Cadoles/hydra-sql
22
0
Fork 0
Code Issues 5 Pull Requests 3 Projects Releases Wiki Activity

Compare commits

base: Cadoles:0c69082f0e0a99d3df18725a68766dc7ee803731
Branches Tags
Cadoles:develop Cadoles:frankenphp Cadoles:poc-2fa Cadoles:issue-14318 Cadoles:issue-4707 Cadoles:issue-mse-4332 Cadoles:issue-39 Cadoles:redis-prefix-ttl Cadoles:issue-14 Cadoles:issue-16 Cadoles:master Cadoles:staging
Cadoles:v01
..
compare: Cadoles:poc-2fa
Branches Tags
Cadoles:frankenphp Cadoles:poc-2fa Cadoles:develop Cadoles:issue-14318 Cadoles:issue-4707 Cadoles:issue-mse-4332 Cadoles:issue-39 Cadoles:redis-prefix-ttl Cadoles:issue-14 Cadoles:issue-16 Cadoles:master Cadoles:staging
Cadoles:v01

10 Commits
0c69082f0e ... poc-2fa

Author SHA1 Message Date
rudy
3c3dba768e implémentaiton hydra-dispatcher
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details
2025-09-22 15:18:48 +02:00
rudy
6667f44aac ajout param enabled 2fa, trusted headers
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details
2025-09-19 11:32:11 +02:00
rudy
148f05ef79 Update compose to use
Some checks reported errors
Cadoles/hydra-sql/pipeline/head Something is wrong with the build of this commit
Details
2025-09-18 10:39:18 +02:00
Gauthier Dupont
d79cf65bb4 Merge pull request 'chore(alpine): bump alpine version and php package' (#62) from alpine-upgrade into develop
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details 
Reviewed-on: #62
 2025-09-02 11:53:19 +02:00
Gauthier DUPONT
7448a9af4d chore(alpine): bump alpine version and php package
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit
Details
2025-09-01 17:05:41 +02:00
Gauthier Dupont
3933f8bfba Merge pull request 'fix(login) #59 : handle case earlier during login' (#60) from issue-59 into develop
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details 
Reviewed-on: #60
Reviewed-by: Valentin Carroy <vcarroy@cadoles.com>
 2025-08-18 11:09:18 +02:00
Gauthier DUPONT
6faf465733 fix(login) #59 : handle case earlier during login
Some checks failed
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit
Details
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details
2025-08-18 10:53:35 +02:00
Gauthier Dupont
5f2654c3c4 Merge pull request 'symfony 6.4 and PHP 8.4 upgrade' (#58) from issue-57 into develop
Some checks failed
Cadoles/hydra-sql/pipeline/head There was a failure building this commit
Details 
Reviewed-on: #58
 2025-07-30 11:46:02 +02:00
Gauthier DUPONT
2e5e1e72ae chore(symfony) #57 : bump symfony to version 6.4 and fix deprecations
Some checks are pending
Cadoles/hydra-sql/pipeline/pr-develop Build started...
Details
2025-07-30 11:37:06 +02:00
Gauthier DUPONT
746ca35b69 chore(php) #57 : bump PHP version to 8.4 2025-07-10 11:40:56 +02:00
18 changed files with 158 additions and 53 deletions
Expand all files Collapse all files

9
.env
View File

@@ -14,7 +14,7 @@
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
###> symfony/framework-bundle ### ###> symfony/framework-bundle ###
APP_ENV=prod APP_ENV=dev
APP_SECRET=406ccaa0c76a451fdcc2307ea146cbef APP_SECRET=406ccaa0c76a451fdcc2307ea146cbef
URL_LINK="http://localhost" URL_LINK="http://localhost"
@@ -25,7 +25,7 @@ DB_USER="lasql"
DB_PASSWORD="lasql" DB_PASSWORD="lasql"
ISSUER_URL="http://localhost:8000" ISSUER_URL="http://localhost:8000"
BASE_URL='http://localhost:8080' BASE_URL='http://localhost:8083'
# connexion hydra # connexion hydra
HYDRA_ADMIN_BASE_URL='http://hydra:4445' HYDRA_ADMIN_BASE_URL='http://hydra:4445'
APP_LOCALES="fr,en" APP_LOCALES="fr,en"
@@ -43,4 +43,7 @@ ALTCHA_DEBUG=false
ALTCHA_WORKERS=8 ALTCHA_WORKERS=8
ALTCHA_DELAY=100 ALTCHA_DELAY=100
ALTCHA_MOCK_ERROR=false ALTCHA_MOCK_ERROR=false
ALTCHA_ENABLED=true ALTCHA_ENABLED=false
ENABLED_2FA=true
URL_2FA=http://localhost:8084/2fa

