Release 10.0.0-alpha.3 -- more cleanup and prep for SSP 2

.github/workflows/test-and-publish.yml

@@ -11,13 +11,13 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
       - name: test
-        run: docker-compose -f actions-services.yml run --rm test ./run-tests.sh
+        run: docker compose -f actions-services.yml run test ./run-tests.sh
       - name: check hub metadata for tests
-        run: docker-compose -f actions-services.yml run --rm ssp-hub.local ./run-metadata-tests.sh
+        run: docker compose -f actions-services.yml run ssp-hub.local ./run-metadata-tests.sh
       - name: check idp metadata for tests
-        run: docker-compose -f actions-services.yml run --rm ssp-idp1.local ./run-metadata-tests.sh
+        run: docker compose -f actions-services.yml run ssp-idp1.local ./run-metadata-tests.sh
       - name: check sp metadata for tests
-        run: docker-compose -f actions-services.yml run --rm ssp-sp1.local ./run-metadata-tests.sh
+        run: docker compose -f actions-services.yml run ssp-sp1.local ./run-metadata-tests.sh
 
   build-and-publish:
     name: Build and Publish

Dockerfile

@@ -7,7 +7,6 @@ ENV REFRESHED_AT 2021-06-14
 RUN apt-get update -y \
     && apt-get install -y \
         php-gmp \
-        php-memcached \
     && apt-get clean \
     && rm -rf /var/lib/apt/lists/*
 

Makefile

@@ -1,30 +1,30 @@
 hub: clean
-	docker-compose up -d ssp-hub.local
+	docker compose up -d ssp-hub.local
 
 clean:
-	docker-compose kill
-	docker-compose rm -f
+	docker compose kill
+	docker compose rm -f
 
 composer:
-	docker-compose run --rm composer bash -c "./update-composer-deps.sh"
+	docker compose run --rm composer bash -c "./update-composer-deps.sh"
 
 test:
-	docker-compose run --rm ssp-hub.local ./run-metadata-tests.sh
-	docker-compose run --rm ssp-idp1.local ./run-metadata-tests.sh
-	docker-compose run --rm ssp-sp1.local ./run-metadata-tests.sh
-	docker-compose run --rm test
+	docker compose run --rm ssp-hub.local ./run-metadata-tests.sh
+	docker compose run --rm ssp-idp1.local ./run-metadata-tests.sh
+	docker compose run --rm ssp-sp1.local ./run-metadata-tests.sh
+	docker compose run --rm test
 
 test-integration:
-	docker-compose run --rm test ./run-integration-tests.sh
+	docker compose run --rm test ./run-integration-tests.sh
 
 copyJsLib:
 	cp ./node_modules/@simplewebauthn/browser/dist/bundle/index.umd.min.js ./modules/mfa/www/simplewebauthn/browser.js
 	cp ./node_modules/@simplewebauthn/browser/LICENSE.md ./modules/mfa/www/simplewebauthn/LICENSE.md
 
 deps:
-	docker-compose run --rm node npm install --ignore-scripts
+	docker compose run --rm node npm install --ignore-scripts
 	make copyJsLib
 
 depsupdate:
-	docker-compose run --rm node npm update --ignore-scripts
+	docker compose run --rm node npm update --ignore-scripts
 	make copyJsLib

README.md

@@ -4,7 +4,7 @@ Base image for simpleSAMLphp
 Docker image: [silintl/ssp-base](https://hub.docker.com/r/silintl/ssp-base/)
 
 ## Prerequisite software
-[Docker](https://www.docker.com/products/overview) and [docker-compose](https://docs.docker.com/compose/install)
+[Docker](https://www.docker.com/products/overview) and [docker compose](https://docs.docker.com/compose/install)
 must be installed.
 
 [Make](https://www.gnu.org/software/make) is optional but simplifies the build process.
@@ -37,9 +37,11 @@ will overwrite variables set in the execution environment.
 2. `cp local.broker.env.dist local.broker.env` within project root and make adjustments as needed.
 3. Add your github token to the `COMPOSER_AUTH` variable in the `local.env` file.
 4. Create `localhost` aliases for `ssp-hub.local`, `ssp-idp1.local`, `ssp-idp2.local`, `ssp-idp3.local`, `ssp-sp1.local`, `ssp-sp2.local`, and `ssp-sp3.local`. This is typically done in `/etc/hosts`.  _Example line:  `127.0.0.1  ssp-hub.local ssp-idp1.local ssp-idp2.local ssp-idp3.local ssp-sp1.local ssp-sp2.local ssp-sp3.local`_
-4. `make` or `docker-compose up -d` within the project root.
+4. `make` or `docker compose up -d` within the project root.
 5. Visit http://ssp-hub.local to see SimpleSAMLphp 
 
+_Note:_ there is an unresolved problem that requires a change to BASE_URL_PATH for ssp-idp1.local in docker-compose.yml due to a requirement in silauth that it be a full URL. For automated testing, it must not have a port number, but for manual testing it needs the port number.
+
 ### Configure a container for debugging with Xdebug
 
