diff --git a/bin/build-release.sh b/bin/build-release.sh
index 3babf12026b925a139d841460ae44fd42aa736ee..57d4421d49c8afd9a7f0307be9484fa035d06dbe 100755
--- a/bin/build-release.sh
+++ b/bin/build-release.sh
@@ -44,6 +44,7 @@ fi
php "$TARGET/composer.phar" install --no-dev --prefer-dist -o -d "$TARGET"
# Install external modules
+php "$TARGET/composer.phar" require --update-no-dev simplesamlphp/simplesamlphp-module-memcookie
php "$TARGET/composer.phar" require --update-no-dev simplesamlphp/simplesamlphp-module-riak
php "$TARGET/composer.phar" require --update-no-dev simplesamlphp/simplesamlphp-module-oauth
diff --git a/config-templates/authmemcookie.php b/config-templates/authmemcookie.php
deleted file mode 100644
index fac02813814cd56c09cd69ce3b526408d35da4e9..0000000000000000000000000000000000000000
--- a/config-templates/authmemcookie.php
+++ /dev/null
@@ -1,73 +0,0 @@
-<?php
-
-/**
- * This is the configuration file for the Auth MemCookie example.
- */
-
-$config = [
- /*
- * The authentication source that should be used.
- *
- * This must be one of the authentication sources configured in config/authsources.php.
- */
- 'authsource' => 'default-sp',
-
- /*
- * This is the name of the cookie we should save the session id in. The value of this option must match the
- * Auth_memCookie_CookieName option in the Auth MemCookie configuration. The default value is 'AuthMemCookie'.
- *
- * Default:
- * 'cookiename' => 'AuthMemCookie',
- */
- 'cookiename' => 'AuthMemCookie',
-
- /*
- * This option specifies the name of the attribute which contains the username of the user. It must be set to
- * a valid attribute name.
- *
- * Examples:
- * 'username' => 'uid', // LDAP attribute for user id.
- * 'username' => 'mail', // LDAP attribute for email address.
- *
- * Default:
- * No default value.
- */
- 'username' => null,
-
- /*
- * This option specifies the name of the attribute which contains the groups of the user. Set this option to
- * NULL if you don't want to include any groups.
- *
- * Example:
- * 'groups' => 'edupersonaffiliation',
- *
- * Default:
- * 'groups' => null,
- */
- 'groups' => null,
-
- /*
- * This option contains the hostnames or IP addresses of the memcache servers where we should store the
- * authentication information. Separator is a comma. This option should match the address part of the
- * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
- *
- * Examples:
- * 'memcache.host' => '192.168.93.52',
- * 'memcache.host' => 'memcache.example.org',
- * 'memcache.host' => 'memcache1.example.org,memcache2.example.org'
- *
- * Default:
- * 'memcache.host' => '127.0.0.1',
- */
- 'memcache.host' => '127.0.0.1',
-
- /*
- * This option contains the port number of the memcache server where we should store the
- * authentication information. This option should match the port part of the
- * Auth_memCookie_Memcached_AddrPort option in the Auth MemCookie configuration.
- *
- * Default:
- * 'memcache.port' => 11211,
- */
- 'memcache.port' => 11211,
-];
diff --git a/config-templates/config.php b/config-templates/config.php
index 6d9c71b8c9f9610a8b6addc5dae0502865eb4f8e..365f53698f8e7cdb4a2eea48d369523d18a1bd25 100644
--- a/config-templates/config.php
+++ b/config-templates/config.php
@@ -440,7 +440,6 @@ $config = [
'enable.shib13-idp' => false,
'enable.adfs-idp' => false,
'enable.wsfed-sp' => false,
- 'enable.authmemcookie' => false,
/*
* Default IdP for WS-Fed.
diff --git a/extra/auth_memcookie.conf b/extra/auth_memcookie.conf
deleted file mode 100644
index c387a85dc9c12f9d6d03f3fa1af2678fcea4e19a..0000000000000000000000000000000000000000
--- a/extra/auth_memcookie.conf
+++ /dev/null
@@ -1,38 +0,0 @@
-<Location />
- # This is a list of memcache servers which Auth MemCookie
- # should use. It is a ','-separated list of
- # host:port-pairs.
- # Note that this list must list the same servers as the
- # 'authmemcookie.servers'-option in config.php in the
- # configuration for simpleSAMLphp.
- Auth_memCookie_Memcached_AddrPort "127.0.0.1:11211"
-
- # This must be set to 'on' to enable Auth MemCookie for
- # this directory.
- Auth_memCookie_Authoritative on
-
- # This adjusts the maximum number of data elements in the
- # session data. The default is 10, which can be to low.
- Auth_memCookie_SessionTableSize "40"
-
- # These two commands are required to enable access control
- # in Apache.
- AuthType Cookie
- AuthName "My Login"
-
- # This command causes apache to redirect to the given
- # URL when we receive a '401 Authorization Required'
- # error. We redirect to "/simplesaml/authmemcookie.php",
- # which initializes a login to the IdP.