2
Jenkinsfile vendored
View File

@@ -4,7 +4,7 @@
// Utilisation du pipeline partagé pour les applications Symfony de Cadoles // Utilisation du pipeline partagé pour les applications Symfony de Cadoles
// Le nom de l'image Docker passée en paramètre vous permet de préciser l'environnement de test // Le nom de l'image Docker passée en paramètre vous permet de préciser l'environnement de test
// de votre application Symfony // de votre application Symfony
symfonyAppPipeline('ubuntu:22.04', [ symfonyAppPipeline('ubuntu:25.04', [
'hooks': [ 'hooks': [
// Run docker image build, verification and publication stages // Run docker image build, verification and publication stages
'postSymfonyAppPipeline': { 'postSymfonyAppPipeline': {

84
compose.yml
View File

@@ -1,4 +1,26 @@
services: services:
hydra-dispatcher:
image: reg.cadoles.com/cadoles/hydra-dispatcher-standalone:2025.9.2-develop.1152.3cd1c49
ports:
- 8082:80
environment:
- APP_ENV=prod
- APP_DEBUG=false
- PHP_FPM_MEMORY_LIMIT=256m
- CADDY_HTTP_PORT=80
- HYDRA_ADMIN_BASE_URL=http://hydra:4445
- HYDRA_BASE_URL=http://hydra:4444
- HYDRA_REWRITE_ISSUER=yes
- HYDRA_ORIGINAL_ISSUER=http://localhost:8081
- HYDRA_NEW_ISSUER=http://localhost:8082
- DEFAULT_LOCALE=fr
- DISABLE_APP_AUTO_SELECT=false
- APP_LOCALES=fr,en
- HYDRA_ADMIN_AUTHORIZED_HOSTS=10.0.0.0/8,172.16.0.0/12,172.19.0.0/12,192.168.0.0/16
- REDIS_DSN=redis://redis:6379
- TRUSTED_PROXIES=REMOTE_ADDR
volumes:
- ./misc/compose/dispatcher/:/app/config/hydra/
hydra-sql: hydra-sql:
build: build:
context: . context: .
@@ -12,7 +34,7 @@ services:
- http_proxy=${http_proxy} - http_proxy=${http_proxy}
- https_proxy=${https_proxy} - https_proxy=${https_proxy}
ports: ports:
- 8082:8071 - 8083:8071
tmpfs: tmpfs:
- /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
- /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000}
@@ -22,6 +44,7 @@ services:
- hydra - hydra
depends_on: depends_on:
- redis - redis
- hydra-dispatcher
extra_hosts: extra_hosts:
- "localhost:127.0.0.1" - "localhost:127.0.0.1"
- "localhost:host-gateway" - "localhost:host-gateway"
@@ -48,10 +71,10 @@ services:
- APP_ENV=dev - APP_ENV=dev
- PHP_FPM_MEMORY_LIMIT=128m - PHP_FPM_MEMORY_LIMIT=128m
- APP_LOCALES=fr,en - APP_LOCALES=fr,en
- HYDRA_ADMIN_BASE_URL=http://hydra:4445 - HYDRA_ADMIN_BASE_URL=http://hydra-dispatcher
- TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost
- ISSUER_URL=http://localhost:8000 - ISSUER_URL=http://localhost:8000
- BASE_URL=http://localhost:8082 - BASE_URL=http://localhost:8083
- DB_USER=lasql - DB_USER=lasql
- DB_PASSWORD=lasql - DB_PASSWORD=lasql
- DEFAULT_LOCALE=fr - DEFAULT_LOCALE=fr
@@ -59,7 +82,8 @@ services:
- HASH_ALGO_LEGACY="sha256" - HASH_ALGO_LEGACY="sha256"
- SECURITY_PATTERN=password,salt,pepper - SECURITY_PATTERN=password,salt,pepper
- CADDY_HTTP_PORT=8071 - CADDY_HTTP_PORT=8071
- ENABLED_2FA=true
- URL_2FA=http://localhost:8084/2fa