 1. Add a volume map for run-debug.sh on the container you wish to debug.
@@ -68,7 +70,7 @@ docker composer up -d ssp-hub.local
  - Name it `Docker`
  - API URL should be `tcp://localhost:2375`
  - Certificates folder should be empty
- - Docker Compose executable should be full path to docker-compose script
+ - Docker Compose executable should be full path to docker compose script
 
 3. Hit `Apply`
 4. Next in `Preferences` -> `Languages & Frameworks` -> `PHP` click on the `...`

Vagrantfile

@@ -56,16 +56,16 @@ Vagrant.configure(2) do |config|
     sudo groupadd docker
     sudo usermod -aG docker vagrant
     # Install Docker Compose
-    curl -L https://github.com/docker/compose/releases/download/1.17.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
-    chmod +x /usr/local/bin/docker-compose
+    curl -L https://github.com/docker/compose/releases/download/1.17.0/docker compose-`uname -s`-`uname -m` > /usr/local/bin/docker compose
+    chmod +x /usr/local/bin/docker compose
   SHELL
 
   # This provisioner runs on every `vagrant reload' (as well as the first
   # `vagrant up`), reinstalling from local directories
   config.vm.provision "recompose", type: "shell",
      run: "always", inline: <<-SHELL
 
-    # Run docker-compose (which will update preloaded images, and
+    # Run docker compose (which will update preloaded images, and
     # pulls any images not preloaded)
     cd /vagrant
 

actions-services.yml

@@ -1,4 +1,3 @@
-version: '3'
 services:
 
   # the db container is used by the silauth module

composer.json

@@ -13,7 +13,6 @@
     "php": ">=8.1",
     "ext-gmp": "*",
     "ext-json": "*",
-    "ext-memcached": "*",
     "codemix/yii2-streamlog": "^1.3",
     "simplesamlphp/simplesamlphp": "^1.19.6",
     "simplesamlphp/composer-module-installer": "1.1.8",

development/idp-local/config/config.php

@@ -46,7 +46,6 @@
 $ADMIN_NAME = Env::get('ADMIN_NAME', 'SAML Admin');
 $ADMIN_PROTECT_INDEX_PAGE = Env::get('ADMIN_PROTECT_INDEX_PAGE', true);
 $SHOW_SAML_ERRORS = Env::get('SHOW_SAML_ERRORS', false);
-$TIMEZONE = Env::get('TIMEZONE', 'GMT');
 $ENABLE_DEBUG = Env::get('ENABLE_DEBUG', false);
 $LOGGING_LEVEL = Env::get('LOGGING_LEVEL', 'NOTICE');
 $LOGGING_HANDLER = Env::get('LOGGING_HANDLER', 'stderr');
@@ -57,17 +56,12 @@
 $SECURE_COOKIE = Env::get('SECURE_COOKIE', true);
 $SESSION_DURATION = (int)(Env::get('SESSION_DURATION', (60 * 60 * 10))); // 10 hours.
 $SESSION_STORE_TYPE = Env::get('SESSION_STORE_TYPE', 'phpsession');
-$MEMCACHE_HOST1 = Env::get('MEMCACHE_HOST1', null);
-$MEMCACHE_HOST2 = Env::get('MEMCACHE_HOST2', null);
-$MEMCACHE_HOST1_PORT = Env::get('MEMCACHE_HOST1_PORT', 11211);
-$MEMCACHE_HOST2_PORT = Env::get('MEMCACHE_HOST2_PORT', 11211);
 $MYSQL_HOST = Env::get('MYSQL_HOST', '');
 $MYSQL_DATABASE = Env::get('MYSQL_DATABASE', '');
 $MYSQL_USER = Env::get('MYSQL_USER', '');
 $MYSQL_PASSWORD = Env::get('MYSQL_PASSWORD', '');
 
 $SAML20_IDP_ENABLE = Env::get('SAML20_IDP_ENABLE', true);
-$GOOGLE_ENABLE = Env::get('GOOGLE_ENABLE', false);
 $HUB_MODE = Env::get('HUB_MODE', false);
 $ANALYTICS_ID = Env::get('ANALYTICS_ID', null);
 $PASSWORD_CHANGE_URL = Env::get('PASSWORD_CHANGE_URL');
@@ -208,7 +202,7 @@
      *
      * See this page for a list of valid timezones: http://php.net/manual/en/timezones.php
      */
-    'timezone' => $TIMEZONE,
+    'timezone' => 'GMT',
 
 
 
@@ -589,8 +583,9 @@
      */
 
     'module.enable' => [
-        // Setting to TRUE enables.
-        'authgoogle' => $GOOGLE_ENABLE,
+        'saml' => true,
+        'core' => true,
+        'admin' => true,
         'expirychecker' => true,
         'material' => true,
         'mfa' => true,
@@ -806,20 +801,13 @@
      * ],
      *
      */
-    'memcache_store.servers' => [
-        [
-            [
-                'hostname' => $MEMCACHE_HOST1,
-                'port' => $MEMCACHE_HOST1_PORT,
-            ],
-        ],
-        [
-            [
-                'hostname' => $MEMCACHE_HOST2,
-                'port' => $MEMCACHE_HOST2_PORT,
-            ],
-        ],
-    ],
+//    'memcache_store.servers' => [
+//        [
+//            [
+//                'hostname' => 'localhost',
+//            ],
+//        ],
+//    ],
 
