Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • perun/perun-proxyidp/simplesamlphp-module-campusmultiauth
1 result
Show changes
Commits on Source (11)
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 4903 additions and 4440 deletions
.editorconfig deleted 100644 → 0
View file @ 46562351
[*.{json,yml}]
indent_style = space
indent_size = 2
[*.{js,jsx,ts,tsx}]
indent_style = tab
indent_size = 2
.github/workflows/build_and_check.yml deleted 100644 → 0
View file @ 46562351
name: jobs
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
php:
name: PHP tests
runs-on: ubuntu-latest
strategy:
matrix:
php-version: ["7.4", "8.0"]
composer-version: [1, 2]
steps:
- uses: actions/checkout@v3
- name: Cache Composer dependencies
uses: actions/cache@v3
with:
path: /tmp/composer-cache
key: ${{ runner.os }}-${{ hashFiles('**/composer.lock') }}
- name: Install dependencies
uses: php-actions/composer@v6
with:
php_version: ${{ matrix.php-version }}
version: ${{ matrix.composer-version }}
php_extensions: intl
- name: Run easy coding standard
run: vendor/bin/ecs check
prettier:
name: Prettier
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: "16"
- run: npm i
- run: npx prettier --check .
release:
name: Release
needs: [php, prettier]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: 16
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npm install && npx semantic-release
.gitignore
View file @ d91a106a
www/resources/bootstrap/css/*
!www/resources/bootstrap/css/bootstrap.min.css
!www/resources/bootstrap/css/bootstrap.min.css.map
www/resources/bootstrap/js/*
!www/resources/bootstrap/js/bootstrap.bundle.min.js
!www/resources/bootstrap/js/bootstrap.bundle.min.js.map
www/resources/selectize/css/*
!www/resources/selectize/css/selectize.css
!www/resources/selectize/css/selectize.bootstrap5.css
www/resources/selectize/js/*.js
www/resources/selectize/js/standalone/*.js
!www/resources/selectize/js/standalone/selectize.min.js
www/resources/selectize/less
www/resources/selectize/scss
www/resources/selectize/vendor
www/resources/MuniWeb/ajax
www/resources/MuniWeb/img/illust
www/resources/MuniWeb/img/social
www/resources/MuniWeb/tpl
www/resources/MuniWeb/_ins/tpl
## Ansible
*.retry
## composer
# Composer
composer.phar
/vendor/
# PHPUnit
/.phpunit.cache
.phpunit.result.cache
## Java
# Compiled class file
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
## JetBrains
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff
.idea/**/workspace.xml
.idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries
.idea/**/shelf
# Generated files
.idea/**/contentModel.xml
# Sensitive or high-churn files
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
.idea/**/dbnavigator.xml
# Gradle
.idea/**/gradle.xml
.idea/**/libraries
# Gradle and Maven with auto-import
.idea/modules.xml
.idea/*.iml
.idea/modules
# CMake
cmake-build-*/
# Mongo Explorer plugin
.idea/**/mongoSettings.xml
# File-based project format
*.iws
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
# Editor-based Rest Client
.idea/httpRequests
# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
## macOS
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Node
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
## maven
target/
pom.xml.tag
pom.xml.releaseBackup
pom.xml.versionsBackup
pom.xml.next
release.properties
dependency-reduced-pom.xml
buildNumber.properties
.mvn/timing.properties
.mvn/wrapper/maven-wrapper.jar
## node
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
lerna-debug.log*
report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
*.lcov
# nyc test coverage
.nyc_output
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
jspm_packages/
# TypeScript v1 declaration files
typings/
*.tsbuildinfo
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
.rpt2_cache/
.rts2_cache_cjs/
.rts2_cache_es/
.rts2_cache_umd/
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
.env.test
# parcel-bundler cache (https://parceljs.org/)
.cache
# next.js build output
.next
# nuxt.js build output
.nuxt
dist
.cache/
# vuepress build output
.vuepress/dist
# Serverless directories
.serverless/
# FuseBox cache
.fusebox/
.dynamodb/
.tern-port
#DynamoDB Local files
.dynamodb/
## Python
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib64/
parts/
sdist/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.pytest_cache/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
.python-version
# celery beat schedule file
celerybeat-schedule
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
## vim
# Swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-rt-v][a-z]
[._]ss[a-gi-z]
[._]sw[a-p]
# Session
Session.vim
# Temporary
.netrwhist
*~
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~
## Visual Studio
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.rsuser
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUNIT
*.VisualState.xml
TestResult.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_h.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*_wpftmp.csproj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# JustCode is a .NET coding add-in
.JustCode
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!*.[Cc]ache/
# Others
ClientBin/
~
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
bower_components/
# ASP.NET Core default setup: bower directory is configured as wwwroot/lib/ and bower restore is true
**/wwwroot/lib/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# JetBrains Rider
.idea/
