Merge pull request #224 from silinternational/feature/ssp-2-rename

rename SimpleSAMLphp directories

Dockerfile

@@ -50,18 +50,18 @@ COPY modules/material/themes/material/mfa/* $SSP_PATH/modules/mfa/templates/
 COPY modules/material/themes/material/profilereview/* $SSP_PATH/modules/profilereview/templates/
 
 # Copy in SSP override files
-RUN mv $SSP_PATH/www/index.php $SSP_PATH/www/ssp-index.php
-COPY dockerbuild/ssp-overrides/index.php $SSP_PATH/www/index.php
-RUN mv $SSP_PATH/www/saml2/idp/SingleLogoutService.php $SSP_PATH/www/saml2/idp/ssp-SingleLogoutService.php
-COPY dockerbuild/ssp-overrides/SingleLogoutService.php $SSP_PATH/www/saml2/idp/SingleLogoutService.php
+RUN mv $SSP_PATH/public/index.php $SSP_PATH/public/ssp-index.php
+COPY dockerbuild/ssp-overrides/index.php $SSP_PATH/public/index.php
+RUN mv $SSP_PATH/public/saml2/idp/SingleLogoutService.php $SSP_PATH/public/saml2/idp/ssp-SingleLogoutService.php
+COPY dockerbuild/ssp-overrides/SingleLogoutService.php $SSP_PATH/public/saml2/idp/SingleLogoutService.php
 COPY dockerbuild/ssp-overrides/saml20-idp-remote.php $SSP_PATH/metadata/saml20-idp-remote.php
 COPY dockerbuild/ssp-overrides/saml20-sp-remote.php $SSP_PATH/metadata/saml20-sp-remote.php
 COPY dockerbuild/config/* $SSP_PATH/config/
-COPY dockerbuild/ssp-overrides/id.php $SSP_PATH/www/id.php
+COPY dockerbuild/ssp-overrides/id.php $SSP_PATH/public/id.php
 COPY dockerbuild/ssp-overrides/announcement.php $SSP_PATH/announcement/announcement.php
 COPY tests /data/tests
 
-RUN cp $SSP_PATH/modules/sildisco/lib/SSOService.php $SSP_PATH/www/saml2/idp/
+RUN cp $SSP_PATH/modules/sildisco/src/SSOService.php $SSP_PATH/public/saml2/idp/
 RUN chmod a+x /data/run.sh /data/run-tests.sh
 
 ADD https://github.com/silinternational/config-shim/releases/latest/download/config-shim.gz config-shim.gz

Makefile

@@ -18,8 +18,8 @@ test-integration:
 	docker compose run --rm test ./run-integration-tests.sh
 
 copyJsLib:
-	cp ./node_modules/@simplewebauthn/browser/dist/bundle/index.umd.min.js ./modules/mfa/www/simplewebauthn/browser.js
-	cp ./node_modules/@simplewebauthn/browser/LICENSE.md ./modules/mfa/www/simplewebauthn/LICENSE.md
+	cp ./node_modules/@simplewebauthn/browser/dist/bundle/index.umd.min.js ./modules/mfa/public/simplewebauthn/browser.js
+	cp ./node_modules/@simplewebauthn/browser/LICENSE.md ./modules/mfa/public/simplewebauthn/LICENSE.md
 
