From bea026183df769670d528220fe5e153a2505ffab Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 12:14:33 +0800 Subject: [PATCH 1/6] correction: PSR-12, not PSR-2 --- .github/workflows/test-and-publish.yml | 2 +- application/{check-psr2.sh => check-psr12.sh} | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) rename application/{check-psr2.sh => check-psr12.sh} (71%) diff --git a/.github/workflows/test-and-publish.yml b/.github/workflows/test-and-publish.yml index 978db171..6d69238d 100644 --- a/.github/workflows/test-and-publish.yml +++ b/.github/workflows/test-and-publish.yml @@ -14,7 +14,7 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - name: Check PSR2 - run: docker-compose -f actions-services.yml run --rm app ./check-psr2.sh + run: docker-compose -f actions-services.yml run --rm app ./check-psr12.sh - name: Run unit tests run: docker-compose -f actions-services.yml run --rm app ./run-tests.sh diff --git a/application/check-psr2.sh b/application/check-psr12.sh similarity index 71% rename from application/check-psr2.sh rename to application/check-psr12.sh index 76e53f6f..be9343ea 100755 --- a/application/check-psr2.sh +++ b/application/check-psr12.sh @@ -4,18 +4,18 @@ cd /data composer install --no-interaction --no-scripts --no-progress -# Check the code against PSR-2. +# Check the code against PSR-12. vendor/bin/php-cs-fixer fix -v --dry-run --stop-on-violation --using-cache=no . -# If it didn't match PSR-2, then exit. +# If it didn't match PSR-12, then exit. rc=$?; if [[ $rc != 0 ]]; then echo ------------------------------------------------------------------------------ - echo Please run \"make psr2\" to format the code as PSR-2, then commit those changes. + echo Please run \"make psr2\" to format the code as PSR-12, then commit those changes. echo ------------------------------------------------------------------------------ exit $rc; fi echo ------------------------------------------------- -echo All PHP files appear to match PSR-2 requirements. +echo All PHP files appear to match PSR-12 requirements. echo ------------------------------------------------- From e1ded2064cb72cb531380c72aee41ab8b6596dce Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 12:15:13 +0800 Subject: [PATCH 2/6] remove hyphen from docker compose --- .github/workflows/test-and-publish.yml | 4 +-- Makefile | 48 +++++++++++++------------- docker-compose.yml | 4 +-- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/test-and-publish.yml b/.github/workflows/test-and-publish.yml index 6d69238d..12286f90 100644 --- a/.github/workflows/test-and-publish.yml +++ b/.github/workflows/test-and-publish.yml @@ -14,9 +14,9 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - name: Check PSR2 - run: docker-compose -f actions-services.yml run --rm app ./check-psr12.sh + run: docker compose -f actions-services.yml run --rm app ./check-psr12.sh - name: Run unit tests - run: docker-compose -f actions-services.yml run --rm app ./run-tests.sh + run: docker compose -f actions-services.yml run --rm app ./run-tests.sh build-and-publish: name: Build and Publish diff --git a/Makefile b/Makefile index 90d9b392..787515a1 100644 --- a/Makefile +++ b/Makefile @@ -1,72 +1,72 @@ start: app app: db composer - docker-compose up -d app phpmyadmin + docker compose up -d app phpmyadmin appfortests: testdb composerfortests - docker-compose up -d appfortests + docker compose up -d appfortests bash: - docker-compose run --rm cli bash + docker compose run --rm cli bash composer: - docker-compose run --rm cli composer