SSP-2066_add_routes_and_controllers (#45)

* Move validate.php to symfony controller

* Fix quality errors

* Loggout Controller

* LoggedOut Controller

* Fix quality issues

* composer require checker for dev environments

* fix composer require checker version

* Add tests for LogoutController.php part1

* psalm

* LogoutController.php tests part 2

* add CAS10 validate.php tests

* Add missing dependency

* LoggedInController.php

* Cas10 validate improvements

* serviceValidate, proxyValidate, logoutController

* samlValidate.php controller and tests

* fix psalm errors

* move proxy.php to Cas20Controller action

* Removed cas.php.Added LoginController.php

* UrlTrait tests

* Add missing import

* LoginController Tests

* Tests for Cas20 validate

* add tests for Proxy Service Validate

* More tests on Cas20Controller.php

* Use TicketStore abstract class type

* Use Module::resolveClass

* Use RunnableResponse instead of redirect

* Added phpdocs

* Fix run with docker instructions

* xml response to UTF-8

* Fix validation condition for CAS10

* review fixes #1

* Intantiate classes after we finalize the casconfig overrides. Refactor checkServiceUrl.Improve composer validate.

* fix UrlTrait::validate to handle proxy tickets

* fix UrlTrait::validate call test for the different methods.

* user RunnableResponse

* preg_match better error handling

* Use DOMDocumentFactory instead of ext-xml to parse the SOAP message

* Refactor samlValidate, parsing postbody.

* Improve saml validate

* Improve samlValidate. Use saml11 1,2,4

* Move Cas20 validate function to TicketValidatorTrait

* Create an enum list of configuration options that are allowed to be overriden.

* Add missing enum file

* fix saml11 versioning in composer

* minor fixes

* Remove PDO as a hard dependency. It's optional when using SQLTicketStore

* Add more hints for running with docker

* Allow `attributes` config item to be set per SP

* Add missing trait dependency

* Fix debug mode validation response rendering

* Exclude public directory from lint and documentation checks

* Remove js libraries

* Add copy button and missing jquery dependency package

* Replace text with langauge key

* Remove unnecessary package

---------

Co-authored-by: Tim van Dijen <[email protected]>
Co-authored-by: Patrick Radtke <[email protected]>

.github/workflows/documentation.yml

@@ -26,12 +26,14 @@ jobs:
         with:
           files: .
           ignore_path: .markdownlintignore
+          ignore_files: public/**
 
       - name: Perform spell check
         uses: codespell-project/actions-codespell@v2
         with:
           path: '**/*.md'
           check_filenames: true
+          skip: public/**
           ignore_words_list: tekst
 
   build:

.github/workflows/php.yml

@@ -37,6 +37,7 @@ jobs:
           VALIDATE_YAML: true
           VALIDATE_XML: true
           VALIDATE_GITHUB_ACTIONS: true
+          FILTER_REGEX_EXCLUDE: 'public/**'
 
   quality:
     name: Quality control

README.md

@@ -88,18 +88,20 @@ To explore the module using docker run the below command. This will run an SSP i
 of the `casserver` module mounted in the container, along with some configuration files. Any code changes you make to your git checkout are
 "live" in the container, allowing you to test and iterate different things.
 
+Sometimes when working with a dev version of the module you will need a newer version of a dependency than what SSP is
+locked to. In that case you can add an additional dependency to the `COMPOSER_REQUIRE` line (e.g ="simplesamlphp/assert:1.8 ")
+
 ```bash
-# Note: this currently errors on this module requiring a newer version of `simplesamlphp/xml-common` than what is in the base image
 docker run --name ssp-casserver-dev \
    --mount type=bind,source="$(pwd)",target=/var/simplesamlphp/staging-modules/casserver,readonly \
   -e STAGINGCOMPOSERREPOS=casserver \
-  -e COMPOSER_REQUIRE="simplesamlphp/simplesamlphp-module-casserver:@dev simplesamlphp/simplesamlphp-module-preprodwarning"
+  -e COMPOSER_REQUIRE="simplesamlphp/simplesamlphp-module-casserver:@dev simplesamlphp/simplesamlphp-module-preprodwarning" \
   -e SSP_ADMIN_PASSWORD=secret1 \
   --mount type=bind,source="$(pwd)/docker/ssp/module_casserver.php",target=/var/simplesamlphp/config/module_casserver.php,readonly \
   --mount type=bind,source="$(pwd)/docker/ssp/authsources.php",target=/var/simplesamlphp/config/authsources.php,readonly \
   --mount type=bind,source="$(pwd)/docker/ssp/config-override.php",target=/var/simplesamlphp/config/config-override.php,readonly \
   --mount type=bind,source="$(pwd)/docker/apache-override.cf",target=/etc/apache2/sites-enabled/ssp-override.cf,readonly \
-   -p 443:443 cirrusid/simplesamlphp:v2.3.2
+   -p 443:443 cirrusid/simplesamlphp:v2.3.5
 ```
 
