ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Static Public Member Functions
SimpleSAML\Utils\XML Class Reference
+ Collaboration diagram for SimpleSAML\Utils\XML:

Static Public Member Functions

static checkSAMLMessage ($message, $type)
 This function performs some sanity checks on XML documents, and optionally validates them against their schema if the 'validatexml' debugging option is enabled. More...
 
static debugSAMLMessage ($message, $type)
 Helper function to log SAML messages that we send or receive. More...
 
static formatXMLString ($xml, $indentBase='')
 Format an XML string. More...
 
static isDOMNodeOfType (\DOMNode $element, $name, $nsURI)
 This function checks if the DOMElement has the correct localName and namespaceURI. More...
 

Detailed Description

Definition at line 13 of file XML.php.

Member Function Documentation

◆ checkSAMLMessage()

static SimpleSAML\Utils\XML::checkSAMLMessage (   $message,
  $type 
)
static

This function performs some sanity checks on XML documents, and optionally validates them against their schema if the 'validatexml' debugging option is enabled.

A warning will be printed to the log if validation fails.

Parameters
string$messageThe SAML document we want to check.
string$typeThe type of document. Can be one of:
  • 'saml20'
  • 'saml11'
  • 'saml-meta'
Exceptions

InvalidArgumentException If $message is not a string or $type is not a string containing one of the values allowed.

Exceptions

SimpleSAML_Error_Exception If $message contains a doctype declaration.

Returns
void
Author
Olav Morken, UNINETT AS olav..nosp@m.mork.nosp@m.en@un.nosp@m.inet.nosp@m.t.no
Jaime Perez, UNINETT AS jaime.nosp@m..per.nosp@m.ez@un.nosp@m.inet.nosp@m.t.no

Definition at line 35 of file XML.php.

36 {
37 $allowed_types = array('saml20', 'saml11', 'saml-meta');
38 if (!(is_string($message) && in_array($type, $allowed_types, true))) {
39 throw new \InvalidArgumentException('Invalid input parameters.');
40 }
41
42 // a SAML message should not contain a doctype-declaration
43 if (strpos($message, '<!DOCTYPE') !== false) {
44 throw new \SimpleSAML_Error_Exception('XML contained a doctype declaration.');
45 }
46
47 // see if debugging is enabled for XML validation
48 $debug = \SimpleSAML_Configuration::getInstance()->getArrayize('debug', array('validatexml' => false));
49 $enabled = \SimpleSAML_Configuration::getInstance()->getBoolean('debug.validatexml', false);
50
51 if (!(in_array('validatexml', $debug, true) // implicitly enabled
52 || (array_key_exists('validatexml', $debug) && $debug['validatexml'] === true) // explicitly enabled
53 // TODO: deprecate this option and remove it in 2.0
54 || $enabled // old 'debug.validatexml' configuration option
55 )) {
56 // XML validation is disabled
57 return;
58 }
59
60 $result = true;
61 switch ($type) {
62 case 'saml11':
63 $result = self::isValid($message, 'oasis-sstc-saml-schema-protocol-1.1.xsd');
64 break;
65 case 'saml20':
66 $result = self::isValid($message, 'saml-schema-protocol-2.0.xsd');
67 break;
68 case 'saml-meta':
69 $result = self::isValid($message, 'saml-schema-metadata-2.0.xsd');
70 }
71 if ($result !== true) {
72 Logger::warning($result);
73 }
74 }
$result
$result
Definition: CleanUpTest.php:463
SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:177
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
$type
$type
Definition: proxy_ylocal.php:10

References Sabre\VObject\$debug, $message, $result, $type, SimpleSAML_Configuration\getInstance(), and SimpleSAML\Logger\warning().

Referenced by SimpleSAML\Bindings\Shib13\HTTPPost\decodeResponse(), SimpleSAML\Bindings\Shib13\HTTPPost\sendResponse(), and SimpleSAML_Utilities\validateXMLDocument().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ debugSAMLMessage()

static SimpleSAML\Utils\XML::debugSAMLMessage (   $message,
  $type 
)
static

Helper function to log SAML messages that we send or receive.

Parameters
string | \DOMElement$messageThe message, as an string containing the XML or an XML element.
string$typeWhether this message is sent or received, encrypted or decrypted. The following values are supported:
  • 'in': for messages received.
  • 'out': for outgoing messages.
  • 'decrypt': for decrypted messages.
  • 'encrypt': for encrypted messages.
Exceptions

InvalidArgumentException If $type is not a string or $message is neither a string nor a \DOMElement.

Returns
void
Author
Olav Morken, UNINETT AS olav..nosp@m.mork.nosp@m.en@un.nosp@m.inet.nosp@m.t.no

Definition at line 94 of file XML.php.

95 {
96 if (!(is_string($type) && (is_string($message) || $message instanceof \DOMElement))) {
97 throw new \InvalidArgumentException('Invalid input parameters.');
98 }
99
100 // see if debugging is enabled for SAML messages
101 $debug = \SimpleSAML_Configuration::getInstance()->getArrayize('debug', array('saml' => false));
102
103 if (!(in_array('saml', $debug, true) // implicitly enabled
104 || (array_key_exists('saml', $debug) && $debug['saml'] === true) // explicitly enabled
105 // TODO: deprecate the old style and remove it in 2.0
106 || (array_key_exists(0, $debug) && $debug[0] === true) // old style 'debug'
107 )) {
108 // debugging messages is disabled
109 return;
110 }
111
112 if ($message instanceof \DOMElement) {
113 $message = $message->ownerDocument->saveXML($message);
114 }
115
116 switch ($type) {
117 case 'in':
118 Logger::debug('Received message:');
119 break;
120 case 'out':
121 Logger::debug('Sending message:');
122 break;
123 case 'decrypt':
124 Logger::debug('Decrypted message:');
125 break;
126 case 'encrypt':
127 Logger::debug('Encrypted message:');
128 break;
129 default:
130 assert(false);
131 }
132
133 $str = self::formatXMLString($message);
134 foreach (explode("\n", $str) as $line) {
135 Logger::debug($line);
136 }
137 }
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
SimpleSAML\Utils\XML\formatXMLString
static formatXMLString($xml, $indentBase='')
Format an XML string.
Definition: XML.php:246

References Sabre\VObject\$debug, $message, $type, SimpleSAML\Logger\debug(), SimpleSAML\Utils\XML\formatXMLString(), and SimpleSAML_Configuration\getInstance().

