From f49b1b706307540f6178f5a1b0e119bdbdfe3f10 Mon Sep 17 00:00:00 2001
From: Salvatore Laiso <salvatore.laiso@it.ey.com>
Date: Wed, 31 Jan 2024 17:25:30 +0100
Subject: [PATCH 1/4] fix: use virtual enviroment for python package

Django SP
---
 example_sp/django.Dockerfile | 15 +++++++++------
 example_sp/entrypoint.sh     |  1 +
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/example_sp/django.Dockerfile b/example_sp/django.Dockerfile
index a296617a..cc4581e4 100644
--- a/example_sp/django.Dockerfile
+++ b/example_sp/django.Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.18
+FROM alpine:3.19.1
  
 RUN apk update
 RUN apk add --update --no-cache tzdata
@@ -9,11 +9,14 @@ RUN apk del tzdata
 COPY example_sp/djangosaml2_sp/requirements.txt /
 COPY example_sp/entrypoint.sh /
 
-WORKDIR /djangosaml2_sp
+RUN apk add --update xmlsec-dev libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq 
+
+RUN adduser -D -g '' django
 
-RUN apk add --update xmlsec-dev libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq \
-&& pip3 install --upgrade pip setuptools --root-user-action=ignore
+USER django
+
+WORKDIR /djangosaml2_sp
 
-RUN pip list
+RUN python3 -m venv .venv && . .venv/bin/activate && pip3 install --upgrade pip setuptools \ 
+    && pip3 install -r ../requirements.txt --ignore-installed
 
-RUN pip3 install -r ../requirements.txt --ignore-installed --root-user-action=ignore
\ No newline at end of file
diff --git a/example_sp/entrypoint.sh b/example_sp/entrypoint.sh
index 9cd44e1c..2caf5ef6 100644
--- a/example_sp/entrypoint.sh
+++ b/example_sp/entrypoint.sh
@@ -1,2 +1,3 @@
+. /djangosaml2_sp/.venv/bin/activate
 python -B manage.py migrate
 python -B manage.py runserver 0.0.0.0:8000
\ No newline at end of file

From c2c82af0e5717000c3e894dc4c23477669d380a9 Mon Sep 17 00:00:00 2001
From: Salvatore Laiso <salvatore.laiso@it.ey.com>
Date: Wed, 7 Feb 2024 15:34:24 +0100
Subject: [PATCH 2/4] docs: stress the importance of not using `example` in
 production

---
 Docker-compose/README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Docker-compose/README.md b/Docker-compose/README.md
index 81dd945f..dfe01078 100644
--- a/Docker-compose/README.md
+++ b/Docker-compose/README.md
@@ -29,6 +29,8 @@ For docker-compose you can also [see here](https://docs.docker.com/compose/insta
 
 Copy the folder `example` to `docker-example` and do your configuration.
 
+> :warning: **DO NOT USE the `example` folder _as is_ in production**: the `example` folder provides secrets that **MUST** be not used in a production environment. It sole purpose is to provide a user friendly starting point.
+
 ### Start the Compose
 
 Execute the run script for the first time:

From 19a73c9ed2d9590a40dc775679c1b6161a93bdaa Mon Sep 17 00:00:00 2001
From: Salvatore Laiso <salvatore.laiso@it.ey.com>
Date: Wed, 7 Feb 2024 15:35:49 +0100
Subject: [PATCH 3/4] fix: remove ISPRA references

---
 Docker-compose/docker-compose.yml | 2 +-
 README-Setup.md                   | 2 +-
 example/static/disco.html         | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Docker-compose/docker-compose.yml b/Docker-compose/docker-compose.yml
index 01b8aa5a..c4f34adc 100644
--- a/Docker-compose/docker-compose.yml
+++ b/Docker-compose/docker-compose.yml
@@ -77,7 +77,7 @@ services:
       - SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER=+3906123456789
       - SATOSA_CONTACT_PERSON_FISCALCODE=01234567890
       - SATOSA_CONTACT_PERSON_GIVEN_NAME=Name
-      - SATOSA_CONTACT_PERSON_IPA_CODE=ispra_rm
+      - SATOSA_CONTACT_PERSON_IPA_CODE=ipa00c
       - SATOSA_CONTACT_PERSON_MUNICIPALITY=H501
       - SATOSA_ENCRYPTION_KEY=CHANGE_ME!
 
