refactor config loading logic, remove settings.php usage, and centralize default settings

Author: tatevikg1

README.md

@@ -11,7 +11,7 @@ After `cd`-ing into the configured phpList plugin directory:
 ## Configuration
 
 ### You can configure saml from the phplist configuration page "SSO config" category (except for certificate which should be added manually in the cert folder)
-you will need to give write permission to the simplesaml/settings.php file
+on first install the plugin uses built-in defaults and then reads values from phpList configuration
 
 https://resources.phplist.com/plugin/simplesaml#simplesamlphp_installation_check
 

plugins/simplesaml.php

@@ -1,6 +1,6 @@
 <?php
 
-require_once dirname(__FILE__, 2) . '/defaultplugin.php';
+require_once $_SERVER['DOCUMENT_ROOT'] . '/lists/admin/defaultplugin.php';
 require_once __DIR__ . '/simplesaml/simplesamlphp/lib/_autoload.php';
 
 use SimpleSAML\Auth\Simple;
@@ -92,23 +92,21 @@ class simplesaml extends phplistPlugin
             'category' => self::CONFIG_CATEGORY,
         ],
     ];
-    private const SETTINGS_FILE_NAME= 'settings.php';
     function __construct()
     {
         if ( version_compare(PHP_VERSION, '7.4.0') >= 0) {
             require_once(__DIR__ . '/simplesaml/simplesamlphp/lib/_autoload.php');
         }
         parent::__construct();
         $this->tables = $GLOBALS['tables'];
-        $filename = __DIR__ . '/simplesaml/' . self::SETTINGS_FILE_NAME;
-
-        $dataToWrite = [];
+        $configuredDisplayName = getConfig($this->name);
+        if ($configuredDisplayName !== false && $configuredDisplayName !== null && $configuredDisplayName !== '') {
+            $this->settings[$this->name]['value'] = $configuredDisplayName;
+        }
         foreach ($this->settings as $key => $setting) {
-            $dataToWrite[$key] = !empty(getConfig($key)) ? getConfig($key) : $setting['value'];
+            $this->settings[$key]['value'] = !empty(getConfig($key)) ? getConfig($key) : $setting['value'];
         }
-        $this->settings[$this->name]['value'] = $dataToWrite[$this->name];
 
-        file_put_contents($filename, "<?php\n\nreturn " . var_export($dataToWrite, true) . ";\n");
         if ($this->settings['saml_secret_salt']['value'] == getConfig('saml_secret_salt')) {
             $GLOBALS['msg'] = ($GLOBALS['I18N']->get('Please change saml secret salt').'<br/>');
         }

plugins/simplesaml/settings.php

@@ -1,3 +1,4 @@
 saml-private-key.pem
 saml-certificate.pem
 saml-remote-idp.crt
+*.crt

plugins/simplesaml/simplesamlphp/cert/.gitignore

@@ -1,6 +1,7 @@
 <?php
 
-$settings = include __DIR__ . '/../../settings.php';
+require_once __DIR__ . '/phplist-settings.php';
+$settings = simplesamlLoadSettings();
 
 $config = [
     /*

plugins/simplesaml/simplesamlphp/config/authsources.php

@@ -5,7 +5,8 @@
  */
 
 $httpUtils = new \SimpleSAML\Utils\HTTP();
-$settings = include __DIR__ . '/../../settings.php';
+require_once __DIR__ . '/phplist-settings.php';
+$settings = simplesamlLoadSettings();
 
 $config = [
 

plugins/simplesaml/simplesamlphp/config/config.php

@@ -0,0 +1,68 @@
+<?php
+
+function simplesamlDefaultSettings(): array
+{
+    return [
+        'simplesaml' => 'Saml',
+        'hide_default_login' => false,
+        'saml_idp' => 'https://sso.phplist.com:8443/realms/master',
+        'saml_entity_id' => 'phplisttest',
+        'saml_realm' => 'master',
+        'saml_trusted_url_domains' => 'localhost',
+        'saml_session_cookie_domain' => '.localhost',
+        'saml_session_save_path' => '/var/lib/php/sessions',
+        'saml_secret_salt' => 'defaultsecretsalt',
+        'saml_admin_password' => '123',
+    ];
+}
+
+function simplesamlHasConfigValue($value): bool
+{
+    return !($value === false || $value === null || $value === '');
+}
+
+function simplesamlBootstrapPhpList(): void
+{
+    if (function_exists('getConfig')) {
+        return;
+    }
+
+    $documentRoot = rtrim((string) ($_SERVER['DOCUMENT_ROOT'] ?? ''), '/');
+    $candidates = [
+        $documentRoot . '/lists/admin/defaultconfig.php',
+        dirname(__DIR__, 4) . '/defaultconfig.php',
+        dirname(__DIR__, 5) . '/admin/defaultconfig.php',
+        dirname(__DIR__, 6) . '/lists/admin/defaultconfig.php',
+    ];
+
+    foreach (array_unique($candidates) as $candidate) {
+        if ($candidate === '' || strpos($candidate, '//') !== false) {
+            continue;
+        }
+        if (is_file($candidate)) {
+            require_once $candidate;
+        }
+        if (function_exists('getConfig')) {
+            return;
+        }
+    }
+}
+
+function simplesamlLoadSettings(): array
+{
+    $settings = simplesamlDefaultSettings();
+    simplesamlBootstrapPhpList();
+
+    if (!function_exists('getConfig')) {
+        return $settings;
+    }
+
+    foreach ($settings as $key => $defaultValue) {
+        $configured = getConfig($key);
+        if (simplesamlHasConfigValue($configured)) {
+            $settings[$key] = $configured;
+        }
+    }
+
+    return $settings;
+}

plugins/simplesaml/simplesamlphp/config/phplist-settings.php

@@ -1,7 +1,8 @@
 <?php
 
-$settings = include __DIR__ . '/../../settings.php';
-$key = $settings['saml_idp'] ?? 'https://sso.phplist.com:8443/realms/phplist';
+require_once __DIR__ . '/../config/phplist-settings.php';
+$settings = simplesamlLoadSettings();
+$key = $settings['saml_idp'];
 
 /**
  * SAML 2.0 remote IdP metadata for SimpleSAMLphp.