Add recipe for pasaia-udala/auth-bundle 1.2. Remove old recipe. (#1879)

* Add recipe for pasaia-udala/auth-bundle 1.2 (euskeraz)

* Remove empty security.yaml to fix validation error

* Add security.yaml with complete authentication configuration

* Add Symfony Flex recipe and remove deprecated old recipe

- Added complete .recipe/ structure for automatic installation
- Includes security.yaml with LDAP and Certificate authenticators
- Removed old unused recipe

* Fix YAML indentation to 4 spaces as required by recipes-contrib

* Add default value for LDAP_ENCRYPTION env var to fix validation

* Remove parameters section and hardcode encryption default value

* Trigger CI: bundle now requires PHP >= 8.1 (v1.2.1)

* Remove security.yaml to avoid overriding user's security configuration

* Translate post-install.txt to english and add security.yaml example

pasaia-udala/auth-bundle/1.2/config/packages/pasaiako_udala_auth.yaml

@@ -0,0 +1,23 @@
+pasaiako_udala_auth:
+    server:
+        host: '%env(LDAP_HOST)%'
+        port: '%env(int:LDAP_PORT)%'
+        encryption: 'none'
+        base_dn: '%env(LDAP_BASE_DN)%'
+        user_dn_pattern: '%env(LDAP_USER_DN_PATTERN)%'
+        bind_dn: '%env(default::LDAP_BIND_DN)%'
+        bind_password: '%env(default::LDAP_BIND_PASSWORD)%'
+
+    role_mapping:
+        # Mapea tus grupos LDAP a roles de Symfony
+        # Ejemplo:
+        # informatika: ROLE_ADMIN
+        # langilea: ROLE_USER
+
+    default_role: ROLE_USER
+
+    group_search:
+        enabled: true
+        base_dn: null
+        filter: '(member={user_dn})'
+        recursive: true

pasaia-udala/auth-bundle/1.2/config/routes/pasaiako_udala_auth.yaml

@@ -0,0 +1,23 @@
+# Rutas del bundle de autenticación (ejemplo - personalizar según necesidad)
+# Descomentar y adaptar según tu aplicación
+
+# app_auth_selector:
+#     path: /auth-selector
+#     controller: App\Controller\SecurityController::authSelector
+
+# app_login_ldap:
+#     path: /login/ldap
+#     controller: App\Controller\SecurityController::loginLdap
+
+# app_logout:
+#     path: /logout
+#     methods: GET
+
+# OAuth2 routes (si usas autenticación por certificado)
+# app_oauth_connect:
+#     path: /oauth/connect
+#     controller: App\Controller\OAuth2Controller::connect
+
+# app_oauth_check:
+#     path: /oauth/check
+#     controller: App\Controller\OAuth2Controller::check

pasaia-udala/auth-bundle/1.2/manifest.json

@@ -0,0 +1,16 @@
+{
+    "bundles": {
+        "PasaiaUdala\\AuthBundle\\PasaiakoUdalaAuthBundle": ["all"]
+    },
+    "copy-from-recipe": {
+        "config/": "%CONFIG_DIR%/"
+    },
+    "env": {
+        "LDAP_HOST": "ldap.example.com",
+        "LDAP_PORT": "389",
+        "LDAP_BASE_DN": "dc=example,dc=com",
+        "LDAP_USER_DN_PATTERN": "uid={username},ou=users,dc=example,dc=com",
+        "LDAP_BIND_DN": "",
+        "LDAP_BIND_PASSWORD": ""
+    }
+}

