Have exampleauth:UserPass have credentials stored under "users" key, instead of at top level of authsource config

nathanjrobertson · tvdijen · commit e1cc6a36b3d7 · 2024-03-14T00:39:39.000+01:00
diff --git a/config/authsources.php.dist b/config/authsources.php.dist
@@ -97,13 +97,15 @@ $config = [
         //'remember.username.enabled' => false,
         //'remember.username.checked' => false,
 
-        'student:studentpass' => [
-            'uid' => ['test'],
-            'eduPersonAffiliation' => ['member', 'student'],
-        ],
-        'employee:employeepass' => [
-            'uid' => ['employee'],
-            'eduPersonAffiliation' => ['member', 'employee'],
+        'users' => [
+            'student:studentpass' => [
+                'uid' => ['test'],
+                'eduPersonAffiliation' => ['member', 'student'],
+            ],
+            'employee:employeepass' => [
+                'uid' => ['employee'],
+                'eduPersonAffiliation' => ['member', 'employee'],
+            ],
         ],
     ],
     */
diff --git a/docs/simplesamlphp-idp.md b/docs/simplesamlphp-idp.md
@@ -83,13 +83,15 @@ In this setup, this file should contain a single entry:
 $config = [
     'example-userpass' => [
         'exampleauth:UserPass',
-        'student:studentpass' => [
-            'uid' => ['student'],
-            'eduPersonAffiliation' => ['member', 'student'],
-        ],
-        'employee:employeepass' => [
-            'uid' => ['employee'],
-            'eduPersonAffiliation' => ['member', 'employee'],
+        'users' => [
+            'student:studentpass' => [
+                'uid' => ['student'],
+                'eduPersonAffiliation' => ['member', 'student'],
+            ],
+            'employee:employeepass' => [
+                'uid' => ['employee'],
+                'eduPersonAffiliation' => ['member', 'employee'],
+            ],
         ],
     ],
 ];
diff --git a/modules/exampleauth/src/Auth/Source/UserPass.php b/modules/exampleauth/src/Auth/Source/UserPass.php
@@ -5,7 +5,8 @@
 namespace SimpleSAML\Module\exampleauth\Auth\Source;
 
 use Exception;
-use SimpleSAML\{Error, Utils};
+use SimpleSAML\Assert\Assert;
+use SimpleSAML\{Error, Logger, Utils};
 use SimpleSAML\Module\core\Auth\UserPassBase;
 
 use function array_key_exists;
@@ -46,8 +47,11 @@ public function __construct(array $info, array $config)
 
         $this->users = [];
 
+        Assert::keyExists($config, 'users');
+        $config_users = $config['users'];
+
         // Validate and parse our configuration
-        foreach ($config as $userpass => $attributes) {
+        foreach ($config_users as $userpass => $attributes) {
             if (!is_string($userpass)) {
                 throw new Exception(
                     'Invalid <username>:<password> for authentication source ' . $this->authId . ': ' . $userpass
