We Keep Coding

how to use SimpleSAMLphp in yii framework?

I have two project in yii framework and I want to use both project using SimpleSAMLphp with SSO. The condition, I need is if I login from the first project, i want access to the second project.
Thank you in advance.

First you load the SAML library by temporarily disabling the Yii autoloader. This is just to let you use the SAML classes and methods:
<?php
class YiiSAML extends CComponent {
private $_yiiSAML = null;
static private function pre() {
require_once (Yii::app()->params['simpleSAML'] . '/lib/_autoload.php');
// temporary disable Yii autoloader
spl_autoload_unregister(array(
'YiiBase',
'autoload'
));
}
static private function post() {
// enable Yii autoloader
spl_autoload_register(array(
'YiiBase',
'autoload'
));
}
public function __construct() {
self::pre();
//We select our authentication source:
$this->_yiiSAML = new SimpleSAML_Auth_Simple(Yii::app()->params['authSource']);
self::post();
}
static public function loggedOut($param, $stage) {
self::pre();
$state = SimpleSAML_Auth_State::loadState($param, $stage);
self::post();
if (isset($state['saml:sp:LogoutStatus'])) {
$ls = $state['saml:sp:LogoutStatus']; /* Only for SAML SP */
} else return true;
return $ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success' && !isset($ls['SubCode']);
}
public function __call($method, $args) {
$params = (is_array($args) and !empty($args)) ? $args[0] : $args;
if (method_exists($this->_yiiSAML, $method)) return $this->_yiiSAML->$method($params);
else throw new YiiSAMLException(Yii::t('app', 'The method {method} does not exist in the SAML class', array(
'{method}' => $method
)));
}
}
class YiiSAMLException extends CException {
}
Then you define a filter extending the CFilter Yii class:
<?php
Yii::import('lib.YiiSAML');
class SAMLControl extends CFilter {
protected function preFilter($filterChain) {
$msg = Yii::t('yii', 'You are not authorized to perform this action.');
$saml = new YiiSAML();
if (Yii::app()->user->isGuest) {
Yii::app()->user->loginRequired();
return false;
} else {
$saml_attributes = $saml->getAttributes();
if (!$saml->isAuthenticated() or Yii::app()->user->id != $saml_attributes['User.id'][0]) {
Yii::app()->user->logout();
Yii::app()->user->loginRequired();
return false;
}
return true;
}
}
}
And finally, in the controllers you are interested to restrict, you override the filters() method:
public function filters() {
return array(
array(
'lib.SAMLControl'
) , // perform access control for CRUD operations
...
);
}
Hope it helps.

It can be done simply using "vendors" directory.
Download PHP Library from https://simplesamlphp.org/
Implement it in Yii Framework as a vendor library. (http://www.yiiframework.com/doc/guide/1.1/en/extension.integration)
Good Luck :)

I came across an Yii Extension for SimpleSAMLphp in github
https://github.com/asasmoyo/yii-simplesamlphp
You can load the simplesamlphp as a vendor library and then specify the autoload file in the extension.
Apart from the extension you can copy all the necessary configs and metadatas into the application and configure SimpleSAML Configuration to load the configurations from your directory, so you can keep the vendor package untouched for future updates.

There is no index named: TicketsByPaymentTotal

I have written a code for index creation but when i run the application and try to call it then give a error of 'There is no index named'. My code is as follow :
I have created a class for index creation like :
public class TicketsByPaymentTotal : AbstractIndexCreationTask<Tickets,TicketTotal>
{
public TicketsByPaymentTotal()
{
Map = docs => from doc in docs
select new
{
TicketId = doc.TicketData.ID,
TicketTotalVal = doc.TicketData.PaymentTotal,
TotalVal = doc.TicketData.Total
};
Reduce = results => from result in results
group result by result.TicketId
into g
select new
{
TicketId = g.Key,
TicketTotalVal = g.Sum(x => x.TicketTotalVal),
TotalVal = g.Sum(x => x.TotalVal)
};
}
}
and i am creating index in global.asax file like :
public class MvcApplication : System.Web.HttpApplication
{
public IDocumentSession DocSession;
//DocumentStore store = new DocumentStore{ConnectionStringName="RavenDB2",DefaultDatabase="Dinerware"};
protected void Application_Start()
{
//AreaRegistration.RegisterAllAreas();
DataDocumentStore.Initialize();
DocSession = DataDocumentStore.Instance.OpenSession("Dinerware");
RegisterRoutes(RouteTable.Routes);
//store.Initialize();
HandlerConfig.RegisterHandlers(GlobalConfiguration.Configuration.MessageHandlers);
IndexCreation.CreateIndexes(typeof(TicketsByPaymentTotal).Assembly,DocSession.Advanced.DocumentStore);
}
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute("Default",
"{controller}/{action}/{id}",
new { controller="Home",action="Index",id=""});
}
}
How to solve this issue.
Thanks.
Regards,
sandy

You are creating the index in the system database, even though you are using a named instance called "Dinnerware".
If you want to use a named database, pass it in the DefaultDatabase parameter when you create the document store instance.
Don't pass the name when you are opening the session. That should be reserved for when you have multi-database needs.
You should just pass your document store instance into the CreateIndexes method directly, rather than pulling it out of session.
Don't open a session and assign it to a property. Sessions are meant to be short lived, and must be disposed. Only the document store should be long lived on a single instance. Usually, sessions are created in a using statement. In a web app, a new session should be created for each and every web request.

