Merge pull request #827 from PROCERGS/preview-1.20.0

v1.20.0

Dockerfile

@@ -1,4 +1,4 @@
-FROM php:7.1-apache
+FROM php:7.2-apache
 
 RUN a2enmod rewrite
 
@@ -23,23 +23,24 @@ RUN echo "zend_extension=$(find /usr/local/lib/php/extensions/ -name xdebug.so)"
  && echo "xdebug.remote_autostart=off" >> /usr/local/etc/php/conf.d/xdebug.ini
 
 # Configure PHP and Apache
+ENV APACHE_DOCUMENT_ROOT /var/www/html/web
+RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf
+RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
+ADD https://curl.haxx.se/ca/cacert.pem /etc/
+
 RUN echo "date.timezone = America/Sao_Paulo" > /usr/local/etc/php/conf.d/php-timezone.ini \
- && echo "memory_limit=256M" > /usr/local/etc/php/conf.d/memory_limit.ini \
- && echo "<VirTualHost *:80>" > /etc/apache2/conf-enabled/lc-docroot.conf \
- && echo "    DocumentRoot /var/www/html/web" >> /etc/apache2/conf-enabled/lc-docroot.conf \
- && echo "</VirtualHost>" >> /etc/apache2/conf-enabled/lc-docroot.conf
+ && echo "memory_limit=256M" > /usr/local/etc/php/conf.d/memory_limit.ini
 
 WORKDIR /var/www/html
 # Instal composer
-RUN php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \
- && php composer-setup.php
+COPY --from=composer:1.5 /usr/bin/composer /usr/bin/composer
 
 # Instal composer dependencies
 COPY ./composer.* /var/www/html/
-RUN php composer.phar config cache-dir
-RUN php composer.phar install --no-interaction --no-scripts --no-autoloader
+RUN composer config cache-dir
+RUN composer install --no-interaction --no-scripts --no-autoloader
 COPY . /var/www/html
-RUN php composer.phar dump-autoload -d /var/www/html
+RUN composer dump-autoload -d /var/www/html
 RUN chown -R www-data /var/www/html
 # RUN php app/console assets:install \
 #  && php app/console assets:install -e prod \

Jenkinsfile

@@ -0,0 +1,66 @@
+pipeline {
+    agent { label 'php' }
+
+    stages {
+        //stage('Clean') {
+        //    steps {
+        //        cleanWs()
+        //    }
+        //}
+        stage('Build') {
+            steps {
+                sh 'composer install --no-progress --no-interaction --no-scripts --prefer-dist'
+            }
+        }
+        stage('Run Tests') {
+            steps {
+                sh 'php -i | grep debug'
+                sh 'composer test -- --log-junit=junit.xml'
+                //sh 'composer test -- --coverage-clover=clover.xml --log-junit=junit.xml'
+            }
+        }
+        stage('SonarQube analysis') {
+            steps {
+                script {
+                    scannerHome = tool 'SonarQube Scanner 2.8'
+                }
+                withSonarQubeEnv('sonar_procergs') {
+                    sh "${scannerHome}/bin/sonar-scanner"
+                }
+            }
+        }
+        //stage('Quality Gate') {
+        //    steps {
+        //        timeout(time: 5, unit: 'MINUTES') {
+        //            waitForQualityGate abortPipeline: true
+        //        }
+        //    }
+        //}
+        // Artifactory examples:
+        // https://github.com/jfrog/project-examples/tree/master/jenkins-examples/pipeline-examples
+        stage('Archive') {
+            steps {
+                // Save commit ID to file
+                sh 'echo $GIT_COMMIT > web/commit'
+                sh 'composer archive --format=zip --dir=dist'
+                archiveArtifacts artifacts: 'dist/*.zip'
+
+                script {
+                    def artifactory = Artifactory.server('artifactory')
+                    def uploadSpec = """{
+                        "files": [{
+                            "pattern": "dist/*.zip",
+                            "target": "php-local/procergs/login-cidadao/"
+                        }]
+                    }"""
+                    artifactory.upload(uploadSpec)
+                }
+            }
+        }
+    }
+    post {
+        always {
+            deleteDir()
+        }
+    }
+}