- ErrorDocument 401 "/simplesaml/authmemcookie.php"
-
-</Location>
-
-<Location /secret>
- # This allows all authenticated users to access the
- # directory. To learn more about the 'Require' command,
- # please look at:
- # http://httpd.apache.org/docs/2.0/mod/core.html#require
- Require valid-user
-</Location>
-
diff --git a/extra/simplesamlphp.spec b/extra/simplesamlphp.spec
index 7118153f626039f4247ba376e7edfda1d2ce24c3..6ea33d47160a4cf602ccaf0e079d20abeb0967e3 100644
--- a/extra/simplesamlphp.spec
+++ b/extra/simplesamlphp.spec
@@ -70,7 +70,6 @@ tar cf - . | (cd %{buildroot}%{_prefix}simplesamlphp; tar xfp -)
/var/lib/simplesamlphp/
%dir %attr(0750, root,apache) /var/lib/simplesamlphp/config
%config(noreplace) %attr(0640, root,apache) /var/lib/simplesamlphp/config/acl.php
-%config(noreplace) %attr(0640, root,apache) /var/lib/simplesamlphp/config/authmemcookie.php
%config(noreplace) %attr(0640, root,apache) /var/lib/simplesamlphp/config/authsources.php
%config(noreplace) %attr(0640, root,apache) /var/lib/simplesamlphp/config/config.php
%dir %attr(0750, root,apache) /var/lib/simplesamlphp/metadata
diff --git a/lib/SimpleSAML/AuthMemCookie.php b/lib/SimpleSAML/AuthMemCookie.php
deleted file mode 100644
index 6b4455400c4a1709638da0f9747f1ed696c97362..0000000000000000000000000000000000000000
--- a/lib/SimpleSAML/AuthMemCookie.php
+++ /dev/null
@@ -1,169 +0,0 @@
-<?php
-
-namespace SimpleSAML;
-
-/**
- * This is a helper class for the Auth MemCookie module.
- * It handles the configuration, and implements the logout handler.
- *
- * @author Olav Morken, UNINETT AS.
- * @package SimpleSAMLphp
- *
- * @deprecated This class has been deprecated and will be removed in SSP 2.0. Use the memcookie module instead.
- */
-
-class AuthMemCookie
-{
- /**
- * @var AuthMemCookie This is the singleton instance of this class.
- */
- private static $instance = null;
-
-
- /**
- * @var Configuration The configuration for Auth MemCookie.
- */
- private $amcConfig;
-
-
- /**
- * This function is used to retrieve the singleton instance of this class.
- *
- * @return AuthMemCookie The singleton instance of this class.
- */
- public static function getInstance()
- {
- if (self::$instance === null) {
- self::$instance = new AuthMemCookie();
- }
-
- return self::$instance;
- }
-
-
- /**
- * This function implements the constructor for this class. It loads the Auth MemCookie configuration.
- */
- private function __construct()
- {
- // load AuthMemCookie configuration
- $this->amcConfig = Configuration::getConfig('authmemcookie.php');
- }
-
-
- /**
- * Retrieve the authentication source that should be used to authenticate the user.
- *
- * @return string The login type which should be used for Auth MemCookie.
- */
- public function getAuthSource()
- {
- return $this->amcConfig->getString('authsource');
- }
-
-
- /**
- * This function retrieves the name of the cookie from the configuration.
- *
- * @return string The name of the cookie.
- * @throws Exception If the value of the 'cookiename' configuration option is invalid.
- */
- public function getCookieName()
- {
- $cookieName = $this->amcConfig->getString('cookiename', 'AuthMemCookie');
- if (!is_string($cookieName) || strlen($cookieName) === 0) {
- throw new \Exception(
- "Configuration option 'cookiename' contains an invalid value. This option should be a string."
- );
- }
-
- return $cookieName;
- }
-
-
- /**
- * This function retrieves the name of the attribute which contains the username from the configuration.
- *
- * @return string The name of the attribute which contains the username.
- */
- public function getUsernameAttr()
- {
- $usernameAttr = $this->amcConfig->getString('username', null);
-
- return $usernameAttr;
- }
-
-
- /**
- * This function retrieves the name of the attribute which contains the groups from the configuration.
- *
- * @return string The name of the attribute which contains the groups.
- */
- public function getGroupsAttr()
- {
- $groupsAttr = $this->amcConfig->getString('groups', null);
-
- return $groupsAttr;
- }
-
-
- /**
- * This function creates and initializes a Memcache object from our configuration.
- *
- * @return \Memcache A Memcache object initialized from our configuration.
- * @throws \Exception If the servers configuration is invalid.
- */
- public function getMemcache()
- {
- $memcacheHost = $this->amcConfig->getString('memcache.host', '127.0.0.1');
- $memcachePort = $this->amcConfig->getInteger('memcache.port', 11211);
-
- $class = class_exists('Memcache') ? '\Memcache' : (class_exists('Memcached') ? '\Memcached' : false);
- if (!$class) {
- throw new \Exception(
- 'Missing Memcached implementation. You must install either the Memcache or Memcached extension.'
- );
- }
-
- // Create the Memcache(d) object.
