SimpleSAML\Utils\XML Class Reference

Collaboration diagram for SimpleSAML\Utils\XML:

Static Public Member Functions
static	checkSAMLMessage ($message, $type)
	This function performs some sanity checks on XML documents, and optionally validates them against their schema if the 'validatexml' debugging option is enabled. More...
static	debugSAMLMessage ($message, $type)
	Helper function to log SAML messages that we send or receive. More...
static	formatXMLString ($xml, $indentBase='')
	Format an XML string. More...
static	isDOMNodeOfType (\DOMNode $element, $name, $nsURI)
	This function checks if the DOMElement has the correct localName and namespaceURI. More...

Detailed Description

Definition at line 13 of file XML.php.

Member Function Documentation

checkSAMLMessage()

static SimpleSAML\Utils\XML::checkSAMLMessage (   $message,   $type  )

static

This function performs some sanity checks on XML documents, and optionally validates them against their schema if the 'validatexml' debugging option is enabled.

A warning will be printed to the log if validation fails.

Parameters

string	$message	The SAML document we want to check.
string	$type	The type of document. Can be one of: 'saml20' 'saml11' 'saml-meta'

Exceptions

Definition at line 35 of file XML.php.

References $debug, $message, $result, $type, array, SimpleSAML_Configuration\getInstance(), and SimpleSAML\Logger\warning().

Referenced by SimpleSAML\Bindings\Shib13\HTTPPost\decodeResponse(), SimpleSAML\Bindings\Shib13\HTTPPost\sendResponse(), and SimpleSAML_Utilities\validateXMLDocument().

    {
        $allowed_types = array('saml20', 'saml11', 'saml-meta');
        if (!(is_string($message) && in_array($type, $allowed_types, true))) {
            throw new \InvalidArgumentException('Invalid input parameters.');
        }

        // a SAML message should not contain a doctype-declaration
        if (strpos($message, '<!DOCTYPE') !== false) {
            throw new \SimpleSAML_Error_Exception('XML contained a doctype declaration.');
        }

        // see if debugging is enabled for XML validation
        $debug = \SimpleSAML_Configuration::getInstance()->getArrayize('debug', array('validatexml' => false));
        $enabled = \SimpleSAML_Configuration::getInstance()->getBoolean('debug.validatexml', false);

        if (!(in_array('validatexml', $debug, true) // implicitly enabled
              || (array_key_exists('validatexml', $debug) && $debug['validatexml'] === true) // explicitly enabled
              // TODO: deprecate this option and remove it in 2.0
              || $enabled // old 'debug.validatexml' configuration option
        )) {
            // XML validation is disabled
            return;
        }

        $result = true;
        switch ($type) {
            case 'saml11':
                $result = self::isValid($message, 'oasis-sstc-saml-schema-protocol-1.1.xsd');
                break;
            case 'saml20':
                $result = self::isValid($message, 'saml-schema-protocol-2.0.xsd');
                break;
            case 'saml-meta':
                $result = self::isValid($message, 'saml-schema-metadata-2.0.xsd');
        }
        if ($result !== true) {
            Logger::warning($result);
        }
    }

Here is the call graph for this function:

Here is the caller graph for this function:

debugSAMLMessage()

static SimpleSAML\Utils\XML::debugSAMLMessage (   $message,   $type  )

static

Helper function to log SAML messages that we send or receive.

Parameters

string | \DOMElement	$message	The message, as an string containing the XML or an XML element.
string	$type	Whether this message is sent or received, encrypted or decrypted. The following values are supported: 'in': for messages received. 'out': for outgoing messages. 'decrypt': for decrypted messages. 'encrypt': for encrypted messages.

Exceptions

Definition at line 94 of file XML.php.

References $debug, $i, $message, $type, array, SimpleSAML\Logger\debug(), and SimpleSAML_Configuration\getInstance().

Referenced by SimpleSAML_Utilities\debugMessage(), SimpleSAML\Bindings\Shib13\HTTPPost\decodeResponse(), SimpleSAML\Bindings\Shib13\Artifact\extractResponse(), and SimpleSAML\Bindings\Shib13\HTTPPost\sendResponse().

    {
        if (!(is_string($type) && (is_string($message) || $message instanceof \DOMElement))) {
            throw new \InvalidArgumentException('Invalid input parameters.');
        }

        // see if debugging is enabled for SAML messages
        $debug = \SimpleSAML_Configuration::getInstance()->getArrayize('debug', array('saml' => false));

        if (!(in_array('saml', $debug, true) // implicitly enabled
              || (array_key_exists('saml', $debug) && $debug['saml'] === true) // explicitly enabled
              // TODO: deprecate the old style and remove it in 2.0
              || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug'
        )) {
            // debugging messages is disabled
            return;
        }

        if ($message instanceof \DOMElement) {
            $message = $message->ownerDocument->saveXML($message);
        }

        switch ($type) {
            case 'in':
                Logger::debug('Received message:');
                break;
            case 'out':
                Logger::debug('Sending message:');
                break;
            case 'decrypt':
                Logger::debug('Decrypted message:');
                break;
            case 'encrypt':
                Logger::debug('Encrypted message:');
                break;
            default:
                assert(false);
        }

        $str = self::formatXMLString($message);
        foreach (explode("\n", $str) as $line) {
            Logger::debug($line);
        }
    }

Here is the call graph for this function:

Here is the caller graph for this function:

formatXMLString()

static SimpleSAML\Utils\XML::formatXMLString (   $xml,   $indentBase = ''  )

static

Format an XML string.