README.md

@@ -1,11 +1,26 @@
 Login Cidadão
 =============
 
+This is an Digital Identity (DI) solution for Open Government, Networked
+Democracy and Colaborative Citizenship. Technically it's a federated OAuth2
+and OpenID provider.
+
+It's aimed at easy install while retaining a high level of user-control over
+the use of their data and the applications that have access to it.
+
+Deployed since 2014 in Rio Grande do Sul (BR) it has today more than 500k
+users and has prooved to be a central tool to ease out citizen/government
+interactions providing SSO with preserved privacy and security for all
+government services ![read more (PT_BR)](https://logincidadao.rs.gov.br/about)
+
 [![Build Status](https://travis-ci.org/redelivre/login-cidadao.svg?branch=master)](https://travis-ci.org/redelivre/login-cidadao)
 [![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/redelivre/login-cidadao/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/redelivre/login-cidadao/?branch=master)
 [![Join the chat at https://telegram.me/IdentidadeDigital](https://patrolavia.github.io/telegram-badge/chat.png)](https://telegram.me/IdentidadeDigital)
 [![Receive updates at https://telegram.me/logincidadao](https://patrolavia.github.io/telegram-badge/follow.png)](https://telegram.me/logincidadao)
 
+# Screenshot
+![Screenshot](./screenshots/0.png)
+
 ## Requirements
 
 Running an Identity Provider is not an easy task.

app/AppKernel.php

@@ -35,7 +35,7 @@ public function registerBundles()
             new Knp\Bundle\GaufretteBundle\KnpGaufretteBundle(),
             new Vich\UploaderBundle\VichUploaderBundle(),
 
-            new JMS\DiExtraBundle\JMSDiExtraBundle($this),
+            new JMS\DiExtraBundle\JMSDiExtraBundle(),
             new JMS\AopBundle\JMSAopBundle(),
             new JMS\SecurityExtraBundle\JMSSecurityExtraBundle(),
             new Nelmio\ApiDocBundle\NelmioApiDocBundle(),
@@ -66,6 +66,7 @@ public function registerBundles()
             new LoginCidadao\RemoteClaimsBundle\LoginCidadaoRemoteClaimsBundle(),
             new Knp\Bundle\PaginatorBundle\KnpPaginatorBundle(),
             new Snc\RedisBundle\SncRedisBundle(),
+            new Http\HttplugBundle\HttplugBundle(),
 
             // PROCERGS
             new PROCERGS\LoginCidadao\CoreBundle\PROCERGSLoginCidadaoCoreBundle(),

app/SymfonyRequirements.php

@@ -168,6 +168,9 @@ public function __construct($cfgName, $evaluation, $approveCfgAbsence = false, $
  */
 class RequirementCollection implements IteratorAggregate
 {
+    /**
+     * @var Requirement[]
+     */
     private $requirements = array();
 
     /**
@@ -265,7 +268,7 @@ public function addCollection(RequirementCollection $collection)
     /**
      * Returns both requirements and recommendations.
      *
-     * @return array Array of Requirement instances
+     * @return Requirement[]
      */
     public function all()
     {
@@ -275,7 +278,7 @@ public function all()
     /**
      * Returns all mandatory requirements.
      *
-     * @return array Array of Requirement instances
+     * @return Requirement[]
      */
     public function getRequirements()
     {
@@ -292,7 +295,7 @@ public function getRequirements()
     /**
      * Returns the mandatory requirements that were not met.
      *
-     * @return array Array of Requirement instances
+     * @return Requirement[]
      */
     public function getFailedRequirements()
     {
@@ -309,7 +312,7 @@ public function getFailedRequirements()
     /**
      * Returns all optional recommendations.
      *
-     * @return array Array of Requirement instances
+     * @return Requirement[]
      */
     public function getRecommendations()
     {
@@ -326,7 +329,7 @@ public function getRecommendations()
     /**
      * Returns the recommendations that were not met.
      *
-     * @return array Array of Requirement instances
+     * @return Requirement[]
      */
     public function getFailedRecommendations()
     {
@@ -376,7 +379,8 @@ public function getPhpIniConfigPath()
  */
 class SymfonyRequirements extends RequirementCollection
 {
-    const REQUIRED_PHP_VERSION = '5.3.3';
+    const LEGACY_REQUIRED_PHP_VERSION = '5.3.3';
+    const REQUIRED_PHP_VERSION = '5.5.9';
 
