diff --git a/.editorconfig b/.editorconfig
index a9556338f..091cb37ed 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -13,3 +13,6 @@ max_line_length = 180
[*.py]
indent_size = 4
+
+[*.{php,php.j2}]
+indent_size = 4
diff --git a/roles/diyidp/defaults/main.yml b/roles/diyidp/defaults/main.yml
index f2e8ca303..b32071843 100644
--- a/roles/diyidp/defaults/main.yml
+++ b/roles/diyidp/defaults/main.yml
@@ -1,18 +1,22 @@
---
diyidp_domain: "diyidp.{{ base_domain }}"
diyidp_cert: "diyidp.crt"
-diyidp:
+diyidp_db:
db_host: "{{ mariadb_host }}"
- db_name: diyidp
- db_user: diyidprw
+ db_name: "diyidp"
+ db_user: "diyidprw"
db_password: "{{ mysql_passwords.diyidp }}"
secretsalt: "{{ diyidp_secret_salt }} "
admin_password: "{{ diyidp_secret }}"
-diyidp_secret_salt: secretsecret
-diyidp_secret: secret
+diyidp_theme: "theme_diyidp:diyidp"
+diyidp_secret_salt: "diyidp_secretsecret"
+diyidp_secret: "diyidp_secret"
diyidp_remotesp:
- name: "{{ instance_name }} SP metadata"
metadataurl: "https://engine.{{ base_domain }}/authentication/sp/metadata"
acslocation: "https://engine.{{ base_domain }}/authentication/sp/consume-assertion"
diyidp_docker_networks:
- name: "loadbalancer"
+
+# set this to add extra users to the default. See vars/main.yml
+diyidp_users_extra: []
diff --git a/roles/diyidp/files/diyidp.sql b/roles/diyidp/files/diyidp.sql
deleted file mode 100644
index d1fe10522..000000000
--- a/roles/diyidp/files/diyidp.sql
+++ /dev/null
@@ -1,62 +0,0 @@
--- MySQL dump 10.16 Distrib 10.1.28-MariaDB, for Linux (x86_64)
---
--- Host: localhost Database: diyidp
--- ------------------------------------------------------
--- Server version 10.1.28-MariaDB
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
---
--- Table structure for table `users`
---
-
-DROP TABLE IF EXISTS `users`;
-/*!40101 SET @saved_cs_client = @@character_set_client */;
-/*!40101 SET character_set_client = utf8 */;
-CREATE TABLE `users` (
- `uid` varchar(128) DEFAULT NULL,
- `cn` varchar(128) DEFAULT NULL,
- `givenName` varchar(128) DEFAULT NULL,
- `sn` varchar(128) DEFAULT NULL,
- `mail` varchar(128) DEFAULT NULL,
- `displayName` varchar(128) DEFAULT NULL,
- `schacHomeOrganization` varchar(128) DEFAULT NULL,
- `password` varchar(128) DEFAULT NULL,
- `username` varchar(128) DEFAULT NULL,
- `eduPersonEntitlement` varchar(128) DEFAULT NULL,
- `eduPersonAffiliation` varchar(128) DEFAULT NULL,
- `isMemberOf` varchar(128) DEFAULT NULL,
- `schacPersonalUniqueCode` varchar(256) DEFAULT NULL,
- `eduPersonScopedAffiliation` varchar(256) DEFAULT NULL
-) ENGINE=MyISAM DEFAULT CHARSET=utf8;
-/*!40101 SET character_set_client = @saved_cs_client */;
-
---
--- Dumping data for table `users`
---
-
-LOCK TABLES `users` WRITE;
-/*!40000 ALTER TABLE `users` DISABLE KEYS */;
-INSERT INTO `users` VALUES ('student1','Student One','Student','One','student1@diy.surfconext.nl','Student One','diy.surfconext.nl','student1','student1',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:123456','member@cs.diy.surfconext.nl'),('FyHah7$J','Student Two','Student','Two','s1869831907@example.org','Student Two','diy.surfconext.nl','student2','student2',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:223456','member@cs.diy.surfconext.nl'),('student3',NULL,NULL,'Three','student3@diy.surfconext.nl','Student Three','diy.surfconext.nl','student3','student3',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:323456','member@physics2.diy.surfconext.nl'),('viggo7','Christian Godfried Viggo Lind','Godfried','Viggo','Godfried.Viggo@unidenmark-example.dk','Godfried Viggo','unidenmark-example.dk','student4','student4',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:323456',NULL),('U3342109','髙橋 大輔','Daisuke','Takahashi','U3342109@exchange-example.edu','Daisuke Takahashi','exchange-example.edu','student5','student5',NULL,'member','urn:collab:org:exchange-university.org','urn:schac:personalUniqueCode:nl:local:exchange-example.edu:studentid:s123456','member@phys.exchange-example.edu'),('U6789003','Phùng Thị Lệ Tư','Phùng Thị','Lệ Tư','U6789003@exchange-example.edu','Phùng Thị Lệ Tư','home-university-example.org','student6','student6',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','member@phys.home-university-example.org'),('jsanden','Jaantje van der Sanden','Jaantje','van der Sanden','jsanden@uniamsterdam-example.nl','Jaantje van der Sanden','uniamsterdam-example.nl','student7','student7','urn:x-surfnet:surf.nl:surfdrive-example:quota:50','member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','member@acounting.uniamsterdam-example.nl'),('s445599','Alessandra Gómez Llarnas','Alessandra','Gómez Llarnas','s445599@universitatmadrid-example.es','Alessandra Gómez Llarnas','universitatmadrid-example','student8','student8',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:123456','member@acounting.test.cs.universitatmadrid-example'),('abriseno','Augustus Padrón Briseño','August','Briseño','A.Briseno@universitatmadrid-example.es','August Briseño','universitatmadrid-example.es','student9','student9',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:S123456','member@students.universitatmadrid-example.es'),('s134567','邵靜宜','Shao','Jingy','s134567@pkuni.edu-example.cn','Shao Jingy','pkuni.edu-example.cn','student10','student10',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:s10513456','member@students.2010.pkuni.edu-example.cn'),('U9088123','Roman Švejda','Roman','Švejda','U9088123@uni.poznantech-example.pl','Roman Švejda','uni.poznantech-example.pl','student11','student11',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S123456','member@cs.uni.poznantech-example.pl'),('U7128109','Anna Rybínová','Anna','Rybínová','U7128109@uni.poznantech-example.pl','Anna Rybínová','uni.poznantech-example.pl','student12','student12',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S124456','member@cs.uni.poznantech-example.pl'),('p0987743','Li Qin Ch\'ien','Li Qin','Ch\'ien','p0987743@pkuni.edu-example.cn','Li Qin Ch\'ien','pkuni.edu-example.cn','student13','student13',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:1124456','member@math.pkuni.edu-example.cn'),('student14','Martin Nikolaus Jørgensen','Martin','Jørgensen','jorgensen07@stockholmuni-example.se','Martin N. Jørgensen','stockholmuni-example.se','student14','student14',NULL,'member','urn:collab:org:sunet-example.se','urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:123456','member@math.stockholmuni-example.se'),('student15','Sander Johan Kjær','Sander','Kjær','kjaer11@stockholmuni-example.se','Sander J. Kjær','stockholmuni-example.se','student15','student15',NULL,'member','urn:collab:org:sunet-example.se','urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:223456','member@stockholmuni-example.se'),('student16','Erôss Neci','Erôss','Neci','eross.neci@kuni.edu-example.tr','Erôss Neci','kuni.edu-example.tr','student16','student16',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:123456','member@ac.kuni.edu-example.tr'),('student17','Kocsis Szescõ','Kocsis','Szescõ','kocsis.szesco@kuni.edu-example.tr','Kocsis Szescõ','kuni.edu-example.tr','student17','student17',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456','member@ac.kuni.edu-example.tr'),('student18','Marjanca Muršić','Marjanca','Muršić','Marjanca.Mursic@kuni.edu-example.tr','Marjanca Muršić','kuni.edu-example.tr','student18','student18',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456','member@ac.kuni.edu-example.tr'),('student19','Petra Penttilä','Petra','Penttilä','ppenttila@university-example.org','Petra Penttilä','university-example.org','student19','student19',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:123456','member@test.university-example.org'),('student20','Jóney Ingólfsdóttir','Jóney','Ingólfsdóttir','Joney.Ingolfsdottir@unidenmark-example.dk','Jóney Ingólfsdóttir','unidenmark-example.dk','student20','student20',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:s20513456','member@employee.unidenmark-example.dk'),('jstiglitz','Joseph Eugene Stiglitz','Joseph','Stiglitz','J.E.Stiglitz@harvard-example.edu','Joseph Stiglitz','harvard-example.edu','teacher1','teacher1',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:123456','member@cs.harvard-example.edu'),('pkrugman','Prof. Paul Robin Krugman','Paul','Krugman','P.R.Krugman@harvard-example.edu','Paul Krugman','harvard-example.edu','teacher2','teacher2',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:s123456','member@harvard-example.edu'),('bbernanke','Ben Shalom Bernanke','Ben','Bernanke','B.S.Bernanke@yale-uni-example.edu','Ben Bernanke','yale-uni-example.edu','teacher3','teacher3',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:123456','member@biology.yale-uni-example.edu'),('agreenspan','Alan Greenspan','Alan','Greenspan','A.Greenspan@yale-uni-example.edu','Alan Greenspan','yale-uni-example.edu','teacher4','teacher4',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:s123456','member@biology.yale-uni-example.edu'),('am_ampere','André-Marie Ampère','André-Marie','Ampère','am_ampere@electrical-uni-example.edu','André-Marie Ampère','electrical-uni-example.edu','teacher5','teacher5',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:s123456','member@social.electrical-uni-example.edu'),('w_rontgen','Wilhelm Conrad Röntgen','Wilhelm','Röntgen','w_rontgen@electrical-uni-example.edu','Wilhelm Röntgen','electrical-uni-example.edu','teacher6','teacher6',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:123456','employee@social.electrical-uni-example.edu'),('m_faraday','Michael Faraday FRS','Michael','Faraday','m_faraday@electrical-uni-example.edu','Michael Faraday','electrical-uni-example.edu','teacher7','teacher7',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:213456','member@cs.electrical-uni-example.edu'),('n_tesla','Nikola Tesla','Nikola','Tesla','n_tesla@electrical-uni-example.edu','Nikola Tesla','electrical-uni-example.edu','teacher8','teacher8',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:e813456','member@accounting.electrical-uni-example.edu'),('teacher9','William Henry Gates III','Bill','Gates','bill.gates@stanford-example.edu','Bill