 Visit [https://localhost/simplesaml/](https://localhost/simplesaml/) and confirm you get the default page.

composer.json

@@ -30,38 +30,48 @@
     },
     "require": {
         "php": "^8.1",
-        "ext-ctype": "*",
         "ext-dom": "*",
         "ext-filter": "*",
         "ext-libxml": "*",
         "ext-SimpleXML": "*",
+        "ext-session": "*",
+
         "simplesamlphp/assert": "^1.1",
         "simplesamlphp/composer-module-installer": "^1.3",
-        "simplesamlphp/simplesamlphp": "^2.2",
-        "simplesamlphp/xml-cas": "^v1.3",
-        "simplesamlphp/xml-common": "^v1.17",
-        "simplesamlphp/xml-soap": "^v1.5"
+        "simplesamlphp/simplesamlphp": "^2.3",
+        "simplesamlphp/xml-cas": "^1.3",
+        "simplesamlphp/xml-common": "^1.17",
+        "simplesamlphp/xml-soap": "^1.5",
+        "symfony/http-foundation": "^6.4",
+        "symfony/http-kernel": "^6.4",
+        "simplesamlphp/saml11": "~1.2.4"
     },
     "require-dev": {
         "simplesamlphp/simplesamlphp-test-framework": "^1.7",
         "phpunit/phpunit": "^10",
         "psalm/plugin-phpunit": "^0.19.0",
-        "squizlabs/php_codesniffer": "^3.7"
+        "squizlabs/php_codesniffer": "^3.7",
+        "maglnet/composer-require-checker": "4.7.1",
+        "vimeo/psalm": "^5",
+        "icanhazstring/composer-unused": "^0.8.11"
     },
     "support": {
         "issues": "https://github.com/simplesamlphp/simplesamlphp-module-casserver/issues",
         "source": "https://github.com/simplesamlphp/simplesamlphp-module-casserver"
     },
-    "suggest": {
-        "ext-pdo": "*"
-    },
     "scripts": {
         "validate": [
-            "vendor/bin/phpunit --no-coverage --testdox",
-            "vendor/bin/phpcs -p"
+            "vendor/bin/phpcs -p",
+            "vendor/bin/composer-require-checker check --config-file=tools/composer-require-checker.json composer.json",
+            "vendor/bin/psalm -c psalm-dev.xml",
+            "vendor/bin/composer-unused",
+            "vendor/bin/phpunit --no-coverage --testdox"
         ],
         "tests": [
             "vendor/bin/phpunit --no-coverage"
+        ],
+        "propose-fix": [
+            "vendor/bin/phpcs --report=diff"
         ]
     }
 }

config/module_casserver.php.dist

@@ -26,10 +26,13 @@ $config = [
         'https://host2.domain:5678/path2/path3',
         // So is regex
         '|^https://.*\.domain.com/|',
-        // Some configuration options can be overridden
+        // ONLY the FOLLOWING configuration options can be overridden. See OverrideConfigPropertiesEnum.
         'https://override.example.com' => [
             'attrname' => 'uid',
             'attributes_to_transfer' => ['cn'],
+            //'attributes' => false,
+            //'authproc' => [],
+            //'service_ticket_expire_time' => 5,
         ],
     ],
 

locales/en/LC_MESSAGES/casserver.po

@@ -30,3 +30,20 @@ msgstr "Logged in"
 msgid "You are logged in."
 msgstr "You are logged in."
 
