D8 Module of the Week Recap: simpleSAMLphp Authentication, Coffee, Monolog
by Reena Leone
DrupalCon New Orleans is in full swing and we’re back to recap another three modules from our Drupal 8 Module of the Week series over on the Acquia Developer Center blog. This week we’re taking a look at simpleSAMLphp Authentication, Coffee, and Monolog.
Maintainers: Balázs Dianiska, who reviewed code and architecture during the upgrade process, and Sven Decabooter, who contributed code and helps organize user group meetings and Drupal Camps for the Belgian Drupal community. Sven also is part of the D8 MAP team (the Drupal 8 Module Acceleration Program).
What Does simpleSAMLphp Authentication Do?
Centralized user management is important to many businesses and institutions when they need to control user access for many users across a range of online systems--for example intranets, registration and planning systems, expense tracking, etc. They need to be able to both authorise new users and remove access from existing users quickly and easily. These institutions use authentication technologies, Single Sign-On or similar federated authentication setups (which I’ll refer to as “SSO” in this article), to give each user a single account with a single username/password combination that gives appropriate access to all included systems.
The simpleSAMLphp Authentication module is a “glue layer” integrating your Drupal site with the popular simpleSAMLphp authentication library, “which lets users log in to log into one or more other Drupal sites, for example, as well as other tools and platforms that support this kind of centralized user management. You can set it up to connect to your LDAP or RADIUS server for example, used a lot in enterprises and big organisations,” adds Sven.
Balázs Dianiska speaks from experience, “Many enterprise clients prefer to use some form of SSO solution, and this component allows us to support several SSO variations, for instance Shibboleth, which is very popular with higher education institutions, and SAML, which is widely supported by enterprise identity provider software, such as ADFS.”
Why Does It Matter?
SSO was never really an easy topic. It requires solid, technically-validated trust between a third party and our application, which naturally triggered several implementations and approaches. Using this library, Drupal can act as a consumer to many identity provider services, map users to central user accounts, assign Drupal roles and various fields to the users, and so on. To enable more advanced mapping and configuration it can be also extended by various hooks and Rules integration. According to Balász, “This module works reliably and it is supported by several major hosting providers, but the technical configuration and information exchange required between the identity manager and Drupal makes it non-trivial to set up."
Sven Decabooter explains, “The simpleSAMLphp Authentication Module lets you connect your Drupal site with a software package that has a lot of options for authenticating and authorizing users. Alongside the SAML protocol, it also supports Shibboleth, CAS, OpenID (used by Google and Yahoo), OAuth (used by Twitter) and other protocols through modules, so it gives you the flexibility to work with different, common industry authentication standards.
What Does Coffee Do?
Coffee helps you navigate by keyboard in Drupal. Pressing Alt+d brings up a search box. Start typing and Coffee searches menus (you can configure which menus Coffee searches), admin page titles, and URL paths on your site, and Coffee presents you a list of one or more results. Choose a result with the arrow keys and jump to it by hitting enter. Furthermore, using the :add command, I can go straight to the content creation page for a specific content type. Coffee is also extensible, so you can include anything you need to get to quickly in your Drupal site. Michael explains, “This allows you to find configuration pages and visit them at warp speed without using your mouse or trackpad.”
Why Does it Matter?
Hit Alt+d, type, go to page! The URL paths in Drupal 6, 7, and 8 are quite different from one another. When you are developing or working in the backend of sites in multiple versions of Drupal, Coffee lets you search for the configuration pages you need without needing knowledge of the specific URL structure.
“Coffee saves time and frustration for developers working on multiple versions and sites, as well as the content and other teams who work in a site’s backend every day. Once you've used Coffee, you really miss it when it's not installed.” - Michael Mol
Maintainers: Luca Lusso, Paris Liakos, and Monolog creator, Jordi Boggiano. Jordi is also the maintainer of Composer, PHP’s dependency management solution and one of the main enablers of all the interoperability going on in PHP Land.
What Does Monolog Do?
The Drupal Monolog Module extends what you can do with logging by integrating Drupal with the very popular Monolog PHP logging library. Very popular you say? Yes! It has more than 27 million reported installs (!) and comes bundled with Symfony, Laravel, and a number of other frameworks. Luca outlines the basics, “Monolog abstracts how a log message is written to a logging backend. It can send logs to files, sockets, inboxes, databases and various web services.” Monolog gives you fully configurable logging, allowing you to define logging levels, actions, and responses to various potential situations in your application. Jordi continues, “In a nutshell, it lets you describe a logging pipeline. Then when it logs something, it dispatches it along that pipeline to whichever files, services, emails, etc. that you defined.”
Why Does it Matter?
Drupal core logging is a relatively minimal solution, allowing developers to define a log message type, “attention level,” and then save all log messages to a destination--usually Syslog, but the logging can be redirected to another destination. All the log messages are handled the same way, kept in the same place, and critical problems are listed together with (often buried in) trivial logged information. Drupal core logging doesn’t allow you, for example, to save that trivial information in the database, but send critical log-levels or -types somewhere else.
“When an unexpected problem hits one of our sites,” Luca explains, “we or the site owners need to know what happened to cause it.” Was it connected to content or configuration? Did a user perform a particular action? Was a node created or deleted? “All of this information is written to the log system by Drupal but it can be quickly replaced with newer log messages on an active site. And the messages can be difficult to recover because they all stay in the same log stream along with PHP errors and warnings and all the other types of system logs.”
Monolog allows you to set up solutions like sending critical logs to email (or a Slack instance, or HipChat, or NewRelic, or a whole bunch of interesting other options), normal logs to a persistent backend like Logstash, and info/debug to a simple log file of a pre-defined, limited size. Luca talks about the benefit of this system when working for clients, “This separation of information by concerns dramatically improves our access to the specific log information that is important to us in any given situation. It also helps us get notified--wherever we want--the moment there’s a critical problem on a client site.”
Luca shows how Monolog can enhance the working relationship with your clients: You can set up your Drupal site with Monolog to write CMS logs (operations on content, user actions) to a specific stream, so “a site owner and businesses can access that information quickly and without the burden of all the other log messages. On the other hand, a system administrator can see all system logs on a different stream, and maybe receive critical messages only via email (or Slack, or whatever).”
“There’s this joke,” Jordi pulls out an old chestnut,” that a developer's job is just to write bugs all day. There is some truth to that, most somewhat-complex software eventually goes wrong due to unforeseen conditions. Logging can help you greatly with debugging as it surfaces errors and can also provide context that reduces the time you need to fix those bugs.” Monolog adds greatly to the level of context available to you about your log information.
Is there a Drupal 8 module you’d like to see profiled? Let us know in the comments!