{"id":23859226,"url":"https://github.com/openconext/stepup-gssp-example","last_synced_at":"2026-02-28T00:33:32.329Z","repository":{"id":27027678,"uuid":"109949764","full_name":"OpenConext/Stepup-gssp-example","owner":"OpenConext","description":null,"archived":false,"fork":false,"pushed_at":"2024-04-03T08:17:50.000Z","size":29478,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":12,"default_branch":"main","last_synced_at":"2024-05-01T23:57:32.480Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"SCSS","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OpenConext.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-08T08:43:02.000Z","updated_at":"2024-05-27T12:16:39.426Z","dependencies_parsed_at":"2023-02-19T00:00:37.047Z","dependency_job_id":"7a02d513-954c-4146-8992-3ab20e2835df","html_url":"https://github.com/OpenConext/Stepup-gssp-example","commit_stats":null,"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-gssp-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-gssp-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-gssp-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OpenConext%2FStepup-gssp-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OpenConext","download_url":"https://codeload.github.com/OpenConext/Stepup-gssp-example/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240163548,"owners_count":19758028,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-03T03:33:03.940Z","updated_at":"2026-02-28T00:33:27.274Z","avatar_url":"https://github.com/OpenConext.png","language":"SCSS","readme":"Stepup-gssp-example\n===================\n\n[![Build status](https://github.com/OpenConext/Stepup-gssp-example/actions/workflows/test-integration.yml/badge.svg)](https://github.com/OpenConext/Stepup-gssp-example/actions/workflows/test-integration.yml)\n\n\n\nExample Generic SAML Stepup Provider.\n\nThis repository can be used for reference material or \nas a base project setup for new IdP SecondFactor application.\n\nThe SAML logic for receiving authentication request (AuthnRequest) and sending authentication response back is\nplaced inside the Symfony bundle [stepup-gssp-bundle](https://github.com/OpenConext/Stepup-gssp-bundle). The state of the\napplication is stored inside PHP sessions, each new request will invalidate the current session state.\n\nLocale user preference\n----------------------\n\nThe default locale is based on the user agent. When the user switches its locale the selected preference is stored inside a\nbrowser cookie (stepup_locale). The cookie is set on naked domain of the requested domain (for demogssp.dev.openconext.local this is example.com).\n\nAuthentication and registration flows\n-------------------------------------\n\nThe application provides internal (SpBundle) and a remote service provider. Instructions for this are given \non the homepage of this example project [Homepage](https://demogssp.dev.openconext.local/).\n\n![flow](docs/flow.png)\n\u003c!---\nregenerate docs/flow.png with `plantum1 README.md` or with http://www.plantuml.com/plantuml\n@startuml docs/flow\nactor User\nparticipant \"Service provider\" as SP\nbox \"Stepup GSSP example\"\nparticipant \"GSSP Bundle\" as IdP\nparticipant \"SecondFactor implementation\" as App\nend box\nUser -\u003e SP: Register/Authenticate\nSP -\u003e IdP: Send AuthnRequest\nactivate IdP\nIdP -\u003e App: Redirect to SecondFactor endpoint\nApp -\u003e App: \u003cYour custom SecondFactor implementation\u003e\nApp -\u003e IdP: Redirect to SSO Return endpoint\nIdP -\u003e SP: AuthnRequest response\ndeactivate IdP\nSP -\u003e User: User registered/Authenticated\n@enduml\n---\u003e\n\n\nHow to create your own Stepup Provider\n======================================\n\nThere are two ways to approach this. \n\nCopy this GSSP example repository\n---------------------------------\n\nOne of the benefits of using this repository is that it contains many pre-configured tools:\n\n* Metrics \u0026 test tooling [testing.md](./docs/testing.md)\n* Development environment provisioned by Vagrant \n* Pre-configured travis.yml for CI integration\n* Default SurfContext styling [frontend_tooling.md](./docs/frontend_tooling.md)\n\n1) Clone and checkout this repository\n2) Change the project configuration variables:\n    * composer.json name and description\n    * this readme.md file\n    * Replace 'demogssp.dev.openconext.local' in all files with your own hostename\n3) Install the copied project. (See [Development environment](#) section of this README.md file)\n4) Implement your authentication \u0026 registration logic in DefaultController::registrationAction and DefaultController::authenticateAction. \n5) Feel free to rename and change this example clone for your needs.\n\nInstall from a clean or exiting symfony project\n------------------------------------\n\n1) [Install Symfony](http://symfony.com/doc/current/setup.html) \n2) Follow the instructions from the [GSSP bundle](https://github.com/OpenConext/Stepup-gssp-bundle)\n\nSetting the desired Symfony application environment\n===================================================\nThere are 2 ways you can influence the desired Symfony application environment.\n\n1. Set the `app_env` parameter in `config/openconext/parameters.yaml` to `dev`, `test` or `prod`\n2. Override the `app_env` param by providing an environment variable named `APP_ENV`\n\n- The default value for the application environment will be `prod`\n- Do not try to use a .env file to override the `app_env` param. That file will not be evaluated by Symfony as we decided not use the DotEnv component.\n\nDevelopment environment\n======================\n\nThe purpose of the development environment is only for running the different test and metric tools.\n\nTo get started, first setup the development environment. The development environment is a docker container. That is\ncontrolled via the [OpenConext-devconf](https://github.com/OpenConext/OpenConext-devconf/) project.\n\nEvery task described below should be run from that container.\n\nRequirements\n-------------------\n- Docker\n- OpenConext-devconf\n\nInstall\n-------------------\n**Copy the parameters.yaml**\n\n`$ cp config/openconext/parameters.yaml.dist config/openconext/parameters.yaml`\n\n**Bring up the container in dev-mode**\nFrom you dev-conf installation start the `stepup` dev-env with AzureMFA in dev mode\n\nFor example:\n\n```bash\ncd stepup\n./start-dev-env.sh demogssp:../../OpenConext-stepup/Stepup-gssp-example\n```\n\n**Building frontend assets:**\n\n`$ yarn encore dev`\n\nor\n\n`$ yarn encore prod`\n\nfor production\n\n\nIf everything goes as planned you can go to:\n\n[https://demogssp.dev.openconext.local](https://demogssp.dev.openconext.local/)\n\nDebugging\n-------------------\nXdebug is configured when provisioning your development Vagrant box. \nIt's configured with auto connect IDE_KEY=phpstorm. \n\nTests and metrics\n======================\n\nTo run all required test you can run the following commands from the dev env:\n\n```bash \n    composer test \n```\n\nEvery part can be run separately. Check \"scripts\" section of the composer.json file for the different options.\n\nRelease instructions\n=====================\n\nPlease read: https://github.com/OpenConext/Stepup-Deploy/wiki/Release-Management for more information on the release strategy used in Stepup projects.\n\nOther resources\n======================\n\n - [Developer documentation](docs/index.md)\n - [Issue tracker](https://www.pivotaltracker.com/n/projects/1163646)\n - [License](LICENSE)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fstepup-gssp-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenconext%2Fstepup-gssp-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenconext%2Fstepup-gssp-example/lists"}