Skip to content

Commit 2582fc0

Browse files
shingo78shingo78
authored
Merge pull request #46 from shingo78/feature/simplesamlphp-2.3_php-8.3
Upgrade SimpleSAMLphp to 2.3 and PHP to 8.3
2 parents 091284c + 1969806 commit 2582fc0

8 files changed

Lines changed: 43 additions & 40 deletions

File tree

auth-proxy/Dockerfile

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
FROM ubuntu:22.04
22

3-
ARG SIMPLESAMLPHP_VERSION="2.1.4"
3+
ARG SIMPLESAMLPHP_VERSION="2.3.5"
44
ARG ATTRIBUTE_AGGREGATOR_URL="https://github.com/NII-cloud-operation/simplesamlphp-module-attributeaggregator"
55
ARG ATTRIBUTE_AGGREGATOR_BRANCH="dev-2.x-gakunin-cloud-gateway"
66

@@ -43,16 +43,16 @@ RUN set -x \
4343
&& apt-get update \
4444
&& apt-get -y --no-install-recommends --no-install-suggests install \
4545
nginx \
46-
php8.2-cli \
47-
php8.2-fpm \
48-
php8.2-common \
49-
php8.2-xml \
50-
php8.2-pgsql \
51-
php8.2-sqlite3 \
52-
&& php8.2 -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \
53-
&& php8.2 -r "if (hash_file('sha384', 'composer-setup.php') === '$(curl -q https://composer.github.io/installer.sig)') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" \
54-
&& php8.2 composer-setup.php \
55-
&& php8.2 -r "unlink('composer-setup.php');" \
46+
php8.3-cli \
47+
php8.3-fpm \
48+
php8.3-common \
49+
php8.3-xml \
50+
php8.3-pgsql \
51+
php8.3-sqlite3 \
52+
&& php8.3 -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \
53+
&& php8.3 -r "if (hash_file('sha384', 'composer-setup.php') === '$(curl -q https://composer.github.io/installer.sig)') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" \
54+
&& php8.3 composer-setup.php \
55+
&& php8.3 -r "unlink('composer-setup.php');" \
5656
&& mv composer.phar /usr/local/bin/composer \
5757
&& chmod +x /usr/local/bin/composer \
5858
&& ln -sf /dev/stdout /var/log/nginx/access.log \
@@ -73,10 +73,10 @@ COPY resources/composer.json /var/www/composer.json
7373
RUN cd /var/www && composer install --no-dev
7474

7575
# Configure PHP settings
76-
RUN perl -pi -e 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/8.2/fpm/php.ini && \
77-
perl -pi -e 's/allow_url_fopen = Off/allow_url_fopen = On/g' /etc/php/8.2/fpm/php.ini && \
78-
perl -pi -e 's/expose_php = On/expose_php = Off/g' /etc/php/8.2/fpm/php.ini && \
79-
perl -pi -e 's/;?\s*session\.gc_maxlifetime\s*=\s*.+/session.gc_maxlifetime = 10800/g' /etc/php/8.2/fpm/php.ini
76+
RUN perl -pi -e 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/8.3/fpm/php.ini && \
77+
perl -pi -e 's/allow_url_fopen = Off/allow_url_fopen = On/g' /etc/php/8.3/fpm/php.ini && \
78+
perl -pi -e 's/expose_php = On/expose_php = Off/g' /etc/php/8.3/fpm/php.ini && \
79+
perl -pi -e 's/;?\s*session\.gc_maxlifetime\s*=\s*.+/session.gc_maxlifetime = 10800/g' /etc/php/8.3/fpm/php.ini
8080

8181
# Prepare nginx configuration
8282
RUN mkdir /etc/nginx/certs
@@ -111,11 +111,11 @@ RUN set -x \
111111
RUN set -x \
112112
&& apt-get update \
113113
&& apt-get -y --force-yes --no-install-recommends --no-install-suggests install \
114-
php8.2-curl \
115-
php8.2-mbstring \
116-
php8.2-gmp \
117-
php8.2-soap \
118-
php8.2-ldap \
114+
php8.3-curl \
115+
php8.3-mbstring \
116+
php8.3-gmp \
117+
php8.3-soap \
118+
php8.3-ldap \
119119
composer \
120120
&& cd /var/www/simplesamlphp \
121121
&& composer config repositories.attributeaggregator "{\"type\": \"vcs\", \"url\": \"${ATTRIBUTE_AGGREGATOR_URL}\", \"no-api\": true}" \
@@ -159,4 +159,4 @@ COPY --chown=www-data:www-data resources/templates /var/www/templates
159159
COPY --chown=www-data:www-data resources/bin /var/www/bin
160160
COPY --chown=www-data:www-data resources/lib /var/www/lib
161161

