Overview
| Proposer | SCRE, CSC, SURF |
|---|---|
| Area | STANDARDS & PROTOCOLS |
| Type of work | DEVELOPMENT |
| Output | PROTOTYPE |
| History | OIDCfed support on SimpleSAMLphp |
Original proposal
Related to the above eduGAIN OpenID Federation Pilot, we would like to add OpenID Federation capabiliteis to commonly used software in our ecosystem. This activity will complete the work on implementing OpenID Federation into SimpleSAMLphp, as well as start with an implementation for Shibboleth IdP.
Description of the activity
Proof-of-Concept implementations for Shib and SSP for openid federation.
Ownership & Utilisation
The following parties will use the results of this activity:
| T&I Service | |
|---|---|
| R&E Community | The new modules can be used by any IdP operator. |
| External Party | The results will be maintained by the Shibboleth Consortium and the SimpleSAMLphp Development Group |
Results & Deliverables
The following results were created and delivered:
- Shibboleth IdP OIDC OP Plugin OIDFed Support initialized
Entity Configuration
Construction of Trust Chains
Automatic Registration of an OIDC RP in the authorization endpoint
- Working demo presented
- SimpleSAMLPHP
- Automatic client registration is implemented
- WIP federation participation (limiting) based on Trust Marks
- Working demo was presented
- Source code:
- OpenID Federation into SimpleSAMLphp - https://github.com/simplesamlphp/openid
- Shibboleth OP - https://git.shibboleth.net/view/?p=java-idp-oidc.git;a=summary (still in development!)
- Print demo results: Incubator demos#Cycle9