Gates','stanford-example.edu','teacher9','teacher9',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:e913456','member@ca.stanford-example.edu'),('teacher10','Steven Paul Jobs','Steve','Jobs','steve.jobs@stanford-example.edu','Steve Jobs','stanford-example.edu','teacher10','teacher10',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:1013456','member@ca.stanford-example.edu'),('jweeler','Joseph Weeler','Joseph','Weeler','Joseph+Weeler@university-example.org','Joseph Weeler','university-example.org','staff1','staff1',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m123456','member@accounting.university-example.org'),('awest','Anthony West','Anthony','West','Anthony_West@university-example.org','Anthony West','university-example.org','staff2','staff2',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m213456','member@student.university-example.org'),('oburton','Oscar Burton','Oscar','Burton','Osc@r__Burton@university-example.org','Oscar Burton','university-example.org','staff3','staff3',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m313456','employee@physics'),('belfort','Jordan Ross Belfort','Jordan','Belfort','Jordan.Belfort@harvard-example.edu','Jordan R. Belfort','harvard-example.edu','professor1','professor1',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e1523456','member@cs.harvard-example.edu'),('wynn','Steve Alen Wynn','Steve','Wynn','steve.Wynn@las.vegas.com','Steve Wynn','harvard-example.edu','professor2','professor2',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e2523456','member@cs.harvard-example.edu'),('isaac','Sir Isaac Newton','Isaac','Newton','isaacnewton@university-example.org','Isaac Newton','university-example.org','professor3','professor3',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e3523456','member@phys.university-example.org'),('g_ohm','Prof. Dr. Georg Simon Ohm','Georg','Ohm','georg.ohm@university-example.org','Georg Ohm','university-example.org','professor4','professor4',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e5523456','member@phys.university-example.org'),('jrockefeller','John Davison Rockefeller','John Davison','Rockefeller','John.D.Rockefeller@university-example.org','John D. Rockefeller','university-example.org','professor5','professor5',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:employeeid:e513456','member@cool.university-example.org'),('s134567','Shao Jingyi','Shao','Jingy','shaojingy@gmail-example.com','Shao Jingy','pkuni.edu-example.cn','student10','student10',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:s10513456','student@95.pkuni.edu-example.cn'),('belfort','Jordan Ross Belfort','Jordan','Belfort','jordan@harvard-example.edu','Jordan R. Belfort','harvard-example.edu','professor1','professor1',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e1523456','employee@acc.harvard-example.edu'),('belfort','Jordan Ross Belfort','Jordan','Belfort','Jordan.Belfort@harvard-example.edu','Jordan R. Belfort','harvard-example.edu','professor1','professor1','urn:mace:dir:entitlement:common-lib-terms-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e1523456','faculty@cs.harvard-example.edu'),('U6789003','Phùng Thị Lệ Tư','Phùng Thị','Lệ Tư','LeTu02@home-university-example.org','Phùng Thị Lệ Tư','home-university-example.org','student6','student6','urn:mace:dir:entitlement:common-lib-terms-example','employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','employee@cs.home-university-example.org'),('U3342109','Daisuke Takahashi','Daisuke','Takahashi','U3342109@exchange-example.edu','Daisuke Takahashi','exchange-example.edu','student5','student5',NULL,'student','urn:collab:org:home-university.org','urn:schac:personalUniqueCode:nl:local:exchange-example.edu:studentid:s123456','student@cs.exchange-example.edu'),('U6789003','Phùng Thị Lệ Tư','Phùng Thị','Lệ Tư','LeTu02@home-university-example.org','Phùng Thị Lệ Tư','home-university-example.org','student6','student6',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','student@saml.home-university-example.org'),('U6789003','Phùng Thị Lệ Tư','Phùng Thị','Lệ Tư','LeTu02@home-university-example.org','Phùng Thị Lệ Tư','home-university-example.org','student6','student6','urn:mace:terena.org:tcs:personal-user-example','staff','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','staff@oidc.home-university-example.org'),('jrockefeller','John Davison Rockefeller','John Davison','Rockefeller','John.D.Rockefeller@university-example.org','John D. Rockefeller','university-example.org','professor5','professor5',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:employeeid:e513456','employee@cs.university-example.org'),('wynn','Steve Alen Wynn','Steve','Wynn','Steve.Wynn@example-casino.com','Steve Wynn','harvard-example.edu','professor2','professor2',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e2523456','employee@cs.harvard-example.edu'),('wynn','Steve Alen Wynn','Steve','Wynn','S.Wynn@harvard-example.edu','Steve Wynn','harvard-example.edu','professor2','professor2','urn:mace:dir:entitlement:common-lib-terms-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e2523456','faculty@cs.harvard-example.edu'),('isaac','Sir Isaac Newton','Isaac','Newton','newton@university-example.org','Isaac Newton','university-example.org','professor3','professor3',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e3523456','employee@cs.university-example.org'),('isaac','Sir Isaac Newton','Isaac','Newton','isaacnewton@university-example.org','Isaac Newton','university-example.org','professor3','professor3','urn:mace:dir:entitlement:common-lib-terms-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e3523456','faculty@cs.university-example.org'),('student21','Pietje Puk','Pietje','Puk','Pietje.puk@exmplebilbioharderwijk.nl','Pietje Puk','exmplebilbioharderwijk.nl','student21','student21','','','','0',NULL),('pkrugman','Prof. Paul Robin Krugman','Paul','Krugman','Paul.Krugman@harvard-example.edu','Paul Krugman','harvard-example.edu','teacher2','teacher2',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:s123456','employee@acc.harvard-example.edu'),('g_ohm','Prof. Dr. Georg Simon Ohm','Georg','Ohm','georg.ohm@university-example.org','Georg Ohm','university-example.org','professor4','professor4',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e5523456','employee@acc.university-example.org'),('g_ohm','Prof. Dr. Georg Simon Ohm','Georg','Ohm','georg.ohm@university-example.org','Georg Ohm','university-example.org','professor4','professor4','urn:mace:dir:entitlement:common-lib-terms-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e5523456','faculty@acc.university-example.org'),('jrockefeller','John Davison Rockefeller','John Davison','Rockefeller','John.D.Rockefeller@university-example.org','John D. Rockefeller','university-example.org','professor5','professor5','urn:mace:dir:entitlement:common-lib-terms-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:employeeid:e513456','faculty@acc.university-example.org'),('jstiglitz','Joseph Eugene Stiglitz','Joseph','Stiglitz','Joseph.Stiglitz@harvard-example.edu','Joseph Stiglitz','harvard-example.edu','teacher1','teacher1',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:123456','employee@acc.harvard-example.edu'),('jstiglitz','Joseph Eugene Stiglitz','Joseph','Stiglitz','jstiglitz@harvard-example.edu','Joseph Stiglitz','harvard-example.edu','teacher1','teacher1','urn:mace:incommon.org:reg:education-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:123456','faculty@cs.acc.harvard-example.edu'),('pkrugman','Prof. Paul Robin Krugman','Paul','Krugman','pkrugman@harvard-example.edu','Paul Krugman','harvard-example.edu','teacher2','teacher2',NULL,'faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:s123456',NULL),('bbernanke','Ben Shalom Bernanke','Ben','Bernanke','Ben.Bernanke@yale-uni-example.edu','Ben Bernanke','yale-uni-example.edu','teacher3','teacher3',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:123456','employee@123.yale-uni-example.edu'),('bbernanke','Ben Shalom Bernanke','Ben','Bernanke','bbernanke@yale-uni-example.edu','Ben Bernanke','yale-uni-example.edu','teacher3','teacher3',NULL,'faculty','urn:collab:org:co-example.org ','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:123456','faculty@123.yale-uni-example.edu'),('agreenspan','Alan Greenspan','Alan','Greenspan','Alan.Greenspan@yale-uni-example.edu','Alan Greenspan','yale-uni-example.edu','teacher4','teacher4',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:s123456','employee@123.yale-uni-example.edu'),('agreenspan','Alan Greenspan','Alan','Greenspan','agreenspan@yale-uni-example.edu','Alan Greenspan','yale-uni-example.edu','teacher4','teacher4',NULL,'faculty','urn:collab:org:co-example.org ','urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:s123456','faculty@123.yale-uni-example.edu'),('am_ampere','André-Marie Ampère','André-Marie','Ampère','am_ampere@electrical-uni-example.edu','André-Marie Ampère','electrical-uni-example.edu','teacher5','teacher5',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:s123456','employee@fs.electrical-uni-example.edu'),('am_ampere','André-Marie Ampère','André-Marie','Ampère','am_ampere@electrical-uni-example.edu','André-Marie Ampère','electrical-uni-example.edu','teacher5','teacher5',NULL,'faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:s123456','faculty@fs.electrical-uni-example.edu'),('w_rontgen','Wilhelm Conrad Röntgen','Wilhelm','Röntgen','w_rontgen@electrical-uni-example.edu','Wilhelm Röntgen','electrical-uni-example.edu','teacher6','teacher6',NULL,'faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:123456','faculty@fs.electrical-uni-example.edu'),('w_rontgen','Wilhelm Conrad Röntgen','Wilhelm','Röntgen','w_rontgen@electrical-uni-example.edu','Wilhelm Röntgen','electrical-uni-example.edu','teacher6','teacher6',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:123456','member@fs.electrical-uni-example.edu'),('m_faraday','Michael Faraday FRS','Michael','Faraday','m_faraday@electrical-uni-example.edu','Michael Faraday','electrical-uni-example.edu','teacher7','teacher7',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:213456','employee@fs.electrical-uni-example.edu'),('m_faraday','Michael