From eaeb88401d07687eb3db8c273f7a4c0ed31ec153 Mon Sep 17 00:00:00 2001 From: Tilman Vatteroth Date: Mon, 4 Jan 2021 13:07:44 +0100 Subject: Move docs into subdirectory to make mkdocs work in a subdirectory Signed-off-by: Tilman Vatteroth --- docs/content/guides/auth/saml-onelogin.md | 55 +++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 docs/content/guides/auth/saml-onelogin.md (limited to 'docs/content/guides/auth/saml-onelogin.md') diff --git a/docs/content/guides/auth/saml-onelogin.md b/docs/content/guides/auth/saml-onelogin.md new file mode 100644 index 00000000..8b897c82 --- /dev/null +++ b/docs/content/guides/auth/saml-onelogin.md @@ -0,0 +1,55 @@ +# Authentication guide - SAML (OneLogin) + +**Note:** *This guide was written before the renaming. Just replace `HackMD` with `HedgeDoc` in your mind :smile: thanks!* + +1. Sign-in or sign-up for an OneLogin account. (available free trial for 2 weeks) + +2. Go to the administration page. + +3. Select the **APPS** menu and click on the **Add Apps**. + ![onelogin-add-app](../../images/auth/onelogin-add-app.png) + +4. Find "SAML Test Connector (SP)" for template of settings and select it. + ![onelogin-select-template](../../images/auth/onelogin-select-template.png) + +5. Edit display name and icons for OneLogin dashboard as you want, and click **SAVE**. + ![onelogin-edit-app-name](../../images/auth/onelogin-edit-app-name.png) + +6. After that other tabs will appear, click the **Configuration**, and fill out the below items, and click **SAVE**. + - RelayState: The base URL of your HedgeDoc, which is issuer. (last slash is not needed) + + - ACS (Consumer) URL Validator: The callback URL of your HedgeDoc. (serverurl + /auth/saml/callback) + + - ACS (Consumer) URL: same as above. + + - Login URL: login URL(SAML requester) of your CopiMD. (serverurl + /auth/saml) + ![onelogin-edit-sp-metadata](../../images/auth/onelogin-edit-sp-metadata.png) + +7. The registration is completed. Next, click **SSO** and copy or download the items below. + - X.509 Certificate: Click **View Details** and **DOWNLOAD** or copy the content of certificate ....(A) + + - SAML 2.0 Endpoint (HTTP): Copy the URL ....(B) + ![onelogin-copy-idp-metadata](../../images/auth/onelogin-copy-idp-metadata.png) + +8. In your HedgeDoc server, create IdP certificate file from (A) +9. Add the IdP URL (B) and the Idp certificate file path to your config.json file or pass them as environment variables. + - `config.json`: + ```javascript + { + "production": { + "saml": { + "idpSsoUrl": "https://*******.onelogin.com/trust/saml2/http-post/sso/******", + "idpCert": "/path/to/idp_cert.pem" + } + } + } + ``` + + - environment variables + ```sh + CMD_SAML_IDPSSOURL=https://*******.onelogin.com/trust/saml2/http-post/sso/****** + CMD_SAML_IDPCERT=/path/to/idp_cert.pem + ``` + +10. Try sign-in with SAML from your HedgeDoc sign-in button or OneLogin dashboard (like the screenshot below). + ![onelogin-use-dashboard](../../images/auth/onelogin-use-dashboard.png) -- cgit v1.2.3