Skip to content
Permalink
Browse files

initial for IdP 4.1.0

  • Loading branch information
pcaskey committed May 6, 2021
1 parent b772dbf commit 04622394a4145363c6ec8a657b997067fbbe6c2f
Showing with 596 additions and 12 deletions.
  1. +9 −1 Dockerfile.template
  2. +1 −1 common.bash
  3. +10 −10 configBuilder.sh
  4. +288 −0 duo-oidc-truststore.asc
  5. +288 −0 oidc-common-truststore.asc
@@ -11,7 +11,7 @@ ARG SHBEDWAPP=config/shib-idp/edit-webapp
ARG SHBMSGS=config/shib-idp/messages
ARG SHBMD=config/shib-idp/metadata

# copy in the needed config files
# copy in those needed config files
ADD ${TOMCFG} /usr/local/tomcat/conf
ADD ${TOMCERT} /opt/certs
ADD ${TOMWWWROOT} /usr/local/tomcat/webapps/ROOT
@@ -22,4 +22,12 @@ ADD ${SHBCREDS} /opt/shibboleth-idp/credentials
#ADD ${SHBMSGS} /opt/shibboleth-idp/messages
ADD ${SHBMD} /opt/shibboleth-idp/metadata

# new for 4.1.0: install the Duo OIDC integration
# https://wiki.shibboleth.net/confluence/display/IDPPLUGINS/DuoOIDCAuthnConfiguration
# For unattended install of plugins, trust must be manually bootstrapped. You should never automate the retreival of this file (like this) for production.
#ADD https://github.internet2.edu/raw/docker/ShibbIdP_ConfigBuilder_Container/master/oidc-common-truststore.asc /opt/shibboleth-idp/credentials/net.shibboleth.idp.plugin.authn.duo.nimbus/truststore.asc
#ADD https://github.internet2.edu/raw/docker/ShibbIdP_ConfigBuilder_Container/master/duo-oidc-truststore.asc /opt/shibboleth-idp/credentials/net.shibboleth.oidc.common/truststore.asc
#install the plugins
#RUN /opt/shibboleth-idp/bin/plugin.sh --noPrompt -i https://shibboleth.net/downloads/identity-provider/plugins/oidc-common/1.0.0/oidc-common-dist-1.0.0.zip
#RUN /opt/shibboleth-idp/bin/plugin.sh --noPrompt -i https://shibboleth.net/downloads/identity-provider/plugins/duo-oidc/1.0.0/idp-plugin-duo-nimbus-dist-1.0.0.zip

@@ -2,4 +2,4 @@ registry="docker.io"
maintainer="tier"
basename="shibbidp_configbuilder_container"
imagename="shibbidp_configbuilder_container"
version="0.5"
version="0.7"
@@ -7,9 +7,9 @@ cd /scriptrun


# script config items
SHB_CFG_URL=https://github.internet2.edu/docker/shib-idp-conftree/archive/4.0-InCommon.zip
SHB_CFG_URL=https://github.internet2.edu/docker/shib-idp-conftree/archive/4.1-InCommon.zip
TOM_CFG_URL=https://github.internet2.edu/docker/shib-idp-tomcat-config/archive/master.zip
TMP_DIR_S=/tmp/4.0-InCommon
TMP_DIR_S=/tmp/4.1-InCommon
TMP_DIR_T=/tmp/tomcfg
TMP_DIR_D=/tmp/buildfiles

@@ -78,14 +78,14 @@ unzip -o -d ${TMP_DIR_T} ${TMP_DIR_T}.zip > /dev/null 2>&1
### cp relevant folders from expanded zip to appropriate locations at $PWD/* ###
################################################################################
#
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/idp.properties ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/ldap.properties ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/metadata-providers.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/attribute-resolver.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/attribute-filter.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/conf/logback.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/credentials/inc-md-cert-mdq.pem ${SHBCREDS}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.0-InCommon/credentials/sealer.kver ${SHBCREDS}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/idp.properties ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/ldap.properties ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/metadata-providers.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/attribute-resolver.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/attribute-filter.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/conf/logback.xml ${SHBCFG}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/credentials/inc-md-cert-mdq.pem ${SHBCREDS}
cp -rf ${TMP_DIR_S}/shib-idp-conftree-4.1-InCommon/credentials/sealer.kver ${SHBCREDS}
cp -rf ${TMP_DIR_T}/shib-idp-tomcat-config-master/conf/* ${TOMCFG}
cp -rf ${TMP_DIR_T}/shib-idp-tomcat-config-master/wwwroot/* ${TOMWWWROOT}

0 comments on commit 0462239

Please sign in to comment.
You can’t perform that action at this time.