Faraday FRS','Michael','Faraday','m_faraday@electrical-uni-example.edu','Michael Faraday','electrical-uni-example.edu','teacher7','teacher7',NULL,'faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:213456','faculty@cs.electrical-uni-example.edu'),('n_tesla','Nikola Tesla','Nikola','Tesla','n_tesla@electrical-uni-example.edu','Nikola Tesla','electrical-uni-example.edu','teacher8','teacher8',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:e813456','employee@cs.electrical-uni-example.edu'),('n_tesla','Nikola Tesla','Nikola','Tesla','n_tesla@electrical-uni-example.edu','Nikola Tesla','electrical-uni-example.edu','teacher8','teacher8',NULL,'faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:e813456','faculty@acc.electrical-uni-example.edu'),('teacher9','William Henry Gates III','Bill','Gates','bill.gates@stanford-example.edu','Bill Gates','stanford-example.edu','teacher9','teacher9',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:e913456','employee@acc.stanford-example.edu'),('teacher9','William Henry Gates III','Bill','Gates','bill.gates@stanford-example.edu','Bill Gates','stanford-example.edu','teacher9','teacher9','urn:mace:terena.org:tcs:personal-user-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:e913456','faculty@acc.stanford-example.edu'),('teacher10','Steven Paul Jobs','Steve','Jobs','steve.jobs@stanford-example.edu','Steve Jobs','stanford-example.edu','teacher10','teacher10',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:1013456','employee@student.95.stanford-example.edu'),('teacher10','Steven Paul Jobs','Steve','Jobs','steve.jobs@stanford-example.edu','Steve Jobs','stanford-example.edu','teacher10','teacher10','urn:mace:terena.org:tcs:personal-user-example','faculty','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:1013456','faculty@cs.stanford-example.edu'),('abriseno','Augustus Padrón Briseño','August','Briseño','A.Briseno@universitatmadrid-example.es','August Briseño','universitatmadrid-example.es','student9','student9',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:S123456','student@cs.universitatmadrid-example.es'),('awest','Anthony West','Anthony','West','Anthony_West@university-example.org','Anthony West','university-example.org','staff2','staff2',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m213456','employee@cs.university-example.org'),('student1','Student One','Student','One','student1@diy.surfconext.nl','Student One','diy.surfconext.nl','student1','student1',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:123456','student@as.diy.surfconext.nl'),('student16','Erôss Neci','Erôss','Neci','eross.neci@kuni.edu-example.tr','Erôss Neci','kuni.edu-example.tr','student16','student16',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:123456','student@as.kuni.edu-example.tr'),('student14','Martin Nikolaus Jørgensen','Martin','Jørgensen','jorgensen07@stockholmuni-example.se','Martin N. Jørgensen','stockholmuni-example.se','student14','student14',NULL,'student','urn:collab:org:sunet-example.se','urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:123456','student@uni.stockholmuni-example.se'),('student17','Kocsis Szescõ','Kocsis','Szescõ','kocsis.szesco@kuni.edu-example.tr','Kocsis Szescõ','kuni.edu-example.tr','student17','student17',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456','student@employee.kuni.edu-example.tr'),('jweeler','Joseph Weeler','Joseph','Weeler','Joseph+Weeler@university-example.org','Joseph Weeler','university-example.org','staff1','staff1',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m123456','employee@test.university-example.org'),('jweeler','Joseph Weeler','Joseph','Weeler','Joseph+Weeler@university-example.org','Joseph Weeler','university-example.org','staff1','staff1',NULL,'staff','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m123456','staff@cs.university-example.org'),('oburton','Oscar Burton','Oscar','Burton','Osc@r__Burton@university-example.org','Oscar Burton','university-example.org','staff3','staff3',NULL,'member','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m313456','member@cs.university-example.org'),('awest','Anthony West','Anthony','West','Anthony_West@university-example.org','Anthony West','university-example.org','staff2','staff2',NULL,'staff','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m213456','staff@cs.university-example.org'),('oburton','Oscar Burton','Oscar','Burton','Osc@r__Burton@university-example.org','Oscar Burton','university-example.org','staff3','staff3',NULL,'staff','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m313456','staff@cs.university-example.org'),('student1','Student One','Student','One','student1@diy.surfconext.nl','Student One','diy.surfconext.nl','student1','student1',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:123456','employee@cs.diy.surfconext.nl'),('student1','Student One','Student','One','student1@diy.surfconext.nl','Student One','diy.surfconext.nl','student1','student1',NULL,'staff','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:123456','staff@as.diy.surfconext.nl'),('FyHah7$J','Student Two','Student','Two','s1869831907@example.org','Student Two','diy.surfconext.nl','student2','student2',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:223456','student@cs.iy.surfconext.nl'),('student3',NULL,NULL,'Three','student3@diy.surfconext.nl','Student Three','diy.surfconext.nl','student3','student3',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:323456','student@cs.diy.surfconext.nl'),('jsanden','Jaantje van der Sanden','Jaantje','van der Sanden','jsanden@uniamsterdam-example.nl','Jaantje van der Sanden','uniamsterdam-example.nl','student7','student7','urn:mace:surf.nl:value:edulicense','student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456','student@cs.uniamsterdam-example.nl'),('s445599','Alessandra Gómez Llarnas','Alessandra','Gómez Llarnas','s445599@universitatmadrid-example.es','Alessandra Gómez Llarnas','universitatmadrid-example','student8','student8',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:123456','student@cs.universitatmadrid-example'),('U9088123','Roman Švejda','Roman','Švejda','U9088123@uni.poznantech-example.pl','Roman Švejda','uni.poznantech-example.pl','student11','student11',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S123456','student@cs.uni.poznantech-example.pl'),('U7128109','Anna Rybínová','Anna','Rybínová','U7128109@uni.poznantech-example.pl','Anna Rybínová','uni.poznantech-example.pl','student12','student12',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S124456','student@cs.uni.poznantech-example.pl'),('p0987743','Li Qin Ch\'ien','Li Qin','Ch\'ien','p0987743@pkuni.edu-example.cn','Li Qin Ch\'ien','pkuni.edu-example.cn','student13','student13',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:1124456','student@pkuni.edu-example.cn'),('student15','Sander Johan Kjær','Sander','Kjær','kjaer11@stockholmuni-example.se','Sander J. Kjær','stockholmuni-example.se','student15','student15',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:223456','student@23.stockholmuni-example.se'),('student16','Erôss Neci','Erôss','Neci','eross.neci@kuni.edu-example.tr','Erôss Neci','kuni.edu-example.tr','student16','student16',NULL,'employee','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:123456','employee@2015.kuni.edu-example.tr'),('student16','Erôss Neci','Erôss','Neci','eross.neci@kuni.edu-example.tr','Erôss Neci','kuni.edu-example.tr','student16','student16','urn:mace:terena.org:tcs:personal-user-example','staff','urn:collab:org:co-example.org ','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:123456','staff@2015.kuni.edu-example.tr'),('student18','Marjanca Muršić','Marjanca','Muršić','Marjanca.Mursic@kuni.edu-example.tr','Marjanca Muršić','kuni.edu-example.tr','student18','student18',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456','student@1234.kuni.edu-example.tr'),('student19','Petra Penttilä','Petra','Penttilä','ppentila@hotmail-example.org','Petra Penttilä','university-example.org','student19','student19',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:123456','student@test.university-example.org'),('student20','Jóney Ingólfsdóttir','Jóney','Ingólfsdóttir','Joney.Ingolfsdottir@unidenmark-example.dk','Jóney Ingólfsdóttir','unidenmark-example.dk','student20','student20',NULL,'student','urn:collab:org:surf.nl','urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:s20513456',NULL);
-/*!40000 ALTER TABLE `users` ENABLE KEYS */;
-UNLOCK TABLES;
-/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
-
-/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
-/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
-/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
-/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
-/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
-/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
-/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-
--- Dump completed on 2017-10-24 11:46:54
diff --git a/roles/diyidp/files/theme_diyidp/default-enable b/roles/diyidp/files/theme_diyidp/default-enable
new file mode 100644
index 000000000..39cdd0ded
--- /dev/null
+++ b/roles/diyidp/files/theme_diyidp/default-enable
@@ -0,0 +1 @@
+-
diff --git a/roles/diyidp/files/theme_diyidp/public/assets/userclick.css b/roles/diyidp/files/theme_diyidp/public/assets/userclick.css
new file mode 100644
index 000000000..f476beff4
--- /dev/null
+++ b/roles/diyidp/files/theme_diyidp/public/assets/userclick.css
@@ -0,0 +1,3 @@
+table {
+ text-color: red;
+}
diff --git a/roles/diyidp/files/theme_diyidp/themes/diyidp/exampleauth/userclick.twig b/roles/diyidp/files/theme_diyidp/themes/diyidp/exampleauth/userclick.twig
new file mode 100644
index 000000000..1937bd555
--- /dev/null
+++ b/roles/diyidp/files/theme_diyidp/themes/diyidp/exampleauth/userclick.twig
@@ -0,0 +1,89 @@
+{% set pagetitle = 'Continue as persona' %}
+
+{% extends "@core/base.twig" %}
+
+{% block preload %}
+
+
+{% endblock %}
+
+{% block content %}
+
+
Sandbox IdP
+ Please select one of the following test users to log in. Hoover over the user to see their attributes.
