Which config files are needed. Which ones are deployment specific, which ones are related to the connected entities? Which modules are needed?

Deployment specific configs:

• repo with deployment configs for the proxy MVP.

‌

Connected entities configs:

• ssp configurations

‌

• oidc clients are managed by oidc module, stored in a shared DB;
• generate_oidc_config.php – extracting rulesets from shared DB;
• module_metarefresh.php – contains metadata urls for saml entities (but config was updated externally, calling cron for metarefresh updates);
• …

‌

Modules needed:

• ssp config.php

1. 'saml',
2. 'admin',
3. 'cron',
4. 'metarefresh',
5. ‘oidc',
6. 'mymodule', – for custom html .twig templates
7. …

SP role enabled

If in the wizard the SP role is enabled, then in the config we should have the following: 

/* this comes in authsources.php */
$config = [
    'default-sp' => [
        'saml:SP',
        'entityID' => 'https://entityid.uri',
        'privatekey' => 'saml.pem',
        'certificate' => 'saml.crt',

    ], 
];

Adding IdPs to the SP

/* saml20-idp-remote.php */
<?php
$metadata['https://example.org/saml-idp'] = [
    'SingleSignOnService'  => 'https://example.org/simplesaml/saml2/idp/SSOService.php',
    'SingleLogoutService'  => 'https://example.org/simplesaml/saml2/idp/SingleLogoutService.php',
    'certificate'          => /**/,
];

We should think about how to mobilize the XML→ php converter of ssp itself to generate the 'remote' files.