oidc-test: oidc-test:
image: bornholm/oidc-test:v0.0.0-1-g936a77e image: bornholm/oidc-test:v0.0.0-1-g936a77e
environment: environment:
@@ -85,8 +109,8 @@ services:
- HYDRA_ALLOW_INSECURE=yes - HYDRA_ALLOW_INSECURE=yes
- HYDRA_URLS_SELF_ISSUER=http://localhost:8081/ - HYDRA_URLS_SELF_ISSUER=http://localhost:8081/
- HYDRA_URLS_LOGOUT=http://localhost:8082/logout - HYDRA_URLS_LOGOUT=http://localhost:8082/logout
- HYDRA_URLS_LOGIN=http://localhost:8082/ - HYDRA_URLS_LOGIN=http://localhost:8082/login
- HYDRA_URLS_CONSENT=http://localhost:8082/connect/consent - HYDRA_URLS_CONSENT=http://localhost:8082/consent
- HYDRA_URLS_ERROR=http://localhost:8082/error - HYDRA_URLS_ERROR=http://localhost:8082/error
- HYDRA_LEVEL=debug - HYDRA_LEVEL=debug
- HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra - HYDRA_DSN=postgres://lasql:lasql@postgres:5432/hydra
@@ -104,7 +128,7 @@ services:
"wget", "wget",
"--spider", "--spider",
"-q", "-q",
"http://127.0.0.1:4444/.well-known/openid-configuration", "http://localhost:4444/.well-known/openid-configuration",
] ]
interval: 10s interval: 10s
timeout: 10s timeout: 10s
@@ -124,17 +148,17 @@ services:
- postgres:/var/lib/pgsql/data - postgres:/var/lib/pgsql/data
- /etc/localtime:/etc/localtime:ro - /etc/localtime:/etc/localtime:ro
pgadmin: # pgadmin:
image: dpage/pgadmin4 # image: dpage/pgadmin4
ports: # ports:
- 8085:80 # - 8085:80
restart: always # restart: always
environment: # environment:
PGADMIN_DEFAULT_EMAIL: admin@admin.com # PGADMIN_DEFAULT_EMAIL: admin@admin.com
PGADMIN_DEFAULT_PASSWORD: admin # PGADMIN_DEFAULT_PASSWORD: admin
PGADMIN_SERVER_JSON_FILE: /pgadminfile/server.json # PGADMIN_SERVER_JSON_FILE: /pgadminfile/server.json
volumes: # volumes:
- ./misc/compose/pgadmin:/pgadminfile/:ro # - ./misc/compose/pgadmin:/pgadminfile/:ro
mariadb: mariadb:
image: mariadb:10.10 image: mariadb:10.10
environment: environment:
@@ -158,6 +182,30 @@ services:
image: reg.cadoles.com/cadoles/altcha:2024.10.29-develop.1213.22e038b image: reg.cadoles.com/cadoles/altcha:2024.10.29-develop.1213.22e038b
environment: environment:
ALTCHA_HMAC_KEY: 'change_me' ALTCHA_HMAC_KEY: 'change_me'
hydra-2fa:
build:
context: ../hydra-2fa # Répertoire du sous-projet
dockerfile: Dockerfile
volumes:
- ../hydra-2fa:/app # Montage pour synchronisation en temps réel (ajuste si le WORKDIR change)
environment:
- APP_ENV=dev
- APP_DEBUG=1 # Pour mode debug en dev
- CADDY_GLOBAL_OPTIONS=debug # Activer le mode debug
ports:
- "8084:80" # Mappe le port 80 du conteneur sur 8081 de l'hôte
depends_on:
- postgres # Si tu utilises la DB partagée
# pgweb:
# container_name: pgweb
# restart: always
# image: sosedoff/pgweb
# ports:
# - "8085:8081"
# environment:
# - PGWEB_DATABASE_URL=postgres://lasql:lasql@postgres:5432/lasql?sslmode=disable
# depends_on:
# - postgres
volumes: volumes:
postgres: postgres:
mariadb: mariadb:

