Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes #824: Replace simplesaml gist. #838

Merged
merged 1 commit into from
Dec 21, 2016
Merged

Fixes #824: Replace simplesaml gist. #838

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion phing/tasks/simplesamlphp.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
<copy todir="${repo.root}/simplesamlphp/config" overwrite="false">
<filelist dir="${repo.root}/vendor/simplesamlphp/simplesamlphp/config-templates" files="authsources.php, config.php"/>
</copy>
<exec dir="${repo.root}/simplesamlphp/config" command="curl https://gist.githubusercontent.com/acquialibrary/8059715/raw/a6dc376bfb5068a2c7fe01be315d13bd47d4c10b/9191_config.php > acquia_config.php" passthru="true"/>
<copy file="${blt.root}/scripts/simplesamlphp/acquia_config.php" tofile="${repo.root}/simplesamlphp/config" overwrite="false"/>
<append destFile="${repo.root}/simplesamlphp/config/config.php" text="include 'acquia_config.php';"/>
<echo>Copying config files to ${repo.root}/simplesamlphp/metadata.</echo>
<copy todir="${repo.root}/simplesamlphp/metadata" file="${repo.root}/vendor/simplesamlphp/simplesamlphp/metadata-templates/saml20-idp-remote.php" overwrite="false"/>
Expand Down
91 changes: 91 additions & 0 deletions scripts/simplesamlphp/acquia_config.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
<?php
// All custom changes below. Modify as needed.
// Defines account specific settings.
// $ah_options['database_name'] should be the Acquia Cloud workflow database name which
// will store SAML session information.set
// You can use any database that you have defined in your workflow.
// Use the database "role" without the stage ("dev", "stage", or "test", etc.)
//This file was last modified on Nov 4, 2015.
$ah_options = array(
'database_name' => 'mydatabasename',
'session_store' => array(
'prod' => 'memcache',
'test' => 'memcache',
'dev' => 'database',
),
);
// Set some security and other configs that are set above, however we
// overwrite them here to keep all changes in one area
$config['technicalcontact_name'] = "Your Name";
$config['technicalcontact_email'] = "your_email@yourdomain.com";
// Change these for your installation
$config['secretsalt'] = 'y0h9d13pki9qdhfm3l5nws4jjn55j6hj';
$config['auth.adminpassword'] = 'mysupersecret';
// Prevent Varnish from interfering with SimpleSAMLphp.
setcookie('NO_CACHE', '1');
if (empty($_ENV['AH_SITE_ENVIRONMENT'])) {
// add any local configuration here
} else {
$ah_options['env'] = $_ENV['AH_SITE_ENVIRONMENT'];
$config = acquia_logging_config($config);
$config = acquia_session_store_config($config, $ah_options);
}
function acquia_session_store_config($config, $ah_options) {
if ($ah_options['session_store'][$ah_options['env']] == 'memcache') {
$config = mc_session_store($config);
} elseif ($ah_options['session_store'][$ah_options['env']] == 'database') {
$config = sql_session_store($config, $ah_options['database_name']);
}
return $config;
}
function acquia_logging_config($config) {
// Set log location, as specified by Acquia
$config['logging.handler'] = 'file';
$config['loggingdir'] = dirname($_ENV['ACQUIA_HOSTING_DRUPAL_LOG']);
$config['logging.logfile'] = 'simplesamlphp-' . date("Ymd") . '.log';
return $config;
}
function mc_session_store($config) {
$config['store.type'] = 'memcache';
$config['memcache_store.servers'] = mc_info();
return $config;
}
function mc_info() {
$creds_json = file_get_contents('/var/www/site-php/' . $_ENV['AH_SITE_NAME'] . '/creds.json');
$creds = json_decode($creds_json, TRUE);
$mc_server = array();
$mc_pool = array();
foreach ($creds['memcached_servers'] as $fqdn) {
$mc_server['hostname'] = preg_replace('/:.*?$/', '', $fqdn);
array_push($mc_pool, $mc_server);
}
return array($mc_pool);
}
function sql_session_store($config, $database_name) {
$creds = db_info($database_name);
$config['store.type'] = 'sql';
$config['store.sql.dsn'] = sprintf('mysql:host=%s;port=%s;dbname=%s', $creds['host'], $creds['port'], $creds['name']);
$config['store.sql.username'] = $creds['user'];
$config['store.sql.password'] = $creds['pass'];
$config['store.sql.prefix'] = 'simplesaml';
return $config;
}
function db_info($db_name) {
$creds_json = file_get_contents('/var/www/site-php/' . $_ENV['AH_SITE_NAME'] . '/creds.json');
$databases = json_decode($creds_json, TRUE);
$db = $databases['databases'][$db_name];
$db['host'] = ($host = ah_db_current_host($db['db_cluster_id'])) ? $host : key($db['db_url_ha']);
return $db;
}
function ah_db_current_host($db_cluster_id) {
require_once("/usr/share/php/Net/DNS2_wrapper.php");
try {
$resolver = new Net_DNS2_Resolver(array('nameservers' => array('127.0.0.1', 'dns-master')));
$response = $resolver->query("cluster-{$db_cluster_id}.mysql", 'CNAME');
$cached_id = $response->answer[0]->cname;
}
catch (Net_DNS2_Exception $e) {
$cached_id = "";
}
return $cached_id;
}