Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fix cie-provider URL and add metadata link

...

The RP implemented in PHP is based on the implementation from https://github.com/italia/spid-cie-oidc-php.

The GO RP and TA use this implementation: https://github.com/zachmann/go-oidcfed

Example metadata: https://relying-party-php.testbed.oidcfed.incubator.geant.org/.well-known/openid-federation?format=json


Image Added

Fedservice example

Repo: https://gitlab.geant.org/TI_Incubator/oidcfed/fedservice

This testbed is based on the example implementation from https://github.com/rohe/fedservice.

...

The trust relationships are depicted in Federation Example.jpg.below.


Image Added

 Inter-federation logins

Establishing trust between entities from different federations is possible if a valid trust can be constructed between the two entities.

In the existing testbeds, the trust anchor in the Italian federation was added as a trust anchor for the OP in Roland's example federation, making it possible that all RPs in the Italian federation could authenticate users from OP.


Image Added

 eduGAIN-like trust fabric

This testbed mimics a real-world scenario, consisting of the eduGAIN federation, a number of national federations, and all the leaf entities that are currently part of eduGAIN, as well as the national federations.

Example metadata: https://oidcfed.sa5vopaas.utr.surfcloud.nl/leafs/fe37e407801ede6bc262eed7bf00a54f4c33e890/.json

The entire federation was exported as .dot file via ofcli and visualised below.

Image AddedImage Removed