Merge pull request #9 from ioigoume/phpstan-failing-check

phpstan-failing-check

Author: ioigoume

composer.json

@@ -36,20 +36,43 @@
     "require": {
         "php": "^8.2",
         "ext-pcre": "*",
+        "ext-dom": "*",
 
         "simplesamlphp/assert": "^1.9",
         "simplesamlphp/composer-module-installer": "^1.4",
-        "simplesamlphp/simplesamlphp": "~2.4",
+        "simplesamlphp/simplesamlphp": "dev-simplesamlphp-2.5 as v2.5.x-dev",
         "simplesamlphp/simplesamlphp-module-ldap": "~1.2",
-        "simplesamlphp/xml-cas": "^2.0",
-        "simplesamlphp/xml-common": "^2.0",
-        "symfony/http-foundation": "^6.4 || ^7.3"
+        "simplesamlphp/xml-cas-module-slate": "~1.1.0",
+        "simplesamlphp/xml-cas": "^v2.2.0",
+        "simplesamlphp/xml-common": "~2.4.0",
+        "symfony/http-foundation": "~7.4.0"
     },
     "require-dev": {
-        "simplesamlphp/simplesamlphp-test-framework": "^1.10"
+        "simplesamlphp/simplesamlphp-test-framework": "^1.10",
+        "phpunit/phpunit": "^11",
+        "icanhazstring/composer-unused": "^0.9.5",
+        "squizlabs/php_codesniffer": "^4.0.0",
+        "phpstan/phpstan": "^2.1.33",
+        "maglnet/composer-require-checker": "^4"
     },
     "support": {
         "issues": "https://github.com/simplesamlphp/simplesamlphp-module-cas/issues",
         "source": "https://github.com/simplesamlphp/simplesamlphp-module-cas"
+    },
+    "scripts": {
+        "pre-commit": [
+            "vendor/bin/phpcs -p",
+            "vendor/bin/composer-require-checker check --config-file=tools/composer-require-checker.json composer.json",
+            "vendor/bin/phpstan analyze -c phpstan.neon",
+            "vendor/bin/phpstan analyze -c phpstan-dev.neon",
+            "vendor/bin/composer-unused",
+            "vendor/bin/phpunit --no-coverage --testdox"
+        ],
+        "tests": [
+            "vendor/bin/phpunit --no-coverage"
+        ],
+        "propose-fix": [
+            "vendor/bin/phpcs --report=diff"
+        ]
     }
 }

docs/cas.md

@@ -5,7 +5,7 @@ the only difference is this is authentication module and not a script.
 
 ## Setting up the CAS authentication module
 
-Adding a authentication source
+Adding an authentication source
 
 Example authsource.php:
 
@@ -31,7 +31,7 @@ Example authsource.php:
 
 ## Querying Attributes
 
-CAS V3 (since 2017) supports querying attributes. Those have to be published
+CAS v3 (since 2017) supports querying attributes. Those have to be published
 for the service you're calling. Here the service publishes `sn`, `firstName`
 and `mail`.
 
@@ -51,6 +51,36 @@ Or you might have to call serviceValidate for Protocol 3 via **/p3/**:
 ]
 ```
 
+
+### Optional: Enabling Slate extensions
+
+Some deployments include vendor‑specific fields (for example `slate:*`) in CAS responses.
+You can opt in to Slate support:
+
+```php 
+'cas' => [
+    // ...
+    'serviceValidate' => 'https://cas.example.com/p3/serviceValidate',
+    // Enable Slate support (optional)
+    'slate.enabled' => true,
+    
+    // Optional XPath-based attribute mappings
+    'attributes' => [
+        // Standard CAS attributes
+        'uid'       => 'cas:user',
+        'mail'      => 'cas:attributes/cas:mail',
+    
+        // Slate namespaced attributes inside cas:attributes
+        'slate_person' => 'cas:attributes/slate:person',
+        'slate_round'  => 'cas:attributes/slate:round',
+        'slate_ref'    => 'cas:attributes/slate:ref',
+    
+        // Some deployments also place vendor elements at the top level
+        'slate_person_top' => '/cas:serviceResponse/cas:authenticationSuccess/slate:person',
+    ],
+],
+```
+
 which would return something like
 
 ```xml
@@ -76,22 +106,22 @@ for each value:
 ```php
 'cas' => [
     'attributes' => [
-        'uid' => '/cas:serviceResponse/cas:authenticationSuccess/cas:user',
-        'sn' => '/cas:serviceResponse/cas:authenticationSuccess/cas:attributes/cas:sn',
-        'givenName' => '/cas:serviceResponse/cas:authenticationSuccess/cas:attributes/cas:firstname',
-        'mail' => '/cas:serviceResponse/cas:authenticationSuccess/cas:attributes/cas:mail',
+        'uid' => 'cas:user',
+        'sn' => 'cas:attributes/cas:sn',
+        'givenName' => 'cas:attributes/cas:firstname',
+        'mail' => 'cas:attributes/cas:mail',
     ],
 ],
 ```
 
 and even some custom attributes if they're set:
 
 ```php
-'customabc' => '/cas:serviceResponse/cas:authenticationSuccess/custom:abc',
+'customabc' => 'custom:abc',
 ```
 
 You'll probably want to avoid querying LDAP for attributes:
-set `ldap` to a `null`:
+set `ldap` to `null`:
 
 ```php
 'example-cas' => [

phpunit.xml

@@ -1,5 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
-<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" bootstrap="tests/bootstrap.php" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.5/phpunit.xsd" cacheDirectory=".phpunit.cache">
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         bootstrap="tests/bootstrap.php"
+         xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.5/phpunit.xsd"
+         colors="true"
+         cacheDirectory=".phpunit.cache">
   <coverage>
     <report>
       <clover outputFile="build/logs/clover.xml"/>