doc has error? not sure

http://docs.phalconphp.com/en/0.6.0/reference/odm.html
Setting multiple databases¶
In Phalcon, all models can belong to the same database connection or have an individual one. Actually, when Phalcon\Mvc\Collection needs to connect to the database it requests the “mongo” service in the application’s services container. You can overwrite this service setting it in the initialize method:
<?php
//This service returns a mongo database at 192.168.1.100
$di->set('mongo1', function() {
$mongo = new Mongo("mongodb://scott:nekhen#192.168.1.100");
return $mongo->selectDb("management");
});
//This service returns a mongo database at localhost
$di->set('mongo2', function() {
$mongo = new Mongo("mongodb://localhost");
return $mongo->selectDb("invoicing");
});
Then, in the Initialize method, we define the connection service for the model:
<?php
class Robots extends \Phalcon\Mvc\Collection
{
public function initialize()
{
$this->setConnectionService('management'); // here?
}
}

You are correct. The documentation was wrong. The correct usage is to set the appropriate service name (not the collection) using the setConnectionService.
http://docs.phalconphp.com/en/latest/reference/odm.html
<?php
// This service returns a mongo database at 192.168.1.100
$di->set(
'mongo1',
function()
{
$mongo = new Mongo("mongodb://scott:nekhen#192.168.1.100");
return $mongo->selectDb("management");
}
);
// This service returns a mongo database at localhost
$di->set(
'mongo2',
function()
{
$mongo = new Mongo("mongodb://localhost");
return $mongo->selectDb("invoicing");
}
);
Then, in the Initialize method, we define the connection service for the model:
.. code-block:: php
<?php
class Robots extends \Phalcon\Mvc\Collection
{
public function initialize()
{
$this->setConnectionService('mongo1');
}
}

NancyFx Authentication per Route

From what I saw in the source code RequiresAuthentication() does an Authentication check for the whole module. Is there any way to do this per Route?

I had the same problem. However it turns out the RequiresAuthentication works at both the module level and the route level. To demonstrate, here is some code ripped out my current project (not all routes shown for brevity).
public class RegisterModule : _BaseModule
{
public RegisterModule() : base("/register")
{
Get["/basic-details"] = _ => View["RegisterBasicDetailsView", Model];
Get["/select"] = _ =>
{
this.RequiresAuthentication();
return View["RegisterSelectView", Model];
};
}
}
Of course the only problem with doing it this way is that all the protected routes in the module need to call RequiresAuthentication. In the case of my module above, I have another 5 routes (not shown) all of which need protecting, so that makes six calls to RequiresAuthentication instead of one at the module level. The alternative would be to pull the unprotected route into another module, but my judgement was that a proliferation of modules is worse than the additional RequiresAuthentication calls.

namespace Kallist.Modules {
#region Namespaces
using System;
using Nancy;
#endregion
public static class ModuleExtensions {
#region Methods
public static Response WithAuthentication(this NancyModule module, Func<Response> executeAuthenticated) {
if ((module.Context.CurrentUser != null) && !string.IsNullOrWhiteSpace(module.Context.CurrentUser.UserName)) {
return executeAuthenticated();
}
return new Response { StatusCode = HttpStatusCode.Unauthorized };
}
#endregion
}
}

I ran into the same issue, here's how I solved it.
var module = new MyModule();
module.AddBeforeHookOrExecute(context => null, "Requires Authentication");
_browser = new Browser(with =>
{
with.Module(module);
with.RequestStartup((container, pipelines, ctx) =>
{
ctx.CurrentUser = new User { UserId = "1234", UserName = "test"};
});
});
I can now use this.RequiresAuthentication() at the module level and run my unit tests.

Delete Indexed In RavenDB not found

I am trying to write a generic delete function for multi tenant ravendb for integration testing the class is -
public class RavenDeleteAll
{
private readonly IDocumentStore _store;
private readonly string _testDataBase;
public RavenDeleteAll(string testDataBase, IDocumentStore store)
{
_testDataBase = testDataBase;
_store = store;
}
public void Clear<T>(string indexName)
{
using (var session = _store.OpenSession(_testDataBase))
{
session.Advanced.DocumentStore.DatabaseCommands.DeleteIndex(indexName);
session.Advanced.DocumentStore.DatabaseCommands.PutIndex(indexName, new IndexDefinitionBuilder<T>
{
Map = documents => documents.Select(entity => new { })
});
var indexDefinition = session.Advanced.DocumentStore.DatabaseCommands.GetIndex(indexName);
session.Advanced.LuceneQuery<T>(indexName)
.WaitForNonStaleResultsAsOfNow()
.Take(0)
.ToList();
session.Advanced.DatabaseCommands.DeleteByIndex(indexName, new IndexQuery());
}
}
}
Note that in the code i try to read back the index after putindex call for sanity check. but when I execute the index it throws an invalidoperationexception stating that /indexes/UTO does not exist?
Also from management console I can clearly see the index -
What am I not doing? Also the index is created under default database and not the actual database name?

It looks like you are creating the index in the Default database not the Tenant Database then asking the Tenant Database for that Index. You need to create the index in the database where you are going to use it. The following is not tested but should work for creating the index in the tenant database.
IDatabaseCommands context = session.Advanced.DocumentStore.DatabaseCommands.ForDatabase(database);
context.PutIndex(indexName, new IndexDefinitionBuilder<T>
{
Map = documents => documents.Select(entity => new { })
});