*.sln.iml
# CodeRush personal settings
.cr/personal
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/
# Local History for Visual Studio
.localhistory/
## Windows
# Windows thumbnail cache files
Thumbs.db
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
www/resources/bootstrap/css/*
!www/resources/bootstrap/css/bootstrap.min.css
!www/resources/bootstrap/css/bootstrap.min.css.map
www/resources/bootstrap/js/*
!www/resources/bootstrap/js/bootstrap.bundle.min.js
!www/resources/bootstrap/js/bootstrap.bundle.min.js.map
www/resources/selectize/css/*
!www/resources/selectize/css/selectize.css
!www/resources/selectize/css/selectize.bootstrap5.css
www/resources/selectize/js/*.js
www/resources/selectize/js/standalone/*.js
!www/resources/selectize/js/standalone/selectize.min.js
www/resources/selectize/less
www/resources/selectize/scss
www/resources/selectize/vendor
www/resources/MuniWeb/ajax
www/resources/MuniWeb/img/illust
www/resources/MuniWeb/img/social
www/resources/MuniWeb/tpl
www/resources/MuniWeb/_ins/tpl
.gitlab-ci.yml 0 → 100644
View file @ d91a106a
include:
- project: perun-proxy-aai/common
file: /templates/.gitlab-ci-template.yml
.prettierignore
View file @ d91a106a
## Ansible
*.retry
## composer
composer.phar
/vendor/
## Java
# Compiled class file
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
## JetBrains
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff
.idea/**/workspace.xml
.idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries
.idea/**/shelf
# Generated files
.idea/**/contentModel.xml
# Sensitive or high-churn files
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
.idea/**/dbnavigator.xml
# Gradle
.idea/**/gradle.xml
.idea/**/libraries
# Gradle and Maven with auto-import
.idea/modules.xml
.idea/*.iml
.idea/modules
# CMake
cmake-build-*/
# Mongo Explorer plugin
.idea/**/mongoSettings.xml
# File-based project format
*.iws
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
# Editor-based Rest Client
.idea/httpRequests
# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
## macOS
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
## maven
target/
pom.xml.tag
pom.xml.releaseBackup
pom.xml.versionsBackup
pom.xml.next
release.properties
dependency-reduced-pom.xml
buildNumber.properties
.mvn/timing.properties
.mvn/wrapper/maven-wrapper.jar
## node
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
node_modules
web-build
.expo
.expo-shared
.git
# nyc test coverage
.nyc_output
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
jspm_packages/
# TypeScript v1 declaration files
typings/
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env
# parcel-bundler cache (https://parceljs.org/)
.cache
# next.js build output
.next
# nuxt.js build output
.nuxt
# vuepress build output
.vuepress/dist
# Serverless directories
.serverless/
# FuseBox cache
.fusebox/
#DynamoDB Local files
.dynamodb/
## Python
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*.class
# C extensions
*.so
# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib64/
parts/
sdist/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST
# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
# Installer logs
pip-log.txt
pip-delete-this-directory.txt
# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
.hypothesis/
.pytest_cache/
# Translations
*.mo
*.pot
# Django stuff:
*.log
local_settings.py
db.sqlite3
# Flask stuff:
instance/
.webassets-cache
# Scrapy stuff:
.scrapy
# Sphinx documentation
docs/_build/
# PyBuilder
target/
# Jupyter Notebook
.ipynb_checkpoints
# IPython
profile_default/
ipython_config.py
# pyenv
.python-version
# celery beat schedule file
celerybeat-schedule
# SageMath parsed files
*.sage.py
# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/
# Spyder project settings
.spyderproject
.spyproject
# Rope project settings
.ropeproject
# mkdocs documentation
/site
# mypy
.mypy_cache/
.dmypy.json
dmypy.json
# Pyre type checker
.pyre/
## vim
# Swap
[._]*.s[a-v][a-z]
[._]*.sw[a-p]
[._]s[a-rt-v][a-z]
[._]ss[a-gi-z]
[._]sw[a-p]
# Session
Session.vim
# Temporary
.netrwhist
*~
# Auto-generated tag files
tags
# Persistent undo
[._]*.un~
## Visual Studio
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.rsuser
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUNIT
*.VisualState.xml
TestResult.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET Core
project.lock.json
project.fragment.lock.json
artifacts/
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_h.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*_wpftmp.csproj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# JustCode is a .NET coding add-in
.JustCode
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!*.[Cc]ache/
# Others
ClientBin/
~
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
bower_components/
# ASP.NET Core default setup: bower directory is configured as wwwroot/lib/ and bower restore is true
**/wwwroot/lib/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# JetBrains Rider
.idea/
*.sln.iml
# CodeRush personal settings
.cr/personal
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/
# Local History for Visual Studio
.localhistory/
## Windows
# Windows thumbnail cache files
Thumbs.db
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
package-lock.json
app.json
*.svg
faviconData.json
CHANGELOG.md
renovate.json
composer.lock
vendor
CHANGELOG.md
.git
*.min.css
*.min.js