 deps:
 	docker compose run --rm node npm install --ignore-scripts

README.md

@@ -229,7 +229,7 @@ Update `/simplesamlphp/config/config.php`:
 'theme.color-scheme' => ['indigo-purple'|'blue_grey-teal'|'red-teal'|'orange-light_blue'|'brown-orange'|'teal-blue']
 ```
 
-The login page looks for `/simplesamlphp/www/logo.png` which is **NOT** provided by default.
+The login page looks for `/simplesamlphp/public/logo.png` which is **NOT** provided by default.
 
 ##### Analytics
 

actions-services.yml

@@ -92,15 +92,15 @@ services:
       - ./development/idp-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
 
       # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code
-      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/UserPass.php
+      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php
 
       # Enable checking our test metadata
       - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
 
       # Include the features folder (for the FakeIdBrokerClient class)
       - ./features:/data/features
     command: >
-      bash -c "whenavail db 3306 60 /data/vendor/simplesamlphp/simplesamlphp/modules/silauth/lib/Auth/Source/yii migrate --interactive=0 &&
+      bash -c "whenavail db 3306 60 /data/vendor/simplesamlphp/simplesamlphp/modules/silauth/src/Auth/Source/yii migrate --interactive=0 &&
       /data/run.sh"
     environment:
       ADMIN_PASS: "a"
@@ -138,7 +138,7 @@ services:
       - ./development/idp2-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
 
       # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code
-      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/UserPass.php
+      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php
 
     environment:
       ADMIN_PASS: "b"

docker-compose.yml

@@ -146,7 +146,7 @@ services:
       - ./development/idp-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
 
       # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code
-      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/UserPass.php
+      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php
 
       # Enable checking our test metadata
       - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
@@ -162,7 +162,7 @@ services:
       - ./modules/sildisco:/data/vendor/simplesamlphp/simplesamlphp/modules/sildisco
       - ./modules/material:/data/vendor/simplesamlphp/simplesamlphp/modules/material
     command: >
-      bash -c "whenavail db 3306 60 /data/vendor/simplesamlphp/simplesamlphp/modules/silauth/lib/Auth/Source/yii migrate --interactive=0 &&
+      bash -c "whenavail db 3306 60 /data/vendor/simplesamlphp/simplesamlphp/modules/silauth/src/Auth/Source/yii migrate --interactive=0 &&
       /data/run.sh"
     ports:
       - "8085:80"
@@ -203,7 +203,7 @@ services:
       - ./development/idp2-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php
 
       # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code
-      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/lib/Auth/Source/UserPass.php
+      - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php
 
       # Local modules
       - ./modules/mfa:/data/vendor/simplesamlphp/simplesamlphp/modules/mfa

dockerbuild/run-idp.sh

@@ -8,9 +8,9 @@ set -e
 
 # Try to run database migrations
 cd /data/vendor/simplesamlphp/simplesamlphp
-chmod a+x ./modules/silauth/lib/Auth/Source/yii
+chmod a+x ./modules/silauth/src/Auth/Source/yii
 
-./modules/silauth/lib/Auth/Source/yii migrate --interactive=0
+./modules/silauth/src/Auth/Source/yii migrate --interactive=0
 
 cd /data
 ./run.sh

dockerbuild/run.sh

@@ -7,7 +7,7 @@ set -x
 set -e
 
 # This is a temporary fix (bug workaround) until ssp 2.0 is in use
-sed -i 's_\(\\SimpleSAML\\Error\\Assertion::installHandler()\)_// \1 _' /data/vendor/simplesamlphp/simplesamlphp/www/_include.php
+sed -i 's_\(\\SimpleSAML\\Error\\Assertion::installHandler()\)_// \1 _' /data/vendor/simplesamlphp/simplesamlphp/public/_include.php
 
 # establish a signal handler to catch the SIGTERM from a 'docker stop'
 # reference: https://medium.com/@gchudnov/trapping-signals-in-docker-containers-7a57fdda7d86

dockerbuild/vhost.conf

@@ -1,9 +1,9 @@
 <VirtualHost _default_:80>
-  DocumentRoot /data/vendor/simplesamlphp/simplesamlphp/www/
+  DocumentRoot /data/vendor/simplesamlphp/simplesamlphp/public/
   RewriteEngine On
   DirectoryIndex index.php
 
-  <Directory /data/vendor/simplesamlphp/simplesamlphp/www/>
+  <Directory /data/vendor/simplesamlphp/simplesamlphp/public/>
     Options FollowSymLinks
     AllowOverride All
     Require all granted

docs/the_hub.md

@@ -1,9 +1,9 @@
 The hub will need its certs, `config.php` and `authsources.php` files as a normal simplesamlphp installation. Examples of these can be found in the `./development/hub` folder. (Note the `discoURL` entry in the `authsources.php` file.)
 
 Other files it will need are as follows ...
-* The files in the `./lib` folder will need to go into `/data/vendor/simplesamlphp/simplesamlphp/modules/sildisco/lib`
-* The files in the `./www` folder will need to go into `/data/vendor/simplesamlphp/simplesamlphp/modules/sildisco/www`
