Instead of one cache, we need to use two: one for the list of modules available, and the other for the details for them. Those caches should be filled independently, so that someone calling getModules() does not trigger the code checking of the modules are enabled or finding their hooks.

It has also an impact in performance, and covers an unlikely scenario. Instead, if you plan to use templates from another module, now you need to call the "addTemplatesFromModule()" method right after creating the template. That way you can register manually what templates you are supposed to use, being much more efficient.

An alternative way to inject data in the templates should be used. This has a terrible impact in performance, and could have undesired side effects.

This allows template users to use their own twig extensions if they want, while also allowing us to remove the "twigInit" hook. Hooks come at a price, and it doesn't make much sense to use them in this case, as they would only be useful if a module wants to add a twig extension even if the code instantiating SimpleSAML_XHTML_Template does not belong to that module. This could lead to unexpected behaviour (i.e. a module adding a hook that creates trouble for the templates defined in another module), so given the lack of use cases supporting the hook and the possible negative consequences implied, it's better to remove it.

The issue here is that every time we need to list the modules or check if they are enabled, we just iterate over the modules directory and subdirectories, which is terribly expensive. Instead of doing so, we build a cache of modules specifying if they are enabled or not. In the end, this is also fixing another issue, given that enabling/disabling a module in the middle of a request being processed could lead to inconsistencies and unexpected behaviour (likely exceptions and horrible crashes). Modules should be checked in the beginning of a request and their state (enabled/disabled) frozen until the request is processed to avoid that, and this is the way to achieve so.

Additionally, we take the chance to check if modules are enabled when we search for them. This reduces the processing time to around a third of the original without this fix.

When the module tries to build up a menu, it instantiates a new "random" template (from another module, sanitycheck) to get a translator that it can use to translate the menu options. This is awfully wrong, as it forces SSP to load another template, reinit Twig, the translation system, and so on. Instead, a new instance of SimpleSAML\Locale\Translate should be more than enough.

If we get a response with an InResponseTo attribute that doesn't match a valid state array, and the response is not a duplicate, we should continue with the response as an unsolicited one.

FQDN can be up to 255 chars according to RFC1035 3.1

The _authSource column stores FQDNs. Increase the VARCHAR size from 30
to 255 since this is the maximum allowed length of a FQDN (RFC1035).

Also, increase the TableVersion to 2 and MODIFY the column size of
existing version 1 tables.

Fixes #579

Add PHP 7.1 to TravisCI build versions

Disco suggest algorithm accepts also -_() characters

LinkedIn.php in PSR-2

When IdP has e.g. acronym in the name covered by () or there is dash in the name, then the current suggest algorithm doesn't split the name correctly, so disco doesn't show the name of the organization when you type the acronym or something which is in brackets.

* Adjusted the silent fail to log a warning when $this->getLdap() fails

the silent fail on searchformultiple(...) did not show anything in the log when actually it was the $this->getLdap() that failed.

* Bugfix: Wrapped the building of authsource config with issets

Not doing this gave me errors about ldap.port and ldap.timeout not being an integer (but NULL) from Configuration.php

Dec 23 08:28:10 simplesamlphp WARNING [94b0f44d76] AttributeAddFromLDAP: exception = exception 'Exception' with message 'ldap:AuthProcess: The option 'ldap.port' is not a valid integer value.' in /Users/remy/git/saml-IdP/lib/SimpleSAML/Configuration.php:737
Stack trace:
#0 /Users/remy/git/saml-IdP/modules/ldap/lib/Auth/Process/BaseFilter.php(267): SimpleSAML_Configuration->getInteger('ldap.port', 389)
#1 /Users/remy/git/saml-IdP/modules/ldap/lib/Auth/Process/AttributeAddFromLDAP.php(172): sspmod_ldap_Auth_Process_BaseFilter->getLdap()
...

* removed the @ as thijskh suggested...

* feature: AttributeCopy can take array for 1 attribute

* Revert "feature: AttributeCopy can take array for 1 attribute"

This reverts commit 78ccac061eab0fc4a0680e2aaf9ae07c3b6a29ac.

* BaseFilter.php: fix indent and added more isset checks...

* BaseFilter.php: removed an unneeded if ($authsource['search.enable'] ....

Since I moved this code into an if that already only gets executed when authsource['search.enable'] = true it is no longer needed in this check....

adjustment of meta viewport

feature: AttributeCopy can take array for an attribute

Add REMOTE_ADDR to successful auth and user name to unsuccessful log …

Added tests for SimpleSAML\XML\Signer

Fixed typos.

docs: Fix minor typo.

When unserializing the session fails, the handler should return null instead of false. Additionally, SimpleSAML_Session::load() should make sure that it got an instance of SimpleSAML_Session, to avoid any misbehaving handlers to generate an issue.

This resolves #616.

Remove duplicate config

Update composer.lock with vfsStream dev-dependency

I believe #592 broke unit tests by adding a dev-dependency to
`composer.json` but forgot to update `composer.lock`. Therefore,
`composer install` does not install all the necessary dependencies for
tests.

Added tests for SimpleSAML\Utils\XML

SimpleSAML_SessionHandler* classes refactorized to PSR-4

Extend theming documentation about resource referencing