Working SimpleSAML config

Ref #3

LocalSettings.php.tmpl

@@ -132,16 +132,11 @@ wfLoadSkin( 'MonoBook' );
 wfLoadSkin( 'Timeless' );
 wfLoadSkin( 'Vector' );
 
-
-# Enabled extensions. Most of the extensions are enabled by adding
-# wfLoadExtensions('ExtensionName');
-# to LocalSettings.php. Check specific extension documentation for more details.
-# The following extensions were automatically enabled:
-wfLoadExtension( 'VisualEditor' );
-
 # End of automatically generated settings.
 # Add more configuration options below.
 
+wfLoadExtension( 'VisualEditor' );
+
 $wgDefaultUserOptions['visualeditor-enable'] = 1;
 
 $wgVisualEditorAllowLossySwitching = false;
@@ -162,3 +157,20 @@ $wgVirtualRestConfig['modules']['parsoid'] = [
 	// whether to parse URL as if they were meant for RESTBase (boolean or null, optional)
 	'restbaseCompat' => null,
 ];
+
+{{ if eq (env "SAML_ENABLED") "1" }}
+wfLoadExtension( 'PluggableAuth' );
+
+wfLoadExtension( 'SimpleSAMLphp' );
+
+$wgSimpleSAMLphp_InstallDir = "/var/simplesamlphp/";
+$wgSimpleSAMLphp_AuthSourceId = "{{ env "SAML_SERVICE_PROVIDER" }}";
+$wgSimpleSAMLphp_RealNameAttribute = "{{ env "SAML_REAL_NAME_ATTRIBUTE" }}";
+$wgSimpleSAMLphp_EmailAttribute = "{{ env "SAML_EMAIL_ATTRIBUTE" }}";
+$wgSimpleSAMLphp_UsernameAttribute = "{{ env "SAML_USERNAME_ATTRIBUTE" }}";
+
+$wgGroupPermissions['*']['autocreateaccount'] = true;
+$wgGroupPermissions['*']['createaccount'] = false;
+
+$wgDebugLogFile = "/var/log/debug-{$wgDBname}.log";
+{{ end }}