WIP move to SSP UI

simplesamlphp · Nov 14, 2024 · e881224 · e881224
1 parent 5e2abff
commit e881224
Show file tree

Hide file tree

Showing 15 changed files with 203 additions and 22 deletions.
diff --git a/bin/install.php b/bin/install.php
@@ -22,7 +22,7 @@
     $database = Database::getInstance();
     $databaseMigration = new DatabaseMigration($database);
 
-    if ($databaseMigration->isUpdated()) {
+    if ($databaseMigration->isMigrated()) {
         echo 'Database is up to date, skipping.' . PHP_EOL;
         return 0;
     }

diff --git a/hooks/hook_federationpage.php b/hooks/hook_federationpage.php
@@ -27,7 +27,7 @@ function oidc_hook_federationpage(Template $template): void
     $href = Module::getModuleURL('oidc/admin-clients/index.php');
     $text = Translate::noop('OpenID Connect Registry');
 
-    if (! (new DatabaseMigration())->isUpdated()) {
+    if (! (new DatabaseMigration())->isMigrated()) {
         $href = Module::getModuleURL('oidc/install.php');
         $text = Translate::noop('OpenID Connect Installation');
     }

diff --git a/public/assets/css/src/default.css b/public/assets/css/src/default.css
@@ -65,7 +65,23 @@ h4 {
 /* Style for the content area */
 .content {
     flex-grow: 1;
-    padding: 20px;
+    padding-left: 20px;
     max-width: inherit;
     background-color: #fff;
 }
+
+ul.config {
+    list-style: disc outside none;
+}
+
+/* Text colors */
+.black-text { color: black; }
+.red-text { color: red; }
+.lightcoral-text { color: lightcoral; }
+.green-text { color: green; }
+.yellow-text { color: yellow; }
+.blue-text { color: blue; }
+.magenta-text { color: magenta; }
+.cyan-text { color: cyan; }
+.lightcyan-text { color: lightcyan; }
+.white-text { color: white; }
diff --git a/routing/routes/routes.php b/routing/routes/routes.php
@@ -25,6 +25,9 @@
      */
     $routes->add(RoutesEnum::AdminConfigOverview->name, RoutesEnum::AdminConfigOverview->value)
         ->controller([AdminController::class, 'configOverview']);
+    $routes->add(RoutesEnum::AdminRunMigrations->name, RoutesEnum::AdminRunMigrations->value)
+        ->controller([AdminController::class, 'runMigrations'])
+        ->methods([HttpMethodsEnum::POST->value]);
 
     /**
      * OpenID Connect Discovery routes.

diff --git a/src/Codebooks/RoutesEnum.php b/src/Codebooks/RoutesEnum.php
@@ -8,6 +8,8 @@ enum RoutesEnum: string
 {
     // Admin area
     case AdminConfigOverview = 'admin/config-overview';
+    case AdminRunMigrations = 'admin/run-migrations';
+    case AdminClients = 'admin/clients';
 
     // Protocols
     case Authorization = 'authorization';

diff --git a/src/Controller/AdminController.php b/src/Controller/AdminController.php
@@ -4,10 +4,14 @@
 
 namespace SimpleSAML\Module\oidc\Controller;
 
+use SimpleSAML\Locale\Translate;
 use SimpleSAML\Module\oidc\Admin\Authorization;
 use SimpleSAML\Module\oidc\Codebooks\RoutesEnum;
 use SimpleSAML\Module\oidc\Factories\TemplateFactory;
 use SimpleSAML\Module\oidc\ModuleConfig;
+use SimpleSAML\Module\oidc\Services\DatabaseMigration;
+use SimpleSAML\Module\oidc\Services\SessionMessagesService;
+use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Response;
 