+msgid "{copy}"
+msgstr "Copy"
+
+msgid "{copied}"
+msgstr "Copied!"
+
+msgid "{continue}"
+msgstr "Continue"
+
+msgid "{copyToClipboard}"
+msgstr "Copy to clipboard"
+
+msgid "{success}"
+msgstr "Validation Successful"
+
+msgid "{failure}"
+msgstr "Validation Failed"

phpcs.xml

@@ -21,6 +21,7 @@
 
     <!-- Use this to exclude paths. You can have multiple patterns -->
     <exclude-pattern>tests/config/*</exclude-pattern>
+    <exclude-pattern>public/assets/jquery/*</exclude-pattern>
 
     <!-- This is the rule we inherit from. If you want to exclude some specific rules, see the docs on how to do that -->
     <rule ref="PSR12"/>

phpunit.xml

@@ -4,6 +4,7 @@
          bootstrap="tests/bootstrap.php"
          xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.5/phpunit.xsd"
          backupGlobals="false"
+         displayDetailsOnTestsThatTriggerWarnings="true"
          cacheDirectory=".phpunit.cache">
   <coverage>
     <report>

psalm-dev.xml

@@ -3,6 +3,10 @@
     name="SimpleSAMLphp testsuite"
     useDocblockTypes="true"
     errorLevel="4"
+    resolveFromConfigFile="true"
+    autoloader="vendor/autoload.php"
+    findUnusedCode="false"
+    findUnusedBaselineEntry="true"
     reportMixedIssues="false"
     hideExternalErrors="true"
     allowStringToStandInForClass="true"

psalm.xml

@@ -4,10 +4,15 @@
     useDocblockTypes="true"
     errorLevel="2"
     reportMixedIssues="false"
+    resolveFromConfigFile="true"
+    autoloader="vendor/autoload.php"
+    findUnusedCode="false"
+    findUnusedBaselineEntry="true"
+    hideExternalErrors="true"
+    allowStringToStandInForClass="true"
 >
     <projectFiles>
         <directory name="config" />
-        <directory name="public" />
         <directory name="src" />
     </projectFiles>
 

public/assets/css/casserver.css

@@ -0,0 +1,89 @@
+/* end baseline CSS */
+.hljs {
+    background: #F3F3F3;
+    color: #444
+}
+/* Base color: saturation 0; */
+.hljs-subst {
+    /* default */
+
+}
+/* purposely ignored */
+.hljs-formula,
+.hljs-attr,
+.hljs-property,
+.hljs-params {
+
+}
+.hljs-comment {
+    color: #697070
+}
+.hljs-tag,
+.hljs-punctuation {
+    color: #444a
+}
+.hljs-tag .hljs-name,
+.hljs-tag .hljs-attr {
+    color: #444
+}
+.hljs-keyword,
+.hljs-attribute,
+.hljs-selector-tag,
+.hljs-meta .hljs-keyword,
+.hljs-doctag,
+.hljs-name {
+    font-weight: bold
+}
+/* User color: hue: 0 */
+.hljs-type,
+.hljs-string,
+.hljs-number,
+.hljs-selector-id,
+.hljs-selector-class,
+.hljs-quote,
+.hljs-template-tag,
+.hljs-deletion {
+    color: #880000
+}
+.hljs-title,
+.hljs-section {
+    color: #880000;
+    font-weight: bold
+}
+.hljs-regexp,
+.hljs-symbol,
+.hljs-variable,
+.hljs-template-variable,
+.hljs-link,
+.hljs-selector-attr,
+.hljs-operator,
+.hljs-selector-pseudo {
+    color: #ab5656
+}
+/* Language color: hue: 90; */
+.hljs-literal {
+    color: #695
+}
+.hljs-built_in,
+.hljs-bullet,
+.hljs-code,
+.hljs-addition {
+    color: #397300
+}
+/* Meta color: hue: 200 */
+.hljs-meta {
+    color: #1f7199
+}
+.hljs-meta .hljs-string {
+    color: #38a
+}
+/* Misc effects */
+.hljs-emphasis {
+    font-style: italic
+}
+.hljs-strong {
+    font-weight: bold
+}
+.top-right-corner {
+    right: 0;
+}