Rename trust_mark_id to trust_mark_type

Author: cicnavi

composer.json

@@ -31,7 +31,7 @@
         "psr/container": "^2.0",
         "psr/log": "^3",
         "simplesamlphp/composer-module-installer": "^1.3",
-        "simplesamlphp/openid": "^0",
+        "simplesamlphp/openid": "dev-oidfed-draft-43",
         "spomky-labs/base64url": "^2.0",
         "symfony/expression-language": "^6.3",
         "symfony/psr-http-message-bridge": "^7.1",

config/module_oidc.php.dist

@@ -375,20 +375,20 @@ $config = [
 //        'eyJ...GHg',
     ],
 
-    // (optional) Federation Trust Marks for dynamic fetching. An array of key-value pairs, where key is Trust Mark ID
-    // and value is Trust Mark Issuer ID, each representing a Trust Mark issued to this entity. Each Trust Mark ID
-    // in this array will be dynamically fetched from noted Trust Mark Issuer as necessary. If federation caching
-    // is enabled (recommended), fetched Trust Marks will also be cached until their expiry.
+    // (optional) Federation Trust Marks for dynamic fetching. An array of key-value pairs, where key is Trust Mark Type
+    // and value is Trust Mark Issuer ID, each representing a Trust Mark issued to this entity. Each Trust Mark Type
+    // in this array will be dynamically fetched from the noted Trust Mark Issuer as necessary. If federation
+    // caching is enabled (recommended), fetched Trust Marks will also be cached until their expiry.
     ModuleConfig::OPTION_FEDERATION_DYNAMIC_TRUST_MARKS => [
-//        'trust-mark-id' => 'trust-mark-issuer-id',
+//        'trust-mark-type' => 'trust-mark-issuer-id',
     ],
 
     // (optional) Federation participation limit by Trust Marks. This is an array with the following format:
     // [
     //    'trust-anchor-id' => [
     //         'limit-id' => [
-    //              'trust-mark-id',
-    //              'trust-mark-id-2',
+    //              'trust-mark-type',
+    //              'trust-mark-type-2',
     //          ],
     //     ],
     // ],
@@ -399,13 +399,13 @@ $config = [
         'https://ta.example.org/' => [
             // Entities must have (at least) one Trust Mark from the list below.
             \SimpleSAML\Module\oidc\Codebooks\LimitsEnum::OneOf->value => [
-                'trust-mark-id',
-                'trust-mark-id-2',
+                'trust-mark-type',
+                'trust-mark-type-2',
             ],
             // Entities must have all Trust Marks from the list below.
             \SimpleSAML\Module\oidc\Codebooks\LimitsEnum::AllOf->value => [
-                'trust-mark-id-3',
-                'trust-mark-id-4',
+                'trust-mark-type-3',
+                'trust-mark-type-4',
             ],
         ],
     ],

locales/en/LC_MESSAGES/oidc.po

@@ -491,7 +491,7 @@ msgstr ""
 msgid "Trust Anchors"
 msgstr ""
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr ""
 
 msgid ""

locales/es/LC_MESSAGES/oidc.po

@@ -491,7 +491,7 @@ msgstr ""
 msgid "Trust Anchors"
 msgstr ""
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr ""
 
 msgid ""

locales/fr/LC_MESSAGES/oidc.po

@@ -491,7 +491,7 @@ msgstr ""
 msgid "Trust Anchors"
 msgstr ""
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr ""
 
 msgid ""

locales/hr/LC_MESSAGES/oidc.po

@@ -525,7 +525,7 @@ msgstr "IDevi sidra povjerenja"
 msgid "Trust Anchors"
 msgstr "Sidra povjerenja"
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr "ID oznake povjerenja"
 
 msgid ""

locales/it/LC_MESSAGES/oidc.po

@@ -491,7 +491,7 @@ msgstr ""
 msgid "Trust Anchors"
 msgstr ""
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr ""
 
 msgid ""

locales/nl/LC_MESSAGES/oidc.po

@@ -459,7 +459,7 @@ msgstr "Vertrouwde anker-ID's"
 msgid "Trust Anchors"
 msgstr "Vertrouw op ankers"
 
