From 136943918a12207a6cfa5a6b1daf5dd72f4ae4bb Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 10 Jul 2024 14:57:51 -0600 Subject: [PATCH 1/3] remove leftover dictionary files from pre-SSP2 --- .../dictionaries/logout.definition.json | 20 ----- .../dictionaries/review.definition.json | 74 ------------------- .../dictionaries/selectidp.definition.json | 38 ---------- .../dictionaries/error.definition.json | 50 ------------- 4 files changed, 182 deletions(-) delete mode 100644 modules/material/dictionaries/logout.definition.json delete mode 100644 modules/material/dictionaries/review.definition.json delete mode 100644 modules/material/dictionaries/selectidp.definition.json delete mode 100644 modules/silauth/dictionaries/error.definition.json diff --git a/modules/material/dictionaries/logout.definition.json b/modules/material/dictionaries/logout.definition.json deleted file mode 100644 index b59b325..0000000 --- a/modules/material/dictionaries/logout.definition.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "title": { - "en": "Logged out", - "es": "Desconectado", - "fr": "Déconnecté", - "ko": "로그 아웃 됨" - }, - "header": { - "en": "Logged out", - "es": "Desconectado", - "fr": "Déconnecté", - "ko": "로그 아웃 됨" - }, - "message": { - "en": "You have now been logged out.", - "es": "Se ha desconectado.", - "fr": "Vous êtes maintenant déconnecté.", - "ko": "이제 로그 아웃되었습니다." - } -} diff --git a/modules/material/dictionaries/review.definition.json b/modules/material/dictionaries/review.definition.json deleted file mode 100644 index d51ced8..0000000 --- a/modules/material/dictionaries/review.definition.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "title": { - "en": "Profile review", - "es": "Revisión del perfil", - "fr": "Examen du profil", - "ko": "프로필 검토" - }, - "header": { - "en": "Profile review", - "es": "Revisión del perfil", - "fr": "Examen du profil", - "ko": "프로필 검토" - }, - "info": { - "en": "Are these still correct?", - "es": "¿Siguen siendo correctos?", - "fr": "Sont-ils toujours corrects?", - "ko": "여전히 맞습니까?" - }, - "mfa_header": { - "en": "2-Step Verification", - "es": "Verificación en 2 pasos", - "fr": "Vérification en 2 étapes", - "ko": "2 단계 인증" - }, - "methods_header": { - "en": "Password Recovery Methods", - "es": "Métodos de recuperación de contraseña", - "fr": "Méthodes de récupération de mot de passe", - "ko": "비밀번호 복구 방법" - }, - "remaining": { - "en": "({count} remaining)", - "es": "({count} restante)", - "fr": "({count} restant)", - "ko": "({count} 남음)" - }, - "used": { - "en": "last used: {when}", - "es": "último uso: {when}", - "fr": "dernière utilisation: {when}", - "ko": "마지막 사용 시간 : {when}" - }, - "used_never": { - "en": "last used: Never", - "es": "último uso: nunca", - "fr": "Dernière utilisation: Jamais", - "ko": "마지막 사용 : Never" - }, - "verified": { - "en": "Verified", - "es": "Verificado", - "fr": "Vérifié", - "ko": "검증 된" - }, - "unverified": { - "en": "Unverified", - "es": "Inconfirmado", - "fr": "Non vérifié", - "ko": "확인되지 않음" - }, - "button_update": { - "en": "Some of these need updating", - "es": "Algunos de estos necesitan actualización", - "fr": "Certains ont besoin d'être mis à jour", - "ko": "이들 중 일부는 업데이트해야합니다." - }, - "button_continue": { - "en": "These are still correct", - "es": "Estos siguen siendo correctos", - "fr": "Ceux-ci sont toujours corrects", - "ko": "이들은 여전히 정확하다." - } -} diff --git a/modules/material/dictionaries/selectidp.definition.json b/modules/material/dictionaries/selectidp.definition.json deleted file mode 100644 index 898515c..0000000 --- a/modules/material/dictionaries/selectidp.definition.json +++ /dev/null @@ -1,38 +0,0 @@ -{ - "title": { - "en": "Choose an identity account", - "es": "Elige una cuenta de identidad", - "fr": "Choisissez un compte d'identité", - "ko": "ID 계정 선택" - }, - "header": { - "en": "Choose an identity account", - "es": "Elige una cuenta de identidad", - "fr": "Choisissez un compte d'identité", - "ko": "ID 계정 선택" - }, - "header-for-sp": { - "en": "Choose an identity account to continue to {spName}", - "es": "Elija una cuenta de identidad para continuar en {spName}", - "fr": "Choisissez un compte d'identité pour continuer vers {spName}", - "ko": "{spName}을 계속 진행하려면 신원 계정을 선택하십시오." - }, - "enabled": { - "en": "Login with your {idpName} identity account", - "es": "Inicie sesión con su cuenta de identidad {idpName}", - "fr": "Connectez-vous avec votre compte d'identité {idpName}", - "ko": "{idpName} 신원 계정으로 로그인하십시오." - }, - "disabled": { - "en": "{idpName} coming soon", - "es": "{IdpName} próximamente", - "fr": "{IdpName} à venir", - "ko": "{idpName} 곧 제공됨" - }, - "help": { - "en": "Help", - "es": "Ayuda", - "fr": "Aidez-moi", - "ko": "도움" - } -} diff --git a/modules/silauth/dictionaries/error.definition.json b/modules/silauth/dictionaries/error.definition.json deleted file mode 100644 index 2c6e37b..0000000 --- a/modules/silauth/dictionaries/error.definition.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "generic_try_later": { - "en": "Hmm... something went wrong. Please try again later.", - "es": "", - "fr": "", - "ko": "" - }, - "username_required": { - "en": "Please provide a username.", - "es": "", - "fr": "", - "ko": "" - }, - "password_required": { - "en": "Please provide a password.", - "es": "", - "fr": "", - "ko": "" - }, - "invalid_login": { - "en": "There was a problem with that username or password (or that account is disabled). Please try again or contact your organization's help desk.", - "es": "", - "fr": "", - "ko": "" - }, - "need_to_set_acct_password": { - "en": "You need to set your password to finish setting up your account. Please use the forgot password link below.", - "es": "", - "fr": "", - "ko": "" - }, - "rate_limit_seconds": { - "en": "There have been too many failed logins for this account. Please wait about {number} seconds, then try again.", - "es": "", - "fr": "", - "ko": "" - }, - "rate_limit_1_minute": { - "en": "There have been too many failed logins for this account. Please wait a minute, then try again.", - "es": "", - "fr": "", - "ko": "" - }, - "rate_limit_minutes": { - "en": "There have been too many failed logins for this account. Please wait about {number} minutes, then try again.", - "es": "", - "fr": "", - "ko": "" - } -} From 17e004e4e3f09719aa91fee86d7a5e671003c944 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 10 Jul 2024 14:57:59 -0600 Subject: [PATCH 2/3] remove actions-services.yml --- actions-services.yml | 313 ------------------------------------------- 1 file changed, 313 deletions(-) delete mode 100644 actions-services.yml diff --git a/actions-services.yml b/actions-services.yml deleted file mode 100644 index bb62a63..0000000 --- a/actions-services.yml +++ /dev/null @@ -1,313 +0,0 @@ -services: - - # the db container is used by the silauth module - db: - image: mariadb:10 - environment: - MYSQL_ROOT_PASSWORD: r00tp@ss! - MYSQL_DATABASE: silauth - MYSQL_USER: silauth - MYSQL_PASSWORD: silauth - - test: - build: - context: . - args: - COMPOSER_FLAGS: "--no-interaction --no-progress" - depends_on: - - ssp-hub.local - - ssp-idp1.local - - ssp-idp2.local - - ssp-idp3.local - - ssp-sp1.local - - ssp-sp2.local - - ssp-sp3.local - - pwmanager.local - - test-browser - environment: - MYSQL_HOST: db - MYSQL_DATABASE: silauth - MYSQL_USER: silauth - MYSQL_PASSWORD: silauth - PROFILE_URL_FOR_TESTS: http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub - ADMIN_PASS: b - SECRET_SALT: abc123 - IDP_NAME: x - volumes: - - ./dockerbuild/run-integration-tests.sh:/data/run-integration-tests.sh - - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh - - ./dockerbuild/run-tests.sh:/data/run-tests.sh - - ./features:/data/features - - ./behat.yml:/data/behat.yml - - ./tests:/data/tests - - test-browser: - image: justinribeiro/chrome-headless:stable - cap_add: - - SYS_ADMIN - - ssp-hub.local: - build: . - volumes: - # Utilize custom certs - - ./development/hub/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/hub/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - ./development/announcement.php:/data/vendor/simplesamlphp/simplesamlphp/announcement/announcement.php - - # Utilize custom metadata - - ./development/hub/metadata/:/data/vendor/simplesamlphp/simplesamlphp/metadata/ - - # Enable checking our test metadata - - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh - environment: - ADMIN_PASS: "abc123" - SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ" - IDP_NAME: "Hub" - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - THEME_COLOR_SCHEME: "orange-light_blue" - HUB_MODE: "true" - - ssp-idp1.local: - build: . - depends_on: - - db - volumes: - # Utilize custom certs - - ./development/idp-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/idp-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - ./development/announcement.php:/data/vendor/simplesamlphp/simplesamlphp/announcement/announcement.php - - ./development/enable-exampleauth.sh:/data/enable-exampleauth.sh - - # Utilize custom metadata - - ./development/idp-local/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php - - ./development/idp-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php - - # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code - - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php - - # Enable checking our test metadata - - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh - - # Include the features folder (for the FakeIdBrokerClient class) - - ./features:/data/features - command: > - bash -c "whenavail db 3306 60 /data/vendor/simplesamlphp/simplesamlphp/modules/silauth/src/Auth/Source/yii migrate --interactive=0 && - /data/enable-exampleauth.sh && - /data/run.sh" - environment: - ADMIN_PASS: "a" - SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJ" - IDP_NAME: "IDP 1" - IDP_DOMAIN_NAME: "mfaidp" - ID_BROKER_ACCESS_TOKEN: "dummy" - ID_BROKER_ASSERT_VALID_IP: "false" - ID_BROKER_BASE_URI: "dummy" - ID_BROKER_TRUSTED_IP_RANGES: "192.168.0.1/8" - MFA_SETUP_URL: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub-custom-port" - REMEMBER_ME_SECRET: "12345" - PROFILE_URL: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub-custom-port" - PROFILE_URL_FOR_TESTS: "http://pwmanager.local/module.php/core/authenticate.php?as=ssp-hub" - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - MYSQL_HOST: "db" - MYSQL_DATABASE: "silauth" - MYSQL_USER: "silauth" - MYSQL_PASSWORD: "silauth" - BASE_URL_PATH: "http://ssp-idp1.local/" - - ssp-idp2.local: - build: . - depends_on: - - db - - broker - volumes: - # Utilize custom certs - - ./development/idp2-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/idp2-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - ./development/enable-exampleauth.sh:/data/enable-exampleauth.sh - - # Utilize custom metadata - - ./development/idp2-local/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php - - ./development/idp2-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php - - # Customized SSP code -- TODO: make a better solution that doesn't require hacking SSP code - - ./development/UserPass.php:/data/vendor/simplesamlphp/simplesamlphp/modules/exampleauth/src/Auth/Source/UserPass.php - - command: bash -c "/data/enable-exampleauth.sh && /data/run.sh" - environment: - ADMIN_PASS: "b" - SECRET_SALT: "h57fjemb&dn^nsJFGNjweJ" - IDP_NAME: "IDP 2" - IDP_DOMAIN_NAME: "ssp-idp1.local" - ID_BROKER_ACCESS_TOKEN: "test-cli-abc123" - ID_BROKER_ASSERT_VALID_IP: "true" - ID_BROKER_BASE_URI: "http://broker" - ID_BROKER_TRUSTED_IP_RANGES: "10.20.38.0/24" - MYSQL_HOST: "db" - MYSQL_DATABASE: "silauth" - MYSQL_USER: "silauth" - MYSQL_PASSWORD: "silauth" - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - - ssp-idp3.local: - build: . - volumes: - # Utilize custom certs - - ./development/idp3-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/idp3-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - # Utilize custom metadata - - ./development/idp3-local/metadata/saml20-idp-hosted.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-hosted.php - - ./development/idp3-local/metadata/saml20-sp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-sp-remote.php - - environment: - ADMIN_PASS: "c" - SECRET_SALT: "h57fjem34fh*nsJFGNjweJ" - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - IDP_NAME: "IdP3" - - ssp-sp1.local: - image: silintl/ssp-base:9.3.0 - volumes: - # Utilize custom certs - - ./development/sp-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/sp-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - # Utilize custom metadata - - ./development/sp-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php - - # Enable checking our test metadata - - ./dockerbuild/run-metadata-tests.sh:/data/run-metadata-tests.sh - environment: - ADMIN_EMAIL: "john_doe@there.com" - ADMIN_PASS: "sp1" - IDP_NAME: "NA" - SECRET_SALT: "not-secret-h57fjemb&dn^nsJFGNjweJz1" - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - SAML20_IDP_ENABLE: "false" - ADMIN_PROTECT_INDEX_PAGE: "false" - - ssp-sp2.local: - image: silintl/ssp-base:9.3.0 - volumes: - # Utilize custom certs - - ./development/sp2-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/sp2-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - # Utilize custom metadata - - ./development/sp2-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php - - environment: - ADMIN_EMAIL: "john_doe@there.com" - ADMIN_PASS: sp2 - IDP_NAME: "NA" - SECRET_SALT: h57fjemb&dn^nsJFGNjweJz2 - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - SAML20_IDP_ENABLE: "false" - ADMIN_PROTECT_INDEX_PAGE: "false" - - ssp-sp3.local: - image: silintl/ssp-base:9.3.0 - volumes: - # Utilize custom certs - - ./development/sp3-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/sp3-local/config/authsources.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - # Utilize custom metadata - - ./development/sp3-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php - - environment: - ADMIN_EMAIL: "john_doe@there.com" - ADMIN_PASS: sp3 - IDP_NAME: "NA" - SECRET_SALT: h57fjemb&dn^nsJFGNjweJz3 - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - SAML20_IDP_ENABLE: "false" - ADMIN_PROTECT_INDEX_PAGE: "false" - - - pwmanager.local: - image: silintl/ssp-base:9.3.0 - volumes: - # Utilize custom certs - - ./development/sp-local/cert:/data/vendor/simplesamlphp/simplesamlphp/cert - - # Utilize custom configs - - ./development/sp-local/config/authsources-pwmanager.php:/data/vendor/simplesamlphp/simplesamlphp/config/authsources.php - - # Utilize custom metadata - - ./development/sp-local/metadata/saml20-idp-remote.php:/data/vendor/simplesamlphp/simplesamlphp/metadata/saml20-idp-remote.php - environment: - ADMIN_EMAIL: "john_doe@there.com" - ADMIN_PASS: sp1 - IDP_NAME: THIS VARIABLE IS REQUIRED BUT PROBABLY NOT USED - SECRET_SALT: NOT-a-secret-k49fjfkw73hjf9t87wjiw - SECURE_COOKIE: "false" - SHOW_SAML_ERRORS: "true" - SAML20_IDP_ENABLE: "false" - ADMIN_PROTECT_INDEX_PAGE: "false" - - # the broker and brokerDb containers are used by the silauth module - broker: - image: silintl/idp-id-broker:latest - depends_on: - - brokerDb - environment: - IDP_NAME: "idp" - MYSQL_HOST: "brokerDb" - MYSQL_DATABASE: "broker" - MYSQL_USER: "user" - MYSQL_PASSWORD: "pass" - EMAIL_SERVICE_accessToken: "dummy" - EMAIL_SERVICE_assertValidIp: "false" - EMAIL_SERVICE_baseUrl: "dummy" - EMAILER_CLASS: Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer - HELP_CENTER_URL: "https://example.org/help" - PASSWORD_FORGOT_URL: "https://example.org/forgot" - PASSWORD_PROFILE_URL: "https://example.org/profile" - SUPPORT_EMAIL: "support@example.org" - EMAIL_SIGNATURE: "one red pill, please" - API_ACCESS_KEYS: "test-cli-abc123" - APP_ENV: "prod" - RP_ORIGINS: "https://ssp-idp1.local,https://ssp-idp3.local,https://ssp-idp3.local" - HIBP_CHECK_ON_LOGIN: "false" - MFA_TOTP_apiBaseUrl: dummy - MFA_TOTP_apiKey: 10345678-1234-1234-1234-123456789012 - MFA_TOTP_apiSecret: 11345678-1234-1234-1234-12345678 - MFA_WEBAUTHN_apiBaseUrl: dummy - MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012 - MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678 - MFA_WEBAUTHN_appId: ourApp99 - MFA_WEBAUTHN_rpDisplayName: Our App - MFA_WEBAUTHN_rpId: http://app99 - volumes: - - ./development/m991231_235959_insert_test_users.php:/data/console/migrations/m991231_235959_insert_test_users.php - command: "bash -c 'whenavail brokerDb 3306 60 ./yii migrate --interactive=0 && ./run.sh'" - - brokerDb: - image: mariadb:10 - environment: - MYSQL_ROOT_PASSWORD: "r00tp@ss!" - MYSQL_DATABASE: "broker" - MYSQL_USER: "user" - MYSQL_PASSWORD: "pass" From 53b3eefa690f5ae09147a2b480f80c33e22d0283 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 10 Jul 2024 14:58:11 -0600 Subject: [PATCH 3/3] remove patch from run.sh --- dockerbuild/run.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/dockerbuild/run.sh b/dockerbuild/run.sh index f55cd46..d3c5dc6 100755 --- a/dockerbuild/run.sh +++ b/dockerbuild/run.sh @@ -6,9 +6,6 @@ set -x # exit if any command fails set -e -# This is a temporary fix (bug workaround) until ssp 2.0 is in use -sed -i 's_\(\\SimpleSAML\\Error\\Assertion::installHandler()\)_// \1 _' /data/vendor/simplesamlphp/simplesamlphp/public/_include.php - # establish a signal handler to catch the SIGTERM from a 'docker stop' # reference: https://medium.com/@gchudnov/trapping-signals-in-docker-containers-7a57fdda7d86 term_handler() {