4
composer.json
View File

@@ -26,7 +26,6 @@
"symfony/translation": "6.4.*", "symfony/translation": "6.4.*",
"symfony/twig-bundle": "6.4.*", "symfony/twig-bundle": "6.4.*",
"symfony/validator": "6.4.*", "symfony/validator": "6.4.*",
"symfony/web-profiler-bundle": "6.4.*",
"symfony/webpack-encore-bundle": "^1.16", "symfony/webpack-encore-bundle": "^1.16",
"symfony/yaml": "6.4.*" "symfony/yaml": "6.4.*"
}, },
@@ -81,6 +80,7 @@
}, },
"require-dev": { "require-dev": {
"rector/rector": "^2.1", "rector/rector": "^2.1",
"symfony/debug-bundle": "6.4.*" "symfony/debug-bundle": "6.4.*",
"symfony/web-profiler-bundle": "6.4.*"
} }
} }

12
composer.lock generated
View File

@@ -6206,16 +6206,16 @@
}, },
{ {
"name": "rector/rector", "name": "rector/rector",
"version": "2.1.0", "version": "2.1.1",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/rectorphp/rector.git", "url": "https://github.com/rectorphp/rector.git",
"reference": "d513dea45a94394b660e15c155d1fa27826f8e30" "reference": "d0917c069bb0d9bb06ed111cf052510f609015a4"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/rectorphp/rector/zipball/d513dea45a94394b660e15c155d1fa27826f8e30", "url": "https://api.github.com/repos/rectorphp/rector/zipball/d0917c069bb0d9bb06ed111cf052510f609015a4",
"reference": "d513dea45a94394b660e15c155d1fa27826f8e30", "reference": "d0917c069bb0d9bb06ed111cf052510f609015a4",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@@ -6254,7 +6254,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/rectorphp/rector/issues", "issues": "https://github.com/rectorphp/rector/issues",
"source": "https://github.com/rectorphp/rector/tree/2.1.0" "source": "https://github.com/rectorphp/rector/tree/2.1.1"
}, },
"funding": [ "funding": [
{ {
@@ -6262,7 +6262,7 @@
"type": "github" "type": "github"
} }
], ],
"time": "2025-06-24T20:26:57+00:00" "time": "2025-07-10T11:31:31+00:00"
}, },
{ {
"name": "symfony/debug-bundle", "name": "symfony/debug-bundle",

9
config/packages/framework.yaml
View File

@@ -29,7 +29,14 @@ framework:
php_errors: php_errors:
log: true log: true
error_controller: App\Controller\CustomErrorController::show error_controller: App\Controller\CustomErrorController::show
trusted_headers:
[
"x-forwarded-for",
"x-forwarded-host",
"x-forwarded-proto",
"x-forwarded-port",
"x-forwarded-prefix",
]
when@test: when@test:
framework: framework:
test: true test: true

5
config/services.yaml
View File

@@ -51,7 +51,10 @@ services:
App\Hydra\HydraService: App\Hydra\HydraService:
arguments: arguments:
$baseUrl: '%base_url%' $baseUrl: '%base_url%'
App\Controller\MainController:
arguments:
$url2fa: '%env(string:URL_2FA)%'
$enabled2fa: '%env(bool:ENABLED_2FA)%'
App\SQLLogin\SQLLoginRequest: App\SQLLogin\SQLLoginRequest:
arguments: arguments:
$config: [] $config: []

