Skip to content
  • Francis Devine's avatar
    Bug 1722435: Add support for refreshing SAML metadata regularly · eee3f965
    Francis Devine authored and Robert Lyon's avatar Robert Lyon committed
    We utilise the simplesamlphp metarefresh plugin, and hook it into the
    mahara cron for the auth plugin.
    
    This adds a new field to each instance configuration form that allows
    the user to specify a url that metadata should be fetched from.
    
    This information is fed into the metarefresh plugin's config and a cron
    hook is run every hour that triggers the plugin.
    
    The simplesamlphp configuration is updated to read both the metarefresh
    target location and the normal xml config file location, with the
    metarefresh config files taking precedence.
    
    NB: because of the way that the auth/saml plugin stores the idp entity
    ids you are still required to present an XML file at least once, with
    the metadata refresh config only taking over once it's fetched in the
    next run.
    
    This gives a smooth upgrade path for all existing mahara instances,
    where they should continue to operate as normal, and then an
    administrator can add the metadata refresh url at their leisure and have
    it take precedence as soon as the metadata is available
    
    behatnotneeded
    
    Change-Id: Ib5733f7526a1c19d3150b45d90c9b675d4dd7ad2
    eee3f965