|
1 | 1 | # SATOSA |
2 | | -[](https://travis-ci.org/IdentityPython/SATOSA) |
| 2 | + |
3 | 3 | [](https://pypi.python.org/pypi/SATOSA) |
4 | 4 |
|
5 | | -A configurable proxy for translating between different authentication protocols such as SAML2, |
6 | | -OpenID Connect and OAuth2. |
| 5 | +A configurable proxy for translating between different authentication protocols |
| 6 | +such as SAML2, OpenID Connect and OAuth2. |
| 7 | + |
7 | 8 |
|
8 | 9 | # Table of Contents |
9 | 10 |
|
10 | 11 | - [Installation](doc/README.md#installation) |
11 | | - - [Docker](doc/README.md#docker) |
12 | | - - [Manual installation](doc/README.md#manual_installation) |
13 | | - - [Dependencies](doc/README.md#dependencies) |
14 | | - - [Instructions](doc/README.md#install_instructions) |
15 | | - - [External micro-services](doc/README.md#install_external) |
| 12 | + - [Docker](doc/README.md#docker) |
| 13 | + - [Manual installation](doc/README.md#manual-installation) |
| 14 | + - [Dependencies](doc/README.md#dependencies) |
| 15 | + - [Instructions](doc/README.md#instructions) |
16 | 16 | - [Configuration](doc/README.md#configuration) |
17 | | - - [SATOSA proxy configuration: proxy_conf.yaml.example](doc/README.md#proxy_conf) |
18 | | - - [Additional services](doc/README.md#additional_service) |
19 | | - - [Attribute mapping configuration: internal_attributes.yaml](doc/README.md#attr_map) |
20 | | - - [attributes](doc/README.md#attributes) |
21 | | - - [user_id_from_attrs](doc/README.md#user_id_from_attrs) |
22 | | - - [user_id_to_attr](doc/README.md#user_id_to_attr) |
| 17 | + - [SATOSA proxy configuration: proxy_conf.yaml.example](doc/README.md#satosa-proxy-configuration-proxy_confyamlexample) |
| 18 | + - [Attribute mapping configuration: internal_attributes.yaml](doc/README.md#attribute-mapping-configuration-internal_attributesyaml) |
| 19 | + - [attributes](doc/README.md#attributes) |
| 20 | + - [user_id_from_attrs](doc/README.md#user_id_from_attrs) |
| 21 | + - [user_id_to_attr](doc/README.md#user_id_to_attr) |
23 | 22 | - [Plugins](doc/README.md#plugins) |
24 | | - - [SAML2 plugins](doc/README.md#saml_plugin) |
25 | | - - [Metadata](doc/README.md#metadata) |
26 | | - - [Frontend](doc/README.md#saml_frontend) |
27 | | - - [Backend](doc/README.md#saml_backend) |
28 | | - - [Name ID Format](doc/README.md#name_id) |
29 | | - - [OpenID Connect plugins](doc/README.md#openid_plugin) |
30 | | - - [Backend](doc/README.md#openid_backend) |
31 | | - - [Frontend](doc/README.md#openid_frontend) |
32 | | - - [Social login plugins](doc/README.md#social_plugins) |
33 | | - - [Google](doc/README.md#google) |
34 | | - - [Facebook](doc/README.md#facebook) |
35 | | -- [Generating proxy metadata](doc/README.md#saml_proxy_metadata) |
36 | | -- [Running the proxy application](doc/README.md#run) |
| 23 | + - [SAML2 plugins](doc/README.md#saml2-plugins) |
| 24 | + - [Metadata](doc/README.md#metadata) |
| 25 | + - [AuthnContextClassRef](doc/README.md#providing-authncontextclassref) |
| 26 | + - [Frontend](doc/README.md#saml2-frontend) |
| 27 | + - [Custom attribute release](doc/README.md#custom-attribute-release) |
| 28 | + - [Policy](doc/README.md#policy) |
| 29 | + - [Backend](doc/README.md#saml2-backend) |
| 30 | + - [Name ID Format](doc/README.md#name-id-format) |
| 31 | + - [Discovery service](doc/README.md#use-a-discovery-service) |
| 32 | + - [ForceAuthn option](doc/README.md#mirror-the-saml-forceauthn-option) |
| 33 | + - [Memorize IdP](doc/README.md#memorize-the-idp-selected-through-the-discovery-service) |
| 34 | + - [OpenID Connect plugins](doc/README.md#openid-connect-plugins) |
| 35 | + - [Frontend](doc/README.md#oidc-frontend) |
| 36 | + - [Backend](doc/README.md#oidc-backend) |