-msgid "Trust Mark ID"
+msgid "Trust Mark Type"
 msgstr "Vertrouwensmerk-ID"
 
 msgid "Trust Mark validation passed (there were no warnings or errors during validation)."

src/Controllers/Admin/ConfigController.php

@@ -80,15 +80,15 @@ function (string $token): Federation\TrustMark {
 
         if (is_array($dynamicTrustMarks = $this->moduleConfig->getFederationDynamicTrustMarks())) {
             /**
-             * @var non-empty-string $trustMarkId
+             * @var non-empty-string $trustMarkType
              * @var non-empty-string $trustMarkIssuerId
              */
-            foreach ($dynamicTrustMarks as $trustMarkId => $trustMarkIssuerId) {
+            foreach ($dynamicTrustMarks as $trustMarkType => $trustMarkIssuerId) {
                 $trustMarkIssuerConfigurationStatement = $this->federation->entityStatementFetcher()
                     ->fromCacheOrWellKnownEndpoint($trustMarkIssuerId);
 
                 $trustMarks[] = $this->federation->trustMarkFetcher()->fromCacheOrFederationTrustMarkEndpoint(
-                    $trustMarkId,
+                    $trustMarkType,
                     $this->moduleConfig->getIssuer(),
                     $trustMarkIssuerConfigurationStatement,
                 );

src/Controllers/Admin/TestController.php

@@ -32,7 +32,7 @@ public function __construct(
         $this->authorization->requireAdmin(true);
 
         $this->arrayLogger->setWeight(ArrayLogger::WEIGHT_WARNING);
-        // Let's create new Federation instance so we can inject our debug logger and go without cache.
+        // Let's create a new Federation instance so we can inject our debug logger and go without cache.
         $this->federationWithArrayLogger = new Federation(
             supportedAlgorithms: $this->federation->supportedAlgorithms(),
             cache: null,
@@ -114,31 +114,31 @@ public function trustChainResolution(Request $request): Response
 
     public function trustMarkValidation(Request $request): Response
     {
-        $trustMarkId = null;
+        $trustMarkType = null;
         $leafEntityId = null;
         $trustAnchorId = null;
         $isFormSubmitted = false;
 
         if ($request->isMethod(Request::METHOD_POST)) {
             $isFormSubmitted = true;
 
-            !empty($trustMarkId = $request->request->getString('trustMarkId')) ||
-            throw new OidcException('Empty Trust Mark ID.');
+            !empty($trustMarkType = $request->request->getString('trustMarkType')) ||
+            throw new OidcException('Empty Trust Mark Type.');
             !empty($leafEntityId = $request->request->getString('leafEntityId')) ||
             throw new OidcException('Empty leaf entity ID.');
             !empty($trustAnchorId = $request->request->getString('trustAnchorId')) ||
             throw new OidcException('Empty Trust Anchor ID.');
 
             try {
-                // We should not try to validate Trust Marks until we have resolved trust chain between leaf and TA.
+                // We should not try to validate Trust Marks until we have resolved a trust chain between leaf and TA.
                 $trustChain = $this->federation->trustChainResolver()->for(
                     $leafEntityId,
                     [$trustAnchorId],
                 )->getShortest();
 
                 try {
-                    $this->federationWithArrayLogger->trustMarkValidator()->doForTrustMarkId(
-                        $trustMarkId,
+                    $this->federationWithArrayLogger->trustMarkValidator()->doForTrustMarkType(
+                        $trustMarkType,
                         $trustChain->getResolvedLeaf(),
                         $trustChain->getResolvedTrustAnchor(),
                     );
@@ -160,7 +160,7 @@ public function trustMarkValidation(Request $request): Response
         return $this->templateFactory->build(
             'oidc:tests/trust-mark-validation.twig',
             compact(
-                'trustMarkId',
+                'trustMarkType',
                 'leafEntityId',
                 'trustAnchorId',
                 'logMessages',