OpenstackId Server

OpenId Idp/ OAuth2.0 AS/RS

Objective

OpenStackID has been developed to provide a unique online identity for all OpenStack web properties. The intention is to replace Launchpad as openID provider. The code provides authentication via OpenID and authentication + authorization via OAuth2. More details about OpenStackID server are on the wiki.

Servers

openstackid-dev.openstack.org is configured to deploy http://tarballs.openstack.org/openstackid/openstackid-latest.tar.gz which is the automatically generated per-commit tarball of the master branch. No action is necessary to update the deployment of openstackid-dev to the latest merged commit in master.

openstackid.openstack.org is configured to deploy a specific tag. To update this deployment, tag the repo to create a release, and then update puppet to point to that release name.

Configuration

Environment Configuration

We need to instruct the Laravel Framework how to determine which environment it is running in. The default environment is always production. However, you may setup other environments within the bootstrap/start.php file at the root of your installation.

It is include on folder bootstrap a file called bootstrap/environment.php.tpl you must make a copy and rename it to bootstrap/environment.php

In this file you will find an $app->detectEnvironment call. The array passed to this method is used to determine the current environment. You may add other environments and machine names to the array as needed.

<?php

$env = $app->detectEnvironment(array(

    'local' => array('your-machine-name'),

));

Database Configuration

It is often helpful to have different configuration values based on the environment the application is running in. For example, you may wish to use a different database configuration on your development machine than on the production server. It is easy to accomplish this using environment based configuration. Simply create a folder within the config directory that matches your environment name, such as dev. Next, create the configuration files you wish to override and specify the options for that environment. For example, to override the database configuration for the local environment, you would create a database.php file in app/config/dev.

OpenstackId server makes use of two database connections:

  • openstackid

  • os_members

openstackid is its own OpenstackId Server DB, where stores all related configuration to openid/oauth2 protocol. os_members is SS DB (http://www.openstack.org/). both configuration are living on config file database.php, which could be a set per environment as forementioned like app/config/dev/database.php

Error Log Configuration

Error log configuration is on file app/config/log.php but could be overridden per environment such as app/config/dev/log.php , here you set two variables:

  • to_email : The receiver of the error log email.

  • from_email: The sender of the error log email.

Recaptcha Configuration

OpenstackId server uses recaptcha facility to discourage brute force attacks attempts on login page, so in order to work properly recaptcha plugin must be provided with a public and a private key (http://www.google.com/recaptcha). These keys are set on file app/config/packages/greggilbert/recaptcha/config.php, but also could be set per environment using following directory structure app/config/packages/greggilbert/recaptcha/dev/config.php.

Installation

OpenstackId Server uses composer utility in order to install all needed dependencies. After you get the source code from git, you must run following commands on application root directory:

** your virtual host must point to /public folder.

Permissions

Laravel may require one set of permissions to be configured: folders within app/storage require write access by the web server.