Properly normalize documents

Author: tvdijen

composer.json

@@ -31,16 +31,16 @@
         "psr/http-message": "~2.0",
         "psr/log": "~2.3 || ~3.0",
         "simplesamlphp/assert": "~1.9",
-        "simplesamlphp/xml-common": "~2.2",
+        "simplesamlphp/xml-common": "~2.3",
         "simplesamlphp/xml-security": "~2.0",
         "simplesamlphp/xml-soap": "~2.0"
     },
     "require-dev": {
         "ext-intl": "*",
 
-        "beste/clock": "~3.0.0",
-        "mockery/mockery": "~1.6.12",
-        "simplesamlphp/simplesamlphp-test-framework": "~1.10.2"
+        "beste/clock": "~3.0",
+        "mockery/mockery": "~1.6",
+        "simplesamlphp/simplesamlphp-test-framework": "~1.10"
     },
     "suggest": {
         "ext-soap": "*"
@@ -58,7 +58,7 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "v6.0.x-dev"
+            "dev-master": "v5.1.x-dev"
         }
     },
     "config": {

tests/SAML2/XML/md/EntityDescriptorTest.php

@@ -235,16 +235,16 @@ public function testMarshalling(): void
     public function testMarshallingWithAffiliationDescriptor(): void
     {
         $ns_md = C::NS_MD;
+        $ns_mdrpi = C::NS_MDRPI;
         $entity_idp = C::ENTITY_IDP;
         $entity_other = C::ENTITY_OTHER;
 
         $document = DOMDocumentFactory::fromString(
             <<<XML
-<md:EntityDescriptor xmlns:md="{$ns_md}" ID="_5A3CHB081" validUntil="2020-02-05T09:39:25Z"
+<md:EntityDescriptor xmlns:md="{$ns_md}" xmlns:mdrpi="{$ns_mdrpi}" ID="_5A3CHB081" validUntil="2020-02-05T09:39:25Z"
     cacheDuration="P2Y6M5DT12H35M30S" entityID="{$entity_idp}">
   <md:Extensions>
-    <mdrpi:PublicationInfo xmlns:mdrpi="urn:oasis:names:tc:SAML:metadata:rpi"
-        publisher="http://publisher.ra/" creationInstant="2020-02-03T13:46:24Z">
+    <mdrpi:PublicationInfo publisher="http://publisher.ra/" creationInstant="2020-02-03T13:46:24Z">
       <mdrpi:UsagePolicy xml:lang="en">http://publisher.ra/policy.txt</mdrpi:UsagePolicy>
     </mdrpi:PublicationInfo>
   </md:Extensions>

tests/SAML2/XML/md/KeyDescriptorTest.php

@@ -97,8 +97,8 @@ public function testMarshallingWithoutOptionalParameters(): void
 
         $this->assertEquals(
             <<<XML
-<md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
-  <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+  <ds:KeyInfo>
     <ds:KeyName>IdentityProvider.com SSO Key</ds:KeyName>
   </ds:KeyInfo>
 </md:KeyDescriptor>
@@ -134,8 +134,8 @@ public function testUnmarshallingWithoutOptionalParameters(): void
     {
         $document = DOMDocumentFactory::fromString(
             <<<XML
-<md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
-  <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+  <ds:KeyInfo>
     <ds:KeyName>IdentityProvider.com SSO Key</ds:KeyName>
   </ds:KeyInfo>
 </md:KeyDescriptor>

tests/SAML2/XML/saml/AssertionTest.php

@@ -1182,7 +1182,9 @@ public function testNameIdEncryption(): void
 
         $identifier = $assertionToVerify->getSubject()?->getIdentifier();
         $this->assertInstanceOf(EncryptedID::class, $identifier);
-
+//var_dump( $identifier->getEncryptedData()->getKeyInfo()->getInfo() );
+// This contains a Chunk  instead of an EncryptedKey-object
+// ToDo: figure out why
         $decryptor = (new KeyTransportAlgorithmFactory())->getAlgorithm(
             $identifier->getEncryptedKeys()[0]->getEncryptionMethod()?->getAlgorithm()->getValue(),
             PEMCertificatesMock::getPrivateKey(PEMCertificatesMock::PRIVATE_KEY),