+
+ {# Show list of users of attribtue table on hoover #}
+
+
+
+ {% for id, attributes in users %}
+
+ {% for name, values in attributes %}
+
+ {{ name }}
+
+ {{ values | join(' ') }}
+{#
+ {% for v in values %}
+ {{ v }}
+ {% endfor %}
+#}
+
+
+ {%- endfor %}
+
+ {%- endfor %}
+
+
+ {# create a list of all used attributes. We'll print them in columns #}
+ {# inital value make sure the ocmmon attributes are ordered correctly #}
+ {% set all_attributes = ['username', 'displayName', 'cn', 'sn', 'givenName', 'mail', 'uid', 'schacHomeOrganiztion'] %}
+ {% for user in users %}
+ {% for key, value in user %}
+ {% if key not in all_attributes %}
+ {% set all_attributes = all_attributes|merge([key]) %}
+ {% endif %}
+ {% endfor %}
+ {% endfor %}
+
+ {# Show table of all users and all values #}
+
+
+
+
+ {% for a in all_attributes %}
+ {{ a }}
+ {% endfor %}
+
+
+
+ {% for id, attributes in users %}
+
+ {% for a in all_attributes %}
+
+ {% if attributes[a] is defined %}
+ {{ attributes[a] | join(', ') }}
+ {% else %}
+ –
+ {% endif %}
+
+ {% endfor %}
+
+ {% endfor %}
+
+
+
+
+{% endblock %}
+{# vi:sw=4:ts=4:expanddtab #}
diff --git a/roles/diyidp/handlers/main.yml b/roles/diyidp/handlers/main.yml
index 1ef1d0ed4..6d88ed0f0 100644
--- a/roles/diyidp/handlers/main.yml
+++ b/roles/diyidp/handlers/main.yml
@@ -1,3 +1,10 @@
---
-- name: restart diyidp
- command: docker restart diyidp
+- name: "Restart diyidp"
+ community.docker.docker_container:
+ name: "diyidp"
+ state: "started"
+ restart: true
+ # avoid restarting it creates unexpected data loss according to docker_container_module notes
+ comparisons:
+ '*': "ignore"
+ when: "diyidp_container is success and diyidp_container is not change"
diff --git a/roles/diyidp/tasks/main.yml b/roles/diyidp/tasks/main.yml
index f4e90ff64..5ccb337a0 100644
--- a/roles/diyidp/tasks/main.yml
+++ b/roles/diyidp/tasks/main.yml
@@ -1,114 +1,133 @@
---
-- debug:
- msg: "{{ diyidp }}"
-- name: Create directories
+- name: "Create directories"
ansible.builtin.file:
path: "/opt/openconext/diyidp/{{ item }}"
- state: directory
- owner: root
- group: root
+ state: "directory"
+ owner: "root"
+ group: "root"
mode: "0775"
with_items:
- - www
- - metadata
- - cert
+ - "cert"
-- name: Put metadata certificate in place
+- name: "Put metadata certificate in place"
ansible.builtin.copy:
src: "{{ inventory_dir }}/files/certs/{{ diyidp_cert }}"
dest: "/opt/openconext/diyidp/cert/server.crt"
- owner: root
- group: root
+ owner: "root"
+ group: "root"
mode: "0644"
-- name: Put metadata key in place
+- name: "Put metadata key in place"
ansible.builtin.copy:
content: "{{ diyidp_private_key }}"
dest: "/opt/openconext/diyidp/cert/server.key"
- owner: root
- group: root
+ owner: "root"
+ group: "root"
mode: "0444"
- notify: restart diyidp
+ notify: "Restart diyidp"
-- name: Copy simplesamlphp configuration files
+- name: "Copy simplesamlphp configuration files"
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "/opt/openconext/diyidp/{{ item }}"
+ owner: "root"
+ group: "root"
mode: "0644"
with_items:
- - config-override.php
- - authsources.php
- notify: restart diyidp
+ - "config-override.php"
+ - "authsources.php"
+ - "saml20-idp-hosted.php"
+ - "saml20-sp-remote.php"
+ notify: "Restart diyidp"
-- name: Copy simplesamlphp metadata files
- ansible.builtin.template:
- src: "{{ item }}.j2"
- dest: "/opt/openconext/diyidp/metadata/{{ item }}"
+- name: "Copy DIY IdP theme"
+ ansible.builtin.copy:
+ src: "theme_diyidp"
+ dest: "/opt/openconext/diyidp/"
+ owner: "root"
+ group: "root"
mode: "0644"
+ directory_mode: "0755"
+
+- name: "Remove obsolete files"
+ ansible.builtin.file:
+ path: "/opt/openconext/diyidp/{{ item }}"
+ state: "absent"
with_items:
- - saml20-idp-hosted.php
- - saml20-sp-remote.php
- notify: restart diyidp
+ - "metadata"
+ - "www"
-- name: Copy showusers php script
- ansible.builtin.template:
- src: "showusers.php.j2"
- dest: "/opt/openconext/diyidp/www/showusers.php"
- owner: root
+- name: "Showusers"
+ ansible.builtin.copy:
+ dest: "/opt/openconext/diyidp/alive.php"
+ content: |
+ array(
- // The default is to use core:AdminPassword, but it can be replaced with
- // any authentication source.
+ // This is a authentication source which handles admin authentication.
+ 'admin' => array(
+ 'core:AdminPassword',
+ ),
- 'core:AdminPassword',
- ),
-
-
- 'sql_user' => array(
- 'core:loginpage_links' => [
- 'users' => ['href' => '/showusers.php', 'text' => 'List of available users'],
- ],
- 'sqlauth:SQL',
- 'dsn' => 'mysql:host={{ diyidp.db_host}};port=3306;dbname={{ diyidp.db_name }}',
- 'username' => '{{ diyidp.db_user}}',
- 'password' => '{{ diyidp.db_password}}',
- 'query' => "SELECT uid,givenName,sn,cn, mail,displayName,schacHomeOrganization, CONCAT(uid, '@', schacHomeOrganization) as eduPersonPrincipalName,eduPersonEntitlement,eduPersonAffiliation,isMemberOf,schacPersonalUniqueCode,eduPersonScopedAffiliation
- FROM users WHERE username = :username AND password = :password",
- ),
+ // be careful: diyidp_users has weird characters and quotes inside the strings, se we need to use a nowdoc to expand the variable
+ 'user_chooser' => [ 'exampleauth:UserClick', 'users' => json_decode(<<<'ENDJSON'
+{{ (diyidp_users + diyidp_users_extra) | to_json }}
+ENDJSON
+ , true),
+ ]
);
diff --git a/roles/diyidp/templates/config-override.php.j2 b/roles/diyidp/templates/config-override.php.j2
index 41d4b3b76..c80114068 100644
--- a/roles/diyidp/templates/config-override.php.j2
+++ b/roles/diyidp/templates/config-override.php.j2
@@ -1,6 +1,6 @@
'__DEFAULT__',
+ 'host' => '__DEFAULT__',
- /* X.509 key and certificate. Relative to the cert directory. */
- 'privatekey' => 'server.key',
- 'certificate' => 'server.crt',
+ 'privatekey' => 'server.key',
+ 'certificate' => 'server.crt',
- /*
- * Authentication source to use. Must be one that is configured in
- * 'config/authsources.php'.