diff --git a/README-Setup.md b/README-Setup.md
index 4ea233a3..5c8f7bab 100644
--- a/README-Setup.md
+++ b/README-Setup.md
@@ -84,7 +84,7 @@ You can override the configuration of the proxy by settings one or more of the f
 | **SATOSA_CONTACT_PERSON_TELEPHONE_NUMBER**      | Metadata Contact person telephone number for SPID / CIE Backend | +3906123456789                                        |
 | **SATOSA_CONTACT_PERSON_FISCALCODE**            | Metadata Contact person fiscal code for SPID / CIE Backend | 01234567890                                               |
 | **SATOSA_CONTACT_PERSON_GIVEN_NAME**            | Metadata Contact person name                               | Name                                                       |
-| **SATOSA_CONTACT_PERSON_IPA_CODE**              | Metadata Contact person IPA code for SPID / CIE Backend    | ispra_rm                                                   |
+| **SATOSA_CONTACT_PERSON_IPA_CODE**              | Metadata Contact person IPA code for SPID / CIE Backend    | ipa00c                                                   |
 | **SATOSA_CONTACT_PERSON_MUNICIPALITY**          | Metadata Contact person municipality code for CIE Backend  | H501                                                       |
 | **SATOSA_ENCRYPTION_KEY**                        | Encryption key for state                                   | CHANGE_ME!                                                 |
 | **SATOSA_ORGANIZATION_DISPLAY_NAME_EN**         | Metadata English organization display name                | Resource provided by Example Organization                 |
diff --git a/example/static/disco.html b/example/static/disco.html
index 0502b9e9..755a344c 100644
--- a/example/static/disco.html
+++ b/example/static/disco.html
@@ -64,7 +64,7 @@ <h2>SPID o CIE</h2>
                       <div class="row">
                         <div class="col-lg-12 text-center button-container">
                           <!-- AGID - eIDAS IDP BUTTON SMALL "ENTRA CON CIE" * begin * -->
-                          <a href="/Saml2/disco?entityID=https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO&return=https://sso.isprambiente.it/Saml2/disco" class="btn btn-outline-primary btn-lg btn-me w-100" eidas-idp-button="#eidas-idp-button-xlarge-post" aria-haspopup="false" aria-expanded="false">
+                          <a href="/Saml2/disco?entityID=https://idserver.servizicie.interno.gov.it/idp/profile/SAML2/POST/SSO&return=https://sso.exampleservice.it/Saml2/disco" class="btn btn-outline-primary btn-lg btn-me w-100" eidas-idp-button="#eidas-idp-button-xlarge-post" aria-haspopup="false" aria-expanded="false">
                             <span><img class="icon buttonicon" src="/static/cie/cie_blue.svg" alt="Logo CIE" /></span>
                             <span>Entra con CIE</span>
                           </a>

From 3b7d95086693e70c46793885b9d5f4525d334ac0 Mon Sep 17 00:00:00 2001
From: Salvatore Laiso <salvatore.laiso@it.ey.com>
Date: Wed, 7 Feb 2024 15:45:47 +0100
Subject: [PATCH 4/4] Revert "fix: use virtual enviroment for python package"

This reverts commit f49b1b706307540f6178f5a1b0e119bdbdfe3f10.
---
 example_sp/django.Dockerfile | 15 ++++++---------
 example_sp/entrypoint.sh     |  1 -
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/example_sp/django.Dockerfile b/example_sp/django.Dockerfile
index cc4581e4..a296617a 100644
--- a/example_sp/django.Dockerfile
+++ b/example_sp/django.Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.19.1
+FROM alpine:3.18
  
 RUN apk update
 RUN apk add --update --no-cache tzdata
@@ -9,14 +9,11 @@ RUN apk del tzdata
 COPY example_sp/djangosaml2_sp/requirements.txt /
 COPY example_sp/entrypoint.sh /
 
-RUN apk add --update xmlsec-dev libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq 
-
-RUN adduser -D -g '' django
-
-USER django
-
 WORKDIR /djangosaml2_sp
 
-RUN python3 -m venv .venv && . .venv/bin/activate && pip3 install --upgrade pip setuptools \ 
-    && pip3 install -r ../requirements.txt --ignore-installed
+RUN apk add --update xmlsec-dev libffi-dev openssl-dev python3 py3-pip python3-dev procps git openssl build-base gcc wget bash jq yq \
+&& pip3 install --upgrade pip setuptools --root-user-action=ignore
+
+RUN pip list
 
+RUN pip3 install -r ../requirements.txt --ignore-installed --root-user-action=ignore
\ No newline at end of file
diff --git a/example_sp/entrypoint.sh b/example_sp/entrypoint.sh
index 2caf5ef6..9cd44e1c 100644
--- a/example_sp/entrypoint.sh
+++ b/example_sp/entrypoint.sh
@@ -1,3 +1,2 @@
-. /djangosaml2_sp/.venv/bin/activate
 python -B manage.py migrate
 python -B manage.py runserver 0.0.0.0:8000
\ No newline at end of file