Skip to content
This repository has been archived by the owner on Feb 26, 2020. It is now read-only.

Development: Shib OAuth Bridge Configuration Example

Jump to bottom
Eric Bollens edited this page May 1, 2015 · 1 revision

The best way to set up authentication for your local development instance is to hook up the Shibboleth OAuth2 bridge (available at https://github.com/ebollens/shib-oauth2-bridge). The README includes some general details about it, but because people have had challenges getting it set up right, this page includes a copy of an example of the configuration files needed.

Environment

In the case of this example, I’m running Apache over port 80 (hence why the oauth2 provider is http://localhost) and the NeXt server on port 8080 with SSL (hence why the oauth_client_endpoints entry is https://localhost:8080). You may need to tweak things for your own configuration difference such as port and http versus https.

shib-oauth2-bridge

app/config/local/database.php

<?php

return array(

/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Here are each of the database connections setup for your application.
| Of course, examples of configuring each database platform that is
| supported by Laravel is shown below to make development simple.
|
|
| All database work in Laravel is done through the PHP PDO facilities
| so make sure you have the driver for your particular database of
| choice installed on your machine before you begin development.
|
*/

'connections' => array(

'mysql' => array(
'driver'    => 'mysql',
'host'      => 'localhost',
'database'  => 'shib-oauth2-bridge',
'username'  => 'root',
'password'  => 'root',
'charset'   => 'utf8',
'collation' => 'utf8_unicode_ci',
'prefix'    => '',
),

'pgsql' => array(
'driver'   => 'pgsql',
'host'     => 'localhost',
'database' => 'homestead',
'username' => 'homestead',
'password' => 'secret',
'charset'  => 'utf8',
'prefix'   => '',
'schema'   => 'public',
),

),

);

After you run the php artisan commands in the bridge's README, you should have a set of database tables.

Here’s the INSERT commands for my configuration on my machine:

INSERT INTO `oauth_clients` (`id`, `secret`, `name`, `created_at`, `updated_at`) VALUES 
('next', 'txen', 'UC NeXT Platform', '2014-12-16 17:25:09', '2014-12-16 17:25:09’);

INSERT INTO `oauth_client_endpoints` (`id`, `client_id`, `redirect_uri`, `created_at`, `updated_at`) VALUES
(1, 'next', 'https://localhost:8080/auth/oauth2/shibboleth', '2014-12-16 17:38:47', '2014-12-16 17:38:47’);

Simply update the redirect_uri to be wherever the /auth/oauth2/shibboleth path resides on your instance of NeXt (likely just a different port, while you're developing locally.

NeXt

config/environments/development.yml

oauth2:
  provider:
    shibboleth:
      enabled: true
      key: next
      secret: txen
      properties:
        site: http://localhost
        authorize_url: /shib-oauth2-bridge/public/oauth2/test-authorize
        token_url: /shib-oauth2-bridge/public/oauth2/access_token
      routes:
        get_user: /shib-oauth2-bridge/public/oauth2/user

This should be all you need.

Clone this wiki locally