- */
- 'auth' => 'sql_user',
+ 'auth' => 'user_chooser',
- /*
- * WARNING: SHA-1 is disallowed starting January the 1st, 2014.
- *
- * Uncomment the following option to start using SHA-256 for your signatures.
- * Currently, simpleSAMLphp defaults to SHA-1, which has been deprecated since
- * 2011, and will be disallowed by NIST as of 2014. Please refer to the following
- * document for more information:
- *
- * http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
- *
- * If you are uncertain about service providers supporting SHA-256 or other
- * algorithms of the SHA-2 family, you can configure it individually in the
- * SP-remote metadata set for those that support it. Once you are certain that
- * all your configured SPs support SHA-2, you can safely remove the configuration
- * options in the SP-remote metadata set and uncomment the following option.
- *
- * Please refer to the IdP hosted reference for more information.
- */
- 'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
+ 'signature.algorithm' => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256',
- /* Uncomment the following to use the uri NameFormat on attributes. */
- 'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
- 'authproc' => array(
- // Convert LDAP names to oids.
- 100 => array('class' => 'core:AttributeMap', 'name2oid'),
- 200 => array('class' => 'core:AttributeMap', 'name2urn'),
- 300 => array('class' => 'saml:PersistentNameID', 'identifyingAttribute' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' ),
- ),
+ 'attributes.NameFormat' => 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri',
+ 'authproc' => array(
+ 100 => array('class' => 'core:AttributeMap', 'name2oid'),
+ 200 => array('class' => 'core:AttributeMap', 'name2urn'),
+ 300 => array(
+ 'class' => 'core:AttributeMap',
+ 'surfAutorisaties' => 'urn:mace:surf.nl:attribute-def:surf-autorisaties',
+ 'surfCRMId' => 'urn:mace:surf.nl:attribute-def:surf-crm-id'
+ ),
+ 900 => array('class' => 'saml:PersistentNameID', 'identifyingAttribute' => 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6' ),
+ ),
);
diff --git a/roles/diyidp/templates/saml20-sp-remote.php.j2 b/roles/diyidp/templates/saml20-sp-remote.php.j2
index eeb6f5b29..18254ca55 100644
--- a/roles/diyidp/templates/saml20-sp-remote.php.j2
+++ b/roles/diyidp/templates/saml20-sp-remote.php.j2
@@ -1,19 +1,14 @@
'{{ remotesp.acslocation }}',
- 'IDPList' => array( 'sql_users', ),
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
-);
+$metadata['{{ remotesp.metadataurl }}'] = [
+ 'AssertionConsumerService' => [[
+ 'Location' => '{{ remotesp.acslocation }}',
+ 'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'
+ ]],
+ 'IDPList' => [ 'user_chooser' ],
+ 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
+];
{% endfor %}
diff --git a/roles/diyidp/templates/showusers.php.j2 b/roles/diyidp/templates/showusers.php.j2
deleted file mode 100644
index ad13e89b0..000000000
--- a/roles/diyidp/templates/showusers.php.j2
+++ /dev/null
@@ -1,225 +0,0 @@
-setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-
- // Prepare and execute the query
- $stmt = $pdo->prepare($qryString);
- $stmt->execute();
- // Return the rows
- $rows = [];
- while ($r = $stmt->fetch(PDO::FETCH_ASSOC)) {
- $rows[] = $r;
- }
-
- return $rows;
-
- }
- catch (PDOException $e) {
- die("PDO Error: " . $e->getMessage());
- }
-}
-
-/**
- * Translate a result array into a HTML table
- *
- * @author Aidan Lister
- * @version 1.3.2
- * @link http://aidanlister.com/2004/04/converting-arrays-to-human-readable-tables/
- * @param array $array The result (numericaly keyed, associative inner) array.
- * @param bool $recursive Recursively generate tables for multi-dimensional arrays
- * @param string $null String to output for blank cells
- */
-function array2table($array, $recursive = false, $null = ' ', $bgcolor='#ccc;')
-{
- // Sanity check
- if (empty($array) || !is_array($array)) {
- return false;
- }
-
- if (!isset($array[0]) || !is_array($array[0])) {
- $array = array($array);
- }
-
- // Start the table
- $table = "\n";
-
- // The header
- $table .= "\t";
- // Take the keys from the first row as the headings
- foreach (array_keys($array[0]) as $heading) {
- $table .= '' . $heading . ' ';
- }
- $table .= " \n";
-
- // The body
- $x=0;
- foreach ($array as $row) {
- $x++;
- $bgcolor = ($x%2 == 0)? '#FFFFFF': '#E0E0E0';
-
- $table .= "\t" ;
- foreach ($row as $cell) {
- $table .= '';
-
- // Cast objects
- if (is_object($cell)) { $cell = (array) $cell; }
-
- if ($recursive === true && is_array($cell) && !empty($cell)) {
- // Recursive mode
- $table .= "\n" . array2table($cell, true, true) . "\n";
- } else {
- $table .= (strlen($cell) > 0) ?
- htmlspecialchars((string) $cell) :
- $null;
- }
-
- $table .= ' ';
- }
-
- $table .= " \n";
- }
-
- $table .= '
';
- return $table;
-}
-
- $sqlString = "SELECT
- username as 'username',
- password as 'password',
- diy.uid as 'urn:oid:0.9.2342.19200300.100.1.1 (uid)',
- schacHomeOrganization as 'urn:oid:1.3.6.1.4.1.25178.1.2.9 (schacHomeOrganization)',
- CONCAT(diy.uid, '@', schacHomeOrganization) as 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6 (eduPersonPrincipalName)',
- cn.cn as 'urn:oid:2.5.4.3 (cn)',
- gn.givenName as 'urn:oid:2.5.4.42 (givenName)',
- sn.sn as 'urn:oid:2.5.4.4 (sn)',
- dn.displayName as 'urn:oid:2.16.840.1.113730.3.1.241 (displayName)',
- mail.mail as 'urn:oid:0.9.2342.19200300.100.1.3 (mail)',
- epa.eduPersonAffiliation as 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1 (eduPersonAffiliation)',
- epe.eduPersonEntitlement as 'urn:oid:1.3.6.1.4.1.5923.1.1.1.7 (eduPersonEntitlement)',
- imo.isMemberOf as 'urn:oid:1.3.6.1.4.1.5923.1.5.1.1 (isMemberOf)',
- spuc.schacPersonalUniqueCode as 'urn:oid:1.3.6.1.4.1.25178.1.2.14 (schacPersonalUniqueCode)',
- epsa.eduPersonScopedAffiliation as 'urn:oid:1.3.6.1.4.1.5923.1.1.1.9 (eduPersonScopedAffiliation)'
-
-
- FROM {{ diyidp.db_name }}.users diy
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(cn SEPARATOR ', ') as cn from
- ( SELECT uid, cn FROM {{ diyidp.db_name }}.users
- GROUP BY uid, cn
- ORDER BY UID
- ) cn
- GROUP BY uid
- ) AS cn
- ON diy.uid = cn.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(eduPersonEntitlement SEPARATOR ', ') as eduPersonEntitlement from
- ( SELECT uid, eduPersonEntitlement FROM {{ diyidp.db_name }}.users
- WHERE length(eduPersonEntitlement) <> 0
- GROUP BY uid, eduPersonEntitlement
- ORDER BY UID
- ) epe
- GROUP BY uid
- ) AS epe
- ON diy.uid = epe.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(displayName SEPARATOR ', ') as displayName from
- ( SELECT uid, displayName FROM {{ diyidp.db_name }}.users
- GROUP BY uid, displayName
- ORDER BY UID
- ) dn
- GROUP BY uid
- ) AS dn
- ON diy.uid = dn.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(sn SEPARATOR ', ') as sn from
- ( SELECT uid, sn FROM {{ diyidp.db_name }}.users
- GROUP BY uid, sn
- ORDER BY UID
- ) sn
- GROUP BY uid
- ) AS sn
- ON diy.uid = sn.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(givenName SEPARATOR ', ') as givenName from
- ( SELECT uid, givenName FROM {{ diyidp.db_name }}.users
- GROUP BY uid, givenName
- ORDER BY UID
- ) givenName
- GROUP BY uid
- ) AS gn
- ON diy.uid = gn.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(mail SEPARATOR ', ') as mail from
- ( SELECT uid, mail FROM {{ diyidp.db_name }}.users
- GROUP BY uid, mail
- ORDER BY UID
- ) mail
- GROUP BY uid
- ) AS mail
- ON diy.uid = mail.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(eduPersonAffiliation SEPARATOR ', ') as eduPersonAffiliation from
- ( SELECT uid, eduPersonAffiliation FROM {{ diyidp.db_name }}.users
- GROUP BY uid, eduPersonAffiliation
- ORDER BY UID
- ) eduPersonAffiliation
