First i want to thank everybody in the drupal community (and open source in general) for al the contributions made, which enables me to learn php and develop my first Drupal module!
That's right, my first Drupal module: simpleSAMLphp Identity Provider
It actually works and feels quite finished (to me that is) already and even has some documentation to get you started.
I think this module is very useful as it enables all kind of different apps already compatible with SAML to obtain and authenticate users against drupal, and do so with single logout and login compatibility. Meaning logging out of drupal also initiates a SLO (single logout) at the identity provider, and a SLO initiated by a SAML service provider also logs out drupal. A SLO even works when the user is already logged out of drupal, so in case of a drupal session loss the SAML session can still be ended.
The reason I post this is to hopefully get some feedback on my code, and to start getting involved in the drupal community.
It would be really helpful if someone would be willing to test this module in their development / testing environment and give me feedback.
The (sandbox) project page of this module: https://www.drupal.org/sandbox/masupilamie/2541022
The project page also contains more information about the module functionality, capabilities and things to do.
This module depends on the drupalas (Drupal Authentication Source) module I made for SimpleSAMLphp, this module can be found on github: https://github.com/masupilamie/drupalas
The documentation also covers the simplesamlphp module drupalas.
Some clear questions to start with:
(1) - Will four sha256 hashes per authentication be too cpu intensive on a production environment?
(2) - Is the _GET hash even functional (a.k.a. is the $state array used by simplesamlphp secure enough to hold session salts)?
(3) - Will the way i constructed the simplesamlphp_idp_get_sspidpconfig function (see drupal module repo) have any negative impact on site performance (there are a lot of error messages defined and also a lot of inline comments). Will this hurt performance as this function gets loaded a few times every SAML authentication?
(4) - Will the hook_page_build function used have any negative impact on site performance?
(5) - (I have to say I did not do any research before asking the following question, it's probably somewhere in the documentation but still) Is it possible to have a packaged release available on a sandbox project, so people can download it more easily? Or is this intentionally blocked because of the lack of control over the code? sandbox projects are only available through git
As this is my first php project ever, a professional (or any actually) opinion and / or test would be greatly appreciated.