 class AdminController
@@ -16,6 +20,8 @@ public function __construct(
         protected readonly ModuleConfig $moduleConfig,
         protected readonly TemplateFactory $templateFactory,
         protected readonly Authorization $authorization,
+        protected readonly DatabaseMigration $databaseMigration,
+        protected readonly SessionMessagesService $sessionMessagesService,
     ) {
         $this->authorization->requireSspAdmin(true);
     }
@@ -24,8 +30,26 @@ public function configOverview(): Response
     {
         return $this->templateFactory->build(
             'oidc:config/overview.twig',
-            ['moduleConfig' => $this->moduleConfig],
+            [
+                'moduleConfig' => $this->moduleConfig,
+                'databaseMigration' => $this->databaseMigration,
+            ],
             RoutesEnum::AdminConfigOverview->value,
         );
     }
+
+    public function runMigrations(): Response
+    {
+        if ($this->databaseMigration->isMigrated()) {
+            $message = Translate::noop('Database is already migrated.');
+            $this->sessionMessagesService->addMessage($message);
+            return new RedirectResponse($this->moduleConfig->getModuleUrl(RoutesEnum::AdminConfigOverview->value));
+        }
+
+        $this->databaseMigration->migrate();
+        $message = Translate::noop('Database migrated successfully.');
+        $this->sessionMessagesService->addMessage($message);
+
+        return new RedirectResponse($this->moduleConfig->getModuleUrl(RoutesEnum::AdminConfigOverview->value));
+    }
 }
diff --git a/src/Controller/InstallerController.php b/src/Controller/InstallerController.php
@@ -42,7 +42,7 @@ public function __construct(
      */
     public function __invoke(ServerRequest $request): Template|RedirectResponse
     {
-        if ($this->databaseMigration->isUpdated()) {
+        if ($this->databaseMigration->isMigrated()) {
             return new RedirectResponse((new HTTP())->addURLParameters('admin-clients/index.php', []));
         }
 

diff --git a/src/Factories/AuthSimpleFactory.php b/src/Factories/AuthSimpleFactory.php
@@ -44,7 +44,7 @@ public function build(ClientEntityInterface $clientEntity): Simple
      */
     public function getDefaultAuthSource(): Simple
     {
-        return new Simple($this->getDefaultAuthSourceId());
+        return new Simple($this->moduleConfig->getDefaultAuthSourceId());
     }
 
     /**
@@ -54,14 +54,6 @@ public function getDefaultAuthSource(): Simple
      */
     public function resolveAuthSourceId(ClientEntityInterface $client): string
     {
-        return $client->getAuthSourceId() ?? $this->getDefaultAuthSourceId();
-    }
-
-    /**
-     * @throws \Exception
-     */
-    public function getDefaultAuthSourceId(): string
-    {
-        return $this->moduleConfig->config()->getString(ModuleConfig::OPTION_AUTH_SOURCE);
+        return $client->getAuthSourceId() ?? $this->moduleConfig->getDefaultAuthSourceId();
     }
 }
diff --git a/src/Factories/TemplateFactory.php b/src/Factories/TemplateFactory.php
@@ -22,6 +22,7 @@
 use SimpleSAML\Module\oidc\Bridges\SspBridge;
 use SimpleSAML\Module\oidc\Codebooks\RoutesEnum;
 use SimpleSAML\Module\oidc\ModuleConfig;
+use SimpleSAML\Module\oidc\Services\SessionMessagesService;
 use SimpleSAML\XHTML\Template;
 
 class TemplateFactory
@@ -34,6 +35,7 @@ public function __construct(
         protected readonly ModuleConfig $moduleConfig,
         protected readonly Menu $oidcMenu,
         protected readonly SspBridge $sspBridge,
+        protected readonly SessionMessagesService $sessionMessagesService,
     ) {
     }
 
