Dockerized shibboleth service provider for SIGPwny authorization

How it works TL;DR:

App is proxy-protected by shibboleth.
When they sign in, we store their uid and affiliation (student, alum, etc) in their session.
We then redirect them to discord OAuth to get their discord account
Discord bot changes their role based on their affiliation

Changes to make for your own app (run your own service provider)

shibboleth2.xml:

In the line <ApplicationDefaults entityID=https://sp.example.org/shibboleth>: Replace https://sp.example.org with your entity ID.
In the line <Errors [email protected]>: Replace [email protected] with the appropriate support email address for services on this server.

attribute-map.xml:

Dockerfile:

Name		Name	Last commit message	Last commit date
Latest commit History 42 Commits
app		app
shibboleth		shibboleth
.dockerignore		.dockerignore
.gitignore		.gitignore
README.md		README.md
app.env.template		app.env.template
db.env.template		db.env.template
docker-compose.yml		docker-compose.yml
init-letsencrypt.sh		init-letsencrypt.sh