     /**
      * Constructor that initializes the requirements.
@@ -385,17 +389,27 @@ public function __construct()
     {
         /* mandatory requirements follow */
 
-        $installedPhpVersion = phpversion();
+        $installedPhpVersion = PHP_VERSION;
+        $requiredPhpVersion = $this->getPhpRequiredVersion();
 
-        $this->addRequirement(
-            version_compare($installedPhpVersion, self::REQUIRED_PHP_VERSION, '>='),
-            sprintf('PHP version must be at least %s (%s installed)', self::REQUIRED_PHP_VERSION, $installedPhpVersion),
-            sprintf('You are running PHP version "<strong>%s</strong>", but Symfony needs at least PHP "<strong>%s</strong>" to run.
-                Before using Symfony, upgrade your PHP installation, preferably to the latest version.',
-                $installedPhpVersion, self::REQUIRED_PHP_VERSION),
-            sprintf('Install PHP %s or newer (installed version is %s)', self::REQUIRED_PHP_VERSION, $installedPhpVersion)
+        $this->addRecommendation(
+            $requiredPhpVersion,
+            'Vendors should be installed in order to check all requirements.',
+            'Run the <code>composer install</code> command.',
+            'Run the "composer install" command.'
         );
 
+        if (false !== $requiredPhpVersion) {
+            $this->addRequirement(
+                version_compare($installedPhpVersion, $requiredPhpVersion, '>='),
+                sprintf('PHP version must be at least %s (%s installed)', $requiredPhpVersion, $installedPhpVersion),
+                sprintf('You are running PHP version "<strong>%s</strong>", but Symfony needs at least PHP "<strong>%s</strong>" to run.
+                Before using Symfony, upgrade your PHP installation, preferably to the latest version.',
+                    $installedPhpVersion, $requiredPhpVersion),
+                sprintf('Install PHP %s or newer (installed version is %s)', $requiredPhpVersion, $installedPhpVersion)
+            );
+        }
+
         $this->addRequirement(
             version_compare($installedPhpVersion, '5.3.16', '!='),
             'PHP version must not be 5.3.16 as Symfony won\'t work properly with it',
@@ -425,22 +439,17 @@ public function __construct()
             'Change the permissions of either "<strong>app/logs/</strong>" or  "<strong>var/logs/</strong>" directory so that the web server can write into it.'
         );
 
-        $this->addPhpIniRequirement(
-            'date.timezone', true, false,
-            'date.timezone setting must be set',
-            'Set the "<strong>date.timezone</strong>" setting in php.ini<a href="#phpini">*</a> (like Europe/Paris).'
-        );
-
-        if (version_compare($installedPhpVersion, self::REQUIRED_PHP_VERSION, '>=')) {
-            $timezones = array();
-            foreach (DateTimeZone::listAbbreviations() as $abbreviations) {
-                foreach ($abbreviations as $abbreviation) {
-                    $timezones[$abbreviation['timezone_id']] = true;
-                }
-            }
+        if (version_compare($installedPhpVersion, '7.0.0', '<')) {
+            $this->addPhpIniRequirement(
+                'date.timezone', true, false,
+                'date.timezone setting must be set',
+                'Set the "<strong>date.timezone</strong>" setting in php.ini<a href="#phpini">*</a> (like Europe/Paris).'
+            );
+        }
 
+        if (false !== $requiredPhpVersion && version_compare($installedPhpVersion, $requiredPhpVersion, '>=')) {
             $this->addRequirement(
-                isset($timezones[@date_default_timezone_get()]),
+                in_array(@date_default_timezone_get(), DateTimeZone::listIdentifiers(), true),
                 sprintf('Configured default timezone "%s" must be supported by your installation of PHP', @date_default_timezone_get()),
                 'Your default timezone is not supported by PHP. Check for typos in your <strong>php.ini</strong> file and have a look at the list of deprecated timezones at <a href="http://php.net/manual/en/timezones.others.php">http://php.net/manual/en/timezones.others.php</a>.'
             );
@@ -617,12 +626,6 @@ function_exists('mb_strlen'),
             'Install and enable the <strong>mbstring</strong> extension.'
         );
 