install + docker compose run --rm cli composer install composerfortests: - docker-compose run --rm appfortests composer install - docker-compose run --rm dynamorestart composer install + docker compose run --rm appfortests composer install + docker compose run --rm dynamorestart composer install composershow: - docker-compose run --rm cli bash -c 'composer show --format=json --no-dev --no-ansi --locked | jq "[.locked[] | { \"name\": .name, \"version\": .version }]" > dependencies.json' + docker compose run --rm cli bash -c 'composer show --format=json --no-dev --no-ansi --locked | jq "[.locked[] | { \"name\": .name, \"version\": .version }]" > dependencies.json' composerupdate: - docker-compose run --rm cli composer update + docker compose run --rm cli composer update make composershow db: - docker-compose up -d db + docker compose up -d db testdb: - docker-compose up -d testdb + docker compose up -d testdb tables: db - docker-compose run --rm cli whenavail db 3306 100 ./yii migrate --interactive=0 + docker compose run --rm cli whenavail db 3306 100 ./yii migrate --interactive=0 tablesfortests: testdb - docker-compose run --rm appfortests whenavail testdb 3306 100 ./yii migrate --interactive=0 + docker compose run --rm appfortests whenavail testdb 3306 100 ./yii migrate --interactive=0 basemodels: db tables - docker-compose run --rm cli whenavail db 3306 100 ./rebuildbasemodels.sh + docker compose run --rm cli whenavail db 3306 100 ./rebuildbasemodels.sh quicktest: - docker-compose run --rm test bash -c "vendor/bin/behat --stop-on-failure --strict --append-snippets" + docker compose run --rm test bash -c "vendor/bin/behat --stop-on-failure --strict --append-snippets" test: appfortests - docker-compose run --rm test + docker compose run --rm test testcli: appfortests tablesfortests mfaapi - docker-compose run --rm test bash + docker compose run --rm test bash mfaapi: - docker-compose up -d mfaapi + docker compose up -d mfaapi # This is needed to re-run certain feature tests in testcli without stopping that container. dynamoclean: - docker-compose kill dynamorestart - docker-compose up -d dynamorestart + docker compose kill dynamorestart + docker compose up -d dynamorestart clean: - docker-compose kill - docker-compose rm -f + docker compose kill + docker compose rm -f raml2html: touch api.html - docker-compose run --rm raml2html + docker compose run --rm raml2html psr2: - docker-compose run --rm cli bash -c "vendor/bin/php-cs-fixer fix ." + docker compose run --rm cli bash -c "vendor/bin/php-cs-fixer fix ." callGA: app - docker-compose exec app bash -c "./yii ga/register_event" + docker compose exec app bash -c "./yii ga/register_event" diff --git a/docker-compose.yml b/docker-compose.yml index 5bf0c2be..7ca4ba9a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -195,8 +195,8 @@ services: U2F_SIM_HOST_AND_PORT: u2fsim:8080 command: ./run-tests.sh # running isolated tests - # docker-compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature - # docker-compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature:306 + # docker compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature + # docker compose run --rm test vendor/bin/behat --stop-on-failure features/user.feature:306 phpmyadmin: image: phpmyadmin:5 From 65558cb34c183b7efd21956e624c31e70fe2b48f Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 12:15:27 +0800 Subject: [PATCH 3/6] remove version from actions-services.yml --- actions-services.yml | 195 +++++++++++++++++++++---------------------- 1 