GithubHelp home page GithubHelp logo

craftbyte / letswifi-portal Goto Github PK

View Code? Open in Web Editor NEW

This project forked from geteduroam/letswifi-portal

0.0 0.0 0.0 404 KB

Certificate issuer with SAML authentication for geteduroam clients

License: BSD 3-Clause "New" or "Revised" License

Shell 0.15% PHP 91.27% CSS 2.59% Makefile 1.61% HTML 4.37%

letswifi-portal's Introduction

Let's Wifi Certificate Authority

This is the reference CA for geteduroam. It is intended to be used with an app such as ionic-app. The process is as follows:

  • The app sends the user to /oauth/authorize/ with additional GET parameters
  • The user is asked to log in or redirected to an SSO service
  • After logging in, the user is redirected to a callback URL from the app
  • The app has obtained an authorization_code, which it uses to retrieve an access_code
  • The access_code is used to generate an eap-config file containing user credentials
  • The app installs the eap-config file
  • The server logs the public key material generated

Install dependencies

In order to automatically install dependencies, run:

make vendor

Running a development server

rm -rf etc/letswifi.conf.php var
make dev

The realm being used is example.com

Testing manually

There is a shell script to initiate an OAuth flow

./geteduroam.sh 'http://[::1]:1080' example.com >test.eap-config
  • If everything went fine, you get an eap-config XML payload in test.eap-config
  • You will see the public key material logged in the tlscredential SQL table

Getting up and running quick 'n dirty

Upload this whole project to a webserver, and make www/ accessible as the top level directory.

This quick'n'dirty guide assumes you'll be using SimpleSAMLphp (the only authentication method supported for production)

make simplesamlphp

Initialize the SQLite database (MySQL is also supported, this should be straightforward from the config file)

mkdir var
sqlite3 var/letswifi-dev.sqlite <sql/letswifi-dev.sqlite.sql

Copy etc/letswifi.conf.simplesaml.php etc/letswifi.conf.php and change userIdAttribute to match your setup.

cp etc/letswifi.conf.simplesaml.php etc/letswifi.conf.php

Create the realm with a default client certificate validity of one year

bin/add-realm.php example.com 365

Write metadata of your SAML IdP to simplesamlphp/metadata/saml20-idp-remote.php

Navigate to https://example.com/simplesaml/module.php/saml/sp/metadata.php/default-sp?output=xhtml to get the metadata of the service, and register it in your IdP

Running from a subdirectory

For some deployments it can make sense to run this project from a subdirectory. All paths inside the application are relative, so this should work without any issues.

Contributing

Before committing, please run

make camera-ready

letswifi-portal's People

Contributors

jornane avatar pasqualemandato avatar pauldekkers avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.