Sonar and Canary demo apps
Sonar and Canary demo apps
How to set up the Sonar and Canary demo apps to use in the Maverics evaluation.
If you cannot use your own apps to complete the Maverics evaluation and/or cannot use the publicly hosted apps, you can stand up containers of Strata’s two demo apps to use in your evaluation.
Requirements
You will need to use Docker or a docker-based container platform to run the containers.
- Docker Desktop (Mac/Windows) OR Docker Engine v20.10.x or greater
- Ports:
- 8987 (Sonar demo app)
- 8988 (Canary Bank demo app)
Pulling the images
docker pull strataidentity/sonardocker pull strataidentity/canarybank
Running the containers for proxy app testing
You will need to map ports with the docker run command when instantiating each container. Each app has a built-in user and password.
Canary Bank
- From the docker CLI, run:
docker run -p 8988:8988 strataidentity/canarybank canarybank - In your browser, go to http://localhost:8988
- username: jdoe
- password: password
Sonar
This app requires the SM_USER header to complete an authorization. You can also optionally set firstname and lastname headers.
- From the docker CLI, run:
docker run -p 8987:8987 strataidentity/sonar sonar - In your browser, go to http://localhost:8987
- username: jdoe
- password: password
Running Sonar as an OIDC app
Requirements
- Download the evaluation.zip here to get self-signed certs and the rootCA.pem file needed to set up Sonar.
- Using your preferred text editor, create a file called
sonar.env. - Copy and paste the following code in the
sonar.envfile and save.
TLS_CERT=/localhost.pem
TLS_KEY=/localhost-key.pem
AUTH_PROVIDERS=[ { "name": "Maverics", "type": "oidc", "config": { "clientID": "clientID", "clientSecret": "clientSecret", "issuer": "https://localhost:8433", "redirectURL": "https://localhost:8987/auth/Maverics/callback" } } ]- In the same directory, create a new file called
docker-compose.yamland copy and paste the following code.
version: "3.8"
services:
sonar:
image: strataidentity/sonar:latest
hostname: sonar
env_file:
- ./sonar.env
ports:
- "8987:8987"
restart: unless-stopped
command: update-ca-certs
network_mode: bridge
extra_hosts:
- localhost:host-gateway
volumes:
- ./rootCA.pem:/etc/ssl/certs/rootCA.pem
- ./localhost.pem:/localhost.pem
- ./localhost-key.pem:/localhost-key.pem- In your OIDC app definition, set the following:
- clientID: clientID
- clientSecret: clientSecret
- redirectURLs: https://localhost:8987/auth/Maverics/callback
- You can also set the following optional definitions, replacing
yourIDP.yourClaimin each field:
claimsMapping:
email: yourIDP.yourClaim
given_name: yourIDP.yourClaim
family_name: yourIDP.yourClaim- In your OIDC auth provider definition, set the following:
- issuer: https://localhost:8443
- Start the orchestrator by running the Maverics binary file in your working directory. Important: The orchestrator must be running before you start the Sonar app.
- In your terminal window or command line, run:
docker-compose upThe expected output will be as follows:
staging-eval-sonar-1 | 2023/11/15 18:31:03 Starting the server [::]:8987- Go to the Sonar app at https://localhost:8987 and click Login with Maverics to start the OIDC login flow.
- To stop the services defined in the Compose file, you can run the following command:
docker-compose downThis will stop and remove all the containers created by the Compose file.
ℹ️
Canary Bank also supports OIDC. You can follow the same steps to run Canary Bank as an OIDC app by modifying the ports to use 8988 and the Docker image to canarybank:latest.
Running Canary Bank as an SAML app
Requirements
- Download the evaluation.zip here to get self-signed certs and the rootCA.pem file needed to set up Sonar.
- Using your preferred text editor, create a file called
canary.env. - Copy and paste the following code in the
canary.envfile and save.
TLS_CERT=/localhost.pem
TLS_KEY=/localhost-key.pem
AUTH_PROVIDERS=[ { "name": "Maverics", "type": "saml", "config": { "metadataURL": "https://localhost:8433/metadata", "serviceProviderIssuer": "https://localhost:8988", "assertionConsumerServiceURL": "https://localhost:8988/auth/Maverics/callback", "audienceURI": "https://localhost:8988" } } ]- In the same directory, create a new file called
docker-compose.yamland copy and paste the following code.
version: "3.8"
services:
sonar:
image: strataidentity/canarybank:latest
hostname: canarybank
env_file:
- ./canary.env
ports:
- "8988:8988"
restart: unless-stopped
command: update-ca-certs
network_mode: bridge
extra_hosts:
- localhost:host-gateway
volumes:
- ./rootCA.pem:/etc/ssl/certs/rootCA.pem
- ./localhost.pem:/localhost.pem
- ./localhost-key.pem:/localhost-key.pem- In your SAML app definition, set the following:
- audience: https://localhost:8988
- Assertion Consumer Service (ACS) URL: https://localhost:8988/auth/Maverics/callback
- You can also set the following optional definitions, replacing
yourIDP.yourClaimin each field:
claimsMapping:
email: yourIDP.yourClaim
given_name: yourIDP.yourClaim
family_name: yourIDP.yourClaim- In your SAML auth provider definition, set the following:
- issuer: https://localhost:8433
- Start the orchestrator by running the Maverics binary file in your working directory. Important: The orchestrator must be running before you start the Canary Bank app.
- In your terminal window or command line, run:
docker-compose upThe expected output will be as follows:
staging-eval-canarybank-1 | 2023/11/15 18:31:03 Starting the server [::]:8987- Go to the Canary Bank app at https://localhost:8988 and click Login with Maverics to start the SAML login flow.
- To stop the services defined in the Compose file, you can run the following command:
docker-compose downThis will stop and remove all the containers created by the Compose file.
ℹ️
Sonar also supports SAML. You can follow the same steps to run Sonar as a SAML app by modifying the ports to use 8987 and the Docker image to sonar:latest.