www/resources/bootstrap
www/resources/font_awesome
www/resources/MuniWeb
www/resources/selectize
www/resources/jquery-3.6.0.min.js
.prettierrc.json
View file @ d91a106a
{}
.releaserc.json
View file @ d91a106a
{
"branches": [
"+([0-9])?(.{+([0-9]),x}).x",
"main",
"master",
"next",
"next-major",
{ "name": "beta", "prerelease": true },
{ "name": "alpha", "prerelease": true }
],
"plugins": [
"@semantic-release/commit-analyzer",
"@semantic-release/release-notes-generator",
"@semantic-release/changelog",
"@semantic-release/github",
[
"@semantic-release/git",
{
"assets": ["CHANGELOG.md"],
"message": "chore(release): ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
}
]
]
}
{ "extends": ["@perun-proxy-aai/semantic-release-proxy-config"] }
CHANGELOG.md
View file @ d91a106a
# [1.4.0](https://gitlab.ics.muni.cz/perun-proxy-aai/simplesamlphp/simplesamlphp-module-campusmultiauth/compare/v1.3.0...v1.4.0) (2022-09-24)
### Features
* aarc_discovery_hint ([7e3a950](https://gitlab.ics.muni.cz/perun-proxy-aai/simplesamlphp/simplesamlphp-module-campusmultiauth/commit/7e3a950a1d34ee40ce8413486c6a7eb6efaeb3af))
# [1.3.0](https://github.com/CESNET/simplesamlphp-module-campusmultiauth/compare/v1.2.1...v1.3.0) (2022-09-05)
......
LICENSE
View file @ d91a106a
BSD 3-Clause License
Copyright (c) 2022, Pavel Břoušek
All rights reserved.
Copyright (c) 2022, CESNET, z. s. p. o. and Institute of Computer Science, Masaryk University
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
......
README.md
View file @ d91a106a
......@@ -91,15 +91,13 @@ This component represents a form with username and password. It can be used only
#### searchbox
Thanks to searchbox you can search between all included identity providers. This components may be used multiple times.
Thanks to the searchbox you can search between all included identity providers. This component may be used multiple times.
`title` - text displayed above the component. If you want to add localization, you can write the value as a map with language codes as keys and localized strings as values. If current language is not found in keys, the **_first one_** is used instead. If not set at all, it displays a default value.
`placeholder` - text displayed as a placeholder in the searchbox. If you want to add localization, you can write the value as a map with language codes as keys and localized strings as values. If current language is not found in keys, the **_first one_** is used instead. If not set at all, it displays a default value.
`include` - if you want to display just part of identity providers available in the metadata, you can use this option. If not set, all identity providers from the metadata are included. Otherwise, included are only identity providers mentioned here. This option is a map with three possible keys: `upstream_idps`, `tags` and `registration_authorities`. If you want to include single IdP, you can add its identifier (e.g. entityID) to the `upstream_idps` list. In case you want to include a group of identity providers, you may tag some of them in the [module metarefresh](https://github.com/simplesamlphp/simplesamlphp-module-metarefresh/blob/master/docs/simplesamlphp-automated_metadata.md) and then include them by adding their tag to the `tags` list. Every identity provider also has information about its registration authority (e.g. [http://www.eduid.cz/](http://www.eduid.cz/)). If you add some registration authority to the `registration_authorities` list, all identity providers from this authority will be included.
`exclude` - if you want to display just part of identity providers available in the metadata, you can use this option. Each identity provider mentioned here will be excluded from the included ones. This option is a map with three possible keys: `upstream_idps`, `tags` and `registration_authorities`. If you want to exclude single IdP, you can add its identifier (e.g. entityID) to the `upstream_idps` list. In case you want to exclude a group of identity providers, you may tag some of them in the [module metarefresh](https://github.com/simplesamlphp/simplesamlphp-module-metarefresh/blob/master/docs/simplesamlphp-automated_metadata.md) and then exclude them by adding their tag to the `tags` list. Every identity provider also has information about its registration authority (e.g. [http://www.eduid.cz/](http://www.eduid.cz/)). If you add some registration authority to the `registration_authorities` list, all identity providers from this authority will be excluded.
`filter` - if you want to display just part of identity providers available in the metadata, you can use this option. If not set, all identity providers from the metadata are included. Otherwise, identity providers to display are chosen based on the [aarc_discovery_hint](https://docs.google.com/document/d/1rHKGzPsjkbqKHxsPnCb0itRLXLtqm-A8CZ5fzzklaxc/edit) logic. However, there are some differences. The content of this option is already decoded (which means it's in the PHP format, not the JSON). Also, you can use the `entityid` claim (instead of `entity_category` / `assurance_certification` / `registration_authority`) to include or exclude specific identity providers. You can find a sample use of the `entityid` claim in [module_campusmultiauth.php](https://gitlab.ics.muni.cz/perun-proxy-aai/simplesamlphp/simplesamlphp-module-campusmultiauth/-/blob/main/config-templates/module_campusmultiauth.php) config template.
`priority` - can be set to `primary`, default value is `secondary`. It should be primary if you want users to use this component if they are able to.
......@@ -137,6 +135,10 @@ Each identity is a map with the following possible options:
To help the user choose the right institution to log in, this module supports following standards:
### [aarc_discovery_hint (aarc_discovery_hint_uri)](https://docs.google.com/document/d/1rHKGzPsjkbqKHxsPnCb0itRLXLtqm-A8CZ5fzzklaxc/edit)
A service provider can choose which identity provider(s) should user use. If there is only one option, the user is redirected directly to the identity provider. Otherwise, user chooses from identity providers sent in the `aarc_discovery_hint` parameter. In addition to this standard, service provider can use the `entityid` claim (instead of `entity_category` / `assurance_certification` / `registration_authority`) to include or exclude specific identity providers.
### [aarc_idp_hint](https://zenodo.org/record/4596667/files/AARC-G061-A_specification_for_IdP_hinting.pdf)
A service provider can choose which identity provider should user use, he/she then skips the login page and is redirected to the targeted identity provider.
......
commitlint.config.js deleted 100644 → 0
View file @ 46562351
module.exports = {
extends: ["@commitlint/config-conventional"],
};
composer.json
View file @ d91a106a
{
"name": "cesnet/simplesamlphp-module-campusmultiauth",
"description": "SimpleSAMLphp module which provides password based and federated authentication on single page",
"type": "simplesamlphp-module",
"keywords": [
"simplesamlphp"
],
"license": "BSD-2-Clause",
"authors": [
{
"name": "Dominik Baranek",
"email": "baranek@ics.muni.cz"
}
],
"license": "BSD-3-Clause",
"require": {
"php": "^7.4",
"simplesamlphp/composer-module-installer": "~1.0",
"simplesamlphp/simplesamlphp": "^1.19",
"league/commonmark": "^1.0",
"ext-intl": "*"
"ext-intl": "*",
"ext-simplexml": "*"
},
"config": {
"allow-plugins": {
"simplesamlphp/composer-module-installer": true
},
"platform": {
"php": "7.4"
},
"allow-plugins": {
"simplesamlphp/composer-module-installer": true
}
},
"autoload": {
......@@ -34,7 +30,10 @@
"suggest": {
"simplesamlphp/simplesamlphp-module-ldap": "Required for timeout dialog with mitreID support"
},
"require-dev": {
"symplify/easy-coding-standard": "^11.0"
}
"authors": [
{
"name": "Perun proxy AAI team",
"email": "proxyidp@cesnet.cz"
}
]
}
composer.lock
View file @ d91a106a
......@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "7ef87acb6724bb1854262fe4d96b756c",
"content-hash": "dea8f70c5c585e6e2ed14619a83b1f28",
"packages": [
{
"name": "gettext/gettext",
......@@ -5041,63 +5041,7 @@
"time": "2015-02-11T11:06:42+00:00"
}
],
"packages-dev": [
{
"name": "symplify/easy-coding-standard",
"version": "11.1.5",
"source": {
"type": "git",
"url": "https://github.com/symplify/easy-coding-standard.git",
"reference": "0cdd7d2e7868fa2776c8a32cdfe1a8d5055dee05"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/symplify/easy-coding-standard/zipball/0cdd7d2e7868fa2776c8a32cdfe1a8d5055dee05",
"reference": "0cdd7d2e7868fa2776c8a32cdfe1a8d5055dee05",
"shasum": ""
},
"require": {
"php": ">=7.2"
},
"conflict": {
"friendsofphp/php-cs-fixer": "<3.0",
"squizlabs/php_codesniffer": "<3.6"
},
"bin": [
"bin/ecs"
],
"type": "library",
"extra": {
"branch-alias": {
"dev-main": "10.3-dev"
}
},
"autoload": {
"files": [
"bootstrap.php"
]
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"description": "Prefixed scoped version of ECS package",
"support": {
"source": "https://github.com/symplify/easy-coding-standard/tree/11.1.5"
},
"funding": [
{
"url": "https://www.paypal.me/rectorphp",
"type": "custom"
},
{
"url": "https://github.com/tomasvotruba",
"type": "github"
}
],
"time": "2022-08-16T08:53:49+00:00"
}
],
"packages-dev": [],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": [],
......@@ -5105,7 +5049,8 @@
"prefer-lowest": false,
"platform": {
"php": "^7.4",
"ext-intl": "*"
"ext-intl": "*",
"ext-simplexml": "*"
},
"platform-dev": [],
"platform-overrides": {
......
config-templates/module_campusmultiauth.php
View file @ d91a106a
......@@ -40,15 +40,21 @@ $config = [
'cs' => 'Vyhledejte např. CEITEC',
'en' => 'Search e.g. CEITEC',
],
'include' => [
'upstream_idps' => [],
'tags' => ['edugain'],
'registration_authorities' => [],
],
'exclude' => [
'upstream_idps' => [],
'tags' => [],
'registration_authorities' => [],
'filter' => [
'exclude' => [
'any_of' => [
0 => [
'entityid' => [
'equals' => 'https://www.vutbr.cz/SSO/saml2/idp'
],
],
1 => [
'entityid' => [
'equals' => 'https://idp2.ics.muni.cz/idp/shibboleth'
],
],
],
],
],
'logos' => [
'https://idp2.ics.muni.cz/idp/shibboleth' => 'https://id.muni.cz/android-chrome-192x192.png',
......
ecs.php deleted 100644 → 0
View file @ 46562351
<?php
declare(strict_types=1);
use PhpCsFixer\Fixer\FunctionNotation\FunctionTypehintSpaceFixer;
use PhpCsFixer\Fixer\Operator\NotOperatorWithSuccessorSpaceFixer;
use Symplify\EasyCodingStandard\Config\ECSConfig;
use Symplify\EasyCodingStandard\ValueObject\Set\SetList;
return static function (ECSConfig $ecsConfig): void {
$ecsConfig->paths(
[
__DIR__ . '/config-templates',
__DIR__ . '/ecs.php',
__DIR__ . '/lib',
__DIR__ . '/templates',
__DIR__ . '/themes',
__DIR__ . '/www',
]
);
$ecsConfig->sets([
SetList::CLEAN_CODE,
SetList::SYMPLIFY,
SetList::ARRAY,
SetList::COMMON,
SetList::COMMENTS,
SetList::CONTROL_STRUCTURES,
SetList::DOCBLOCK,
SetList::NAMESPACES,
SetList::PHPUNIT,
SetList::SPACES,
SetList::STRICT,
SetList::PSR_12,
]);
$ecsConfig->skip([NotOperatorWithSuccessorSpaceFixer::class, FunctionTypehintSpaceFixer::class]);
};
lib/Auth/Source/Campusidp.php
View file @ d91a106a
......@@ -12,6 +12,7 @@ use SimpleSAML\Configuration;
use SimpleSAML\Error;
use SimpleSAML\Error\UnserializableException;
use SimpleSAML\Logger;
use SimpleSAML\Metadata\MetaDataStorageHandler;
use SimpleSAML\Module;
use SimpleSAML\Module\core\Auth\UserPassBase;
use SimpleSAML\Module\ldap\Auth\Ldap;
......@@ -43,6 +44,42 @@ class Campusidp extends Source
public const IDP_HINT_BUTTONS_LIMIT = 5;
// idp hinting
public const IDPHINT = 'idphint';
public const AARC_IDP_HINT = 'aarc_idp_hint';
public const AARC_DISCOVERY_HINT = 'aarc_discovery_hint';
public const AARC_DISCOVERY_HINT_URI = 'aarc_discovery_hint_uri';
public const INCLUDE = 'include';
public const EXCLUDE = 'exclude';
public const ALL_OF = 'all_of';
public const ANY_OF = 'any_of';
public const ENTITY_CATEGORY = 'entity_category';
public const ASSURANCE_CERTIFICATION = 'assurance_certification';
public const REGISTRATION_AUTHORITY = 'registration_authority';
public const ENTITYID = 'entityid';
public const CONTAINS = 'contains';
public const EQUALS = 'equals';
public const MATCHES = 'matches';
public const ENTITY_CATEGORY_ATTR_NAME = 'http://macedir.org/entity-category';
public const ASSURANCE_CERTIFICATION_ATTR_NAME = 'urn:oasis:names:tc:SAML:attribute:assurance-certification';
private $sources;
private $userPassSourceName;
......@@ -92,12 +129,20 @@ class Campusidp extends Source
public function authenticate(&$state)
{
if (array_key_exists('aarc_idp_hint', $_REQUEST)) {
$state['aarc_idp_hint'] = $_REQUEST['aarc_idp_hint'];
if (array_key_exists(self::AARC_IDP_HINT, $_REQUEST)) {
$state[self::AARC_IDP_HINT] = $_REQUEST[self::AARC_IDP_HINT];
}
if (array_key_exists(self::AARC_DISCOVERY_HINT, $_REQUEST)) {
$state[self::AARC_DISCOVERY_HINT] = $_REQUEST[self::AARC_DISCOVERY_HINT];
}
if (array_key_exists(self::AARC_DISCOVERY_HINT_URI, $_REQUEST)) {
$state[self::AARC_DISCOVERY_HINT_URI] = $_REQUEST[self::AARC_DISCOVERY_HINT_URI];
}
if (array_key_exists('idphint', $_REQUEST)) {
$state['idphint'] = $_REQUEST['idphint'];
if (array_key_exists(self::IDPHINT, $_REQUEST)) {
$state[self::IDPHINT] = $_REQUEST[self::IDPHINT];
}
$state[self::AUTHID] = $this->authId;
......@@ -225,10 +270,343 @@ class Campusidp extends Source
return '';
}
public static function getHintedIdps($hint)
{
if (array_key_exists(self::AARC_DISCOVERY_HINT_URI, $hint)) {
$discoveryHint = json_decode(file_get_contents($hint[self::AARC_DISCOVERY_HINT_URI]), true);
} elseif (array_key_exists(self::AARC_DISCOVERY_HINT, $hint)) {
$discoveryHint = $hint[self::AARC_DISCOVERY_HINT];
} else {
return null;
}
$metadataStorageHandler = MetaDataStorageHandler::getMetadataHandler();
$metadata = $metadataStorageHandler->getList();
$idps = [];
if (array_key_exists(self::INCLUDE, $discoveryHint)) {
if (empty($discoveryHint[self::INCLUDE])) {
return [];
} else {
foreach ($discoveryHint[self::INCLUDE] as $key => $value) {
if ($key === self::ALL_OF) {
$idps = array_merge($idps, self::getAllOfIdps($value, $metadata));
} elseif ($key === self::ANY_OF) {
$idps = array_merge($idps, self::getAnyOfIdps($value, $metadata));
}
}
}
} else {
$idps = array_keys($metadata);
}
$idps = array_unique($idps);
if (!empty($discoveryHint[self::EXCLUDE])) {
foreach ($discoveryHint[self::EXCLUDE] as $key => $value) {
if ($key === self::ALL_OF) {
$idps = array_diff($idps, self::getAllOfIdps($value, $metadata));
} elseif ($key === self::ANY_OF) {
$r = self::getAnyOfIdps($value, $metadata);
$idps = array_diff($idps, $r);
}
}
}
return $idps;
}
public static function getAllOfIdps($claim, $metadata, $type = null)
{
$result = [];
$isFirst = true;
if ($type === null) {
foreach ($claim as $array) {
foreach ($array as $key => $value) {
switch ($key) {
case self::ALL_OF:
$isFirst ?
$result = array_merge($result, self::getAllOfIdps($value, $metadata)) :
$result = array_intersect($result, self::getAllOfIdps($value, $metadata));
$isFirst = false;
break;
case self::ANY_OF:
$isFirst ?
$result = array_merge($result, self::getAnyOfIdps($value, $metadata)) :
$result = array_intersect($result, self::getAnyOfIdps($value, $metadata));
$isFirst = false;
break;
case self::ENTITY_CATEGORY:
$isFirst ?
$result = array_merge($result, self::getEntityCategoryIdps($value, $metadata)) :
$result = array_intersect($result, self::getEntityCategoryIdps($value, $metadata));
$isFirst = false;
break;
case self::ASSURANCE_CERTIFICATION:
$isFirst ?
$result = array_merge($result, self::getAssuranceCertificationIdps($value, $metadata)) :
$result = array_intersect($result, self::getAssuranceCertificationIdps($value, $metadata));
$isFirst = false;
break;
case self::REGISTRATION_AUTHORITY:
$isFirst ?
$result = array_merge($result, self::getRegistrationAuthorityIdps($value, $metadata)) :
$result = array_intersect($result, self::getRegistrationAuthorityIdps($value, $metadata));
$isFirst = false;
break;
default:
break;
}
}
}
} else {
foreach ($claim as $item) {
switch ($type) {
case self::ENTITY_CATEGORY:
$isFirst ?
$result = array_merge($result, self::getEntityCategoryIdps([self::CONTAINS => $item], $metadata)) :
$result = array_intersect($result, self::getEntityCategoryIdps([self::CONTAINS => $item], $metadata));
$isFirst = false;
break;
case self::ASSURANCE_CERTIFICATION:
$isFirst ?