- GROUP BY uid
- ) AS epa
- ON diy.uid = epa.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(isMemberOf SEPARATOR ', ') as isMemberOf from
- ( SELECT uid, isMemberOf FROM {{ diyidp.db_name }}.users
- GROUP BY uid, isMemberOf
- ORDER BY UID
- ) isMemberOf
- GROUP BY uid
- ) AS imo
- ON diy.uid = imo.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(schacPersonalUniqueCode SEPARATOR ', ') as schacPersonalUniqueCode from
- ( SELECT uid, schacPersonalUniqueCode FROM diyidp.users
- GROUP BY uid, schacPersonalUniqueCode
- ORDER BY UID
- ) schacPersonalUniqueCode
- GROUP BY uid
- ) AS spuc
- ON diy.uid = spuc.uid
-
- LEFT JOIN
- ( SELECT uid, GROUP_CONCAT(eduPersonScopedAffiliation SEPARATOR ', ') as eduPersonScopedAffiliation from
- ( SELECT uid, eduPersonScopedAffiliation FROM diyidp.users
- GROUP BY uid, eduPersonScopedAffiliation
- ORDER BY UID
- ) eduPersonScopedAffiliation
- GROUP BY uid
- ) AS epsa
- ON diy.uid = epsa.uid
-
-
-GROUP BY diy.uid
-ORDER BY LPAD(lower(username), 2,0), LPAD(lower(username), 10,0)";
-
- // Run the query
- $rows = doQuery($sqlString, $dbuser, $dbpass, $dbhost, $dbname);
-
- $htmlTable = array2table($rows);
- print_r($htmlTable);
diff --git a/roles/diyidp/vars/main.yml b/roles/diyidp/vars/main.yml
new file mode 100644
index 000000000..b46faa259
--- /dev/null
+++ b/roles/diyidp/vars/main.yml
@@ -0,0 +1,557 @@
+---
+# defines all user that are available in the DIY-IdP
+diyidp_users:
+ -
+ username: ["professor1"]
+ uid: ["belfort"]
+ schacHomeOrganization: ["harvard-example.edu"]
+ eduPersonPrincipalName: ["belfort@harvard-example.edu"]
+ cn: ["Jordan Ross Belfort"]
+ givenName: ["Jordan"]
+ sn: ["Belfort"]
+ displayName: ["Jordan R. Belfort"]
+ mail: ["Jordan.Belfort@harvard-example.edu", "jordan@harvard-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e1523456"]
+ eduPersonScopedAffiliation: ["faculty@cs.harvard-example.edu", "employee@acc.harvard-example.edu", "member@cs.harvard-example.edu"]
+ -
+ username: ["professor2"]
+ uid: ["wynn"]
+ schacHomeOrganization: ["harvard-example.edu"]
+ eduPersonPrincipalName: ["wynn@harvard-example.edu"]
+ cn: ["Steve Alen Wynn"]
+ givenName: ["Steve"]
+ sn: ["Wynn"]
+ displayName: ["Steve Wynn"]
+ mail: ["steve.Wynn@las.vegas.com", "S.Wynn@harvard-example.edu", "Steve.Wynn@example-casino.com"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e2523456"]
+ eduPersonScopedAffiliation: ["employee@cs.harvard-example.edu", "member@cs.harvard-example.edu", "faculty@cs.harvard-example.edu"]
+ -
+ username: ["professor3"]
+ uid: ["isaac"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["isaac@university-example.org"]
+ cn: ["Sir Isaac Newton"]
+ givenName: ["Isaac"]
+ sn: ["Newton"]
+ displayName: ["Isaac Newton"]
+ mail: ["isaacnewton@university-example.org", "newton@university-example.org"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e3523456"]
+ eduPersonScopedAffiliation: ["employee@cs.university-example.org", "member@phys.university-example.org", "faculty@cs.university-example.org"]
+ -
+ username: ["professor4"]
+ uid: ["g_ohm"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["g_ohm@university-example.org"]
+ cn: ["Prof. Dr. Georg Simon Ohm"]
+ givenName: ["Georg"]
+ sn: ["Ohm"]
+ displayName: ["Georg Ohm"]
+ mail: ["georg.ohm@university-example.org"]
+ eduPersonAffiliation: ["member", "employee", "faculty"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:e5523456"]
+ eduPersonScopedAffiliation: ["employee@acc.university-example.org", "member@phys.university-example.org", "faculty@acc.university-example.org"]
+ -
+ username: ["professor5"]
+ uid: ["jrockefeller"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["jrockefeller@university-example.org"]
+ cn: ["John Davison Rockefeller"]
+ givenName: ["John Davison"]
+ sn: ["Rockefeller"]
+ displayName: ["John D. Rockefeller"]
+ mail: ["John.D.Rockefeller@university-example.org"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:university-example.org:employeeid:e513456"]
+ eduPersonScopedAffiliation: ["faculty@acc.university-example.org", "employee@cs.university-example.org", "member@cool.university-example.org"]
+ -
+ username: ["staff1"]
+ uid: ["jweeler"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["jweeler@university-example.org"]
+ cn: ["Joseph Weeler"]
+ givenName: ["Joseph"]
+ sn: ["Weeler"]
+ displayName: ["Joseph Weeler"]
+ mail: ["Joseph+Weeler@university-example.org"]
+ eduPersonAffiliation: ["employee", "member", "staff"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m123456"]
+ eduPersonScopedAffiliation: ["member@accounting.university-example.org", "employee@test.university-example.org", "staff@cs.university-example.org"]
+ -
+ username: ["staff2"]
+ uid: ["awest"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["awest@university-example.org"]
+ cn: ["Anthony West"]
+ givenName: ["Anthony"]
+ sn: ["West"]
+ displayName: ["Anthony West"]
+ mail: ["Anthony_West@university-example.org"]
+ eduPersonAffiliation: ["employee", "member", "staff"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m213456"]
+ eduPersonScopedAffiliation: ["member@student.university-example.org", "employee@cs.university-example.org", "staff@cs.university-example.org"]
+ -
+ username: ["staff3"]
+ uid: ["oburton"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["oburton@university-example.org"]
+ cn: ["Oscar Burton"]
+ givenName: ["Oscar"]
+ sn: ["Burton"]
+ displayName: ["Oscar Burton"]
+ mail: ["Osc@r__Burton@university-example.org"]
+ eduPersonAffiliation: ["employee", "member", "staff"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:university-example.org:memberid:m313456"]
+ eduPersonScopedAffiliation: ["member@cs.university-example.org", "employee@physics", "staff@cs.university-example.org"]
+ -
+ username: ["student1"]
+ uid: ["student1"]
+ schacHomeOrganization: ["diy.surfconext.nl"]
+ eduPersonPrincipalName: ["student1@diy.surfconext.nl"]
+ cn: ["Student One"]
+ givenName: ["Student"]
+ sn: ["One"]
+ displayName: ["Student One"]
+ mail: ["student1@diy.surfconext.nl"]
+ eduPersonAffiliation: ["employee", "member", "staff", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:123456"]
+ eduPersonScopedAffiliation: ["employee@cs.diy.surfconext.nl", "staff@as.diy.surfconext.nl", "member@cs.diy.surfconext.nl", "student@as.diy.surfconext.nl"]
+ -
+ username: ["student2"]
+ uid: ["FyHah7$J"]
+ schacHomeOrganization: ["DIY.surfconext.nl"]
+ eduPersonPrincipalName: ["FyHah7$J@DIY.surfconext.nl"]
+ cn: ["Student Two"]
+ givenName: ["Student"]
+ sn: ["Two"]
+ displayName: ["Student Two"]
+ mail: ["s1869831907@example.org"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:223456"]
+ eduPersonScopedAffiliation: ["member@cs.diy.surfconext.nl", "student@cs.iy.surfconext.nl"]
+ -
+ username: ["student3"]
+ uid: ["student3"]
+ schacHomeOrganization: ["diy.surfconext.nl"]
+ eduPersonPrincipalName: ["student3@diy.surfconext.nl"]
+ sn: ["Three"]
+ displayName: ["Student Three"]
+ mail: ["student3@diy.surfconext.nl"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:diy.surfconext.nl:studentid:323456"]
+ eduPersonScopedAffiliation: ["member@physics2.diy.surfconext.nl", "student@cs.diy.surfconext.nl"]
+ -
+ username: ["student4"]
+ uid: ["viggo7"]
+ schacHomeOrganization: ["unidenmark-example.dk"]
+ eduPersonPrincipalName: ["viggo7@unidenmark-example.dk"]
+ cn: ["Christian Godfried Viggo Lind"]
+ givenName: ["Godfried"]
+ sn: ["Viggo"]
+ displayName: ["Godfried Viggo"]
+ mail: ["Godfried.Viggo@unidenmark-example.dk"]
+ eduPersonAffiliation: ["student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:323456"]
+ -
+ username: ["student5"]
+ uid: ["U3342109"]
+ schacHomeOrganization: ["exchange-example.edu"]