This function formats an XML string using the formatDOMElement() function.

Parameters

string	$xml	An XML string which should be formatted.
string	$indentBase	Optional indentation which should be applied to all the output. Optional, defaults to ''.

Returns

string The formatted string.

Exceptions

Definition at line 246 of file XML.php.

References $i, $ret, $txt, $xml, array, and SAML2\DOMDocumentFactory\fromString().

Referenced by SimpleSAML_Utilities\formatXMLString().

    {
        if (!is_string($xml) || !is_string($indentBase)) {
            throw new \InvalidArgumentException('Invalid input parameters');
        }

        try {
            $doc = \SAML2\DOMDocumentFactory::fromString($xml);
        } catch (\Exception $e) {
            throw new \DOMException('Error parsing XML string.');
        }

        $root = $doc->firstChild;
        self::formatDOMElement($root, $indentBase);

        return $doc->saveXML($root);
    }

Here is the call graph for this function:

Here is the caller graph for this function:

isDOMNodeOfType()

static SimpleSAML\Utils\XML::isDOMNodeOfType ( \DOMNode  $element,   $name,   $nsURI  )

static

This function checks if the DOMElement has the correct localName and namespaceURI.

We also define the following shortcuts for namespaces:

• '': 'http://www.w3.org/2000/09/xmldsig#'
• '': 'urn:oasis:names:tc:SAML:2.0:metadata'
• '': 'urn:oasis:names:tc:SAML:1.0:assertion'
• '': 'urn:oasis:names:tc:SAML:profiles:v1metadata'
• '': 'urn:oasis:names:tc:SAML:1.0:protocol'
• '': 'urn:oasis:names:tc:SAML:2.0:assertion'
• '': 'urn:oasis:names:tc:SAML:2.0:protocol'

Parameters

\DOMNode	$element	The element we should check.
string	$name	The local name the element should have.
string	$nsURI	The namespaceURI the element should have.

Returns

boolean True if both namespace and local name matches, false otherwise.

Exceptions

Definition at line 357 of file XML.php.

References $config, $errors, $name, $res, $schema, $xml, array, SimpleSAML\XML\Errors\begin(), SimpleSAML\XML\Errors\end(), SimpleSAML\XML\Errors\formatErrors(), SAML2\DOMDocumentFactory\fromString(), and SimpleSAML_Configuration\getInstance().

Referenced by SimpleSAML\Bindings\Shib13\Artifact\extractResponse(), and SimpleSAML_Utilities\isDOMElementOfType().

    {
        if (!is_string($name) || !is_string($nsURI) || strlen($nsURI) === 0) {
            // most likely a comment-node
            return false;
        }

        // check if the namespace is a shortcut, and expand it if it is
        if ($nsURI[0] === '@') {
            // the defined shortcuts
            $shortcuts = array(
                '@ds'      => 'http://www.w3.org/2000/09/xmldsig#',
                '@md'      => 'urn:oasis:names:tc:SAML:2.0:metadata',
                '@saml1'   => 'urn:oasis:names:tc:SAML:1.0:assertion',
                '@saml1md' => 'urn:oasis:names:tc:SAML:profiles:v1metadata',
                '@saml1p'  => 'urn:oasis:names:tc:SAML:1.0:protocol',
                '@saml2'   => 'urn:oasis:names:tc:SAML:2.0:assertion',
                '@saml2p'  => 'urn:oasis:names:tc:SAML:2.0:protocol',
                '@shibmd'  => 'urn:mace:shibboleth:metadata:1.0',
            );

            // check if it is a valid shortcut
            if (!array_key_exists($nsURI, $shortcuts)) {
                throw new \InvalidArgumentException('Unknown namespace shortcut: '.$nsURI);
            }

            // expand the shortcut
            $nsURI = $shortcuts[$nsURI];
        }
        if ($element->localName !== $name) {
            return false;
        }
        if ($element->namespaceURI !== $nsURI) {
            return false;
        }
        return true;
    }

Here is the call graph for this function:

Here is the caller graph for this function:

---

The documentation for this class was generated from the following file:

• libs/composer/vendor/simplesamlphp/simplesamlphp/lib/SimpleSAML/Utils/XML.php