Due to a scheduled upgrade to version 14.10, GitLab will be unavailabe on Monday 30.05., from 19:00 until 20:00.

Commit 5027f436 authored by Sandro Mathys's avatar Sandro Mathys
Browse files

add support for eduID test

parent 9884ec5d
......@@ -6,6 +6,7 @@ Compile all warnings into a single message, and call fail.
{{- $messages := append $messages (include "shibboleth-sp.validateValues.podAntiAffinityPreset" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.route" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.eduIDOnly_xor_interfederation" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.eduIDVersion" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.shibboleth.configMap" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.shibboleth.missingValues" .) -}}
{{- $messages := append $messages (include "shibboleth-sp.validateValues.backend.shibboleth.sessionCache_xor_memcached" .) -}}
......@@ -65,6 +66,13 @@ Compile all warnings into a single message, and call fail.
{{- end -}}
{{- end -}}
{{- define "shibboleth-sp.validateValues.backend.eduIDVersion" -}}
{{- if not (or (eq .Values.backend.shibboleth.eduIDVersion "production") (eq .Values.backend.shibboleth.eduIDVersion "test")) }}
backend.shibboleth.eduIDVersion
Illegal value: `eduIDVersion` must be set to "", "production" or "test", not "{{ .Values.backend.shibboleth.eduIDVersion }}".
{{- end -}}
{{- end -}}
{{/* this is needed independent of whether a configMap is specified or not */}}
{{- if not .Values.backend.shibboleth.applicationDefaults.credentialResolver.activeSecretName }}
backend.shibboleth.applicationDefaults.credentialResolver.activeSecretName
......
......@@ -75,7 +75,11 @@ data:
{{ if .Values.backend.shibboleth.eduIDOnly }}
<!-- Send user directly to edu-ID Identity Provider -->
{{- if eq .Values.backend.shibboleth.eduIDVersion "test" }}
<SSO entityID="https://test.eduid.ch/idp/shibboleth">
{{- else }}
<SSO entityID="https://eduid.ch/idp/shibboleth">
{{- end }}
SAML2
</SSO>
{{- else }}
......@@ -135,7 +139,11 @@ data:
<MetadataProvider type="XML"
validate="true"
{{- if .Values.backend.shibboleth.eduIDOnly }}
{{- if eq .Values.backend.shibboleth.eduIDVersion "test" }}
url="http://metadata.aai.switch.ch/entities/eduid-test"
{{- else }}
url="http://metadata.aai.switch.ch/entities/eduid"
{{- end }}
backingFilePath="metadata.eduid.ch.xml"
{{- else }}
url="http://metadata.aai.switch.ch/metadata.switchaai+idp.xml"
......
......@@ -158,6 +158,10 @@ backend:
eduIDOnly: false
interfederation: false
# "production" or "test"
# See also: https://www.switch.ch/de/edu-id/docs/unis/tech/testing/
eduIDVersion: "production"
# Configures client-side session storage.
# https://wiki.shibboleth.net/confluence/display/SP3/SessionCache
sessionCache:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment