Storing entityIds instead of Names

* Because the SP / IdP can change the name, there is a problem that after changing the name, this SP / IdP is stored in statistics multiple times. * It is better to store SP/Idp identifier (EntityID and ClientID; This identifier should be unchangeable) and store tables for mapping identifier to Name.

Storing entityIds instead of Names
7f4ce247 · Pavel Vyskočil · e66cfd63 · 7f4ce247 · 7f4ce247 · 7f4ce247
Unverified Commit 7f4ce247 authored 6 years ago by Pavel Vyskočil
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,11 @@
 All notable changes to this project will be documented in this file.
 ## [Unreleased]
+[Added]
+- Added mapping tables for mapping identifier to name
+[Changed]
+- Storing entityIds instead of SpName/IdPName. 
 ## [v1.2.1]
 [Fixed]

--- a/config-templates/module_statisticsproxy.php
+++ b/config-templates/module_statisticsproxy.php
@@ -38,11 +38,21 @@ $config = array(
     */
    'identityProvidersTableName' => 'identityProviders',
+    /*
+     * Fill the table name for identityProvidersMap
+     */
+    'identityProvidersMapTableName' => 'identityProvidersMap',
    /*
     * Fill the table name for serviceProviders
     */
    'serviceProvidersTableName' => 'serviceProviders',
+    /*
+     * Fill the table name for serviceProviders
+     */
+    'serviceProvidersMapTableName' => 'serviceProvidersMap',
    /*
     * Fill true, if you want to use encryption, false if not.
     */

--- a/config-templates/tables.sql
+++ b/config-templates/tables.sql
-#Statistics for IdPs
+--Statistics for IdPs
 CREATE TABLE identityProviders (
 	year INT NOT NULL,
 	month INT NOT NULL,
@@ -12,7 +12,7 @@ CREATE TABLE identityProviders (
 	PRIMARY KEY (year, month, day, sourceIdp)
 );
-#Statistics for services
+--Statistics for services
 CREATE TABLE serviceProviders(
 	year INT NOT NULL,
 	month INT NOT NULL,
@@ -24,4 +24,18 @@ CREATE TABLE serviceProviders(
 	INDEX (year,month),
 	INDEX (year,month,day),
 	PRIMARY KEY (year, month, day, service)
+);
+--Tables for mapping identifier to name
+CREATE TABLE identityProvidersMap(
+	entityId VARCHAR(255) NOT NULL,
+	name VARCHAR(255) NOT NULL,
+	PRIMARY KEY (entityId)
+);
+DROP TABLE serviceProvidersMap;
+CREATE TABLE serviceProvidersMap(
+	identifier VARCHAR(255) NOT NULL,
+	name VARCHAR(255) NOT NULL,
+	PRIMARY KEY (identifier)
 );
\ No newline at end of file
--- a/lib/Auth/Process/DatabaseCommand.php
+++ b/lib/Auth/Process/DatabaseCommand.php
@@ -13,25 +13,47 @@ class DatabaseCommand
        $conn = $databaseConnector->getConnection();
        assert($conn != NULL);
        $identityProvidersTableName = $databaseConnector->getIdentityProvidersTableName();
+        $identityProvidersMapTableName = $databaseConnector->getIdentityProvidersMapTableName();
        $serviceProvidersTableName = $databaseConnector->getServiceProvidersTableName();
-        $sourceIdp = $request['Attributes']['sourceIdPName'][0];
+        $serviceProvidersMapTableName = $databaseConnector->getServiceProvidersMapTableName();
-        $service = $request['Destination']['name']['en'];
+        $idpEntityID = $request['saml:sp:IdP'];
+        $idpName = $request['Attributes']['sourceIdPName'][0];
+        $spEntityId = $request['Destination']['entityid'];
+        $spName = $request['Destination']['name']['en'];
        $year = $date->format('Y');
        $month = $date->format('m');
        $day = $date->format('d');
-        $stmt = $conn->prepare("INSERT INTO ".$identityProvidersTableName."(year, month, day, sourceIdp, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
+        if (is_null($idpEntityID) || empty($idpEntityID) || is_null($spEntityId) || empty($spEntityId)) {
-        $stmt->bind_param("iiis", $year, $month, $day, $sourceIdp);
+            SimpleSAML\Logger::error("Some from attribute: 'idpEntityId', 'idpName', 'spEntityId' and 'spName' is null or empty and login log wasn't inserted into the database.");
-        if ($stmt->execute() === FALSE) {
+        } else {
-            SimpleSAML\Logger::error("The login log wasn't inserted into the database.");
+            $stmt = $conn->prepare("INSERT INTO ".$identityProvidersTableName."(year, month, day, sourceIdp, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
-        }
+            $stmt->bind_param("iiis", $year, $month, $day, $idpEntityID);
+            if ($stmt->execute() === FALSE) {
+                SimpleSAML\Logger::error("The login log wasn't inserted into table: " . $identityProvidersTableName . ".");
+            }
+            $stmt = $conn->prepare("INSERT INTO ".$serviceProvidersTableName."(year, month, day, service, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
+            $stmt->bind_param("iiis", $year, $month, $day, $spEntityId);
+            if ($stmt->execute() === FALSE) {
+                SimpleSAML\Logger::error("The login log wasn't inserted into into table: " . $serviceProvidersTableName . ".");
+            }
+            if (is_null($idpName) || empty($idpName)) {
+	            $stmt->prepare("INSERT INTO " . $identityProvidersMapTableName . "(entityId, name) VALUES (?, ?) ON DUPLICATE KEY UPDATE name = ?");
+	            $stmt->bind_param("sss", $idpEntityID, $idpName, $idpName);
+	            $stmt->execute();
+            }
-        $stmt = $conn->prepare("INSERT INTO ".$serviceProvidersTableName."(year, month, day, service, count) VALUES (?, ?, ?, ?, '1') ON DUPLICATE KEY UPDATE count = count + 1");
+            if (is_null($spName) || empty($spName)) {
-        $stmt->bind_param("iiis", $year, $month, $day, $service);
+	            $stmt->prepare("INSERT INTO " . $serviceProvidersMapTableName . "(identifier, name) VALUES (?, ?) ON DUPLICATE KEY UPDATE name = ?");
-        if ($stmt->execute() === FALSE) {
+	            $stmt->bind_param("sss", $spEntityId, $spName, $spName);
-            SimpleSAML\Logger::error("The login log wasn't inserted into the database.");
+	            $stmt->execute();
+            }
        }
+        SimpleSAML\Logger::error("The login log was successfully stored in database");
        $conn->close();
    }
@@ -56,12 +78,13 @@ class DatabaseCommand
        $databaseConnector = new DatabaseConnector();
        $conn = $databaseConnector->getConnection();
        assert($conn != NULL);
-        $table_name = $databaseConnector->getIdentityProvidersTableName();
+        $identityProvidersTableName = $databaseConnector->getIdentityProvidersTableName();
-        $stmt = $conn->prepare("SELECT year, month, sourceIdp, SUM(count) AS count FROM ".$table_name. " GROUP BY year, month, sourceIdp HAVING sourceIdp != '' ORDER BY year DESC, month DESC, count DESC");
+        $identityProvidersMapTableName = $databaseConnector->getIdentityProvidersMapTableName();
+        $stmt = $conn->prepare("SELECT year, month, IFNULL(name,sourceIdp) AS idPName, SUM(count) AS count FROM ".$identityProvidersTableName. " LEFT OUTER JOIN " . $identityProvidersMapTableName . " ON sourceIdp = entityId GROUP BY year, month, sourceIdp HAVING sourceIdp != '' ORDER BY year DESC, month DESC, count DESC");
        $stmt->execute();
        $result = $stmt->get_result();
        while($row = $result->fetch_assoc()) {
-            echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["sourceIdp"]."', {v:".$row["count"]."}],";
+            echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["idPName"]."', {v:".$row["count"]."}],";
        }
        $conn->close();
    }
@@ -71,12 +94,13 @@ class DatabaseCommand
        $databaseConnector = new DatabaseConnector();
        $conn = $databaseConnector->getConnection();
        assert($conn != NULL);
-        $table_name = $databaseConnector->getServiceProvidersTableName();
+        $serviceProvidersTableName = $databaseConnector->getServiceProvidersTableName();
-        $stmt = $conn->prepare("SELECT year, month, service, SUM(count) AS count FROM ".$table_name." GROUP BY year DESC, month DESC, service HAVING service != '' ORDER BY year DESC, month DESC, count DESC");
+        $serviceProvidersMapTableName = $databaseConnector->getServiceProvidersMapTableName();
+        $stmt = $conn->prepare("SELECT year, month, IFNULL(name,service) AS spName, SUM(count) AS count FROM ".$serviceProvidersTableName." LEFT OUTER JOIN " . $serviceProvidersMapTableName . " ON service = identifier GROUP BY year DESC, month DESC, service HAVING service != '' ORDER BY year DESC, month DESC, count DESC");
        $stmt->execute();
        $result = $stmt->get_result();
        while($row = $result->fetch_assoc()) {
-            echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["service"]."', {v:".$row["count"]."}],";        }
+            echo "[new Date(".$row["year"].",".($row["month"] - 1 )."),'".$row["spName"]."', {v:".$row["count"]."}],";        }
        $conn->close();
    }
@@ -128,12 +152,13 @@ class DatabaseCommand
        $databaseConnector = new DatabaseConnector();
        $conn = $databaseConnector->getConnection();
        assert($conn != NULL);
-        $table_name = $databaseConnector->getServiceProvidersTableName();
+        $serviceProvidersTableName = $databaseConnector->getServiceProvidersTableName();
-        $stmt = $conn->prepare("SELECT service, SUM(count) AS count FROM ".$table_name." GROUP BY service HAVING service != ''");
+        $serviceProvidersMapTableName = $databaseConnector->getServiceProvidersMapTableName();
+        $stmt = $conn->prepare("SELECT IFNULL(name,service) AS spName, SUM(count) AS count FROM ".$serviceProvidersTableName." LEFT OUTER JOIN " . $serviceProvidersMapTableName . " ON service = identifier GROUP BY service HAVING service != ''");
        $stmt->execute();
        $result = $stmt->get_result();
        while($row = $result->fetch_assoc()) {
-            echo "['".$row["service"]."', ".$row["count"]."],";
+            echo "['".$row["spName"]."', ".$row["count"]."],";
        }
        $conn->close();
    }
@@ -143,12 +168,13 @@ class DatabaseCommand
        $databaseConnector = new DatabaseConnector();
        $conn = $databaseConnector->getConnection();
        assert($conn != NULL);
-        $table_name = $databaseConnector->getIdentityProvidersTableName();
+        $identityProvidersTableName = $databaseConnector->getIdentityProvidersTableName();
-        $stmt = $conn->prepare("SELECT sourceIdp, SUM(count) AS count FROM ".$table_name." GROUP BY sourceIdp HAVING sourceIdp != ''");
+        $identityProvidersMapTableName = $databaseConnector->getIdentityProvidersMapTableName();
+        $stmt = $conn->prepare("SELECT IFNULL(name,sourceIdp) AS idPName, SUM(count) AS count FROM ".$identityProvidersTableName. " LEFT OUTER JOIN " . $identityProvidersMapTableName . " ON sourceIdp = entityId GROUP BY sourceIdp HAVING sourceIdp != ''");
        $stmt->execute();
        $result = $stmt->get_result();
        while($row = $result->fetch_assoc()) {
-            echo "['".$row["sourceIdp"]."', ".$row["count"]."],";
+            echo "['".$row["idPName"]."', ".$row["count"]."],";
        }
        $conn->close();
    }

