Merge pull request #245 from silinternational/develop

Release 6.2.0 Upgrade to PHP8 and related tweaks

Dockerfile

@@ -1,4 +1,4 @@
-FROM silintl/php7:7.4
+FROM silintl/php8:8.1
 
 RUN apt-get update -y && \
     apt-get install -y php-memcache && \

Makefile

@@ -22,7 +22,7 @@ composer:
 	docker-compose run --rm cli composer install
 
 composerupdate:
-	docker-compose run --rm cli bash -c "composer update && composer show -D --format=json > versions.json"
+	docker-compose run --rm cli bash -c "composer update && composer show -D -vv > versions.txt"
 
 email:
 	docker-compose up -d email

application/codeception.yml

@@ -1,11 +1,11 @@
 actor: Tester
 paths:
     tests: tests
-    log: tests/_output
+    output: tests/_output
     data: tests/_data
     helpers: tests/_support
+bootstrap: _bootstrap.php
 settings:
-    bootstrap: _bootstrap.php
     colors: true
     memory_limit: 1024M
 modules:

application/common/mail/reset/on-behalf.php

@@ -18,17 +18,27 @@
 </p>
 <p>
     <?= yHtml::encode($displayName) ?> recently requested a password change for their
-    <?= yHtml::encode($idpDisplayName) ?> Identity account. If this was you, please use the link below
-    to reset your password. If it's not you but you do know them, you may provide the link
-    for them to use, but please contact them directly to ensure that you are only providing the
-    link to them and not to someone else. This link is valid
-    until <?= yHtml::encode($expireTime) ?>.
+    <?= yHtml::encode($idpDisplayName) ?> Identity account. 
+</p>
+<p>
+    If this was you, please use the link below to reset your password. 
+</p>
+<p>
+    If it's not you but you do know them, you may have been sent this link because they requested 
+    it sent to you - their recovery contact. You may provide the link for them to use, but <i>please 
+    contact them directly</i> to ensure that you are only providing the link to them and not to 
+    someone else. 
 </p>
 <p>
     <?= yHtml::a(yHtml::encode($resetUrl), $resetUrl) ?>
 </p>
+<p>This link is valid
+    until <?= yHtml::encode($expireTime) ?>.
+</p>
 <p>
     To maintain security, please don't forward this email to anyone.
+</p>
+<p>
     <?php if (empty($helpCenterUrl)) { ?>
         If you have any questions, please contact <?= yHtml::encode($supportName) ?> at
         <?= yHtml::encode($supportEmail) ?>.

application/common/models/Password.php

@@ -6,6 +6,7 @@
 use common\components\passwordStore\PasswordReuseException;
 use GuzzleHttp\Exception\GuzzleException;
 use Icawebdesign\Hibp\Password\PwnedPassword;
+use Icawebdesign\Hibp\HibpHttp;
 use Sil\Idp\IdBroker\Client\ServiceException;
 use yii\base\Model;
 use yii\web\BadRequestHttpException;
@@ -230,12 +231,11 @@ public function validateNotPublicPassword($attribute)
     public function validateNotBeenPwned($attribute)
     {
         $hash = sha1($this->$attribute);
-        $hashPrefix = substr($hash, 0, 5);
 
-        $pwnedPassword = new PwnedPassword();
+        $pwnedPassword = new PwnedPassword(new HibpHttp());
 
         try {
-            $count = $pwnedPassword->range($hashPrefix, $hash);
+            $count = $pwnedPassword->rangeFromHash($hash);
         } catch (GuzzleException $e) {
             \Yii::error('HaveIBeenPwned API error: ' . $e->getMessage());
             return;

application/composer.json

@@ -9,43 +9,50 @@
     }
   ],
   "require": {
-    "php": ">=7.4",
+    "php": "^8.1",
     "ext-json": "*",
     "ext-iconv": "*",
     "ext-memcache": "*",
     "yiisoft/yii2": "~2.0.15",
     "yiisoft/yii2-swiftmailer": "*",
     "yiisoft/yii2-gii": "*",
-    "silinternational/email-service-php-client": "^2.0.1",
-    "silinternational/php-env": "^2.1.1",
+    "silinternational/email-service-php-client": "^2.0",
+    "silinternational/php-env": "^2.1.1 || ^3.0",
     "silinternational/yii2-json-log-targets": "^2.0",
     "silinternational/yii2-email-log-target": "^1.0.1",
-    "silinternational/idp-id-broker-php-client": "^4.0.0",
+    "silinternational/idp-id-broker-php-client": "^4.0",
     "silinternational/zxcvbn-api-client-php": "^2.0",
     "simplesamlphp/saml2": "^3.4.2",
     "google/apiclient": "^2.0",
     "google/recaptcha": "^1.1.2",
     "adldap2/adldap2": "^10.0",
     "fillup/fake-bower-assets": "2.0.9",
-    "icawebdesign/hibp-php": "3.1.0",
-    "codemix/yii2-streamlog": "^1.3"
+    "icawebdesign/hibp-php": "~5.1.1",
+    "codemix/yii2-streamlog": "^1.3",
+    "codeception/module-phpbrowser": "^1.0||^2.0||^3.0"
   },
   "require-dev": {
     "yiisoft/yii2-debug": "*",
     "yiisoft/yii2-faker": "*",
     "roave/security-advisories": "dev-master",
-    "codeception/codeception": "~2.4.5",
+    "codeception/codeception": "^5.0.0",
     "codeception/specify": "0.*",
     "codeception/verify": "0.*",
     "behat/behat": "^3.3",
-    "phpunit/phpunit": "^6.0",
-    "silinternational/yii2-codeception": "dev-master"
+    "phpunit/phpunit": "^9.0",
+    "silinternational/yii2-codeception": "^1.1.0",
+    "codeception/module-asserts": "^2.0",
+    "codeception/module-yii2": "^1.1",
+    "codeception/module-rest": "^3.0"
   },
   "config": {
     "process-timeout": 1800,
     "fxp-asset.installer-paths": {
       "npm-asset-library": "vendor/npm",
       "bower-asset-library": "vendor/bower"
+    },
+    "allow-plugins": {
+      "yiisoft/yii2-composer": true
     }
   },
   "autoload": {