file changed, 97 insertions(+), 98 deletions(-) diff --git a/actions-services.yml b/actions-services.yml index 864c4b8f..207ed19f 100644 --- a/actions-services.yml +++ b/actions-services.yml @@ -1,104 +1,103 @@ -version: '2' services: - testdb: - image: mariadb:10 - environment: - MYSQL_ROOT_PASSWORD: r00tp@ss! - MYSQL_DATABASE: test - MYSQL_USER: idbroker - MYSQL_PASSWORD: idbroker + testdb: + image: mariadb:10 + environment: + MYSQL_ROOT_PASSWORD: r00tp@ss! + MYSQL_DATABASE: test + MYSQL_USER: idbroker + MYSQL_PASSWORD: idbroker - app: - build: . - depends_on: - - testdb - - mfaapi - - u2fsim - working_dir: /data - environment: - API_KEY_TABLE: ApiKey - APP_ENV: test - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - EMAIL_SERVICE_accessToken: fake-abc-123 - EMAIL_SERVICE_assertValidIp: "false" - EMAIL_SERVICE_baseUrl: http://email - EMAIL_SERVICE_validIpRanges: 192.168.0.0/16 - EMAIL_SIGNATURE: Dummy Signature for Automated Tests - EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer - HELP_CENTER_URL: https://help-center - IDP_NAME: Test - MYSQL_HOST: testdb - MYSQL_DATABASE: test - MYSQL_USER: idbroker - MYSQL_PASSWORD: idbroker - API_ACCESS_KEYS: abc123 - TEST_SERVER_HOSTNAME: localhost - PASSWORD_PROFILE_URL: https://www.example.com - SUPPORT_EMAIL: support@example.com - HR_NOTIFICATIONS_EMAIL: hr@example.com - ABANDONED_USER_bestPracticeUrl: http://www.example.com/best-practices.html - ABANDONED_USER_deactivateInstructionsUrl: http://www.example.com/deactivate-instructions.html - MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/ - MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012 - MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678 - MFA_WEBAUTHN_appId: ourApp99 - MFA_WEBAUTHN_rpDisplayName: Our App - MFA_WEBAUTHN_rpId: http://app99 - U2F_SIM_HOST_AND_PORT: u2fsim:8080 + app: + build: . + depends_on: + - testdb + - mfaapi + - u2fsim + working_dir: /data + environment: + API_KEY_TABLE: ApiKey + APP_ENV: test + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + EMAIL_SERVICE_accessToken: fake-abc-123 + EMAIL_SERVICE_assertValidIp: "false" + EMAIL_SERVICE_baseUrl: http://email + EMAIL_SERVICE_validIpRanges: 192.168.0.0/16 + EMAIL_SIGNATURE: Dummy Signature for Automated Tests + EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer + HELP_CENTER_URL: https://help-center + IDP_NAME: Test + MYSQL_HOST: testdb + MYSQL_DATABASE: test + MYSQL_USER: idbroker + MYSQL_PASSWORD: idbroker + API_ACCESS_KEYS: abc123 + TEST_SERVER_HOSTNAME: localhost + PASSWORD_PROFILE_URL: https://www.example.com + SUPPORT_EMAIL: support@example.com + HR_NOTIFICATIONS_EMAIL: hr@example.com + ABANDONED_USER_bestPracticeUrl: http://www.example.com/best-practices.html + ABANDONED_USER_deactivateInstructionsUrl: http://www.example.com/deactivate-instructions.html + MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/ + MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012 + MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678 + MFA_WEBAUTHN_appId: ourApp99 + MFA_WEBAUTHN_rpDisplayName: Our App + MFA_WEBAUTHN_rpId: http://app99 + U2F_SIM_HOST_AND_PORT: u2fsim:8080 - dynamo: - image: amazon/dynamodb-local - ports: - - "8000:8000" - environment: - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DEFAULT_REGION: us-east-1 - command: "-jar DynamoDBLocal.jar -sharedDb" + dynamo: + image: amazon/dynamodb-local + ports: + - "8000:8000" + environment: + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DEFAULT_REGION: us-east-1 + command: "-jar DynamoDBLocal.jar -sharedDb" - # Don't use underscores in service names - mfaapi: - build: ./serverless-mfa-api - ports: - - 8080 - environment: - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DISABLE_SSL: "true" - API_KEY_TABLE: ApiKey - WEBAUTHN_TABLE: WebAuthn - depends_on: - - dynamo - - dynamorestart - working_dir: /src - command: bash -c "echo starting server && go run ./server/" + # Don't use underscores in service names + mfaapi: + build: ./serverless-mfa-api + ports: + - 8080 + environment: + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DISABLE_SSL: "true" + API_KEY_TABLE: ApiKey + WEBAUTHN_TABLE: WebAuthn + depends_on: + - dynamo + - dynamorestart + working_dir: /src + command: bash -c "echo starting server && go run ./server/" - u2fsim: - build: ./u2f-simulator - ports: - - 8080 - working_dir: /src - command: bash -c "echo starting u2f server && go run ./u2fserver/" + u2fsim: + build: ./u2f-simulator + ports: + - 8080 + working_dir: /src + command: bash -c "echo starting u2f server && go run ./u2fserver/" - # Create dynamodb tables and data before running the backend mfa api - dynamorestart: - build: ./dynamorestart - ports: - - 8080 - environment: - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DISABLE_SSL: "true" - API_KEY_TABLE: ApiKey - WEBAUTHN_TABLE: WebAuthn - depends_on: - - dynamo - working_dir: /dynamo - command: bash -c "php restart.php" + # Create dynamodb tables and data before running the backend mfa api + dynamorestart: + build: ./dynamorestart + ports: + - 8080 + environment: + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DISABLE_SSL: "true" + API_KEY_TABLE: ApiKey + WEBAUTHN_TABLE: WebAuthn + depends_on: + - dynamo + working_dir: /dynamo + command: bash -c "php restart.php" From 474791f32527840ad9a6815eb10b9e663665e16f Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 12:24:12 +0800 Subject: [PATCH 4/6] log details for "Invalid rpOrigin" error --- .../frontend/controllers/AuthenticationController.php | 5 ++++- application/frontend/controllers/MfaController.php | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/application/frontend/controllers/AuthenticationController.php b/application/frontend/controllers/AuthenticationController.php index dcd18127..f0371d77 100644 --- a/application/frontend/controllers/AuthenticationController.php +++ b/application/frontend/controllers/AuthenticationController.php @@ -27,7 +27,10 @@ public function actionCreate(): User // rpOrigin is needed for WebAuthn authentication $rpOrigin = \Yii::$app->request->get('rpOrigin', ''); if ($rpOrigin != '' && !in_array($rpOrigin, \Yii::$app->params['authorizedRPOrigins'])) { - throw new ForbiddenHttpException("Invalid rpOrigin", 1639169238); + $message = "Invalid rpOrigin. Received " . $rpOrigin . " authorized " . + var_export(\Yii::$app->params['authorizedRPOrigins'], true); + Yii::error($message); + throw new ForbiddenHttpException($message, 1639169238); } $authentication = new Authentication( diff --git a/application/frontend/controllers/MfaController.php b/application/frontend/controllers/MfaController.php index 7cf3520b..d71341e3 100644 --- a/application/frontend/controllers/MfaController.php +++ b/application/frontend/controllers/MfaController.php @@ -138,7 +138,10 @@ public function actionList(string $employeeId): array // rpOrigin is needed for WebAuthn authentication $rpOrigin = \Yii::$app->request->get('rpOrigin', ''); if ($rpOrigin != '' && !in_array($rpOrigin, \Yii::$app->params['authorizedRPOrigins'])) { - throw new ForbiddenHttpException("Invalid rpOrigin", 1638378156); + $message = "Invalid rpOrigin. Received " . $rpOrigin . " authorized " . + var_export(\Yii::$app->params['authorizedRPOrigins'], true); + \Yii::error($message); + throw new ForbiddenHttpException($message, 1638378156); } $mfaOptions = Mfa::findAll(['user_id' => $user->id, 'verified' => 1]); From 99da8b1100ec9ed6eb2b167dc6e43f121c35d141 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 13:17:56 +0800 Subject: [PATCH 5/6] revert whitespace change --- actions-services.yml | 194 +++++++++++++++++++++---------------------- 1 file changed, 97 insertions(+), 97 deletions(-) diff --git a/actions-services.yml b/actions-services.yml index 207ed19f..e1dbc44e 100644 --- a/actions-services.yml +++ b/actions-services.yml @@ -1,103 +1,103 @@ services: - testdb: - image: mariadb:10 - environment: - MYSQL_ROOT_PASSWORD: r00tp@ss! - MYSQL_DATABASE: test - MYSQL_USER: idbroker - MYSQL_PASSWORD: idbroker + testdb: + image: mariadb:10 + environment: + MYSQL_ROOT_PASSWORD: r00tp@ss! + MYSQL_DATABASE: test + MYSQL_USER: idbroker + MYSQL_PASSWORD: idbroker - app: - build: . - depends_on: - - testdb - - mfaapi - - u2fsim - working_dir: /data - environment: - API_KEY_TABLE: ApiKey - APP_ENV: test - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - EMAIL_SERVICE_accessToken: fake-abc-123 - EMAIL_SERVICE_assertValidIp: "false" - EMAIL_SERVICE_baseUrl: http://email - EMAIL_SERVICE_validIpRanges: 192.168.0.0/16 - EMAIL_SIGNATURE: Dummy Signature for Automated Tests - EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer - HELP_CENTER_URL: https://help-center - IDP_NAME: Test - MYSQL_HOST: testdb - MYSQL_DATABASE: test - MYSQL_USER: idbroker - MYSQL_PASSWORD: idbroker - API_ACCESS_KEYS: abc123 - TEST_SERVER_HOSTNAME: localhost - PASSWORD_PROFILE_URL: https://www.example.com - SUPPORT_EMAIL: support@example.com - HR_NOTIFICATIONS_EMAIL: hr@example.com - ABANDONED_USER_bestPracticeUrl: http://www.example.com/best-practices.html - ABANDONED_USER_deactivateInstructionsUrl: http://www.example.com/deactivate-instructions.html - MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/ - MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012 - MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678 - MFA_WEBAUTHN_appId: ourApp99 - MFA_WEBAUTHN_rpDisplayName: Our App - MFA_WEBAUTHN_rpId: http://app99 - U2F_SIM_HOST_AND_PORT: u2fsim:8080 + app: + build: . + depends_on: + - testdb + - mfaapi + - u2fsim + working_dir: /data + environment: + API_KEY_TABLE: ApiKey + APP_ENV: test + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + EMAIL_SERVICE_accessToken: fake-abc-123 + EMAIL_SERVICE_assertValidIp: "false" + EMAIL_SERVICE_baseUrl: http://email + EMAIL_SERVICE_validIpRanges: 192.168.0.0/16 + EMAIL_SIGNATURE: Dummy Signature for Automated Tests + EMAILER_CLASS: \Sil\SilIdBroker\Behat\Context\fakes\FakeEmailer + HELP_CENTER_URL: https://help-center + IDP_NAME: Test + MYSQL_HOST: testdb + MYSQL_DATABASE: test + MYSQL_USER: idbroker + MYSQL_PASSWORD: idbroker + API_ACCESS_KEYS: abc123 + TEST_SERVER_HOSTNAME: localhost + PASSWORD_PROFILE_URL: https://www.example.com + SUPPORT_EMAIL: support@example.com + HR_NOTIFICATIONS_EMAIL: hr@example.com + ABANDONED_USER_bestPracticeUrl: http://www.example.com/best-practices.html + ABANDONED_USER_deactivateInstructionsUrl: http://www.example.com/deactivate-instructions.html + MFA_WEBAUTHN_apiBaseUrl: mfaapi:8080/ + MFA_WEBAUTHN_apiKey: 10345678-1234-1234-1234-123456789012 + MFA_WEBAUTHN_apiSecret: 11345678-1234-1234-1234-12345678 + MFA_WEBAUTHN_appId: ourApp99 + MFA_WEBAUTHN_rpDisplayName: Our App + MFA_WEBAUTHN_rpId: http://app99 + U2F_SIM_HOST_AND_PORT: u2fsim:8080 - dynamo: - image: amazon/dynamodb-local - ports: - - "8000:8000" - environment: - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DEFAULT_REGION: us-east-1 - command: "-jar DynamoDBLocal.jar -sharedDb" + dynamo: + image: amazon/dynamodb-local + ports: + - "8000:8000" + environment: + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DEFAULT_REGION: us-east-1 + command: "-jar DynamoDBLocal.jar -sharedDb" - # Don't use underscores in service names - mfaapi: - build: ./serverless-mfa-api - ports: - - 8080 - environment: - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DISABLE_SSL: "true" - API_KEY_TABLE: ApiKey - WEBAUTHN_TABLE: WebAuthn - depends_on: - - dynamo - - dynamorestart - working_dir: /src - command: bash -c "echo starting server && go run ./server/" + # Don't use underscores in service names + mfaapi: + build: ./serverless-mfa-api + ports: + - 8080 + environment: + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DISABLE_SSL: "true" + API_KEY_TABLE: ApiKey + WEBAUTHN_TABLE: WebAuthn + depends_on: + - dynamo + - dynamorestart + working_dir: /src + command: bash -c "echo starting server && go run ./server/" - u2fsim: - build: ./u2f-simulator - ports: - - 8080 - working_dir: /src - command: bash -c "echo starting u2f server && go run ./u2fserver/" + u2fsim: + build: ./u2f-simulator + ports: + - 8080 + working_dir: /src + command: bash -c "echo starting u2f server && go run ./u2fserver/" - # Create dynamodb tables and data before running the backend mfa api - dynamorestart: - build: ./dynamorestart - ports: - - 8080 - environment: - AWS_ENDPOINT: dynamo:8000 - AWS_DEFAULT_REGION: us-east-1 - AWS_ACCESS_KEY_ID: abc123 - AWS_SECRET_ACCESS_KEY: abc123 - AWS_DISABLE_SSL: "true" - API_KEY_TABLE: ApiKey - WEBAUTHN_TABLE: WebAuthn - depends_on: - - dynamo - working_dir: /dynamo - command: bash -c "php restart.php" + # Create dynamodb tables and data before running the backend mfa api + dynamorestart: + build: ./dynamorestart + ports: + - 8080 + environment: + AWS_ENDPOINT: dynamo:8000 + AWS_DEFAULT_REGION: us-east-1 + AWS_ACCESS_KEY_ID: abc123 + AWS_SECRET_ACCESS_KEY: abc123 + AWS_DISABLE_SSL: "true" + API_KEY_TABLE: ApiKey + WEBAUTHN_TABLE: WebAuthn + depends_on: + - dynamo + working_dir: /dynamo + command: bash -c "php restart.php" From 36a143548322f060ed0665bdba67e3d53e8b1566 Mon Sep 17 00:00:00 2001 From: briskt <3172830+briskt@users.noreply.github.com> Date: Wed, 31 Jul 2024 14:24:22 +0800 Subject: [PATCH 6/6] Update application/frontend/controllers/AuthenticationController.php Co-authored-by: Michael Wilson <70765247+hobbitronics@users.noreply.github.com> --- application/frontend/controllers/AuthenticationController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/frontend/controllers/AuthenticationController.php b/application/frontend/controllers/AuthenticationController.php index f0371d77..3ba4d352 100644 --- a/application/frontend/controllers/AuthenticationController.php +++ b/application/frontend/controllers/AuthenticationController.php @@ -29,7 +29,7 @@ public function actionCreate(): User if ($rpOrigin != '' && !in_array($rpOrigin, \Yii::$app->params['authorizedRPOrigins'])) { $message = "Invalid rpOrigin. Received " . $rpOrigin . " authorized " . var_export(\Yii::$app->params['authorizedRPOrigins'], true); - Yii::error($message); + \Yii::error($message); throw new ForbiddenHttpException($message, 1639169238); }