OpenConext is an OpenSource technology stack offering a proxy (hub) for federated identity management (SAML, OIDC) and related features. OpenConext was developed by SURF, the Dutch National Research and Education Network (NREN), as part of the SURFworks programme, and has since than seen continuous development. SURF runs an instance of the platform for research and education in The Netherlands as SURFconext. More information: OpenConext: https://www.openconext.org. SURFconext: https://www.surfconext.nl.
The OpenConext dashboard is the module that can be used by people managing an Identity Provider (IdP) connected to the (OpenConext) identity hub/proxy. It offers an option for an IdP to check out what SPs (Service Provider) are connected to the proxy, request connection to an SP, look up information about SPs connected to the hub etc. This (IdP) dashboard offers the IdPs a high level of 'DIY', offloading work from the federation operator (less error prone emails to deal with concerning connecting/disconnecting an IdP to an SP, thereby offering scalability (SURF runs SURFconext with hundreds of IdPs)
- Java 21
- Maven 3
- NodeJS v14.17.3 (best managed with
nvm
, current version in .nvmrc - yarn
cd dashboard
To build:
mvn clean install
To run locally either start the Application from your IDE or use the spring-boot maven plugin:
mvn spring-boot:run
If you want to debug you can either debug the Application in your IDE or use:
./debug.sh
In the default application.properties
the mail host is localhost
and the port is 1025
. Run mailpit to capture mails.
See https://github.com/axllent/mailpit
In the application.properties file you can disable / enable
all remote interfaces like JIRA, Mail, SAB, VOOT, Statistics, PDP, OIDC, Manage by setting the dashboard.feature.X
to false
or true
. Default they are all disabled and mock implementations are used. Using ansible for
deployment they can enabled.
cd dashboard
Initial setup if you do:
yarn install
To build:
yarn run webpack
To run locally:
yarn start
The browse to the application homepage.
A list of available log-ins can be found in the mocked implementation of the VootClient.
curl -H 'Content-Type: application/json' -u pdp:secret -X POST -d '{"REQUESTED_ATTRIBUTES":["metaDataFields.coin:ss:idp_visible_only"],"metaDataFields.coin:ss:idp_visible_only":"1"}' 'https://manage.test2.surfconext.nl//manage/api/internal/search/saml20_sp' | python -m json.tool
To run all JavaScript tests:
cd client
yarn test
Or to run all the tests and do not watch:
cd client
CI=true yarn test
cd dashboard-server/src/test/resources/jira-json/
curl -X POST --data "@query_new.json" -H "Content-Type: application/json" -H "Authorization: Bearer ??" "https://servicedesk.test.surf.nl/jira/rest/api/2/search"
To find transitions:
curl -H "Content-Type: application/json" -H "Authorization: Bearer ??" "https://servicedesk.test.surf.nl/jira/rest/api/2/issue/CXT-70752/transitions" | jq .
The Jira API key can be found in the environments-external project in SURF gitlab.