Referenced by SimpleSAML_Utilities\debugMessage(), SimpleSAML\Bindings\Shib13\HTTPPost\decodeResponse(), and SimpleSAML\Bindings\Shib13\HTTPPost\sendResponse().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ formatXMLString()

static SimpleSAML\Utils\XML::formatXMLString (   $xml,
  $indentBase = '' 
)
static

Format an XML string.

This function formats an XML string using the formatDOMElement() function.

Parameters
string$xmlAn XML string which should be formatted.
string$indentBaseOptional indentation which should be applied to all the output. Optional, defaults to ''.
Returns
string The formatted string.
Exceptions

InvalidArgumentException If the parameters are not strings.

Exceptions

DOMException If the input does not parse correctly as an XML string.

Author
Olav Morken, UNINETT AS olav..nosp@m.mork.nosp@m.en@un.nosp@m.inet.nosp@m.t.no

Definition at line 246 of file XML.php.

247 {
248 if (!is_string($xml) || !is_string($indentBase)) {
249 throw new \InvalidArgumentException('Invalid input parameters');
250 }
251
252 try {
253 $doc = \SAML2\DOMDocumentFactory::fromString($xml);
254 } catch (\Exception $e) {
255 throw new \DOMException('Error parsing XML string.');
256 }
257
258 $root = $doc->firstChild;
259 self::formatDOMElement($root, $indentBase);
260
261 return $doc->saveXML($root);
262 }
$xml
$xml
Definition: fetch_windows_zones.php:11
$root
$root
Definition: sabredav.php:45

References $root, $xml, and SAML2\DOMDocumentFactory\fromString().

Referenced by SimpleSAML\Utils\XML\debugSAMLMessage(), and SimpleSAML_Utilities\formatXMLString().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isDOMNodeOfType()

static SimpleSAML\Utils\XML::isDOMNodeOfType ( \DOMNode  $element,
  $name,
  $nsURI 
)
static

This function checks if the DOMElement has the correct localName and namespaceURI.

We also define the following shortcuts for namespaces:

  • '@ds': 'http://www.w3.org/2000/09/xmldsig#'
  • '@md': 'urn:oasis:names:tc:SAML:2.0:metadata'
  • '@saml1': 'urn:oasis:names:tc:SAML:1.0:assertion'
  • '@saml1md': 'urn:oasis:names:tc:SAML:profiles:v1metadata'
  • '@saml1p': 'urn:oasis:names:tc:SAML:1.0:protocol'
  • '@saml2': 'urn:oasis:names:tc:SAML:2.0:assertion'
  • '@saml2p': 'urn:oasis:names:tc:SAML:2.0:protocol'
Parameters
\DOMNode$elementThe element we should check.
string$nameThe local name the element should have.
string$nsURIThe namespaceURI the element should have.
Returns
boolean True if both namespace and local name matches, false otherwise.
Exceptions

InvalidArgumentException If the namespace shortcut is unknown.

Author
Andreas Solberg, UNINETT AS andre.nosp@m.as.s.nosp@m.olber.nosp@m.g@un.nosp@m.inett.nosp@m..no
Olav Morken, UNINETT AS olav..nosp@m.mork.nosp@m.en@un.nosp@m.inet.nosp@m.t.no

Definition at line 357 of file XML.php.

358 {
359 if (!is_string($name) || !is_string($nsURI) || strlen($nsURI) === 0) {
360 // most likely a comment-node
361 return false;
362 }
363
364 // check if the namespace is a shortcut, and expand it if it is
365 if ($nsURI[0] === '@') {
366 // the defined shortcuts
367 $shortcuts = array(
368 '@ds' => 'http://www.w3.org/2000/09/xmldsig#',
369 '@md' => 'urn:oasis:names:tc:SAML:2.0:metadata',
370 '@saml1' => 'urn:oasis:names:tc:SAML:1.0:assertion',
371 '@saml1md' => 'urn:oasis:names:tc:SAML:profiles:v1metadata',
372 '@saml1p' => 'urn:oasis:names:tc:SAML:1.0:protocol',
373 '@saml2' => 'urn:oasis:names:tc:SAML:2.0:assertion',
374 '@saml2p' => 'urn:oasis:names:tc:SAML:2.0:protocol',
375 '@shibmd' => 'urn:mace:shibboleth:metadata:1.0',
376 );
377
378 // check if it is a valid shortcut
379 if (!array_key_exists($nsURI, $shortcuts)) {
380 throw new \InvalidArgumentException('Unknown namespace shortcut: '.$nsURI);
381 }
382
383 // expand the shortcut
384 $nsURI = $shortcuts[$nsURI];
385 }
386 if ($element->localName !== $name) {
387 return false;
388 }
389 if ($element->namespaceURI !== $nsURI) {
390 return false;
391 }
392 return true;
393 }
$name
$name
Definition: client_example.php:35

References $name.

Referenced by SimpleSAML\Bindings\Shib13\Artifact\extractResponse(), and SimpleSAML_Utilities\isDOMElementOfType().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: