Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 10.0.0-alpha.6 -- update sildisco module for SSP 2 #260

Merged
merged 36 commits into from
Jul 18, 2024
Merged

Release 10.0.0-alpha.6 -- update sildisco module for SSP 2 #260

merged 36 commits into from
Jul 18, 2024

Conversation

briskt
Copy link
Contributor

@briskt briskt commented Jul 17, 2024

Changed

  • Re-enabled sildisco for IdP discovery.
  • Fixed SP name display on sildisco IdP selection page.
  • Use entityDisplayName Twig filter for displaying the IdP and SP names.
  • Updated test metadata to include entityid in every entry, and make name an array.
  • Patch the standard SP AuthSource to modify behavior when multiple IdPs are available for an SP.
    • When more than one IdP is available, always present the discovery page. Standard behavior is to proceed using an existing IdP session if possible.
    • When re-authentication is required, always present the discovery page. Standard behavior is to let the user choose whether to cancel or continue.

Removed

  • Removed source files copied from SimpleSAMLphp that are no longer used.
  • Removed leftover dictionary files from pre-SSP2
  • Removed actions-services.yml
  • Removed patch from run.sh
  • Removed "beta test" feature. We do not use this in staging or production.

Fixed

  • Fixed the SingleLogoutService on the test IdPs to use the standard saml2-logout.php since it no longer needs to be customized.
  • Added use statements to import classes
  • Removed unnecessary use statements

briskt and others added 30 commits July 9, 2024 14:17
@briskt
adapt sildisco discovery to SSP2
dc60f07
@briskt
use entityDisplayName filter for idp.name
2b2aa3d
@briskt
update metadata - add entityid and make name an array
8d4adb1
@briskt
fix display of SP name in selectidp-links template
27b6c1a
@briskt
remove unused override files from sildisco module
c75630c
@briskt
PR feedback: use the 'default' Twig filter
3600fa4
@briskt
rename selectidp-links variables to snake case (Twig style)
2bf923c
@briskt
remove unused urlpattern variable
b140e78
@briskt
add lang attribute on selectidp-links template
4acba9b
@briskt
add missing ticks around html_attr argument to the escape filter
354140b
@briskt
Merge pull request #248 from silinternational/feature/ssp2-sildisco
eeb1d92 
update sildisco module for SimpleSAMLphp 2
@briskt
add use statements to import SimpleSAML classes
4841645
@briskt
add use statements to import other classes
34484e5
@briskt
Merge pull request #250 from silinternational/feature/use-use
43655a4 
Use more use statements
@briskt
remove "beta test" feature
049ee75
@briskt
remove beta-test tests
eb7d4ed
@briskt
remove leftover dictionary files from pre-SSP2
1369439
@briskt
remove actions-services.yml
17e004e
@briskt
remove patch from run.sh
53b3eef
@briskt
Merge pull request #252 from silinternational/feature/cleanup
b1e5bb1 
misc. cleanup
@briskt
Merge pull request #251 from silinternational/feature/remove-betatest
fdf518a 
remove "beta test" feature
@briskt
patch the SP.php file in SSP source to modify multi-IdP behavior
95b1842
@briskt
add context to patch file sp-php.patch
205e1f2 
From the diff man page: "For proper operation, patch typically needs at least two lines of context"
@briskt
Merge pull request #253 from silinternational/feature/ssp2-sp-patch
3ee5ce9 
Customized multi-IdP behavior
@briskt
fix the AddIdp2NameId filter
5597a92
@briskt
change NameID format to "SAML:2.0" "persistent" throughout the unit test
7bb15b2
@briskt
add sonar-project.properties
36ea206
@briskt
Merge pull request #254 from silinternational/feature/fix-add-idp-2-n…
3e4c520 
…ameid

fix the AddIdp2NameId filter
@jason-jackson
set global twig variables using controller
0dd3a9b
@jason-jackson
PR suggestion
ca7d229
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
10.9% Duplication on New Code

See analysis details on SonarCloud

hobbitronics
hobbitronics approved these changes Jul 18, 2024
View reviewed changes
Copy link
Contributor

@hobbitronics hobbitronics left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't say I've reviewed all of the code but on the basis that someone has it should be ok. On the other hand you might wan't someone else to tick the box.

@briskt
Copy link
Contributor Author

briskt commented Jul 18, 2024

Can't say I've reviewed all of the code but on the basis that someone has it should be ok. On the other hand you might wan't someone else to tick the box.

Thanks. Previous reviews should be enough, but if other people are willing and available, I wouldn't turn away more input (before or after merge).

@briskt briskt merged commit 7046663 into main Jul 18, 2024
4 checks passed
forevermatt
forevermatt reviewed Jul 22, 2024
View reviewed changes
modules/sildisco/src/IdPDisco.php
Comment on lines +62 to +68
if (!empty($spEntityId)) {
$idpList = DiscoUtils::getReducedIdpList(
$idpList,
$this->getMetadataPath(),
$spEntityId
);
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the SP Entity ID is empty, does this mean that the IDP List used might now include more entries than it should (since it won't be reduced)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. Do you think it would be better to throw an exception instead?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so. It may be that we try it and learn that's not what we want, but I'd rather err on the side of failing loudly rather than silently.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@forevermatt forevermatt forevermatt left review comments

@hobbitronics hobbitronics hobbitronics approved these changes

@jason-jackson jason-jackson Awaiting requested review from jason-jackson

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@briskt @forevermatt @hobbitronics @jason-jackson