@@ -60,6 +62,7 @@ public function build(
             'moduleConfiguration' => $this->moduleConfig,
             'oidcMenu' => $this->oidcMenu,
             'showMenu' => $this->showMenu,
+            'sessionMessages' => $this->sessionMessagesService->getMessages(),
         ];
 
         if ($this->sspBridge->module()->isModuleEnabled('admin')) {
@@ -87,6 +90,13 @@ protected function includeDefaultMenuItems(): void
                 \SimpleSAML\Locale\Translate::noop('Config Overview '),
             ),
         );
+
+        $this->oidcMenu->addItem(
+            $this->oidcMenu->buildItem(
+                $this->moduleConfig->getModuleUrl(RoutesEnum::AdminClients->value),
+                \SimpleSAML\Locale\Translate::noop('Clients '),
+            ),
+        );
     }
 
     public function setShowMenu(bool $showMenu): TemplateFactory

diff --git a/src/ModuleConfig.php b/src/ModuleConfig.php
@@ -161,6 +161,14 @@ public function getIssuer(): string
         return $issuer;
     }
 
+    /**
+     * @throws \Exception
+     */
+    public function getDefaultAuthSourceId(): string
+    {
+        return $this->config()->getString(self::OPTION_AUTH_SOURCE);
+    }
+
     public function getModuleUrl(string $path = null): string
     {
         $base = $this->sspBridge->module()->getModuleURL(self::MODULE_NAME);

diff --git a/src/Services/Container.php b/src/Services/Container.php
@@ -161,6 +161,7 @@ public function __construct()
             $moduleConfig,
             $oidcMenu,
             $sspBridge,
+            $sessionMessagesService,
         );
         $this->services[TemplateFactory::class] = $templateFactory;
 

diff --git a/src/Services/DatabaseMigration.php b/src/Services/DatabaseMigration.php
@@ -35,18 +35,21 @@ public function __construct(Database $database = null)
         $this->database = $database ?? Database::getInstance();
     }
 
-    public function isUpdated(): bool
+    public function isMigrated(): bool
+    {
+        return empty($this->getNotImplementedVersions());
+    }
+
+    public function getNotImplementedVersions(): array
     {
         $implementedVersions = $this->versions();
-        $notImplementedVersions = array_filter(get_class_methods($this), function ($method) use ($implementedVersions) {
+        return array_filter(get_class_methods($this), function ($method) use ($implementedVersions) {
             if (preg_match('/^version(\d+)/', $method, $matches)) {
                 return !in_array($matches[1], $implementedVersions, true);
             }
 
             return false;
         });
-
-        return empty($notImplementedVersions);
     }
 
     public function versions(): array

diff --git a/templates/base.twig b/templates/base.twig
@@ -24,7 +24,13 @@
         <div class="content">
             <h3>{{ subPageTitle }}</h3>
 
-{#            TODO mivanci status messages#}
+            {% if sessionMessages is defined and sessionMessages is not empty %}
+                <div class="message-box">
+                    {% for message in sessionMessages %}
+                        {{ message|trans }}<br>
+                    {% endfor %}
+                </div>
+            {% endif %}
 
             {% block oidcContent %}{% endblock %}
         </div>

diff --git a/templates/config/overview.twig b/templates/config/overview.twig
@@ -4,6 +4,122 @@
 