pasaia-udala/auth-bundle/1.2/post-install.txt

@@ -0,0 +1,69 @@
+# PasaiakoUdalaAuthBundle - Post-install message
+
+## Configuration completed
+
+The **PasaiakoUdalaAuthBundle** has been installed successfully.
+
+### Next steps
+
+1. **Configure environment variables** in your `.env` file:
+   - Update values for `LDAP_HOST`, `LDAP_BASE_DN`, `LDAP_USER_DN_PATTERN`, etc.
+   - Set `LDAP_BIND_DN` and `LDAP_BIND_PASSWORD` if your LDAP server requires a service account for searches.
+
+2. **Review the configuration** in `config/packages/pasaiako_udala_auth.yaml`:
+   - Adjust LDAP-to-Symfony role mapping under the `role_mapping` section.
+   - Verify the LDAP server parameters match your infrastructure.
+
+3. **Configure Symfony Security** in `config/packages/security.yaml`.
+   
+   Add this configuration to your `config/packages/security.yaml` file:
+
+   ```yaml
+   security:
+       providers:
+           ldap_user_provider:
+               id: PasaiaUdala\AuthBundle\Security\LdapUserProvider
+
+       firewalls:
+           main:
+               lazy: true
+               provider: ldap_user_provider
+               entry_point: PasaiaUdala\AuthBundle\Security\LdapAuthenticator
+               
+               custom_authenticators:
+                   - PasaiaUdala\AuthBundle\Security\LdapAuthenticator
+                   - PasaiaUdala\AuthBundle\Security\CertificateAuthenticator
+               
+               logout:
+                   path: app_logout
+                   target: app_auth_selector
+
+       access_control:
+           - { path: ^/login, roles: PUBLIC_ACCESS }
+           - { path: ^/oauth, roles: PUBLIC_ACCESS }
+           - { path: ^/auth-selector, roles: PUBLIC_ACCESS }
+           - { path: ^/, roles: ROLE_USER }
+   ```
+
+   **IMPORTANT**: If you use multiple authenticators, define the `entry_point`.
+
+4. **Create controllers** if they do not exist:
+   - `SecurityController` to handle LDAP login and the auth selector.
+   - `OAuth2Controller` if you use certificate-based (Izenpe) authentication.
+   - See the bundle documentation at `vendor/pasaia-udala/auth-bundle/docs/INSTALLATION.md` for details.
+
+5. **Verify the installation**:
+   ```bash
+   php bin/console debug:container | grep -i ldap
+   php bin/console debug:config pasaiako_udala_auth
+   ```
+
+### Additional documentation
+
+- Full installation guide: `vendor/pasaia-udala/auth-bundle/docs/INSTALLATION.md`
+- Advanced LDAP configuration: `vendor/pasaia-udala/auth-bundle/docs/LDAP.md`
+- Izenpe / OAuth2 configuration: `vendor/pasaia-udala/auth-bundle/docs/IZENPE.md`
+- Customizing templates: `vendor/pasaia-udala/auth-bundle/docs/TEMPLATES.md`
+- Troubleshooting: `vendor/pasaia-udala/auth-bundle/docs/TROUBLESHOOTING.md`
+
+Thank you!

pasaiakoudala/authbundle/0.1/config/packages/pasaiako_udala_auth.yaml

@@ -1,5 +0,0 @@
-pasaiako_udala_auth:
-    route_after_successfull_login: "default"
-    LDAP_ADMIN_TALDEAK: "Rol-taldea1, Rol-taldea2"
-    LDAP_KUDEATU_TALDEAK: "Rol-taldea1, Rol-taldea2"
-    LDAP_USER_TALDEA: "Rol-taldea1, Rol-taldea2"

pasaiakoudala/authbundle/0.1/config/packages/security.yaml.dist

@@ -1,27 +0,0 @@
-security:
-    enable_authenticator_manager: true
-    password_hashers:
-        PasaiakoUdala\AuthBundle\Entity\User:
-            algorithm: auto
-
-    providers:
-        database_users:
-            entity: { class: PasaiakoUdala\AuthBundle\Entity\User, property: username }
-
-    firewalls:
-        dev:
-            pattern: ^/(_(profiler|wdt)|css|images|js)/
-            security: false
-        main:
-            #            pattern: ^/
-            lazy: true
-            provider: database_users
-            custom_authenticator: paud.form.auth
-            logout:
-                path: pasaiakoudala_auth_logout
-    #                target: default
-
-
-    access_control:
-        #        - { path: ^/login, roles: PUBLIC_ACCESS }
-        - { path: ^/admin, roles: ROLE_ADMIN }

pasaiakoudala/authbundle/0.1/config/routes/pasaiako_udala_auth.yaml

@@ -1,3 +0,0 @@
-pasaiako_udala_auth:
-    resource: '@PasaiakoUdalaAuthBundle/Resources/config/routes.xml'
-    prefix: /

pasaiakoudala/authbundle/0.1/manifest.json

@@ -1,14 +0,0 @@
-{
-    "bundles": {
-        "PasaiakoUdala\\AuthBundle\\PasaiakoUdalaAuthBundle": ["all"]
-    },
-    "copy-from-recipe": {
-        "config/": "%CONFIG_DIR%/"
-    },
-    "env": {
-        "LDAP_IP": "XXX.XXX.XXX.XXX",
-        "LDAP_BASE_DN": "DC=DOMAIN,DC=net",
-        "LDAP_SEARCH_DN": "CN=LDAPUSER,CN=Users,DC=pasaia,DC=net",
-        "LDAP_PASSWD": "LDAP_PASSWD"
-    }
-}

pasaiakoudala/authbundle/0.1/post-install.txt

@@ -1,6 +0,0 @@
-* eguneratu datu basea, erabiltzailearen taula sortzeko
-php bin/console
-
-* moldatu security.yaml fitxategia
-rm config/package/security.yaml
-mv config/package/security.yaml.dist config/package/security.yaml