$result = array_merge($result, self::getAssuranceCertificationIdps([self::CONTAINS => $item], $metadata)) :
$result = array_intersect($result, self::getAssuranceCertificationIdps([self::CONTAINS => $item], $metadata));
$isFirst = false;
break;
default:
break;
}
}
}
return array_unique($result);
}
public static function getAnyOfIdps($claim, $metadata, $type = null)
{
$result = [];
if ($type === null) {
foreach ($claim as $array) {
foreach ($array as $key => $value) {
switch ($key) {
case self::ALL_OF:
$result = array_merge($result, self::getAllOfIdps($value, $metadata));
break;
case self::ANY_OF:
$result = array_merge($result, self::getAnyOfIdps($value, $metadata));
break;
case self::ENTITY_CATEGORY:
$result = array_merge($result, self::getEntityCategoryIdps($value, $metadata));
break;
case self::ASSURANCE_CERTIFICATION:
$result = array_merge($result, self::getAssuranceCertificationIdps($value, $metadata));
break;
case self::REGISTRATION_AUTHORITY:
$result = array_merge($result, self::getRegistrationAuthorityIdps($value, $metadata));
break;
case self::ENTITYID:
$result = array_merge($result, self::getEntityidIdp($value, $metadata));
break;
default:
break;
}
}
}
} else {
foreach ($claim as $item) {
switch ($type) {
case self::ENTITY_CATEGORY:
$result = array_merge($result, self::getEntityCategoryIdps([self::CONTAINS => $item], $metadata));
break;
case self::ASSURANCE_CERTIFICATION:
$result = array_merge($result, self::getAssuranceCertificationIdps([self::CONTAINS => $item], $metadata));
break;
case self::REGISTRATION_AUTHORITY:
$result = array_merge($result, self::getRegistrationAuthorityIdps([self::EQUALS => $item], $metadata));
break;
case self::ENTITYID:
$result = array_merge($result, self::getEntityidIdp([self::EQUALS => $item], $metadata));
break;
default:
break;
}
}
}
return array_unique($result);
}
public static function getEntityCategoryIdps($claim, $metadata)
{
$result = [];
switch (array_key_first($claim)) {
case self::ALL_OF:
$result = array_merge($result, self::getAllOfIdps($claim[self::ALL_OF], $metadata, self::ENTITY_CATEGORY));
break;
case self::ANY_OF:
$result = array_merge($result, self::getAnyOfIdps($claim[self::ANY_OF], $metadata, self::ENTITY_CATEGORY));
break;
case self::CONTAINS:
foreach ($metadata as $entityid => $idpMetadata) {
$entityCategories = self::getIdpEntityCategories($idpMetadata);
if (self::contains($claim[self::CONTAINS], $entityCategories)) {
$result[] = $entityid;
}
}
break;
default:
break;
}
return $result;
}
public static function getAssuranceCertificationIdps($claim, $metadata)
{
$result = [];
switch (array_key_first($claim)) {
case self::ALL_OF:
$result = array_merge($result, self::getAllOfIdps($claim[self::ALL_OF], $metadata, self::ASSURANCE_CERTIFICATION));
break;
case self::ANY_OF:
$result = array_merge($result, self::getAnyOfIdps($claim[self::ANY_OF], $metadata, self::ASSURANCE_CERTIFICATION));
break;
case self::CONTAINS:
foreach ($metadata as $entityid => $idpMetadata) {
$assuranceCertifications = self::getIdpAssuranceCertifications($idpMetadata);
if (self::contains($claim[self::CONTAINS], $assuranceCertifications)) {
$result[] = $entityid;
}
}
break;
default:
break;
}
return $result;
}
public static function getRegistrationAuthorityIdps($claim, $metadata)
{
$result = [];
switch (array_key_first($claim)) {
case self::ANY_OF:
$result = array_merge($result, self::getAnyOfIdps($claim[self::ANY_OF], $metadata, self::REGISTRATION_AUTHORITY));
break;
case self::EQUALS:
foreach ($metadata as $entityid => $idpMetadata) {
if (!empty($idpMetadata['RegistrationInfo']['registrationAuthority']) &&
self::equals($idpMetadata['RegistrationInfo']['registrationAuthority'], $claim[self::EQUALS])) {
$result[] = $entityid;
}
}
break;
case self::MATCHES:
foreach ($metadata as $entityid => $idpMetadata) {
if (!empty($idpMetadata['RegistrationInfo']['registrationAuthority']) &&
self::matches($idpMetadata['RegistrationInfo']['registrationAuthority'], $claim[self::MATCHES])) {
$result[] = $entityid;
}
}
break;
default:
break;
}
return $result;
}
public static function getEntityidIdp($claim, $metadata)
{
$result = [];
switch (array_key_first($claim)) {
case self::ANY_OF:
$result = array_merge($result, self::getAnyOfIdps($claim[self::ANY_OF], $metadata, self::ENTITYID));
break;
case self::EQUALS:
if (self::contains($claim[self::EQUALS], array_keys($metadata))) {
$result[] = $claim[self::EQUALS];
}
break;
case self::MATCHES:
foreach (array_keys($metadata) as $entityid) {
if (self::matches($entityid, $claim[self::MATCHES])) {
$result[] = $entityid;
}
}
break;
default:
break;
}
return $result;
}
public static function getIdpEntityCategories($idpMetadata)
{
return self::getAttrValues($idpMetadata, self::ENTITY_CATEGORY_ATTR_NAME);
}
public static function getIdpAssuranceCertifications($idpMetadata)
{
return self::getAttrValues($idpMetadata, self::ASSURANCE_CERTIFICATION_ATTR_NAME);
}
/**
* @deprecated
*/
public static function getAttrValues($idpMetadata, $attrName)
{
$result = [];
if (empty($idpMetadata['entityDescriptor'])) {
return $result;
}
$xmlStr = base64_decode($idpMetadata['entityDescriptor']);
$xml = @simplexml_load_string($xmlStr); // temporary solution
$xml->registerXPathNamespace('md', 'urn:oasis:names:tc:SAML:2.0:metadata');
$xml->registerXPathNamespace('mdattr', 'urn:oasis:names:tc:SAML:metadata:attribute');
$xml->registerXPathNamespace('saml', 'urn:oasis:names:tc:SAML:2.0:assertion');
$attrs = $xml->xpath('//saml:Attribute[@Name="' . $attrName . '"]/saml:AttributeValue');
foreach ($attrs as $attr) {
$result[] = $attr->__toString();
}
return $result;
}
public static function contains($needle, $haystack)
{
return in_array($needle, $haystack);
}
public static function equals($string1, $string2)
{
return $string1 === $string2;
}
public static function matches($string, $pattern)
{
return preg_match($pattern, $string) === 1;
}
public static function isIdpInCookie($idps, $entityid)
{
foreach ($idps as $idp) {
if ($idp['entityid'] === $entityid) {
if ($idp[self::ENTITYID] === $entityid) {
return true;
}
}
......@@ -236,7 +614,7 @@ class Campusidp extends Source
return false;
}
public static function findSearchboxesToDisplay($hintedIdps, $config)
public static function findSearchboxesToDisplay($hint, $config, $state)
{
$result = [];
......@@ -244,15 +622,38 @@ class Campusidp extends Source
if ($config['components'][$i]['name'] === 'searchbox') {
$ch = curl_init();
curl_setopt(
$ch,
CURLOPT_URL,
Module::getModuleURL(
'campusmultiauth/idpSearch.php?idphint=' . json_encode(
$hintedIdps
) . '&skipMatching=true' . '&index=' . $i
)
);
if ($hint !== null) {
curl_setopt(
$ch,
CURLOPT_URL,
Module::getModuleURL(
'campusmultiauth/idpSearch.php?' . self::IDPHINT . '=' . json_encode(
$hint
) . '&skipMatching=true' . '&index=' . $i
)
);
} elseif (array_key_exists(self::AARC_DISCOVERY_HINT_URI, $state)) {
curl_setopt(
$ch,
CURLOPT_URL,
Module::getModuleURL(
'campusmultiauth/idpSearch.php?' . self::AARC_DISCOVERY_HINT_URI . '=' . json_encode(
$state['aarc_discovery_hint_uri']
) . '&skipMatching=true' . '&index=' . $i
)
);
} else {
curl_setopt(
$ch,
CURLOPT_URL,
Module::getModuleURL(
'campusmultiauth/idpSearch.php?' . self::AARC_DISCOVERY_HINT . '=' . json_encode(
$state['aarc_discovery_hint']
) . '&skipMatching=true' . '&index=' . $i
)
);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$idps = json_decode(curl_exec($ch));
......
package-lock.json
View file @ d91a106a
This diff is collapsed.
package.json
View file @ d91a106a
{
"name": "simplesamlphp-module-campusmultiauth",
"license": "BSD-2-Clause",
"private": true,
"engines": {
"node": "^16"
},
"config": {
"commitizen": {
"path": "./node_modules/cz-conventional-changelog"
}
},
"devDependencies": {
"@commitlint/cli": "^16.1.0",
"@commitlint/config-conventional": "^16.0.0",
"@semantic-release/changelog": "^6.0.1",
"@semantic-release/git": "^10.0.1",
"cz-conventional-changelog": "^3.3.0",
"prettier": "^2.6.0",
"semantic-release": "^19.0.2"
},
"dependencies": {
"dialog-polyfill": "^0.5.4"
"@perun-proxy-aai/semantic-release-proxy-config": "^1.0.0"
}
}
renovate.json deleted 100644 → 0
View file @ 46562351
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base",
":automergeBranch",
":automergeLinters",
":automergePatch",
":automergeTesters",
":automergeTypes",
":enableVulnerabilityAlertsWithLabel(security)",
":maintainLockFilesWeekly",
":pinOnlyDevDependencies",
":prNotPending",
":rebaseStalePrs",
":semanticCommits",
":widenPeerDependencies",
"npm:unpublishSafe"
],
"composerIgnorePlatformReqs": ["simplexml", "soap"],
"stabilityDays": 3,
"transitiveRemediation": true
}
templates/includes/individual-identities.twig
View file @ d91a106a
......@@ -18,7 +18,7 @@
{% set index = 0 %}
{% for idp in configuration.identities %}
{% if idphint is not defined or idp.upstream_idp in idphint %}
{% if idpsToShow is not defined or idp.upstream_idp in idpsToShow %}
<div class="{% if muni_jvs %}margin-bottom-12{% endif %}{% if index >= configuration.number_shown %} idp-hidden d-none vhide{% endif %}">
<button class="btn-individual-identity btn {% if muni_jvs %}btn-primary btn-border color-{{ configuration.priority }} hover-none-{{ configuration.priority }}{% else %}btn-light shadow-sm {% if configuration.priority == 'primary' %}border-dark text-dark{% else %}border-muted text-muted{% endif %} border-2{% endif %}" type="submit" name="idpentityid" value="{{ idp.upstream_idp }}">
{% if muni_jvs %}<span class="no-uppercase color-{{ configuration.priority }} individual-identity-span-wrap">{% endif %}
......