33
misc/compose/dispatcher/example.yml Normal file
View File

@@ -0,0 +1,33 @@
hydra:
apps:
- id: hydra-sql
title:
fr: Hydra Sql
en: Hydra Sql En
description:
fr: Authentification via adresse courriel
en: Authentication by email address
icon_url: http://placehold.jp/84x123.png
login_url: http://localhost:8083/login
consent_url: http://localhost:8083/consent
options:
text_libre:
fr: "Connexion avec mot de passe"
en: "Login with password"
logout_url: http://localhost:8083/logout
attributes_rewrite_configuration:
mail:
replace: email
rules:
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
webhook:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
webhook_post_login:
enabled: false
api_url: http://hydra-dispatcher/test
api_key: ~
api_method: POST
connected_user_redirect_url: '/'

2
misc/compose/hydra-sql/000-default.conf
View File

@@ -8,7 +8,7 @@
# Using SetHandler avoids issues with using ProxyPassMatch in combination # Using SetHandler avoids issues with using ProxyPassMatch in combination
# with mod_rewrite or mod_autoindex # with mod_rewrite or mod_autoindex
<FilesMatch \.php$> <FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://127.0.0.1:9000" SetHandler "proxy:unix:/run/php/php8.4-fpm.sock|fcgi://127.0.0.1:9000"
# for Unix sockets, Apache 2.4.10 or higher # for Unix sockets, Apache 2.4.10 or higher
# SetHandler proxy:unix:/path/to/fpm.sock|fcgi://dummy # SetHandler proxy:unix:/path/to/fpm.sock|fcgi://dummy
</FilesMatch> </FilesMatch>

12
misc/compose/hydra-sql/Dockerfile
View File

@@ -7,7 +7,7 @@ ARG https_proxy=
ENV WAITFORIT_VERSION="v2.4.1" ENV WAITFORIT_VERSION="v2.4.1"
ARG PHP_VERSION="8.1" ARG PHP_VERSION="8.4"
ENV PHP_VERSION $PHP_VERSION ENV PHP_VERSION $PHP_VERSION
RUN export DEBIAN_FRONTEND=noninteractive && \ RUN export DEBIAN_FRONTEND=noninteractive && \
@@ -68,14 +68,14 @@ RUN chmod +x /var/www/install-composer.sh &&\
# On active les mods d'apache nécessaires # On active les mods d'apache nécessaires
RUN a2enmod rewrite RUN a2enmod rewrite
RUN a2enmod proxy_fcgi setenvif RUN a2enmod proxy_fcgi setenvif
RUN a2enconf php8.1-fpm RUN a2enconf php8.4-fpm
RUN a2enmod proxy RUN a2enmod proxy
RUN a2enmod expires RUN a2enmod expires
RUN a2enmod headers RUN a2enmod headers
# On injecte les bonnes configs apache et php-fpm # On injecte les bonnes configs apache et php-fpm
COPY 000-default.conf /etc/apache2/sites-available/000-default.conf COPY 000-default.conf /etc/apache2/sites-available/000-default.conf
COPY www.conf /etc/php/8.1/fpm/pool.d/www.conf COPY www.conf /etc/php/8.4/fpm/pool.d/www.conf
EXPOSE 5000 EXPOSE 5000
EXPOSE 80 EXPOSE 80
@@ -83,8 +83,8 @@ EXPOSE 80
WORKDIR /var/www WORKDIR /var/www
# On démarre php-fpm une fois pour créer les sockets # On démarre php-fpm une fois pour créer les sockets
RUN service php8.1-fpm start RUN service php8.4-fpm start
RUN service php8.1-fpm stop RUN service php8.4-fpm stop
COPY docker-entrypoint.sh /docker-entrypoint.sh COPY docker-entrypoint.sh /docker-entrypoint.sh
@@ -99,7 +99,7 @@ RUN sed -i '/imklog/s/^/#/' /etc/rsyslog.conf
COPY rsyslog.conf /etc/rsyslog.d/var/www.conf COPY rsyslog.conf /etc/rsyslog.d/var/www.conf
COPY supervisor.ini /etc/supervisor/supervisor.ini COPY supervisor.ini /etc/supervisor/supervisor.ini
COPY php.ini /etc/php/8.1/fpm/php.ini COPY php.ini /etc/php/8.4/fpm/php.ini
VOLUME /container-lifecycle VOLUME /container-lifecycle

