Architecture
Source: acrhitecture.odg
SP admin flows
Register a new SP
1a) copy/past metadat metadata into text box
test: is it really XML?
-> if not: error
...
2) test: check if metadata has
- entityID
...
- present?
- technical contact email present?
- ACS location present?
→ if not: error
3) resolve capchacaptcha
4) press register button
Start registration
1) generate SHA256 token form from IP + timestamp + entitID
test: Do not allow an existing entityID to be claimed with a new email
if → throw an error
...
1) User returns to https://testidp.incibator.geant.org/register.php?token=dsjklzJK98edjlkqwJIDSA
test: Check if this token is registered in the DB for this email, if not -> error
2) The user is now "logged in" for time X
3) Copy Move over XML metadata to "martin" table" (registration data gets removed)
4) Optionally: additional field to be filled in? → Check with Martin
5) Your IdP is ready at : https://...
Show pointer to metadata
Show metadata to be copied
Show URL?
Show text explaining how to use frontend login screen
Below TBD
Returning to admin interface to modify SP
...
- 'login' vio email token
- lookup your own SP?
- confimation?