Add SimpleSAMLphp as a managed dependency

Patch for "master" branch: https://reviews.mahara.org/6598

Patch for "master" branch: https://reviews.mahara.org/6602

Patch for "master" branch: https://reviews.mahara.org/6603

Patch https://reviews.mahara.org/#/c/6603/1 allows to display the idp provider name and logo on the discovery page.

To test you will need to first set up a mahara site with simplesaml set of patches installed https://reviews.mahara.org/#/q/topic:SimpleSAML

Then set up 2 (or more) institutions and add SAML plugin to each

When adding SAML to an institution paste in some valid metadata XML in the 'Institution IdP SAML Metadata' field.

Then edit the metadata - find the 'md:OrganizationName' tag and make sure it has different value to 'md:OrganizationDisplayName'

eg:
<md:OrganizationName xml:lang="en">My Company</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">My Company Identity Server</md:OrganizationDisplayName>

To add a logo to the discovery page, eg the catalyst logo, add the following just below the '<md:IDPSSODescriptor ... >' line

     <md:Extensions>
        <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
           <mdui:Logo width="120" height="30" xml:lang="en">https://catalyst.net.nz/sites/all/themes/sauce/images/catalyst-logo.svg</mdui:Logo>
        </mdui:UIInfo>
     </md:Extensions>

And save the updated metadata

Once you have at least 2 institutions with saml plugins logout and hit the 'SSO' button

It should take you to a page where you can view/choose the idp you want to use.

Patch for "master" branch: https://reviews.mahara.org/6605

I've been testing out this series of patches. Everything looks pretty good so far. I think one item we've discussed is that there's a little bumpiness in the upgrade. In order for a site that's using SAML to upgrade they have to:

1. Run "make ssphp" to download simplesamlphp and its dependencies via composer (although I guess the plan is to include these in the build ZIPs).

2. Copy the Identity Provider(s) metadata files from the old outside-of-mahara simplesaml code directory, and paste them as XML into the IdP field of the relevant SAML auth instances in Mahara.

Currently there's no warning or anything when you upgrade, telling you this. Since we didn't bump the version number of the plugin, there's actually no indication at all that anything has changed, until you try to log in via SAML and it doesn't work.

So I think it'd be good if we did this:

1. Bump the plugin's version number so it shows up as an upgrade (even though we're not making any database changes)

2. Put some code in there that at least prints a warning message if you're trying to upgrade and you haven't got the SimpleSAMLphp code downloaded via composer.

3. I think it may also be possible to get the old IdP metadata from the old simplesaml location and enter it into the relevant auth instances. I'm fairly certain SimpleSAMLphp has a function that will let you list the registered IdP's, and to convert it from PHP format to XML if needed. We could just access the old SimpleSAMLphp code location (since we haven't deleted the configuration that indicates where its paths are located), get the data from there, and insert it into the relevant auth instances.

Reviewed: https://reviews.mahara.org/6161
Committed: https://git.mahara.org/mahara/mahara/commit/6e14878df91db18055ac0a017738f7dee6ffe7c2
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 6e14878df91db18055ac0a017738f7dee6ffe7c2
Author: Robert Lyon <email address hidden>
Date: Tue May 24 10:58:32 2016 +1200

Bug 1579285: fix metadata URLs

behatnotneeded

Change-Id: I72ebcdab078f7febf7254999513c836f97cebeeb

Reviewed: https://reviews.mahara.org/6602
Committed: https://git.mahara.org/mahara/mahara/commit/1ad5fb9044f81983e93b0a33ca6aacd64c078a9b
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 1ad5fb9044f81983e93b0a33ca6aacd64c078a9b
Author: Robert Lyon <email address hidden>
Date: Fri Jun 17 09:32:06 2016 +1200

Bug 1579285: Checking that we have a connection to a memcache server

As simplesamlphp has issues with relying on phpsession.
Show the error on page where we set up plugin

behatnotneeded

Change-Id: I5503552ec17360986a2607d141a5a0efad10e288
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/6605
Committed: https://git.mahara.org/mahara/mahara/commit/a1fff7277e146395ed7b3747575b45e209b87c87
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit a1fff7277e146395ed7b3747575b45e209b87c87
Author: Robert Lyon <email address hidden>
Date: Fri Jun 17 17:34:05 2016 +1200

Bug 1579285: Adding warning messages

On admin page for after upgrade to let one know they have to sort out
the saml plugin and any saml instances.

