Fix copy paste stuff

2025-05-06 14:45:28 +02:00 · 2025-05-06 14:45:28 +02:00 · 9bacbba224
commit 9bacbba224
parent 0c68862d6e
1 changed files with 3 additions and 42 deletions
--- a/netbird-test-satosa-1-sto1.sunet.se/overlay/etc/hiera/data/local.yaml
+++ b/netbird-test-satosa-1-sto1.sunet.se/overlay/etc/hiera/data/local.yaml
@ -18,9 +18,6 @@ attribute_authorization:
      force_attributes_presence_on_allow: true
      attribute_allow:
         default:
-            platform:
-               subject-id:
-                  - "."
            default:
               subject-id:
                  - "."
@ -49,13 +46,12 @@ internal_attributes:
        openid: [sub,username,preferred_username]
        saml: [subject-id, eduPersonPrincipalName]
 satosa_proxy_conf:
-   BASE: https://idp-proxy-platform-test.sunet.se
+   BASE: https://netbird-test-satosa.sunet.se
   INTERNAL_ATTRIBUTES: "internal_attributes.yaml"
   BACKEND_MODULES:
      - "plugins/saml2_backend.yaml"
   FRONTEND_MODULES:
      - "plugins/oidc_frontend.yaml"
-      - "plugins/saml2_frontend.yaml"
   MICRO_SERVICES:
      - "plugins/attribute_authorization.yaml"
      - "plugins/healthcheck.yaml"
@ -83,7 +79,7 @@ satosa_proxy_conf:
 saml2_backend:
  config:
    sp_config:
-      organization: {display_name: Platform services (test), name: Platform services (Test), url: 'https://sunet.se'}
+      organization: {display_name: netbird (Test), name: netbird (Test), url: 'https://sunet.se'}
      contact_person:
        - {contact_type: technical, email_address: noc@sunet.se, given_name: Technical}
        - {contact_type: support, email_address: noc@sunet.se, given_name: Support}
@ -96,7 +92,7 @@ saml2_backend:
        mdq:
         - url: https://mds.swamid.se
           cert: "/etc/satosa/md-signer2.crt"
-      entityid: https://idp-proxy-platform-test.sunet.se/sp
+      entityid: https://netbird-test-satosa.sunet.se/sp
      accepted_time_diff: 180
      service:
        sp:
@ -132,38 +128,3 @@ saml2_frontend:
      single_sign_on_service:
        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': sso/post
        'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': sso/redirect
-
-    # If configured and not false or empty the common domain cookie _saml_idp will be set
-    # with or have appended the IdP used for authentication. The default is not to set the
-    # cookie. If the value is a dictionary with key 'domain' then the domain for the cookie
-    # will be set to the value for the 'domain' key. If no 'domain' is set then the domain
-    # from the BASE defined for the proxy will be used.
-    #common_domain_cookie:
-    #  domain: .example.com
-
-    entityid_endpoint: true
-    enable_metadata_reload: no
-
-    idp_config:
-      key_file: frontend.key
-      cert_file: frontend.crt
-      metadata:
-        local: [metadata/monitor.xml, metadata/hittade.xml]
-
-      entityid: <base_url>/<name>/proxy.xml
-      accepted_time_diff: 60
-      service:
-        idp:
-          endpoints:
-            single_sign_on_service: []
-          name: Proxy IdP
-          name_id_format: ['urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient']
-          policy:
-            default:
-              attribute_restrictions: null
-              fail_on_missing_requested: false
-              lifetime: {minutes: 15}
-              name_form: urn:oasis:names:tc:SAML:2.0:attrname-format:uri
-              encrypt_assertion: false
-              encrypted_advice_attributes: false
-