Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

convert selectidp-links to Twig #232

Merged
merged 11 commits into from
Jun 25, 2024
Merged
15 changes: 15 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
root = true

[*]
end_of_line = lf
insert_final_newline = true
indent_style = space
trim_trailing_whitespace = true

[*.php]
charset = utf-8
indent_size = 4

[*.twig]
charset = utf-8
indent_size = 2
3 changes: 0 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -52,16 +52,13 @@ COPY modules/material/themes/material/profilereview/* $SSP_PATH/modules/profiler
# Copy in SSP override files
RUN mv $SSP_PATH/public/index.php $SSP_PATH/public/ssp-index.php
COPY dockerbuild/ssp-overrides/index.php $SSP_PATH/public/index.php
RUN mv $SSP_PATH/public/saml2/idp/SingleLogoutService.php $SSP_PATH/public/saml2/idp/ssp-SingleLogoutService.php
COPY dockerbuild/ssp-overrides/SingleLogoutService.php $SSP_PATH/public/saml2/idp/SingleLogoutService.php
COPY dockerbuild/ssp-overrides/saml20-idp-remote.php $SSP_PATH/metadata/saml20-idp-remote.php
COPY dockerbuild/ssp-overrides/saml20-sp-remote.php $SSP_PATH/metadata/saml20-sp-remote.php
COPY dockerbuild/config/* $SSP_PATH/config/
COPY dockerbuild/ssp-overrides/id.php $SSP_PATH/public/id.php
COPY dockerbuild/ssp-overrides/announcement.php $SSP_PATH/announcement/announcement.php
COPY tests /data/tests

RUN cp $SSP_PATH/modules/sildisco/src/SSOService.php $SSP_PATH/public/saml2/idp/
RUN chmod a+x /data/run.sh /data/run-tests.sh

ADD https://github.com/silinternational/config-shim/releases/latest/download/config-shim.gz config-shim.gz
Expand Down
7 changes: 2 additions & 5 deletions actions-services.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,7 @@ services:
- ./development/announcement.php:/data/vendor/simplesamlphp/simplesamlphp/announcement/announcement.php

# Utilize custom metadata
- ./development/hub/metadata/idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/idp-remote.php
- ./development/hub/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php
- ./development/hub/metadata/saml20-sp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-hosted.php
- ./development/hub/metadata/sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/sp-remote.php
- ./development/hub/metadata/:/data/vendor/simplesamlphp/simplesamlphp/metadata/

# Enable checking our test metadata
- ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh
Expand Down Expand Up @@ -127,7 +124,7 @@ services:
build: .
volumes:
# Utilize custom certs
- ./development/idp2-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert
- ./development/idp2-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert

# Utilize custom configs
- ./development/idp2-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php
Expand Down
69 changes: 46 additions & 23 deletions development/UserPass.php
Original file line number Diff line number Diff line change
@@ -1,91 +1,114 @@
<?php

/**
* Modified from origin: exampleauth/src/Auth/Source/UserPass.php
* 2024-06-19 -- Merged with simplesamlphp 2.2.2, lines/sections marked with GTIS are modified
briskt marked this conversation as resolved.
Show resolved Hide resolved
*/

declare(strict_types=1);

namespace SimpleSAML\Module\exampleauth\Auth\Source;

use Exception;
use SimpleSAML\Error;
use SimpleSAML\Logger;
use SimpleSAML\Module\core\Auth\UserPassBase;
use SimpleSAML\Utils;

/**
* Example authentication source - username & password.
*
* This class is an example authentication source which stores all username/passwords in an array,
* and authenticates users against this array.
*
* @author Olav Morken, UNINETT AS.
* @package SimpleSAMLphp
*/

class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase
class UserPass extends \SimpleSAML\Module\core\Auth\UserPassBase // GTIS
{
/**
* Our users, stored in an associative array. The key of the array is "<username>:<password>",
* while the value of each element is a new array with the attributes for each user.
*
* @var array
*/
private $users;
private array $users;


/**
* Constructor for this authentication source.
*
* @param array $info Information about this authentication source.
* @param array $config Configuration.
*/
public function __construct($info, $config)
public function __construct(array $info, array $config)
{
assert(is_array($info));
assert(is_array($config));

