OpenEuropa Authentication
, (*1)
The OpenEuropa Authentication module allows authentication against EU Login, the European Commission login service., (*2)
Table of contents:, (*3)
Requirements
This module requires the following modules:
- Cas, (*4)
Installation
The recommended way of installing the OpenEuropa Authentication module is via Composer., (*5)
composer require openeuropa/oe_authentication
Enable the module
In order to enable the module in your project run:, (*6)
./vendor/bin/drush en oe_authentication
EU Login service parameters are already set by default when installing the module. Please refer to the EU Login documentation for the available options that can
be specified. You can see Project setup section on how to override these parameters., (*7)
Configuration
EU Login service parameters are already set by default when installing the module. Please refer to the EU Login
documentation for the available options that can be specified. You can see Project setup section on how to override
these parameters., (*8)
Settings overrides
In the Drupal settings.php
you can override CAS parameters such as the ones below, corresponding to the
cas.settings
and oe_authentication.settings
configuration objects., (*9)
$config['cas.settings']['server']['hostname'] = 'authentication';
$config['cas.settings']['server']['port'] = '7002';
$config['cas.settings']['server']['path'] = '/cas';
$config['oe_authentication.settings']['register_path'] = 'register';
$config['oe_authentication.settings']['validation_path'] = 'TicketValidationService';
By default, the development setup is configured via Task Runner to use the demo CAS server provided in the
docker-compose.yml.dist
, i.e. https://authentication:7002
., (*10)
If you want to test the module with the actual EU Login service, comment out all the lines above in your settings.php
and clear the cache., (*11)
Account Handling & Auto Registration
The module enables the option that if a user attempts to login with an account that is not already
registered, the account will automatically be created., (*12)
See the Cas module for more information., (*13)
Forced Login
The module enables the Forced Login feature to force anonymous users to
authenticate via CAS when they hit all or some of the pages on your site., (*14)
See the Cas module for more information., (*15)
SSL Verification Setting
The EU Login Authentication server must be accessed over HTTPS and the drupal site will verify the SSL/TLS certificate
of the server to be sure it is authentic., (*16)
For development, you can configure the module to disable this verification:, (*17)
$config['cas.settings']['server']['verify'] = '2';
NOTE: DO NOT USE IN PRODUCTION!, (*18)
See the Cas module for more information., (*19)
Proxy
You can configure the module to "Initialize this client as a proxy" which allows
authentication requests to 3rd party services (e.g. ePOETRY)., (*20)
$config['cas.settings']['proxy']['initialize'] = TRUE;
See the Cas module for more information., (*21)
Development
The OpenEuropa Authentication project contains all the necessary code and tools for an effective development process,
such as:, (*22)
- All PHP development dependencies (Drupal core included) are required by composer.json
- Project setup and installation can be easily handled thanks to the integration with the Task Runner project.
- All system requirements are containerized using Docker Composer
- A mock server for testing.
Project setup
Download all required PHP code by running:, (*23)
composer install
This will build a fully functional Drupal test site in the ./build
directory that can be used to develop and showcase
the module's functionality., (*24)
Before setting up and installing the site make sure to customize default configuration values by copying runner.yml.dist
to ./runner.yml
and overriding relevant properties., (*25)
This command will also:, (*26)
- This will symlink the module in the proper directory within the test site and perform token substitution in test configuration files such as
behat.yml.dist
.
- Setup Drush and Drupal's settings using values from
./runner.yml.dist
. This includes adding parameters for EULogin
- Setup PHPUnit and Behat configuration files using values from
./runner.yml.dist
After a successful setup install the site by running:, (*27)
./vendor/bin/run drupal:site-install
This will:, (*28)
- Install the test site
- Enable the OpenEuropa Authentication module
Using Docker Compose
Alternatively, you can build a development site using Docker and
Docker Compose with the provided configuration., (*29)
Docker provides the necessary services and tools such as a web server and a database server to get the site running,
regardless of your local host configuration., (*30)
Requirements:
Configuration
By default, Docker Compose reads two files, a docker-compose.yml
and an optional docker-compose.override.yml
file.
By convention, the docker-compose.yml
contains your base configuration and it's provided by default.
The override file, as its name implies, can contain configuration overrides for existing services or entirely new
services.
If a service is defined in both files, Docker Compose merges the configurations., (*31)
Find more information on Docker Compose extension mechanism on the official Docker Compose documentation., (*32)
Usage
To start, run:, (*33)
docker-compose up
It's advised to not daemonize docker-compose
so you can turn it off (CTRL+C
) quickly when you're done working.
However, if you'd like to daemonize it, you have to add the flag -d
:, (*34)
docker-compose up -d
Then:, (*35)
docker-compose exec web composer install
docker-compose exec web ./vendor/bin/run drupal:site-install
To be able to interact with the EULogin Mock Service container you need to add the internal container hostname to the hosts file in your OS., (*36)
echo "127.0.1.1 authentication" >> /etc/hosts
Using default configuration, the development site files should be available in the build
directory and the development site should be available at: http://127.0.0.1:8080/build., (*37)
Running the tests
To run the grumphp checks:, (*38)
docker-compose exec web ./vendor/bin/grumphp run
To run the phpunit tests:, (*39)
docker-compose exec web ./vendor/bin/phpunit
To run the behat tests:, (*40)
docker-compose exec web ./vendor/bin/behat
Troubleshooting
Disable Drupal 8 caching
Manually disabling Drupal 8 caching is a laborious process that is well described here., (*41)
Alternatively you can use the following Drupal Console commands to disable/enable Drupal 8 caching:, (*42)
./vendor/bin/drupal site:mode dev # Disable all caches.
./vendor/bin/drupal site:mode prod # Enable all caches.
Note: to fully disable Twig caching the following additional manual steps are required:, (*43)
- Open
./build/sites/default/services.yml
- Set
cache: false
in twig.config:
property. E.g.:
parameters:
twig.config:
cache: false
- Rebuild Drupal cache:
./vendor/bin/drush cr
This is due to the following Drupal Console issue., (*44)
Contributing
Please read the full documentation for details on our code of conduct, and the process for submitting pull requests to us., (*45)
Versioning
We use SemVer for versioning. For the available versions, see the tags on this repository., (*46)