-* The `./sspoverrides/www_saml2_idp/SSOService.php` file will need overwrite the same out-of-the-box file in `/data/vendor/simplesamlphp/simplesamlphp/www/saml2/idp/`
+* The files in the `./src` folder will need to go into `/data/vendor/simplesamlphp/simplesamlphp/modules/sildisco/src`
+* The files in the `./public` folder will need to go into `/data/vendor/simplesamlphp/simplesamlphp/modules/sildisco/public`
+* The `./sspoverrides/www_saml2_idp/SSOService.php` file will need overwrite the same out-of-the-box file in `/data/vendor/simplesamlphp/simplesamlphp/public/saml2/idp/`
 
 ### Metadata files
 The hub should use the `saml20-*-remote.php`  files from [ssp-base](https://github.com/silinternational/ssp-base) in `/data/vendor/simplesamlphp/simplesamlphp/metadata/`.  These pull in metadata from all the files named `idp-*.php` and `sp-*.php` respectively, including those in sub-folders.
@@ -35,6 +35,6 @@ In order to limit access to an IdP to only certain SP's, add an `'SPList'` array
 If you want to require SP's to list a certain IdP in their IDPList entry in order to be able to access it, add `excludeByDefault => true` to that IdP's metadata.
 
 ### Forced IdP discovery
-The `.../lib/IdP/SAML2.php` file ensures that if an SP is allowed to access more than one IdP, then the user will be forced back to the IdP discovery page, even if they are already authenticated through one of those IdP's.
+The `.../src/IdP/SAML2.php` file ensures that if an SP is allowed to access more than one IdP, then the user will be forced back to the IdP discovery page, even if they are already authenticated through one of those IdP's.
 
 The reason for this is to ensure that the user has a chance to decide which of their identities is used for that SP.

modules/sildisco/www/disco.php → modules/sildisco/public/disco.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Custom IdP discovery service. Built-in service is in modules/saml/www/disco.php
+ * Custom IdP discovery service. Built-in service is in modules/saml/public/disco.php
  */
 
 $discoHandler = new \SimpleSAML\Module\sildisco\IdPDisco(['saml20-idp-remote'], 'saml');

modules/sildisco/www/metadata.php → modules/sildisco/public/metadata.php

@@ -1,9 +1,9 @@
 <?php
 /**
- * Borrowed and modified from simplesamlphp/www/saml2/idp/metadata.php
+ * Borrowed and modified from simplesamlphp/public/saml2/idp/metadata.php
  */
 
-require_once('../www/_include.php');
+require_once('../public/_include.php');
 
 use SAML2\Constants;
 use SimpleSAML\Utils\Auth as Auth;

modules/sildisco/www/sp/discoresp.php → modules/sildisco/public/sp/discoresp.php

@@ -1,6 +1,6 @@
 <?php
 /**
- * Modified version of modules/saml/www/sp/discoresp.php
+ * Modified version of modules/saml/public/sp/discoresp.php
  * 2024-06-06 -- Merged with simplesamlphp 1.19.8, lines marked with GTIS are modified
  */
 

modules/sildisco/www/sp/saml2-acs.php → modules/sildisco/public/sp/saml2-acs.php

@@ -3,7 +3,7 @@
 /**
  * Assertion consumer service handler for SAML 2.0 SP authentication client.
  *
- * Similar to modules/saml/www/sp/saml2-acs.php
+ * Similar to modules/saml/public/sp/saml2-acs.php
  * 2024-06-06 -- Merged with simplesamlphp 1.19.8, lines marked with GTIS are modified
  */
 

modules/sildisco/www/sp/saml2-logout.php → modules/sildisco/public/sp/saml2-logout.php

@@ -5,7 +5,7 @@
  *
  * This endpoint handles both logout requests and logout responses.
  *
- * Similar to modules/saml/www/sp/saml2-logout.php
+ * Similar to modules/saml/public/sp/saml2-logout.php
  * 2024-06-06 -- Merged with simplesamlphp 1.19.8, lines marked with GTIS are modified
  */
 

modules/sildisco/lib/Auth/Source/SP.php → modules/sildisco/src/Auth/Source/SP.php

@@ -1,7 +1,7 @@
 <?php
 
 /**
- * Modified from origin: modules/saml/lib/Auth/Source/SP.php
+ * Modified from origin: modules/saml/src/Auth/Source/SP.php
  * 2024-06-06 -- Merged with simplesamlphp 1.19.8, lines/sections marked with GTIS are modified
  */
 

modules/sildisco/lib/IdP/SAML2.php → modules/sildisco/src/IdP/SAML2.php

@@ -2,7 +2,7 @@
 
 /**
  *
- * Copied from the built-in simplesamlphp module modules/saml/lib/IdP/SAML2.php with code inserted.
+ * Copied from the built-in simplesamlphp module modules/saml/src/IdP/SAML2.php with code inserted.
  *  See comment below about GTIS.
  *
  * 2024-06-06 -- Merged with simplesamlphp 1.19.8, lines marked with GTIS are modified

modules/sildisco/lib/SSOService.php → modules/sildisco/src/SSOService.php

@@ -1,7 +1,7 @@
 <?php
 /**
  *
- * Note: This has been copied from the core code (www/saml2/idp/SSOService.php version 1.19.6)
+ * Note: This has been copied from the core code (public/saml2/idp/SSOService.php version 1.19.6)
  *   and modified to call a different authentication class/method
  *
  * Original comments ...

tests/IdpDiscoTest.php

@@ -1,7 +1,7 @@
 <?php
 
 include __DIR__ . '/../vendor/autoload.php';
-include __DIR__ . '/../vendor/simplesamlphp/simplesamlphp/modules/sildisco/lib/IdPDisco.php';
+include __DIR__ . '/../vendor/simplesamlphp/simplesamlphp/modules/sildisco/src/IdPDisco.php';
 
 use PHPUnit\Framework\TestCase;
 use SimpleSAML\Module\sildisco\IdPDisco;