chore: merge branch 'ignored' into 'main'

feat: Option to ignore logins by SP/IDP EntityID in config See merge request perun-proxy-aai/simplesamlphp/simplesamlphp-module-proxystatistics!91

chore: merge branch 'ignored' into 'main'
07b6d6cb · Dominik František Bučík · 5d19349b · 443a7665 · 07b6d6cb · 07b6d6cb
Commit 07b6d6cb authored 1 year ago by Dominik František Bučík
--- a/config-templates/module_proxystatistics.php
+++ b/config-templates/module_proxystatistics.php
@@ -103,4 +103,10 @@ $config = [
     * Password to protect API write endpoint (has no effect if write is disabled)
     */
    //'apiWritePasswordHash' => password_hash('ap1Wr1T3rP@S$'),
+    'ignoredIds' => [
+        'IDP' => ['spentityid1', 'spentityid2', 'spentityid3',],
+        'SP' => ['idpentityid1', 'idpentityid2', 'idpentityid3',],
+    ],
 ];
--- a/lib/Config.php
+++ b/lib/Config.php
@@ -41,6 +41,8 @@ class Config
    private const API_WRITE_PASSWORD_HASH = 'apiWritePasswordHash';
+    private const IGNORED_IDS = 'ignoredIds';
    private $config;
    private $store;
@@ -63,6 +65,8 @@ class Config
    private $apiWritePasswordHash;
+    private $ignoredIds;
    private static $instance;
    private function __construct()
@@ -76,6 +80,7 @@ class Config
        $this->requiredAuthSource = $this->config->getString(self::REQUIRE_AUTH_SOURCE, '');
        $this->idAttribute = $this->config->getString(self::USER_ID_ATTRIBUTE, 'uid');
        $this->apiWriteEnabled = $this->config->getBoolean(self::API_WRITE_ENABLED, false);
+        $this->ignoredIds = $this->config->getArray(self::IGNORED_IDS, []);
        if ($this->apiWriteEnabled) {
            $this->apiWriteUsername = $this->config->getString(self::API_WRITE_USERNAME);
            if (empty(trim($this->apiWriteUsername))) {
@@ -162,4 +167,9 @@ class Config
    {
        return $this->apiWritePasswordHash;
    }
+    public function getIgnoredIds()
+    {
+        return $this->ignoredIds;
+    }
 }
--- a/lib/DatabaseCommand.php
+++ b/lib/DatabaseCommand.php
@@ -60,6 +60,11 @@ class DatabaseCommand
    private $mode;
+    private $ignoredIds = [
+        Config::MODE_IDP => [],
+        Config::MODE_SP => [],
+    ];
    private $escape_char = '`';
    public function __construct()
@@ -73,6 +78,7 @@ class DatabaseCommand
        } else {
            $this->unknownDriver();
        }
+        $this->ignoredIds = array_merge($this->ignoredIds, $this->config->getIgnoredIds());
        $this->tables = array_merge($this->tables, $this->config->getTables());
        $this->mode = $this->config->getMode();
    }
@@ -269,6 +275,18 @@ class DatabaseCommand
                return;
            }
+            $entityId = $entities[$side][self::KEY_ID];
+            if (in_array($entityId, $this->ignoredIds[$side])) {
+                Logger::debug(
+                    sprintf(
+                        "%s EntityId of %s (%s) has been found in the ignored list. Not inserting login.",
+                        self::DEBUG_PREFIX,
+                        $side,
+                        $entityId
+                    )
+                );
+                return;
+            }
        }
        $ids = [];