tests/SAML2/XML/saml/AttributeValueTest.php

@@ -149,17 +149,13 @@ public function testMarshallingNull(): void
     /**
      * Verifies that supplying an empty string as attribute value will
      * generate a tag with no content (instead of e.g. an empty tag).
-     *
      */
     public function testEmptyStringAttribute(): void
     {
         $av = new AttributeValue('');
         $xmlRepresentation = clone self::$xmlRepresentation;
         $xmlRepresentation->documentElement->textContent = '';
-//        $this->assertEqualXMLStructure(
-//            $this->xmlRepresentation->documentElement,
-//            $av->toXML(),
-//        );
+
         $this->assertEquals('', $av->getValue());
         $this->assertEquals('xs:string', $av->getXsiType());
     }
@@ -203,22 +199,22 @@ public function testSerializeEncryptedID(): void
     {
         $document = DOMDocumentFactory::fromString(
             <<<XML
-<saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+<saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
   <saml:EncryptedID>
-    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="_4ea05f00adb06c642e0cb52f063e2570-1" Type="http://www.w3.org/2001/04/xmlenc#Element">
+    <xenc:EncryptedData Id="_4ea05f00adb06c642e0cb52f063e2570-1" Type="http://www.w3.org/2001/04/xmlenc#Element">
       <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyInfo>
         <ds:RetrievalMethod URI="#_dc9043a7cbec55c6fcc61f1cf64cf868-1" Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
       </ds:KeyInfo>
       <xenc:CipherData>
         <xenc:CipherValue>vErnRkA0oSmtQGamjZGa9RFN25SUx1UVLsLAOtopt7pyywTD7wu9pyocfD4HqduXCsvaiZpJykz11utZdvtJ0sOdm9oE+lAtNTUnKzGSNoSopGCzwNu5pqwhIEvWEWeilmJayAC2elpRYOnUs/rePxibz0Wbqa7BItLt6ZkKTtMkv0U0PpgGenF1pWzsahRtw6Y5tFq7xFQkG/z0Lz5rJ+IxExYXgB3LN6FBmVcB1ioahk2ovOwbLQ+lNAdqUMhpZx6fgdL2v7g4OYPK0rDgSALU3gU3dvU4hC/Kk9N5Rkw=</xenc:CipherValue>
       </xenc:CipherData>
     </xenc:EncryptedData>
-    <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="_dc9043a7cbec55c6fcc61f1cf64cf868-1" Recipient="urn:nl-eid-gdi:1.0:DV:00000009900006840000:entities:9780">
+    <xenc:EncryptedKey Id="_dc9043a7cbec55c6fcc61f1cf64cf868-1" Recipient="urn:nl-eid-gdi:1.0:DV:00000009900006840000:entities:9780">
       <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
-        <ds:DigestMethod xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
       </xenc:EncryptionMethod>
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+      <ds:KeyInfo>
         <ds:KeyName>_b420654655d491b49555c698f80efb7bda3ac6ef</ds:KeyName>
       </ds:KeyInfo>
       <xenc:CipherData>

tests/resources/xml/alg_DigestMethod.xml

@@ -1,3 +1,3 @@
-<alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
-  <ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>
+<alg:DigestMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ssp="urn:x-simplesamlphp:namespace" Algorithm="http://www.w3.org/2001/04/xmlenc#sha256">
+  <ssp:Chunk>Some</ssp:Chunk>
 </alg:DigestMethod>

tests/resources/xml/alg_SigningMethod.xml

@@ -1,3 +1,3 @@
-<alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" MinKeySize="1024" MaxKeySize="4096">
-  <ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">Some</ssp:Chunk>
+<alg:SigningMethod xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport" xmlns:ssp="urn:x-simplesamlphp:namespace" Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" MinKeySize="1024" MaxKeySize="4096">
+  <ssp:Chunk>Some</ssp:Chunk>
 </alg:SigningMethod>

tests/resources/xml/ecp_Request.xml

@@ -1,6 +1,6 @@
-<ecp:Request xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:mustUnderstand="1" SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next" ProviderName="PHPUnit" IsPassive="1">
-  <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NameQualifier="urn:x-simplesamlphp:namequalifier" SPNameQualifier="urn:x-simplesamlphp:spnamequalifier" Format="urn:the:format" SPProvidedID="TheSPProvidedID">urn:x-simplesamlphp:issuer</saml:Issuer>
-  <samlp:IDPList xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
+<ecp:Request xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" SOAP-ENV:mustUnderstand="1" SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next" ProviderName="PHPUnit" IsPassive="1">
+  <saml:Issuer NameQualifier="urn:x-simplesamlphp:namequalifier" SPNameQualifier="urn:x-simplesamlphp:spnamequalifier" Format="urn:the:format" SPProvidedID="TheSPProvidedID">urn:x-simplesamlphp:issuer</saml:Issuer>
+  <samlp:IDPList>
     <samlp:IDPEntry ProviderID="urn:some:requester1" Name="testName1" Loc="urn:test:testLoc1"/>
     <samlp:IDPEntry ProviderID="urn:some:requester2" Name="testName2" Loc="urn:test:testLoc2"/>
     <samlp:GetComplete>https://some/location</samlp:GetComplete>

tests/resources/xml/ecp_SubjectConfirmation.xml

@@ -1,6 +1,6 @@
-<ecp:SubjectConfirmation xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:mustUnderstand="1" SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next" Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
-  <saml:SubjectConfirmationData xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" NotBefore="2001-04-19T04:25:21Z" NotOnOrAfter="2009-02-13T23:31:30Z" Recipient="https://simplesamlphp.org/sp/metadata" InResponseTo="SomeRequestID" Address="127.0.0.1" test:attr1="testval1" test:attr2="testval2" xmlns:test="urn:test:something">
-    <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ecp:SubjectConfirmation xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:test="urn:test:something" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" SOAP-ENV:mustUnderstand="1" SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next" Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+  <saml:SubjectConfirmationData NotBefore="2001-04-19T04:25:21Z" NotOnOrAfter="2009-02-13T23:31:30Z" Recipient="https://simplesamlphp.org/sp/metadata" InResponseTo="SomeRequestID" Address="127.0.0.1" test:attr1="testval1" test:attr2="testval2" xmlns:test="urn:test:something">
+    <ds:KeyInfo>
       <ds:KeyName>SomeKey</ds:KeyName>
     </ds:KeyInfo>
     <some>Arbitrary Element</some>

tests/resources/xml/idpdisc_DiscoveryResponse.xml

@@ -1,3 +1,3 @@
-<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:ssp="urn:x-simplesamlphp:namespace" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://simplesamlphp.org/some/endpoint" index="43" isDefault="false" ssp:attr1="testval1">
-  <some:Ext xmlns:some="urn:mace:some:metadata:1.0">SomeExtension</some:Ext>
+<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" xmlns:ssp="urn:x-simplesamlphp:namespace" xmlns:some="urn:mace:some:metadata:1.0" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://simplesamlphp.org/some/endpoint" index="43" isDefault="false" ssp:attr1="testval1">
+  <some:Ext>SomeExtension</some:Ext>
 </idpdisc:DiscoveryResponse>