162-
CMD /start.sh
162+
CMD ["/start.sh"]

auth-proxy/resources/etc/templates/nginx.conf.j2

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,6 @@ http {
5353
root /var/www/htdocs;
5454
index login.php logout.php;
5555

56-
ssl on;
5756
ssl_certificate "/etc/nginx/certs/auth-proxy.chained.cer";
5857
ssl_certificate_key "/etc/nginx/certs/auth-proxy.key";
5958

@@ -86,7 +85,7 @@ http {
8685

8786
location ~ [^/]\.php(/|$) {
8887
fastcgi_split_path_info ^(.+\.php)(/.*)$;
89-
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
88+
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
9089
include fastcgi_params;
9190
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
9291
fastcgi_param PATH_INFO $fastcgi_path_info;
@@ -98,7 +97,7 @@ http {
9897
alias /var/www/simplesamlphp/public;
9998

10099
location ~ ^(?<prefix>/simplesaml)(?<phpfile>.+?\.php)(?<pathinfo>/.*)?$ {
101-
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
100+
fastcgi_pass unix:/run/php/php8.3-fpm.sock;
102101
fastcgi_index index.php;
103102
include fastcgi_params;
104103
fastcgi_param SCRIPT_FILENAME $document_root$phpfile;

auth-proxy/resources/htdocs/php/logout-fed.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<?php
2-
require_once __DIR__ . '/../../lib/functions.php';
2+
require_once __DIR__ . '/../../lib/functions-fed.php';
33

44
logout_fed();
55
header('Location: /test');

auth-proxy/resources/htdocs/php/logout.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
<?php
22

3-
require_once __DIR__ . '/../../lib/functions.php';
3+
require_once __DIR__ . '/../../lib/functions-fed.php';
44
@session_start();
55

66
// remove cookies

auth-proxy/resources/htdocs/php/sp.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
<?php
22
require_once __DIR__ . '/../../lib/const.php';
33
require_once __DIR__ . '/../../lib/hub-const.php';
4-
require_once __DIR__ . '/../../lib/functions.php';
4+
require_once __DIR__ . '/../../lib/functions-fed.php';
55
require_once __DIR__ . '/../../simplesamlphp/public/_include.php';
66

77
@session_start();

auth-proxy/resources/lib/functions-fed.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?php
2+
require_once __DIR__ . '/../simplesamlphp/public/_include.php';
3+
require_once __DIR__ . '/functions.php';
4+
5+
/**
6+
* Logout from the federation
7+
*/
8+
function logout_fed()
9+
{
10+
$as = new \SimpleSAML\Auth\Simple('default-sp');
11+
if ($as->isAuthenticated()) {
12+
$as->logout();
13+
}
14+
}
15+
16+
?>

auth-proxy/resources/lib/functions.php

Lines changed: 0 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,10 @@
11
<?php
22
require_once __DIR__ . '/hub-const.php';
33
require_once __DIR__ . '/const.php';
4-
require_once __DIR__ . '/../simplesamlphp/public/_include.php';
54

65
$SESSION_NAME = session_name();
76

87

9-
/**
10-
* Logout from the federation
11-
*/
12-
function logout_fed()
13-
{
14-
$as = new \SimpleSAML\Auth\Simple('default-sp');
15-
if ($as->isAuthenticated()) {
16-
$as->logout();
17-
}
18-
}
19-
208
/**
219
* Check the user autorization of this Coursen
2210
*

auth-proxy/resources/supervisord.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ stderr_logfile=/dev/stderr
1818
stderr_logfile_maxbytes=0
1919

2020
[program:php-fpm]
21-
command = /usr/sbin/php-fpm8.2 --nodaemonize --fpm-config /etc/php/8.2/fpm/php-fpm.conf
21+
command = /usr/sbin/php-fpm8.3 --nodaemonize --fpm-config /etc/php/8.3/fpm/php-fpm.conf
2222
autostart=true
2323
autorestart=true
2424
priority=5

0 commit comments

Comments
 (0)