From 20a0b6c93923b83a401d7f98af0305162acd0a35 Mon Sep 17 00:00:00 2001 From: Jaime Perez Crespo <jaime.perez@uninett.no> Date: Mon, 20 Apr 2015 14:39:56 +0200 Subject: [PATCH] Move SimpleSAML_Utilities::isDOMElementOfType() to SimpleSAML\Utils\XML::isDOMElementOfType(). Deprecate the former. --- lib/SimpleSAML/Bindings/Shib13/Artifact.php | 2 +- lib/SimpleSAML/Metadata/SAMLParser.php | 6 +- lib/SimpleSAML/Utilities.php | 60 +------------------- lib/SimpleSAML/Utils/XML.php | 61 +++++++++++++++++++++ 4 files changed, 67 insertions(+), 62 deletions(-) diff --git a/lib/SimpleSAML/Bindings/Shib13/Artifact.php b/lib/SimpleSAML/Bindings/Shib13/Artifact.php index d2118512c..23f43524b 100644 --- a/lib/SimpleSAML/Bindings/Shib13/Artifact.php +++ b/lib/SimpleSAML/Bindings/Shib13/Artifact.php @@ -80,7 +80,7 @@ class SimpleSAML_Bindings_Shib13_Artifact { } $soapEnvelope = $doc->firstChild; - if (!SimpleSAML_Utilities::isDOMElementOfType($soapEnvelope, 'Envelope', 'http://schemas.xmlsoap.org/soap/envelope/')) { + if (!SimpleSAML\Utils\XML::isDOMElementOfType($soapEnvelope, 'Envelope', 'http://schemas.xmlsoap.org/soap/envelope/')) { throw new SimpleSAML_Error_Exception('Expected artifact response to contain a <soap:Envelope> element.'); } diff --git a/lib/SimpleSAML/Metadata/SAMLParser.php b/lib/SimpleSAML/Metadata/SAMLParser.php index c22e0c570..34e962fe1 100644 --- a/lib/SimpleSAML/Metadata/SAMLParser.php +++ b/lib/SimpleSAML/Metadata/SAMLParser.php @@ -297,9 +297,9 @@ class SimpleSAML_Metadata_SAMLParser { assert('$element instanceof DOMElement'); - if(SimpleSAML_Utilities::isDOMElementOfType($element, 'EntityDescriptor', '@md') === TRUE) { + if (SimpleSAML\Utils\XML::isDOMElementOfType($element, 'EntityDescriptor', '@md') === TRUE) { return self::processDescriptorsElement(new SAML2_XML_md_EntityDescriptor($element)); - } elseif(SimpleSAML_Utilities::isDOMElementOfType($element, 'EntitiesDescriptor', '@md') === TRUE) { + } elseif (SimpleSAML\Utils\XML::isDOMElementOfType($element, 'EntitiesDescriptor', '@md') === TRUE) { return self::processDescriptorsElement(new SAML2_XML_md_EntitiesDescriptor($element)); } else { throw new Exception('Unexpected root node: [' . $element->namespaceURI . ']:' . @@ -1293,7 +1293,7 @@ class SimpleSAML_Metadata_SAMLParser { throw new Exception('Failed to load SAML metadata from empty XML document.'); } - if(SimpleSAML_Utilities::isDOMElementOfType($ed, 'EntityDescriptor', '@md') === FALSE) { + if (SimpleSAML\Utils\XML::isDOMElementOfType($ed, 'EntityDescriptor', '@md') === FALSE) { throw new Exception('Expected first element in the metadata document to be an EntityDescriptor element.'); } diff --git a/lib/SimpleSAML/Utilities.php b/lib/SimpleSAML/Utilities.php index ed7507b74..10d3cec41 100644 --- a/lib/SimpleSAML/Utilities.php +++ b/lib/SimpleSAML/Utilities.php @@ -653,66 +653,10 @@ class SimpleSAML_Utilities { /** - * This function checks if the DOMElement has the correct localName and namespaceURI. - * - * We also define the following shortcuts for namespaces: - * - '@ds': 'http://www.w3.org/2000/09/xmldsig#' - * - '@md': 'urn:oasis:names:tc:SAML:2.0:metadata' - * - '@saml1': 'urn:oasis:names:tc:SAML:1.0:assertion' - * - '@saml1md': 'urn:oasis:names:tc:SAML:profiles:v1metadata' - * - '@saml1p': 'urn:oasis:names:tc:SAML:1.0:protocol' - * - '@saml2': 'urn:oasis:names:tc:SAML:2.0:assertion' - * - '@saml2p': 'urn:oasis:names:tc:SAML:2.0:protocol' - * - * @param $element The element we should check. - * @param $name The localname the element should have. - * @param $nsURI The namespaceURI the element should have. - * @return TRUE if both namespace and localname matches, FALSE otherwise. + * @deprecated This function will be removed in SSP 2.0. Please use SimpleSAML\Utils\XML::isDOMElementOfType() instead. */ public static function isDOMElementOfType(DOMNode $element, $name, $nsURI) { - assert('is_string($name)'); - assert('is_string($nsURI)'); - assert('strlen($nsURI) > 0'); - - if (!