+ eduPersonPrincipalName: ["U3342109@exchange-example.edu"]
+ cn: ["Daisuke Takahashi", "髙橋 大輔"]
+ givenName: ["Daisuke"]
+ sn: ["Takahashi 髙橋 大輔"]
+ displayName: ["Daisuke Takahashi"]
+ mail: ["U3342109@exchange-example.edu"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:exchange-university.org", "urn:collab:org:home-university.org"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:exchange-example.edu:studentid:s123456"]
+ eduPersonScopedAffiliation: ["member@phys.exchange-example.edu", "student@cs.exchange-example.edu"]
+ -
+ username: ["student6"]
+ uid: ["U6789003"]
+ schacHomeOrganization: ["home-university-example.org"]
+ eduPersonPrincipalName: ["U6789003@home-university-example.org"]
+ cn: ["Phùng Thị Lệ Tư"]
+ givenName: ["Phùng Thị"]
+ sn: ["Lệ Tư"]
+ displayName: ["Phùng Thị Lệ Tư"]
+ mail: ["LeTu02@home-university-example.org", "U6789003@exchange-example.edu"]
+ eduPersonAffiliation: ["employee", "member", "staff", "student"]
+ eduPersonEntitlement: ["urn:mace:dir:entitlement:common-lib-terms-example", "urn:mace:terena.org:tcs:personal-user-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456"]
+ eduPersonScopedAffiliation: ["member@phys.home-university-example.org", "student@saml.home-university-example.org", "employee@cs.home-university-example.org", "staff@oidc.home-university-example.org"]
+ -
+ username: ["student7"]
+ uid: ["jsanden"]
+ schacHomeOrganization: ["uniamsterdam-example.nl"]
+ eduPersonPrincipalName: ["jsanden@uniamsterdam-example.nl"]
+ cn: ["Jaantje van der Sanden"]
+ givenName: ["Jaantje"]
+ sn: ["van der Sanden"]
+ displayName: ["Jaantje van der Sanden"]
+ mail: ["jsanden@uniamsterdam-example.nl"]
+ eduPersonAffiliation: ["member", "student"]
+ eduPersonEntitlement: ["urn:mace:surf.nl:value:edulicense", "urn:x-surfnet:surf.nl:surfdrive-example:quota:50"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:uniamsterdam-example.nl:studentid:123456"]
+ eduPersonScopedAffiliation: ["member@acounting.uniamsterdam-example.nl", "student@cs.uniamsterdam-example.nl"]
+ -
+ username: ["student8"]
+ uid: ["s445599"]
+ schacHomeOrganization: ["universitatmadrid-example"]
+ eduPersonPrincipalName: ["s445599@universitatmadrid-example"]
+ cn: ["Alessandra Gómez Llarnas"]
+ givenName: ["Alessandra"]
+ sn: ["Gómez Llarnas"]
+ displayName: ["Alessandra Gómez Llarnas"]
+ mail: ["s445599@universitatmadrid-example.es"]
+ eduPersonAffiliation: ["student", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:123456"]
+ eduPersonScopedAffiliation: ["student@cs.universitatmadrid-example", "member@acounting.test.cs.universitatmadrid-example"]
+ -
+ username: ["student9"]
+ uid: ["abriseno"]
+ schacHomeOrganization: ["universitatmadrid-example.es"]
+ eduPersonPrincipalName: ["abriseno@universitatmadrid-example.es"]
+ cn: ["Augustus Padrón Briseño"]
+ givenName: ["August"]
+ sn: ["Briseño"]
+ displayName: ["August Briseño"]
+ mail: ["A.Briseno@universitatmadrid-example.es"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:universitatmadrid-example:studentid:S123456"]
+ eduPersonScopedAffiliation: ["member@students.universitatmadrid-example.es", "student@cs.universitatmadrid-example.es"]
+ -
+ username: ["student10"]
+ uid: ["s134567"]
+ schacHomeOrganization: ["pkuni.edu-example.cn"]
+ eduPersonPrincipalName: ["s134567@pkuni.edu-example.cn"]
+ cn: ["Shao Jingyi", "邵靜宜"]
+ givenName: ["Shao"]
+ sn: ["Jingy"]
+ displayName: ["Shao Jingy"]
+ mail: ["s134567@pkuni.edu-example.cn", "shaojingy@gmail-example.com"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:s10513456"]
+ eduPersonScopedAffiliation: ["student@95.pkuni.edu-example.cn", "member@students.2010.pkuni.edu-example.cn"]
+ -
+ username: ["student11"]
+ uid: ["U9088123"]
+ schacHomeOrganization: ["uni.poznantech-example.pl"]
+ eduPersonPrincipalName: ["U9088123@uni.poznantech-example.pl"]
+ cn: ["Roman Švejda"]
+ givenName: ["Roman"]
+ sn: ["Švejda"]
+ displayName: ["Roman Švejda"]
+ mail: ["U9088123@uni.poznantech-example.pl"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S123456"]
+ eduPersonScopedAffiliation: ["student@cs.uni.poznantech-example.pl", "member@cs.uni.poznantech-example.pl"]
+ -
+ username: ["student12"]
+ uid: ["U7128109"]
+ schacHomeOrganization: ["uni.poznantech-example.pl"]
+ eduPersonPrincipalName: ["U7128109@uni.poznantech-example.pl"]
+ cn: ["Anna Rybínová"]
+ givenName: ["Anna"]
+ sn: ["Rybínová"]
+ displayName: ["Anna Rybínová"]
+ mail: ["U7128109@uni.poznantech-example.pl"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:uni.poznantech-example.pl:studentid:S124456"]
+ eduPersonScopedAffiliation: ["student@cs.uni.poznantech-example.pl", "member@cs.uni.poznantech-example.pl"]
+ -
+ username: ["student13"]
+ uid: ["p0987743"]
+ schacHomeOrganization: ["pkuni.edu-example.cn"]
+ eduPersonPrincipalName: ["p0987743@pkuni.edu-example.cn"]
+ cn: ["Li Qin Ch'ien"]
+ givenName: ["Li Qin"]
+ sn: ["Ch'ien"]
+ displayName: ["Li Qin Ch'ien"]
+ mail: ["p0987743@pkuni.edu-example.cn"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:pkuni.edu-example.cn:studentid:1124456"]
+ eduPersonScopedAffiliation: ["member@math.pkuni.edu-example.cn", "student@pkuni.edu-example.cn"]
+ -
+ username: ["student14"]
+ uid: ["student14"]
+ schacHomeOrganization: ["stockholmuni-example.se"]
+ eduPersonPrincipalName: ["student14@stockholmuni-example.se"]
+ cn: ["Martin Nikolaus Jørgensen"]
+ givenName: ["Martin"]
+ sn: ["Jørgensen"]
+ displayName: ["Martin N. Jørgensen"]
+ mail: ["jorgensen07@stockholmuni-example.se"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:sunet-example.se"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:123456"]
+ eduPersonScopedAffiliation: ["member@math.stockholmuni-example.se", "student@uni.stockholmuni-example.se"]
+ -
+ username: ["student15"]
+ uid: ["student15"]
+ schacHomeOrganization: ["stockholmuni-example.se"]
+ eduPersonPrincipalName: ["student15@stockholmuni-example.se"]
+ cn: ["Sander Johan Kjær"]
+ givenName: ["Sander"]
+ sn: ["Kjær"]
+ displayName: ["Sander J. Kjær"]
+ mail: ["kjaer11@stockholmuni-example.se"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:sunet-example.se", "urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:stockholmuni-example.se:studentid:223456"]
+ eduPersonScopedAffiliation: ["member@stockholmuni-example.se", "student@23.stockholmuni-example.se"]
+ -
+ username: ["student16"]
+ uid: ["student16"]
+ schacHomeOrganization: ["kuni.edu-example.tr"]
+ eduPersonPrincipalName: ["student16@kuni.edu-example.tr"]
+ cn: ["Erôss Neci"]
+ givenName: ["Erôss"]
+ sn: ["Neci"]
+ displayName: ["Erôss Neci"]
+ mail: ["eross.neci@kuni.edu-example.tr", "neci.eross@kuni.edu-example.tr"]
+ eduPersonAffiliation: ["employee", "member", "staff", "student"]
+ eduPersonEntitlement: ["urn:mace:terena.org:tcs:personal-user-example"]
+ isMemberOf: ["urn:collab:org:co-example.org", "urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:123456"]
+ eduPersonScopedAffiliation: ["employee@2015.kuni.edu-example.tr", "staff@2015.kuni.edu-example.tr", "member@ac.kuni.edu-example.tr", "student@as.kuni.edu-example.tr"]
+ -
+ username: ["student17"]
+ uid: ["student17"]
+ schacHomeOrganization: ["kuni.edu-example.tr"]
+ eduPersonPrincipalName: ["student17@kuni.edu-example.tr"]
+ cn: ["Kocsis Szescõ"]
+ givenName: ["Kocsis"]
+ sn: ["Szescõ"]
+ displayName: ["Kocsis Szescõ"]
+ mail: ["kocsis.szesco@kuni.edu-example.tr"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456"]
+ eduPersonScopedAffiliation: ["member@ac.kuni.edu-example.tr", "student@employee.kuni.edu-example.tr"]
+ -
+ username: ["student18"]
+ uid: ["student18"]
+ schacHomeOrganization: ["kuni.edu-example.tr"]
+ eduPersonPrincipalName: ["student18@kuni.edu-example.tr"]
+ cn: ["Marjanca Muršić"]
