mirror of https://github.com/MISP/MISP
new: [oidc] Readme
parent
38f785ea63
commit
37dd3038b1
|
@ -0,0 +1,49 @@
|
|||
# MISP OpenID Connect Authentication
|
||||
|
||||
This plugin provides ability to use OpenID as Single sign-on for login users to MISP.
|
||||
When plugin is enabled, users are direcly redirected to SSO provider and it is not possible
|
||||
to login with passwords stored in MISP.
|
||||
|
||||
## Usage
|
||||
|
||||
1. Install required library using composer
|
||||
|
||||
```
|
||||
cd app
|
||||
php composer.phar require jumbojett/openid-connect-php
|
||||
```
|
||||
|
||||
2. Enable in `app/Config/config.php`
|
||||
|
||||
```php
|
||||
$config = array(
|
||||
...
|
||||
'Security' => array(
|
||||
...
|
||||
'auth' => 'array('OidcAuth.Oidc')',
|
||||
),
|
||||
...
|
||||
```
|
||||
|
||||
3. Configure in `app/Config/config.php` (replace variables in `{{ }}` with your values)
|
||||
|
||||
```php
|
||||
$config = array(
|
||||
...
|
||||
'OidcAuth' = [
|
||||
'provider_url' => '{{ OIDC_PROVIDER }}',
|
||||
'client_id' => '{{ OIDC_CLIENT_ID }}',
|
||||
'client_secret' => '{{ OIDC_CLIENT_SECRET }}',
|
||||
'role_mapper' => [ // if user has multiple roles, first role that match will be assigned to user
|
||||
'misp-user' => 3, // User
|
||||
'misp-admin' => 1, // Admin
|
||||
],
|
||||
'default_org' => '{{ MISP_ORG }}',
|
||||
],
|
||||
...
|
||||
```
|
||||
|
||||
## Caveats
|
||||
|
||||
* When user is blocked in SSO (IdM), he/she will be not blocked in MISP. He could not log in, but users authentication keys will still work and also he/she will still receive all emails.
|
||||
|
|
@ -29,7 +29,8 @@
|
|||
"ext-bcmath": "For faster validating IBAN numbers",
|
||||
"ext-rdkafka": "Required for publishing events to Kafka broker",
|
||||
"elasticsearch/elasticsearch": "For logging to elasticsearch",
|
||||
"aws/aws-sdk-php": "To upload samples to S3"
|
||||
"aws/aws-sdk-php": "To upload samples to S3",
|
||||
"jumbojett/openid-connect-php": "For OIDC authentication"
|
||||
},
|
||||
"config": {
|
||||
"vendor-dir": "Vendor",
|
||||
|
|
Loading…
Reference in New Issue