WIP: Add SAML identity provider using SimpleSAML
What
Uses the jamedjo/test-saml-idp
image to provide a SAML SSO service
- Generates a certificate, private key, and fingerprint
- Allows service configuration in
saml-services.php
to support both instance wide SAML and GroupSAML for multiple groups - Allows users to be configured in
saml-auth-sources.php
Closes #17
Todo
-
Avoid needing to chmod 704
on the private key -
Find where the best directory for these files is -
Have certificate/fingerprint generation happen as part of Makefile -
Document this in the proper places instead of temporary README
Demo
While demoing gitlab!18362 (merged) for review I made use of this and modified the services and auth sources to show functionality:
Edited by 🤖 GitLab Bot 🤖