// Call the parent constructor first, as required by the interface
parent::__construct($info, $config);

$this->users = [];

// Old version of SimpleSAMLphp had the username:password just be a list in the top level
// configuration. We now have them under the "users" key, so that exampleauth can be used
// for testing things like core:loginpage_links, etc. that require top level configuration.
if (array_key_exists('users', $config)) {
$config_users = $config['users'];
} else {
Logger::warning("Module exampleauth:UserPass configured in legacy mode. Please put your " .
"username:password entries under the \"users\" key in your authsource.");
$config_users = $config;
}

// Validate and parse our configuration
foreach ($config as $userpass => $attributes) {
foreach ($config_users as $userpass => $attributes) {
if (!is_string($userpass)) {
throw new \Exception(
'Invalid <username>:<password> for authentication source '.$this->authId.': '.$userpass
throw new Exception(
'Invalid <username>:<password> for authentication source ' . $this->authId . ': ' . $userpass
);
}

$userpass = explode(':', $userpass, 2);
if (count($userpass) !== 2) {
throw new \Exception(
'Invalid <username>:<password> for authentication source '.$this->authId.': '.$userpass[0]
throw new Exception(
'Invalid <username>:<password> for authentication source ' . $this->authId . ': ' . $userpass[0]
);
}
$username = $userpass[0];
$password = $userpass[1];

// $attrUtils = new \SimpleSAML\Utils\Attributes();
// GTIS begin
briskt marked this conversation as resolved.
Show resolved Hide resolved
// $attrUtils = new Utils\Attributes();
//
// try {
// $attributes = $attrUtils->normalizeAttributesArray($attributes);
// } catch (\Exception $e) {
// throw new \Exception('Invalid attributes for user '.$username.
// } catch (Exception $e) {
// throw new Exception('Invalid attributes for user '.$username.
// ' in authentication source '.$this->authId.': '.$e->getMessage());
// }
$this->users[$username.':'.$password] = $attributes;
// GTIS end
$this->users[$username . ':' . $password] = $attributes;
}
}


/**
* Attempt to log in using the given username and password.
*
* On a successful login, this function should return the users attributes. On failure,
* it should throw an exception. If the error was caused by the user entering the wrong
* username or password, a \SimpleSAML\Error\Error('WRONGUSERPASS') should be thrown.
* username or password, a \SimpleSAML\Error\Error(\SimpleSAML\Error\ErrorCodes::WRONGUSERPASS) should be thrown.
*
* Note that both the username and the password are UTF-8 encoded.
*
* @param string $username The username the user wrote.
* @param string $password The password the user wrote.
* @return array Associative array with the users attributes.
*/
protected function login($username, $password)
protected function login(string $username, string $password): array
{
assert(is_string($username));
assert(is_string($password));

$userpass = $username.':'.$password;
$userpass = $username . ':' . $password;
if (!array_key_exists($userpass, $this->users)) {
throw new \SimpleSAML\Error\Error('WRONGUSERPASS');
throw new Error\Error(Error\ErrorCodes::WRONGUSERPASS);
}

return $this->users[$userpass];
Expand Down
2 changes: 1 addition & 1 deletion development/enable-exampleauth.sh
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
#!/usr/bin/env sh

sed -i 's@^\( *'\''module\.enable'\'' => \[\)@\1'\''\n exampleauth'\'' => true,@' vendor/simplesamlphp/simplesamlphp/config/config.php
sed -i 's@^\( *'\''module\.enable'\'' => \[\)@\1\n '\''exampleauth'\'' => true,@' /data/vendor/simplesamlphp/simplesamlphp/config/config.php
4 changes: 2 additions & 2 deletions development/hub/config/authsources.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
$config = [

'hub-discovery' => [
'sildisco:SP',
'saml:SP',

// The entity ID of this SP.
// Can be NULL/unset, in which case an entity ID is generated based on the metadata URL.
Expand All @@ -12,7 +12,7 @@

// The URL to the discovery service.
// Can be NULL/unset, in which case a builtin discovery service will be used.
'discoURL' => 'http://ssp-hub.local/module.php/sildisco/disco.php',
// 'discoURL' => 'http://ssp-hub.local/module.php/sildisco/disco.php',

],

Expand Down
Loading
Loading