     /*
      * This value allows you to set a prefix for memcache-keys. The default
@@ -829,7 +817,7 @@
      * than one instance is using memcache, you probably want to assign
      * a unique value per instance to this setting to avoid data collision.
      */
-    //'memcache_store.prefix' => '',
+//    'memcache_store.prefix' => '',
 
     /*
      * This value is the duration data should be stored in memcache. Data
@@ -846,7 +834,7 @@
      * Note: The oldest data will always be deleted if the memcache server
      * runs out of storage space.
      */
-    'memcache_store.expires' => $SESSION_DURATION + 3600, // Session duration plus an hour for clock skew
+//    'memcache_store.expires' => 36 * (60 * 60), // 36 hours.
 
 
 

development/idp2-local/config/config.php

@@ -46,7 +46,6 @@
 $ADMIN_NAME = Env::get('ADMIN_NAME', 'SAML Admin');
 $ADMIN_PROTECT_INDEX_PAGE = Env::get('ADMIN_PROTECT_INDEX_PAGE', true);
 $SHOW_SAML_ERRORS = Env::get('SHOW_SAML_ERRORS', false);
-$TIMEZONE = Env::get('TIMEZONE', 'GMT');
 $ENABLE_DEBUG = Env::get('ENABLE_DEBUG', false);
 $LOGGING_LEVEL = Env::get('LOGGING_LEVEL', 'NOTICE');
 $LOGGING_HANDLER = Env::get('LOGGING_HANDLER', 'stderr');
@@ -57,17 +56,12 @@
 $SECURE_COOKIE = Env::get('SECURE_COOKIE', true);
 $SESSION_DURATION = (int)(Env::get('SESSION_DURATION', (60 * 60 * 10))); // 10 hours.
 $SESSION_STORE_TYPE = Env::get('SESSION_STORE_TYPE', 'phpsession');
-$MEMCACHE_HOST1 = Env::get('MEMCACHE_HOST1', null);
-$MEMCACHE_HOST2 = Env::get('MEMCACHE_HOST2', null);
-$MEMCACHE_HOST1_PORT = Env::get('MEMCACHE_HOST1_PORT', 11211);
-$MEMCACHE_HOST2_PORT = Env::get('MEMCACHE_HOST2_PORT', 11211);
 $MYSQL_HOST = Env::get('MYSQL_HOST', '');
 $MYSQL_DATABASE = Env::get('MYSQL_DATABASE', '');
 $MYSQL_USER = Env::get('MYSQL_USER', '');
 $MYSQL_PASSWORD = Env::get('MYSQL_PASSWORD', '');
 
 $SAML20_IDP_ENABLE = Env::get('SAML20_IDP_ENABLE', true);
-$GOOGLE_ENABLE = Env::get('GOOGLE_ENABLE', false);
 $HUB_MODE = Env::get('HUB_MODE', false);
 $ANALYTICS_ID = Env::get('ANALYTICS_ID', null);
 $PASSWORD_CHANGE_URL = Env::get('PASSWORD_CHANGE_URL');
@@ -208,7 +202,7 @@
      *
      * See this page for a list of valid timezones: http://php.net/manual/en/timezones.php
      */
-    'timezone' => $TIMEZONE,
+    'timezone' => 'GMT',
 
 
 
@@ -589,8 +583,9 @@
      */
 
     'module.enable' => [
-        // Setting to TRUE enables.
-        'authgoogle' => $GOOGLE_ENABLE,
+        'saml' => true,
+        'core' => true,
+        'admin' => true,
         'expirychecker' => true,
         'material' => true,
         'mfa' => true,
@@ -806,20 +801,13 @@
      * ],
      *
      */
-    'memcache_store.servers' => [
-        [
-            [
-                'hostname' => $MEMCACHE_HOST1,
-                'port' => $MEMCACHE_HOST1_PORT,
-            ],
-        ],
-        [
-            [
-                'hostname' => $MEMCACHE_HOST2,
-                'port' => $MEMCACHE_HOST2_PORT,
-            ],
-        ],
-    ],
+//    'memcache_store.servers' => [
+//        [
+//            [
+//                'hostname' => 'localhost',
+//            ],
+//        ],
+//    ],
 
     /*
      * This value allows you to set a prefix for memcache-keys. The default
@@ -829,7 +817,7 @@
      * than one instance is using memcache, you probably want to assign
      * a unique value per instance to this setting to avoid data collision.
      */
-    //'memcache_store.prefix' => '',
+//    'memcache_store.prefix' => '',
 
     /*
      * This value is the duration data should be stored in memcache. Data
@@ -846,7 +834,7 @@
      * Note: The oldest data will always be deleted if the memcache server
      * runs out of storage space.
      */
-    'memcache_store.expires' => $SESSION_DURATION + 3600, // Session duration plus an hour for clock skew
+//    'memcache_store.expires' => 36 * (60 * 60), // 36 hours.