2
misc/compose/hydra-sql/supervisor.ini
View File

@@ -26,7 +26,7 @@ stderr_logfile_maxbytes=0
[program:php-fpm] [program:php-fpm]
environment=HOSTNAME="%(ENV_HOSTNAME)s" environment=HOSTNAME="%(ENV_HOSTNAME)s"
command = /usr/sbin/php-fpm8.1 -F command = /usr/sbin/php-fpm8.4 -F
autostart = true autostart = true
autorestart = true autorestart = true
directory = /var/www directory = /var/www

2
misc/compose/hydra-sql/www.conf
View File

@@ -6,7 +6,7 @@ error_log=/dev/stderr
user = www-data user = www-data
group = www-data group = www-data
listen = /run/php/php8.1-fpm.sock listen = /run/php/php8.4-fpm.sock
listen.owner = www-data listen.owner = www-data
listen.group = www-data listen.group = www-data

4
misc/images/hydra-sql-base/Dockerfile
View File

@@ -1,5 +1,5 @@
ARG NODE_OPTIONS="--openssl-legacy-provider" \ ARG NODE_OPTIONS="--openssl-legacy-provider" \
PHP_PKG_VERSION="8.4.5-r0" \ PHP_PKG_VERSION="8.4.11-r0" \
ENCORE_MODE="production" \ ENCORE_MODE="production" \
APP_ENV="prod" \ APP_ENV="prod" \
BASE_PATH="" \ BASE_PATH="" \
@@ -20,4 +20,4 @@ ARG NODE_OPTIONS="--openssl-legacy-provider" \
BASE_PATH=${BASE_PATH} \ BASE_PATH=${BASE_PATH} \
APP_LOCALES=${APP_LOCALES}" APP_LOCALES=${APP_LOCALES}"
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-base-2025.6.12-stable.1038.48ea3b9 FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-base-2025.9.1-stable.1652.6889275

4
misc/images/hydra-sql-standalone/Dockerfile
View File

@@ -1,5 +1,5 @@
ARG NODE_OPTIONS="--openssl-legacy-provider" \ ARG NODE_OPTIONS="--openssl-legacy-provider" \
PHP_PKG_VERSION="8.4.5-r0" \ PHP_PKG_VERSION="8.4.11-r0" \
ENCORE_MODE="production" \ ENCORE_MODE="production" \
APP_ENV="prod" \ APP_ENV="prod" \
BASE_PATH="" \ BASE_PATH="" \
@@ -20,5 +20,5 @@ ARG NODE_OPTIONS="--openssl-legacy-provider" \
BASE_PATH=${BASE_PATH} \ BASE_PATH=${BASE_PATH} \
APP_LOCALES=${APP_LOCALES}" APP_LOCALES=${APP_LOCALES}"
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-standalone-2025.6.12-stable.1038.48ea3b9 FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.4-standalone-2025.9.1-stable.1652.6889275
USER www-data USER www-data

7
rector.php
View File

@@ -3,6 +3,7 @@
declare(strict_types=1); declare(strict_types=1);
use Rector\Config\RectorConfig; use Rector\Config\RectorConfig;
use Rector\Renaming\Rector\Class_\RenameAttributeRector;
use Rector\Symfony\Set\SymfonySetList; use Rector\Symfony\Set\SymfonySetList;
return static function (RectorConfig $rectorConfig): void { return static function (RectorConfig $rectorConfig): void {
@@ -15,7 +16,13 @@ return static function (RectorConfig $rectorConfig): void {
SymfonySetList::SYMFONY_61, SymfonySetList::SYMFONY_61,
SymfonySetList::SYMFONY_62, SymfonySetList::SYMFONY_62,
SymfonySetList::SYMFONY_63, SymfonySetList::SYMFONY_63,
SymfonySetList::SYMFONY_64,
SymfonySetList::SYMFONY_CODE_QUALITY, SymfonySetList::SYMFONY_CODE_QUALITY,
SymfonySetList::SYMFONY_CONSTRUCTOR_INJECTION, SymfonySetList::SYMFONY_CONSTRUCTOR_INJECTION,
]); ]);
$rectorConfig->importShortClasses(false);
$rectorConfig->skip([
RenameAttributeRector::class
]);
}; };