($element instanceof DOMElement)) { - /* Most likely a comment-node. */ - return FALSE; - } - - /* Check if the namespace is a shortcut, and expand it if it is. */ - if($nsURI[0] == '@') { - - /* The defined shortcuts. */ - $shortcuts = array( - '@ds' => 'http://www.w3.org/2000/09/xmldsig#', - '@md' => 'urn:oasis:names:tc:SAML:2.0:metadata', - '@saml1' => 'urn:oasis:names:tc:SAML:1.0:assertion', - '@saml1md' => 'urn:oasis:names:tc:SAML:profiles:v1metadata', - '@saml1p' => 'urn:oasis:names:tc:SAML:1.0:protocol', - '@saml2' => 'urn:oasis:names:tc:SAML:2.0:assertion', - '@saml2p' => 'urn:oasis:names:tc:SAML:2.0:protocol', - '@shibmd' => 'urn:mace:shibboleth:metadata:1.0', - ); - - /* Check if it is a valid shortcut. */ - if(!array_key_exists($nsURI, $shortcuts)) { - throw new Exception('Unknown namespace shortcut: ' . $nsURI); - } - - /* Expand the shortcut. */ - $nsURI = $shortcuts[$nsURI]; - } - - - if($element->localName !== $name) { - return FALSE; - } - - if($element->namespaceURI !== $nsURI) { - return FALSE; - } - - return TRUE; + return SimpleSAML\Utils\XML::isDOMElementOfType($element, $name, $nsURI); } diff --git a/lib/SimpleSAML/Utils/XML.php b/lib/SimpleSAML/Utils/XML.php index 0b47ec969..5a2b3da35 100644 --- a/lib/SimpleSAML/Utils/XML.php +++ b/lib/SimpleSAML/Utils/XML.php @@ -97,6 +97,7 @@ class XML $root->appendChild(new \DOMText("\n".$indentBase)); } + /** * Format an XML string. * @@ -158,4 +159,64 @@ class XML $txt = trim($txt); return $txt; } + + + /** + * This function checks if the DOMElement has the correct localName and namespaceURI. + * + * We also define the following shortcuts for namespaces: + * - '@ds': 'http://www.w3.org/2000/09/xmldsig#' + * - '@md': 'urn:oasis:names:tc:SAML:2.0:metadata' + * - '@saml1': 'urn:oasis:names:tc:SAML:1.0:assertion' + * - '@saml1md': 'urn:oasis:names:tc:SAML:profiles:v1metadata' + * - '@saml1p': 'urn:oasis:names:tc:SAML:1.0:protocol' + * - '@saml2': 'urn:oasis:names:tc:SAML:2.0:assertion' + * - '@saml2p': 'urn:oasis:names:tc:SAML:2.0:protocol' + * + * @param \DOMNode $element The element we should check. + * @param string $name The local name the element should have. + * @param string $nsURI The namespaceURI the element should have. + * + * @return boolean True if both namespace and local name matches, false otherwise. + * @throws \SimpleSAML_Error_Exception If the namespace shortcut is unknown. + * @author Andreas Solberg, UNINETT AS <andreas.solberg@uninett.no> + * @author Olav Morken, UNINETT AS <olav.morken@uninett.no> + */ + public static function isDOMElementOfType(\DOMNode $element, $name, $nsURI) + { + if (!($element instanceof \DOMElement) || !is_string($name) || !is_string($nsURI) || strlen($nsURI) === 0) { + // most likely a comment-node + return false; + } + + // check if the namespace is a shortcut, and expand it if it is + if ($nsURI[0] === '@') { + // the defined shortcuts + $shortcuts = array( + '@ds' => 'http://www.w3.org/2000/09/xmldsig#', + '@md' => 'urn:oasis:names:tc:SAML:2.0:metadata', + '@saml1' => 'urn:oasis:names:tc:SAML:1.0:assertion', + '@saml1md' => 'urn:oasis:names:tc:SAML:profiles:v1metadata', + '@saml1p' => 'urn:oasis:names:tc:SAML:1.0:protocol', + '@saml2' => 'urn:oasis:names:tc:SAML:2.0:assertion', + '@saml2p' => 'urn:oasis:names:tc:SAML:2.0:protocol', + '@shibmd' => 'urn:mace:shibboleth:metadata:1.0', + ); + + // check if it is a valid shortcut + if (!array_key_exists($nsURI, $shortcuts)) { + throw new \SimpleSAML_Error_Exception('Unknown namespace shortcut: '.$nsURI); + } + + // expand the shortcut + $nsURI = $shortcuts[$nsURI]; + } + if ($element->localName !== $name) { + return false; + } + if ($element->namespaceURI !== $nsURI) { + return false; + } + return true; + } } -- GitLab