Reviewed: https://reviews.mahara.org/8122 Committed: https://git.mahara.org/mahara/mahara/commit/eee3f965fc8ba9cd469c6e6c5afbe3cb91dc9e24 Submitter: Robert Lyon (robe...@catalyst.net.nz) Branch: master
commit eee3f965fc8ba9cd469c6e6c5afbe3cb91dc9e24 Author: Francis Devine <fran...@catalyst.net.nz> Date: Tue Oct 10 14:59:46 2017 +1300 Bug 1722435: Add support for refreshing SAML metadata regularly We utilise the simplesamlphp metarefresh plugin, and hook it into the mahara cron for the auth plugin. This adds a new field to each instance configuration form that allows the user to specify a url that metadata should be fetched from. This information is fed into the metarefresh plugin's config and a cron hook is run every hour that triggers the plugin. The simplesamlphp configuration is updated to read both the metarefresh target location and the normal xml config file location, with the metarefresh config files taking precedence. NB: because of the way that the auth/saml plugin stores the idp entity ids you are still required to present an XML file at least once, with the metadata refresh config only taking over once it's fetched in the next run. This gives a smooth upgrade path for all existing mahara instances, where they should continue to operate as normal, and then an administrator can add the metadata refresh url at their leisure and have it take precedence as soon as the metadata is available behatnotneeded Change-Id: Ib5733f7526a1c19d3150b45d90c9b675d4dd7ad2 -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1722435 Title: SAML plugin automatic refresh of metadata support Status in Mahara: Fix Committed Bug description: The SAML plugin currently supports the addition of multiple IDP providers and a one time upload of the XML for that IDP, however it would be useful to provide it with the link to the IDP providers metadata (in xml form) and have it automatically fetch the metadata for the site on a regular basis, so if the IDP changes it's metadata SSO will automatically repair itself on the next fetch. We can do this by integrating the MetaData refresh plugin from the embedded simplesamlphp in the Mahara saml plugin and triggering it from the Mahara cron. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1722435/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : mahara-contributors@lists.launchpad.net Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp