feat: Option to ignore logins by SP/IDP EntityID in config

Ability to configure for which matched SP and/or IDP the login insert gets ignored. Particularly usable in case of using API writer. The writing side does not need to take care of filtering out the login record, stats will do it instead.

feat: Option to ignore logins by SP/IDP EntityID in config
443a7665 · Dominik Frantisek Bucik · 5d19349b · 443a7665 · 443a7665 · 443a7665
Verified Commit 443a7665 authored 1 year ago by Dominik Frantisek Bucik
--- a/config-templates/module_proxystatistics.php
+++ b/config-templates/module_proxystatistics.php
@@ -103,4 +103,10 @@ $config = [
     * Password to protect API write endpoint (has no effect if write is disabled)
     */
    //'apiWritePasswordHash' => password_hash('ap1Wr1T3rP@S$'),
+    'ignoredIds' => [
+        'IDP' => ['spentityid1', 'spentityid2', 'spentityid3',],
+        'SP' => ['idpentityid1', 'idpentityid2', 'idpentityid3',],
+    ],
 ];
--- a/lib/Config.php
+++ b/lib/Config.php
@@ -41,6 +41,8 @@ class Config
    private const API_WRITE_PASSWORD_HASH = 'apiWritePasswordHash';
+    private const IGNORED_IDS = 'ignoredIds';
    private $config;
    private $store;
@@ -63,6 +65,8 @@ class Config
    private $apiWritePasswordHash;
+    private $ignoredIds;
    private static $instance;
    private function __construct()
@@ -76,6 +80,7 @@ class Config
        $this->requiredAuthSource = $this->config->getString(self::REQUIRE_AUTH_SOURCE, '');
        $this->idAttribute = $this->config->getString(self::USER_ID_ATTRIBUTE, 'uid');
        $this->apiWriteEnabled = $this->config->getBoolean(self::API_WRITE_ENABLED, false);
+        $this->ignoredIds = $this->config->getArray(self::IGNORED_IDS, []);
        if ($this->apiWriteEnabled) {
            $this->apiWriteUsername = $this->config->getString(self::API_WRITE_USERNAME);
            if (empty(trim($this->apiWriteUsername))) {
@@ -162,4 +167,9 @@ class Config
    {
        return $this->apiWritePasswordHash;
    }
+    public function getIgnoredIds()
+    {
+        return $this->ignoredIds;
+    }
 }
--- a/lib/DatabaseCommand.php
+++ b/lib/DatabaseCommand.php
@@ -60,6 +60,11 @@ class DatabaseCommand
    private $mode;
+    private $ignoredIds = [
+        Config::MODE_IDP => [],
+        Config::MODE_SP => [],
+    ];
    private $escape_char = '`';
    public function __construct()
@@ -73,6 +78,7 @@ class DatabaseCommand
        } else {
            $this->unknownDriver();
        }
+        $this->ignoredIds = array_merge($this->ignoredIds, $this->config->getIgnoredIds());
        $this->tables = array_merge($this->tables, $this->config->getTables());
        $this->mode = $this->config->getMode();
    }
@@ -269,6 +275,18 @@ class DatabaseCommand
                return;
            }
+            $entityId = $entities[$side][self::KEY_ID];
+            if (in_array($entityId, $this->ignoredIds[$side])) {
+                Logger::debug(
+                    sprintf(
+                        "%s EntityId of %s (%s) has been found in the ignored list. Not inserting login.",
+                        self::DEBUG_PREFIX,
+                        $side,
+                        $entityId
+                    )
+                );
+                return;
+            }
        }
        $ids = [];