11
src/Controller/MainController.php
View File

@@ -20,8 +20,10 @@ class MainController extends AbstractController
public function __construct( public function __construct(
private readonly RequestStack $requestStack, private readonly RequestStack $requestStack,
private readonly HydraService $hydra, private readonly HydraService $hydra,
private readonly Client $client private readonly Client $client,
){ private readonly string $url2fa,
private readonly bool $enabled2fa
) {
} }
#[Route('/', name: 'app_home')] #[Route('/', name: 'app_home')]
@@ -61,6 +63,9 @@ class MainController extends AbstractController
$subject = $expressionLanguage->evaluate($subjectRewriteExpression, $user->getAttributes()); $subject = $expressionLanguage->evaluate($subjectRewriteExpression, $user->getAttributes());
} }
if ($this->url2fa) {
return $this->redirect($this->url2fa.'?loginchallenge='.$challenge.'&identifier='.$subject);
}
$loginAcceptRes = $this->client->acceptLoginRequest($challenge, [ $loginAcceptRes = $this->client->acceptLoginRequest($challenge, [
'subject' => $subject, 'subject' => $subject,
'remember' => true, 'remember' => true,
@@ -70,7 +75,7 @@ class MainController extends AbstractController
} }
#[Route('/connect/consent', name: 'app_consent')] #[Route('/connect/consent', name: 'app_consent')]
public function consent(Request $request): RedirectResponse public function consent(Request $request): Response
{ {
return $this->hydra->handleConsentRequest($request); return $this->hydra->handleConsentRequest($request);
} }

8
src/Security/SQLLoginUserAuthenticator.php
View File

@@ -32,7 +32,7 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
private readonly SQLLoginService $sqlLoginService, private readonly SQLLoginService $sqlLoginService,
private readonly PasswordEncoder $passwordHasher, private readonly PasswordEncoder $passwordHasher,
private readonly SQLLoginRequest $sqlLoginRequest private readonly SQLLoginRequest $sqlLoginRequest
){ ) {
} }
/** /**
@@ -60,7 +60,7 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
public function authenticate(Request $request): SelfValidatingPassport public function authenticate(Request $request): SelfValidatingPassport
{ {
$form = $request->request->all(key: 'login'); $form = $request->request->all(key: 'login');
$login = $form['login']; $login = \strtolower($form['login']);
$plaintextPassword = $form['password']; $plaintextPassword = $form['password'];
$session = $request->getSession(); $session = $request->getSession();
try { try {
@@ -101,10 +101,10 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
if ($user->getLogin() !== $userIdentifier) { if ($user->getLogin() !== $userIdentifier) {
throw new UserNotFoundException(sprintf('User "%s" not found.', $userIdentifier)); throw new UserNotFoundException(sprintf('User "%s" not found.', $userIdentifier));
} }
return $user; return $user;
}; };
$passport = new SelfValidatingPassport(new UserBadge($login, $loader)); $passport = new SelfValidatingPassport(new UserBadge($login, $loader));
$passport->setAttribute('attributes', $user->getAttributes()); $passport->setAttribute('attributes', $user->getAttributes());

1
src/Service/SQLLoginService.php
View File

@@ -28,7 +28,6 @@ class SQLLoginService extends AbstractController
public function fetchPasswordAndDatas(string $login): array public function fetchPasswordAndDatas(string $login): array
{ {
$dataRequest = $this->sqlLoginRequest->getDatasRequest(); $dataRequest = $this->sqlLoginRequest->getDatasRequest();
$login = \strtolower($login);
$datas = $this->executeRequestWithLogin($dataRequest, $login); $datas = $this->executeRequestWithLogin($dataRequest, $login);
return $datas; return $datas;