--- a/lib/Auth/Process/DatabaseConnector.php
+++ b/lib/Auth/Process/DatabaseConnector.php
@@ -11,7 +11,9 @@ class databaseConnector
    private $password;
    private $databaseName;
    private $identityProvidersTableName;
+    private $identityProvidersMapTableName;
    private $serviceProvidersTableName;
+    private $serviceProvidersMapTableName;
    private $encryption;
    private $sslCA;
    private $sslCert;
@@ -25,7 +27,9 @@ class databaseConnector
    const PASSWORD = 'password';
    const DATABASE = 'databaseName';
    const IDP_TABLE_NAME = 'identityProvidersTableName';
+    const IDP_MAP_TABLE_NAME = 'identityProvidersMapTableName';
    const SP_TABLE_NAME = 'serviceProvidersTableName' ;
+    const SP_MAP_TABLE_NAME = 'serviceProvidersMapTableName';
    const ENCRYPTION = 'encryption';
    const SSL_CA = 'ssl_ca';
    const SSL_CERT = 'ssl_cert_path';
@@ -43,7 +47,9 @@ class databaseConnector
        $this->password = $conf->getString(self::PASSWORD);
        $this->databaseName = $conf->getString(self::DATABASE);
        $this->identityProvidersTableName = $conf->getString(self::IDP_TABLE_NAME);
+        $this->identityProvidersMapTableName = $conf->getString(self::IDP_MAP_TABLE_NAME);
        $this->serviceProvidersTableName = $conf->getString(self::SP_TABLE_NAME);
+        $this->serviceProvidersMapTableName = $conf->getString(self::SP_MAP_TABLE_NAME);
        $this->encryption = $conf->getBoolean(self::ENCRYPTION);
        $this->sslCA = $conf->getString(self::SSL_CA);
        $this->sslCert = $conf->getString(self::SSL_CERT);
@@ -80,11 +86,20 @@ class databaseConnector
    }
+    public function getIdentityProvidersMapTableName()
+    {
+    	return $this->identityProvidersMapTableName;
+    }
    public function getServiceProvidersTableName()
    {
        return $this->serviceProvidersTableName;
    }
+	public function getServiceProvidersMapTableName()
+	{
+		return $this->serviceProvidersMapTableName;
+	}
 }
\ No newline at end of file