Also clear the old settings for saml plugin when saving config

behatnotneeded

Change-Id: I5ce6e944834510df7581b84b91179cbcb739b9db
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/6159
Committed: https://git.mahara.org/mahara/mahara/commit/c30d285b339d330ff437359b1069634c3d5ad0c4
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit c30d285b339d330ff437359b1069634c3d5ad0c4
Author: Piers Harding <email address hidden>
Date: Fri Feb 26 12:17:34 2016 +1300

Bug 1579285: fix issue with logout

behatnotneeded

Change-Id: Iff4d1466277858b5496defaea9dbd16796fd4749

Reviewed: https://reviews.mahara.org/6603
Committed: https://git.mahara.org/mahara/mahara/commit/17fe44786ff4b5353d6bab2bb0d986fc61f0c40f
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 17fe44786ff4b5353d6bab2bb0d986fc61f0c40f
Author: Robert Lyon <email address hidden>
Date: Fri Jun 17 12:24:10 2016 +1200

Bug 1579285: Allow the discovery page to show idp logo

If the logo is part of the metadata

To test - see bug report

Also fixing up metadata textarea overlapping the label

behatnotneeded

Change-Id: Ifd1741089724a08d6fa8b31457269b44040ee980
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/6158
Committed: https://git.mahara.org/mahara/mahara/commit/5f512cd63ad67b648016f2917f852a0ad9c0eac6
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 5f512cd63ad67b648016f2917f852a0ad9c0eac6
Author: Piers Harding <email address hidden>
Date: Mon Feb 22 15:13:47 2016 +1300

Bug 1579285: add help for IdP Metadata

behatnotneeded

Change-Id: I82b7a5ddc4f4f9be85b52e1a4ef53cacb41d7003

Reviewed: https://reviews.mahara.org/6598
Committed: https://git.mahara.org/mahara/mahara/commit/643ce8095c844acb2600c022cce8696bf1e20e08
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 643ce8095c844acb2600c022cce8696bf1e20e08
Author: Robert Lyon <email address hidden>
Date: Tue Jun 14 16:54:23 2016 +1200

Bug 1579285: Fixing up auth/saml plugin config form

Gettting it to display missing dependencies better

behatnotneeded

Change-Id: I60c94456acb6ac864e087a190569e8b16a64dd4d
Signed-off-by: Robert Lyon <email address hidden>

Reviewed: https://reviews.mahara.org/6160
Committed: https://git.mahara.org/mahara/mahara/commit/8637c11730de60c08f74e2aad62391c318d9ef00
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 8637c11730de60c08f74e2aad62391c318d9ef00
Author: Robert Lyon <email address hidden>
Date: Tue May 24 11:39:52 2016 +1200

Bug 1579285: add checking about session handling and libs

behatnotneeded

Change-Id: I1ebba9adcd54852e426dd253016b978cbc27fa7d

Reviewed: https://reviews.mahara.org/6157
Committed: https://git.mahara.org/mahara/mahara/commit/e2d22a18e8405ca7c0af5e09a3616bb0b3dcd552
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit e2d22a18e8405ca7c0af5e09a3616bb0b3dcd552
Author: Piers Harding <email address hidden>
Date: Mon Feb 22 13:25:43 2016 +1300

Bug 1579285: create work around for openssl_x509_fingerprint

behatnotneeded

Change-Id: I50d6371766a244525e587c43fd1b72b1baf057ba

Reviewed: https://reviews.mahara.org/6156
Committed: https://git.mahara.org/mahara/mahara/commit/004c45ead7e673f36f8f2bedc2a5b16f7959fbda
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 004c45ead7e673f36f8f2bedc2a5b16f7959fbda
Author: Piers Harding <email address hidden>
Date: Fri Feb 19 15:10:08 2016 +1300

Bug 1579285: Make ssphp a managed dependency

* Add SimpleSAMLphp as a managed dependency
of auth/saml using make to pull to auth/saml/extlib

behatnotneeded

Change-Id: I38c1eb4b44f9698ceef0ab99b019c9a3403ff45a