| 37 | + - [Social login plugins](doc/README.md#social-login-plugins) |
| 38 | + - [Google](doc/README.md#google) |
| 39 | + - [Facebook](doc/README.md#facebook) |
| 40 | + - [Dummy adapters](doc/README.md#dummy-adapters) |
| 41 | + - [Micro-services](doc/README.md#micro-services) |
| 42 | +- [Generating proxy metadata](doc/README.md#generate-proxy-metadata) |
| 43 | +- [Running the proxy application](doc/README.md#running-the-proxy-application) |
| 44 | +- [External contributions](doc/README.md#external-contributions) |
37 | 45 |
|
38 | 46 |
|
39 | 47 | # Use cases |
| 48 | + |
40 | 49 | In this section a set of use cases for the proxy is presented. |
41 | 50 |
|
| 51 | + |
42 | 52 | ## SAML2<->SAML2 |
43 | | -There are SAML2 service providers for example Box which is not able to handle multiple identity |
44 | | -providers. For more information about how to set up, configure and run such a proxy instance |
45 | | -please visit [Single Service Provider<->Multiple Identity providers](doc/one-to-many.md) |
46 | 53 |
|
47 | | -If an identity provider can not communicate with service providers in for example a federation the |
48 | | -can convert request and make the communication possible. |
| 54 | +There are SAML2 service providers for example Box which is not able to handle |
| 55 | +multiple identity providers. For more information about how to set up, |
| 56 | +configure and run such a proxy instance please visit [Single Service |
| 57 | +Provider<->Multiple Identity providers](doc/one-to-many.md) |
| 58 | + |
| 59 | +If an identity provider can not communicate with service providers in for |
| 60 | +example a federation the can convert request and make the communication |
| 61 | +possible. |
| 62 | + |
49 | 63 |
|
50 | 64 | ## SAML2<->Social logins |
51 | | -This setup makes it possible to connect a SAML2 service provider to multiple social media identity |
52 | | -providers such as Google and Facebook. The proxy makes it possible to mirror a identity provider by |
53 | | -generating SAML2 metadata corresponding that provider and create dynamic endpoint which |
54 | | -are connected to a single identity provider. |
55 | | -For more information about how to set up, configure and run such a proxy instance please visit |
56 | | -[SAML2<->Social logins](doc/SAML2-to-Social_logins.md) |
| 65 | + |
| 66 | +This setup makes it possible to connect a SAML2 service provider to multiple |
| 67 | +social media identity providers such as Google and Facebook. The proxy makes it |
| 68 | +possible to mirror a identity provider by generating SAML2 metadata |
| 69 | +corresponding that provider and create dynamic endpoint which are connected to |
| 70 | +a single identity provider. |
| 71 | + |
| 72 | +For more information about how to set up, configure and run such a proxy |
| 73 | +instance please read [SAML2<->Social logins](doc/SAML2-to-Social_logins.md) |
| 74 | + |
57 | 75 |
|
58 | 76 | ## SAML2<->OIDC |
59 | | -The proxy is able to act as a proxy between a SAML2 service provider and a OpenID connect provider |
60 | | -[SAML2<->OIDC](doc/saml2-to-oidc.md) |
| 77 | + |
| 78 | +The proxy is able to act as a proxy between a SAML2 service provider and a |
| 79 | +OpenID connect provider [SAML2<->OIDC](doc/saml2-to-oidc.md) |
61 | 80 |
|
62 | 81 | # Contact |
63 | | -If you have any questions regarding operations/deployment of SATOSA please use the satosa-users [mailing list](https://lists.sunet.se/listinfo/satosa-users). |
| 82 | + |
| 83 | +If you have any questions regarding operations/deployment of SATOSA please use |
| 84 | +the satosa-users [mailing list](https://lists.sunet.se/listinfo/satosa-users). |
0 commit comments