[Feature] - Integrazione plug-in SAML2 to wordpress

italia / eudi-wallet-it-python

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant with the Italian Wallet implementation profile

Apache License 2.0

17 stars 13 forks source link

[Feature] - Integrazione plug-in SAML2 to wordpress #2

Closed Pyscho79 closed 1 year ago

Pyscho79 commented 1 year ago

[x] Creation example project in repository:
- [x] WordPress setup
- [x] WordPress bootstrap Italia template setup
- [x] WordPress SAML2 OneLogin plugin setup
- [x] WordPress SAML2 OneLogin Donwload Metadata from wordpress sp
- [x] WordPress SAML2 OneLogin Test with IDP spid-saml-check
[x] Setup Documentation:
- [x] WordPress setup
- [x] WordPress bootstrap Italia template setup
- [x] WordPress SAML2 OneLogin plugin setup
[x] #41
- [ ] readme docker image setup

MurruAlessio commented 1 year ago

Created WordPress instance using docker-compose

The commit includes the docker-compose file used to create a WordPress instance with multiple containers, including a database container for the MariaDB database and a phpmyadmin container for managing the database through a web interface.

The WordPress container uses version 5.4 to ensure compatibility with the ItaliaWP2 theme. However, it should be noted that this version of WordPress has some vulnerabilities that are fixed in version 6.6.

MurruAlessio commented 1 year ago

I have successfully installed the ItaliaWP2 theme from the GitHub repository https://github.com/italia/design-wordpress-theme-italiaWP2 and set it as the active theme for WordPress instance.

MurruAlessio commented 1 year ago

I installed the OneLogin SAML SSO plugin to enable SAML connection on the Wordpress instance. I am currently still in the process of testing the plugin, which has not yet been configured with an IdP.

peppelinux commented 1 year ago

Can you see/download the wordpress saml2 metadata? you have to download the satosa frontend metadata to your sp before starting an authn request

peppelinux commented 1 year ago

Created WordPress instance using docker-compose

The commit includes the docker-compose file used to create a WordPress instance with multiple containers, including a database container for the MariaDB database and a phpmyadmin container for managing the database through a web interface.

The WordPress container uses version 5.4 to ensure compatibility with the ItaliaWP2 theme. However, it should be noted that this version of WordPress has some vulnerabilities that are fixed in version 6.6.

since it is just for the example project, we just have to indicate in the tutorial/configuration/readme that this is just for demo purpose and MUST NOT used in production contexts

we use this WP just as an example of legacy infrastructure

Pyscho79 commented 1 year ago

Can you see/download the wordpress saml2 metadata? you have to download the satosa frontend metadata to your sp before starting an authn request

Yew confirm download metadata form wordpress

Pyscho79 commented 1 year ago

@MurruAlessio need to test the new release Satosa-Saml2Spid v1.0.1 https://github.com/italia/Satosa-Saml2Spid/releases/tag/v1.0.1

MurruAlessio commented 1 year ago

below is the pull request with SaToSa integration changes for Wordpress plugin integration test https://github.com/italia/Satosa-Saml2Spid/pull/77