- $memcache = new $class();
-
- foreach (explode(',', $memcacheHost) as $memcacheHost) {
- $memcache->addServer($memcacheHost, $memcachePort);
- }
-
- return $memcache;
- }
-
-
- /**
- * This function logs the user out by deleting the session information from memcache.
- */
- private function doLogout()
- {
- $cookieName = $this->getCookieName();
-
- // check if we have a valid cookie
- if (!array_key_exists($cookieName, $_COOKIE)) {
- return;
- }
-
- $sessionID = $_COOKIE[$cookieName];
-
- // delete the session from memcache
- $memcache = $this->getMemcache();
- $memcache->delete($sessionID);
-
- // delete the session cookie
- \SimpleSAML\Utils\HTTP::setCookie($cookieName, null);
- }
-
-
- /**
- * This function implements the logout handler. It deletes the information from Memcache.
- */
- public static function logoutHandler()
- {
- self::getInstance()->doLogout();
- }
-}
diff --git a/www/authmemcookie.php b/www/authmemcookie.php
deleted file mode 100644
index 9825c62f54bc6ed9032b981eb43ae0882f989af9..0000000000000000000000000000000000000000
--- a/www/authmemcookie.php
+++ /dev/null
@@ -1,106 +0,0 @@
-<?php
-
-/**
- * This file implements an script which can be used to authenticate users with Auth MemCookie.
- * See: http://authmemcookie.sourceforge.net/
- *
- * The configuration for this script is stored in config/authmemcookie.php.
- *
- * The file extra/auth_memcookie.conf contains an example of how Auth Memcookie can be configured
- * to use SimpleSAMLphp.
- *
- * @deprecated This file has been deprecated and will be removed in SSP 2.0. Use the memcookie module instead.
- */
-
-require_once('_include.php');
-
-try {
- // load SimpleSAMLphp configuration
- $globalConfig = \SimpleSAML\Configuration::getInstance();
-
- // check if this module is enabled
- if (!$globalConfig->getBoolean('enable.authmemcookie', false)) {
- throw new \SimpleSAML\Error\Error('NOACCESS');
- }
-
- // load Auth MemCookie configuration
- $amc = \SimpleSAML\AuthMemCookie::getInstance();
-
- $sourceId = $amc->getAuthSource();
- $s = new \SimpleSAML\Auth\Simple($sourceId);
-
- // check if the user is authorized. We attempt to authenticate the user if not
- $s->requireAuth();
-
- // generate session id and save it in a cookie
- $sessionID = \SimpleSAML\Utils\Random::generateID();
- $cookieName = $amc->getCookieName();
- \SimpleSAML\Utils\HTTP::setCookie($cookieName, $sessionID);
-
- // generate the authentication information
- $attributes = $s->getAttributes();
-
- $authData = [];
-
- // username
- $usernameAttr = $amc->getUsernameAttr();
- if (!array_key_exists($usernameAttr, $attributes)) {
- throw new \Exception(
- "The user doesn't have an attribute named '".$usernameAttr.
- "'. This attribute is expected to contain the username."
- );
- }
- $authData['UserName'] = $attributes[$usernameAttr];
-
- // groups
- $groupsAttr = $amc->getGroupsAttr();
- if ($groupsAttr !== null) {
- if (!array_key_exists($groupsAttr, $attributes)) {
- throw new \Exception(
- "The user doesn't have an attribute named '".$groupsAttr.
- "'. This attribute is expected to contain the groups the user is a member of."
- );
- }
- $authData['Groups'] = $attributes[$groupsAttr];
- } else {
- $authData['Groups'] = [];
- }
-
- $authData['RemoteIP'] = $_SERVER['REMOTE_ADDR'];
-
- foreach ($attributes as $n => $v) {
- $authData['ATTR_'.$n] = $v;
- }
-
- // store the authentication data in the memcache server
- $data = '';
- foreach ($authData as $name => $values) {
- if (is_array($values)) {
- foreach ($values as $i => $value) {
- if (!is_a($value, 'DOMNodeList')) {
- continue;
- }
- /* @var \DOMNodeList $value */
- if ($value->length === 0) {
- continue;
- }
- $values[$i] = new \SAML2\XML\saml\AttributeValue($value->item(0)->parentNode);
- }
- $values = implode(':', $values);
- }
- $data .= $name.'='.$values."\r\n";
- }
-
- $memcache = $amc->getMemcache();
- $expirationTime = $s->getAuthData('Expire');
- $memcache->set($sessionID, $data, 0, $expirationTime);
-
- // register logout handler
- $session = \SimpleSAML\Session::getSessionFromRequest();
- $session->registerLogoutHandler($sourceId, '\SimpleSAML\AuthMemCookie', 'logoutHandler');
-
- // redirect the user back to this page to signal that the login is completed
- \SimpleSAML\Utils\HTTP::redirectTrustedURL(\SimpleSAML\Utils\HTTP::getSelfURL());
-} catch (\Exception $e) {
- throw new \SimpleSAML\Error\Error('CONFIG', $e);
-}