 {% block oidcContent %}
 
-    <p>{{ 'TODO config overview'|trans }}</p>
+    <h4>{{ 'Database Migrations'|trans }}</h4>
+
+    {% if databaseMigration.isMigrated %}
+        <p><i class="fa fa-check" title="OK"></i>{{ 'All database migrations are implemented.'|trans }}</p>
+    {% else %}
+        <p class="red-text">
+            <i class="fa fa-ban" title="Not OK"></i>
+            {% trans %}There are database migrations that have not been implemented.
+                Use the button below to run them now.{% endtrans %}
+        </p>
+
+        <form method="post" class="pure-form" action="{{ moduleURL('oidc/admin/run-migrations') }}">
+            <input type="hidden" name="fromUi" value="1">
+            <input type="hidden" name="migrate" value="1">
+            <button class="pure-button pure-button-red ">{{ 'Run migrations'|trans }}</button>
+        </form>
+        <br>
+    {% endif %}
+
+    <h4>{{ 'Protocol Settings'|trans }}</h4>
+
+    <table class="table pure-table pure-table-bordered ">
+        <thead>
+        <tr>
+            <th>{{ 'Setting'|trans }}</th>
+            <th>{{ 'Value'|trans }}</th>
+        </tr>
+        </thead>
+        <tbody>
+            <tr>
+                <td>{{ 'Issuer'|trans }}</td>
+                <td> {{ moduleConfig.getIssuer }}</td>
+            </tr>
+            <tr>
+                <td>{{ 'Tokens Time-To-Live'|trans }}</td>
+                <td>
+                    <ul class="config">
+                        <li>
+                            {{ 'Authorization Code:'|trans }}
+                            {{ moduleConfig.getAuthCodeDuration|date("%mm %dd %hh %i' %s''") }}
+                        </li>
+                        <li>
+                            {{ 'Access Token:'|trans }}
+                            {{ moduleConfig.getAccessTokenDuration|date("%mm %dd %hh %i' %s''") }}
+                        </li>
+                        <li>
+                            {{ 'Refresh Token:'|trans }}
+                            {{ moduleConfig.getRefreshTokenDuration|date("%mm %dd %hh %i' %s''") }}
+                        </li>
+                    </ul>
+
+                </td>
+            </tr>
+            <tr>
+                <td>{{ 'Default Authentication Source'|trans }}</td>
+                <td> {{ moduleConfig.getDefaultAuthSourceId }}</td>
+            </tr>
+            <tr>
+                <td>{{ 'User Identifier Attribute'|trans }}</td>
+                <td> {{ moduleConfig.getUserIdentifierAttribute }}</td>
+            </tr>
+            <tr>
+                <td>{{ 'PKI'|trans }}</td>
+                <td>
+                    <ul class="config">
+                        <li>Private Key: {{ moduleConfig.getProtocolPrivateKeyPath }}</li>
+                        <li>
+                            Private Key Password Set:
+                            {{ moduleConfig.getProtocolPrivateKeyPassPhrase ? 'Yes'|trans : 'No'|trans }}
+                        </li>
+                        <li>
+                            {{ 'Public Key:'|trans }}
+                            {{ moduleConfig.getProtocolCertPath }}
+                        </li>
+                    </ul>
+
+                </td>
+            </tr>
+            <tr>
+                <td>{{ 'Signing Algorithm'|trans }}</td>
+                <td> {{ moduleConfig.getProtocolSigner.algorithmId }}</td>
+            </tr>
+            <tr>
+                <td>{{ 'Supported ACRs'|trans }}</td>
+                <td>
+                    {% if moduleConfig.getAcrValuesSupported is not empty %}
+                        <ul class="config">
+                        {% for acr in moduleConfig.getAcrValuesSupported %}
+                            <li>{{ acr }}</li>
+                        {% endfor %}
+                        </ul>
+                    {% else %}
+                        {{ 'None defined'|trans }}
+                    {% endif %}
+                </td>
+            </tr>
+        </tbody>
+    </table>
+
+    <br>
+    <h4>{{ 'Federation Settings'|trans }}</h4>
+
+    <table class="table pure-table pure-table-bordered ">
+        <thead>
+        <tr>
+            <th>{{ 'Setting'|trans }}</th>
+            <th>{{ 'Value'|trans }}</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr>
+            <td>{{ 'Federation Enabled:'|trans }}</td>
+            <td> {{ moduleConfig.getFederationEnabled ? 'Yes'|trans : 'No'|trans }}</td>
+        </tr>
+
+        </tbody>
+    </table>
 
 {% endblock oidcContent -%}
diff --git a/tests/unit/src/Controller/InstallerControllerTest.php b/tests/unit/src/Controller/InstallerControllerTest.php
@@ -66,7 +66,7 @@ public function testItReturnsToMainPageIfAlreadyUpdated(): void
     {
         $this->databaseMigrationMock
             ->expects($this->once())
-            ->method('isUpdated')
+            ->method('isMigrated')
             ->willReturn(true);
 
         $this->assertInstanceOf(