-        $this->addRecommendation(
-            function_exists('iconv'),
-            'iconv() should be available',
-            'Install and enable the <strong>iconv</strong> extension.'
-        );
-
         $this->addRecommendation(
             function_exists('utf8_decode'),
             'utf8_decode() should be available',
@@ -677,6 +680,21 @@ function_exists('posix_isatty'),
                 'Upgrade your <strong>intl</strong> extension with a newer ICU version (4+).'
             );
 
+            if (class_exists('Symfony\Component\Intl\Intl')) {
+                $this->addRecommendation(
+                    \Symfony\Component\Intl\Intl::getIcuDataVersion() <= \Symfony\Component\Intl\Intl::getIcuVersion(),
+                    sprintf('intl ICU version installed on your system is outdated (%s) and does not match the ICU data bundled with Symfony (%s)', \Symfony\Component\Intl\Intl::getIcuVersion(), \Symfony\Component\Intl\Intl::getIcuDataVersion()),
+                    'To get the latest internationalization data upgrade the ICU system package and the intl PHP extension.'
+                );
+                if (\Symfony\Component\Intl\Intl::getIcuDataVersion() <= \Symfony\Component\Intl\Intl::getIcuVersion()) {
+                    $this->addRecommendation(
+                        \Symfony\Component\Intl\Intl::getIcuDataVersion() === \Symfony\Component\Intl\Intl::getIcuVersion(),
+                        sprintf('intl ICU version installed on your system (%s) does not match the ICU data bundled with Symfony (%s)', \Symfony\Component\Intl\Intl::getIcuVersion(), \Symfony\Component\Intl\Intl::getIcuDataVersion()),
+                        'To avoid internationalization data inconsistencies upgrade the symfony/intl component.'
+                    );
+                }
+            }
+
             $this->addPhpIniRecommendation(
                 'intl.error_level',
                 create_function('$cfgValue', 'return (int) $cfgValue === 0;'),
@@ -706,11 +724,11 @@ function_exists('posix_isatty'),
             'Install and/or enable a <strong>PHP accelerator</strong> (highly recommended).'
         );
 
-        if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+        if ('WIN' === strtoupper(substr(PHP_OS, 0, 3))) {
             $this->addRecommendation(
-                $this->getRealpathCacheSize() > 1000,
-                'realpath_cache_size should be above 1024 in php.ini',
-                'Set "<strong>realpath_cache_size</strong>" to e.g. "<strong>1024</strong>" in php.ini<a href="#phpini">*</a> to improve performance on windows.'
+                $this->getRealpathCacheSize() >= 5 * 1024 * 1024,
+                'realpath_cache_size should be at least 5M in php.ini',
+                'Setting "<strong>realpath_cache_size</strong>" to e.g. "<strong>5242880</strong>" or "<strong>5M</strong>" in php.ini<a href="#phpini">*</a> may improve performance on Windows significantly in some cases.'
             );
         }
 
@@ -749,7 +767,11 @@ protected function getRealpathCacheSize()
     {
         $size = ini_get('realpath_cache_size');
         $size = trim($size);
-        $unit = strtolower(substr($size, -1, 1));
+        $unit = '';
+        if (!ctype_digit($size)) {
+            $unit = strtolower(substr($size, -1, 1));
+            $size = (int) substr($size, 0, -1);
+        }
         switch ($unit) {
             case 'g':
                 return $size * 1024 * 1024 * 1024;
@@ -761,4 +783,28 @@ protected function getRealpathCacheSize()
                 return (int) $size;
         }
     }
+
+    /**
+     * Defines PHP required version from Symfony version.
+     *
+     * @return string|false The PHP required version or false if it could not be guessed
+     */
+    protected function getPhpRequiredVersion()
+    {
+        if (!file_exists($path = __DIR__.'/../composer.lock')) {
+            return false;
+        }
+
+        $composerLock = json_decode(file_get_contents($path), true);
+        foreach ($composerLock['packages'] as $package) {
+            $name = $package['name'];
+            if ('symfony/symfony' !== $name && 'symfony/http-kernel' !== $name) {
+                continue;
+            }
+
+            return (int) $package['version'][1] > 2 ? self::REQUIRED_PHP_VERSION : self::LEGACY_REQUIRED_PHP_VERSION;
+        }
+
+        return false;
+    }
 }