------------\n\nThe application provides internal (SpBundle) and a remote service provider. Instructions for this are given \non the homepage of this example project [Homepage](https://azuremfa.dev.openconext.local/).\n\n![flow](docs/flow.png)\n\u003c!---\nregenerate docs/flow.png with `plantum1 README.md` or with http://www.plantuml.com/plantuml\n@startuml docs/flow\nactor User\nparticipant \"Service provider\" as SP\nbox \"Stepup Azure MFA\"\nparticipant \"GSSP Bundle\" as IdP\nparticipant \"SecondFactor implementation\" as App\nend box\nUser -\u003e SP: Register/Authenticate\nSP -\u003e IdP: Send AuthnRequest\nactivate IdP\nIdP -\u003e App: Redirect to SecondFactor endpoint\nApp -\u003e App: \u003cYour custom SecondFactor implementation\u003e\nApp -\u003e IdP: Redirect to SSO Return endpoint\nIdP -\u003e SP: AuthnRequest response\ndeactivate IdP\nSP -\u003e User: User registered/Authenticated\n@enduml\n---\u003e\n\nDevelopment environment\n======================\n\nThe purpose of the development environment is only for running the different test and metric tools.\n\nTo get started, first setup the development environment. The development environment is a docker container. That is\ncontrolled via the [OpenConext-devconf](https://github.com/OpenConext/OpenConext-devconf/) project.\n\nEvery task described below should be run from that container.\n\nSetting the desired Symfony application environment\n===================================================\nThere are 2 ways you can influence the desired Symfony application environment.\n\n1. Set the `app_env` parameter in `config/openconext/parameters.yaml` to `dev`, `test` or `prod`\n2. Override the `app_env` param by providing an environment variable named `APP_ENV`\n\n- The default value for the application environment will be `prod`\n- Do not try to use a .env file to override the `app_env` param. That file will not be evaluated by Symfony as we decided not use the DotEnv component.\n\n\nRequirements\n-------------------\n- Docker\n- OpenConext-devconf\n\nInstall\n-------------------\n**Copy the parameters.yaml**\n\n`$ cp config/openconext/parameters.yaml.dist config/openconext/parameters.yaml`\n\n**Bring up the container in dev-mode**\nFrom you dev-conf installation start the `stepup` dev-env with AzureMFA in dev mode\n\nFor example:\n\n```bash\ncd stepup\n./start-dev-env.sh azuremfa:../../OpenConext-stepup/Stepup-AzureMFA\n```\n\n**Building frontend assets:**\n\n`$ yarn encore dev` \n\nor \n\n`$ yarn encore prod` \n\nfor production \n\n\nIf everything goes as planned you can go to:\n\n[https://azuremfa.dev.stepup.local](https://azuremfa.dev.stepup.local/)\n\n\nConfiguring institutions using Azure MFA \n----------\n\nThe application can be thought to the Azure MFA GSSP via YAML configuration.\n\nIn `config/openconext/institutions.yaml.dist` you will find a sample configuration. This configuration should be copied to\n`config/openconext/institutions.yaml` and be configured to fit your use case.\n\nThe dist file goes into details about the different configuration options.\n\nDebugging\n-------------------\nXdebug is configured when provisioning your development Vagrant box. \nIt's configured with auto connect IDE_KEY=phpstorm. \n\nTests and metrics\n======================\n\nTo run all required test you can run the following commands from the dev env:\n\n```bash \n    composer check \n    # To run the behat tests\n    composer behat\n```\n\nEvery part can be run separately. Check \"scripts\" section of the composer.json file for the different options.\n\nRelease instructions\n=====================\n\nPlease read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management for more information on the release strategy used in Stepup projects.\n\nOther resources\n======================\n\n - [Developer documentation](docs/index.md)\n - [Issue tracker](https://www.pivotaltracker.com/n/projects/1163646)\n - [License](LICENSE)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fstepup-azuremfa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenconext%2Fstepup-azuremfa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fstepup-azuremfa/lists"}