+ givenName: ["Marjanca"]
+ sn: ["Muršić"]
+ displayName: ["Marjanca Muršić"]
+ mail: ["Marjanca.Mursic@kuni.edu-example.tr"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:kuni.edu-example.tr:studentid:s123456"]
+ eduPersonScopedAffiliation: ["student@1234.kuni.edu-example.tr", "member@ac.kuni.edu-example.tr"]
+ -
+ username: ["student19"]
+ uid: ["student19"]
+ schacHomeOrganization: ["university-example.org"]
+ eduPersonPrincipalName: ["student19@university-example.org"]
+ cn: ["Petra Penttilä"]
+ givenName: ["Petra"]
+ sn: ["Penttilä"]
+ displayName: ["Petra Penttilä"]
+ mail: ["ppentila@hotmail-example.org", "ppenttila@university-example.org"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:123456"]
+ eduPersonScopedAffiliation: ["student@test.university-example.org", "member@test.university-example.org"]
+ -
+ username: ["student20"]
+ uid: ["student20"]
+ schacHomeOrganization: ["unidenmark-example.dk"]
+ eduPersonPrincipalName: ["student20@unidenmark-example.dk"]
+ cn: ["Jóney Ingólfsdóttir"]
+ givenName: ["Jóney"]
+ sn: ["Ingólfsdóttir"]
+ displayName: ["Jóney Ingólfsdóttir"]
+ mail: ["Joney.Ingolfsdottir@unidenmark-example.dk"]
+ eduPersonAffiliation: ["member", "student"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:unidenmark-example.dk:studentid:s20513456"]
+ eduPersonScopedAffiliation: ["member@employee.unidenmark-example.dk"]
+ -
+ username: ["student21"]
+ uid: ["student21"]
+ schacHomeOrganization: ["exmplebilbioharderwijk.nl"]
+ eduPersonPrincipalName: ["student21@exmplebilbioharderwijk.nl"]
+ cn: ["Pietje Puk"]
+ givenName: ["Pietje"]
+ sn: ["Puk"]
+ displayName: ["Pietje Puk"]
+ mail: ["Pietje.puk@exmplebilbioharderwijk.nl"]
+ schacPersonalUniqueCode: ["0"]
+ -
+ username: ["teacher1"]
+ uid: ["jstiglitz"]
+ schacHomeOrganization: ["harvard-example.edu"]
+ eduPersonPrincipalName: ["jstiglitz@harvard-example.edu"]
+ cn: ["Joseph Eugene Stiglitz"]
+ givenName: ["Joseph"]
+ sn: ["Stiglitz"]
+ displayName: ["Joseph Stiglitz"]
+ mail: ["J.E.Stiglitz@harvard-example.edu", "Joseph.Stiglitz@harvard-example.edu", "jstiglitz@harvard-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:incommon.org:reg:education-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:123456"]
+ eduPersonScopedAffiliation: ["employee@acc.harvard-example.edu", "member@cs.harvard-example.edu", "faculty@cs.acc.harvard-example.edu"]
+ -
+ username: ["teacher2"]
+ uid: ["pkrugman"]
+ schacHomeOrganization: ["harvard-example.edu"]
+ eduPersonPrincipalName: ["pkrugman@harvard-example.edu"]
+ cn: ["Prof. Paul Robin Krugman"]
+ givenName: ["Paul"]
+ sn: ["Krugman"]
+ displayName: ["Paul Krugman"]
+ mail: ["P.R.Krugman@harvard-example.edu", "Paul.Krugman@harvard-example.edu", "pkrugman@harvard-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:harvard-example.edu:employeeid:s123456"]
+ eduPersonScopedAffiliation: ["member@harvard-example.edu", "employee@acc.harvard-example.edu"]
+ -
+ username: ["teacher3"]
+ uid: ["bbernanke"]
+ schacHomeOrganization: ["yale-uni-example.edu"]
+ eduPersonPrincipalName: ["bbernanke@yale-uni-example.edu"]
+ cn: ["Ben Shalom Bernanke"]
+ givenName: ["Ben"]
+ sn: ["Bernanke"]
+ displayName: ["Ben Bernanke"]
+ mail: ["B.S.Bernanke@yale-uni-example.edu", "bbernanke@yale-uni-example.edu", "Ben.Bernanke@yale-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:co-example.org", "urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:123456"]
+ eduPersonScopedAffiliation: ["employee@123.yale-uni-example.edu", "member@biology.yale-uni-example.edu", "faculty@123.yale-uni-example.edu"]
+ -
+ username: ["teacher4"]
+ uid: ["agreenspan"]
+ schacHomeOrganization: ["yale-uni-example.edu"]
+ eduPersonPrincipalName: ["agreenspan@yale-uni-example.edu"]
+ cn: ["Alan Greenspan"]
+ givenName: ["Alan"]
+ sn: ["Greenspan"]
+ displayName: ["Alan Greenspan"]
+ mail: ["A.Greenspan@yale-uni-example.edu", "agreenspan@yale-uni-example.edu", "Alan.Greenspan@yale-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:co-example.org", "urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:yale-uni-example.edu:employeeid:s123456"]
+ eduPersonScopedAffiliation: ["employee@123.yale-uni-example.edu", "member@biology.yale-uni-example.edu", "faculty@123.yale-uni-example.edu"]
+ -
+ username: ["teacher5"]
+ uid: ["am_ampere"]
+ schacHomeOrganization: ["electrical-uni-example.edu"]
+ eduPersonPrincipalName: ["am_ampere@electrical-uni-example.edu"]
+ cn: ["André-Marie Ampère"]
+ givenName: ["André-Marie"]
+ sn: ["Ampère"]
+ displayName: ["André-Marie Ampère"]
+ mail: ["am_ampere@electrical-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:s123456"]
+ eduPersonScopedAffiliation: ["employee@fs.electrical-uni-example.edu", "member@social.electrical-uni-example.edu", "faculty@fs.electrical-uni-example.edu"]
+ -
+ username: ["teacher6"]
+ uid: ["w_rontgen"]
+ schacHomeOrganization: ["electrical-uni-example.edu"]
+ eduPersonPrincipalName: ["w_rontgen@electrical-uni-example.edu"]
+ cn: ["Wilhelm Conrad Röntgen"]
+ givenName: ["Wilhelm"]
+ sn: ["Röntgen"]
+ displayName: ["Wilhelm Röntgen"]
+ mail: ["w_rontgen@electrical-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:123456"]
+ eduPersonScopedAffiliation: ["faculty@fs.electrical-uni-example.edu", "employee@social.electrical-uni-example.edu", "member@fs.electrical-uni-example.edu"]
+ -
+ username: ["teacher7"]
+ uid: ["m_faraday"]
+ schacHomeOrganization: ["electrical-uni-example.edu"]
+ eduPersonPrincipalName: ["m_faraday@electrical-uni-example.edu"]
+ cn: ["Michael Faraday FRS"]
+ givenName: ["Michael"]
+ sn: ["Faraday"]
+ displayName: ["Michael Faraday"]
+ mail: ["m_faraday@electrical-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:213456"]
+ eduPersonScopedAffiliation: ["faculty@cs.electrical-uni-example.edu", "employee@fs.electrical-uni-example.edu", "member@cs.electrical-uni-example.edu"]
+ -
+ username: ["teacher8"]
+ uid: ["n_tesla"]
+ schacHomeOrganization: ["electrical-uni-example.edu"]
+ eduPersonPrincipalName: ["n_tesla@electrical-uni-example.edu"]
+ cn: ["Nikola Tesla"]
+ givenName: ["Nikola"]
+ sn: ["Tesla"]
+ displayName: ["Nikola Tesla"]
+ mail: ["n_tesla@electrical-uni-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:electrical-uni-example.edu:employeeid:e813456"]
+ eduPersonScopedAffiliation: ["employee@cs.electrical-uni-example.edu", "member@accounting.electrical-uni-example.edu", "faculty@acc.electrical-uni-example.edu"]
+ -
+ username: ["teacher9"]
+ uid: ["teacher9"]
+ schacHomeOrganization: ["stanford-example.edu"]
+ eduPersonPrincipalName: ["teacher9@stanford-example.edu"]
+ cn: ["William Henry Gates III"]
+ givenName: ["Bill"]
+ sn: ["Gates"]
+ displayName: ["Bill Gates"]
+ mail: ["bill.gates@stanford-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:terena.org:tcs:personal-user-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:e913456"]
+ eduPersonScopedAffiliation: ["faculty@acc.stanford-example.edu", "employee@acc.stanford-example.edu", "member@ca.stanford-example.edu"]
+ -
+ username: ["teacher10"]
+ uid: ["teacher10"]
+ schacHomeOrganization: ["stanford-example.edu"]
+ eduPersonPrincipalName: ["teacher10@stanford-example.edu"]
+ cn: ["Steven Paul Jobs"]
+ givenName: ["Steve"]
+ sn: ["Jobs"]
+ displayName: ["Steve Jobs"]
+ mail: ["steve.jobs@stanford-example.edu"]
+ eduPersonAffiliation: ["employee", "faculty", "member"]
+ eduPersonEntitlement: ["urn:mace:terena.org:tcs:personal-user-example"]
+ isMemberOf: ["urn:collab:org:surf.nl"]
+ schacPersonalUniqueCode: ["urn:schac:personalUniqueCode:nl:local:stanford-example.edu:employeeid:1013456"]
+ eduPersonScopedAffiliation:
+ - "employee@student.95.stanford-example.edu"
+ - "member@ca.stanford-example.edu"
+ - "faculty@cs.stanford-example.edu"