Skip to content
Snippets Groups Projects
Commit 52cfa00f authored by kaiyou's avatar kaiyou
Browse files

Merge branch '77-nouveau-service-flarum' into 'master'

Resolve "[nouveau service] flarum"

Closes #77

See merge request acides/hiboo/hiboo!32
parents f3b26d9a c75e9e17
No related branches found
No related tags found
No related merge requests found
......@@ -173,3 +173,22 @@ class PeertubeApplication(base.OIDCApplication):
"grant_types": ["authorization_code"],
"response_types": ["code"],
}
@register("flarum")
class FlarumApplication(base.SAMLApplication):
""" Flarum is a simple discussion platform, fast and easy to use, with all the features you need to run a successful community.
"""
name = _("Flarum")
class Form(base.BaseForm):
application_uri = fields.StringField(_("Flarum URL"), [validators.URL(require_tld=False)])
submit = fields.SubmitField(_('Submit'))
def configure(self, form):
return {
"acs": form.application_uri.data + "/auth/saml/acs",
"entityid": form.application_uri.data + "/auth/saml/metadata",
"sign_mode": "response"
}
<h3>Setting up Flarum</h3>
<p>Flarum uses the <a href="https://github.com/askvortsov1/flarum-saml">flarum_saml</a> extension in order to handle SAML2 authentication.</p>
<p>You must first install this extension on your instance, then enable the <i>SAML2 SSO</i> extension in the <i>Administration</i> panel and fill in the following parameters.</p>
<dt>Identity Provider Metadata URL (Alternative to XML)</dt>
<dd><pre>{{ url_for("sso.saml_metadata", service_uuid=service.uuid, _external=True) }}</pre></dd>
<dt>NameID format</dt>
<dd><pre>Persistent</pre></dd>
<dt>Attribute to map the username to</dt>
<dd><pre>urn:oid:0.9.2342.19200300.100.1.1</pre></dd>
<dt>Sign authn requests?</dt>
<dd>Yes</dd>
<dt>Sign logout requests?</dt>
<dd>Yes</dd>
<dt>Sign logout responses?</dt>
<dd>Yes</dd>
<dt>Sign metadata?</dt>
<dd>Yes</dd>
<dt>Want Assertions Encrypted?</dt>
<dd>Not supported</dd>
<dt>Want Assertions Signed?</dt>
<dd>Not supported</dd>
<dt>Want Messages Signed?</dt>
<dd>Yes</dd>
<dt>Enable SLO? If your IDP does not support this, this will do nothing.</dt>
<dd>Yes</dd>
<dt>Use SAML2 SSO as only login option?</dt>
<dd>Remember to have an SAML user as Flarum admin if enabled</dd>
<dt>x509 Private Key (needed for signing, if enabled)</dt>
<dd><pre>{{ "".join(service.config["sp_key"].strip().split("\n")[1:-1]) }}</pre></dd>
<dt>x509 Certificate (needed for signing, if enabled)</dt>
<dd><pre>{{ "".join(service.config["sp_cert"].strip().split("\n")[1:-1]) }}</pre></dd>
{% include "application_saml.html" %}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment