Refactor md:Extensions / samlp:Extensions to use the generic ExtendableElementTrait and filter saml-defined namespaces from it's content

Author: tvdijen

phpstan-baseline.neon

@@ -181,19 +181,19 @@ parameters:
 			path: src/XML/md/AbstractSignedMdElement.php
 
 		-
-			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getList\(\)\.$#'
+			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getElements\(\)\.$#'
 			identifier: method.notFound
 			count: 1
 			path: src/XML/md/ContactPerson.php
 
 		-
-			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getList\(\)\.$#'
+			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getElements\(\)\.$#'
 			identifier: method.notFound
 			count: 1
 			path: src/XML/md/EntitiesDescriptor.php
 
 		-
-			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getList\(\)\.$#'
+			message: '#^Call to an undefined method SimpleSAML\\XML\\AbstractElement\:\:getElements\(\)\.$#'
 			identifier: method.notFound
 			count: 1
 			path: src/XML/md/Organization.php

src/XML/ExtensionsTrait.php

@@ -5,12 +5,7 @@
 namespace SimpleSAML\SAML2\XML;
 
 use DOMElement;
-use SimpleSAML\SAML2\Assert\Assert;
-use SimpleSAML\SAML2\Constants as C;
-use SimpleSAML\SAML2\Exception\ProtocolViolationException;
-use SimpleSAML\XML\ElementInterface;
-
-use function in_array;
+use SimpleSAML\XML\ExtendableElementTrait;
 
 /**
  * Trait grouping common functionality for elements implementing ExtensionType.
@@ -19,8 +14,7 @@
  */
 trait ExtensionsTrait
 {
-    /** @var \SimpleSAML\XML\SerializableElementInterface[] */
-    protected array $extensions = [];
+    use ExtendableElementTrait;
 
 
     /**
@@ -30,52 +24,19 @@ trait ExtensionsTrait
      */
     public function __construct(array $extensions)
     {
-        Assert::maxCount($extensions, C::UNBOUNDED_LIMIT);
-        Assert::allIsInstanceOf($extensions, ElementInterface::class);
-
-        foreach ($extensions as $extension) {
-            /** @var \SimpleSAML\XML\AbstractElement $extension */
-            $namespace = $extension->getNamespaceURI();
-
-            Assert::notNull(
-                $namespace,
-                'Extensions MUST NOT include global (non-namespace-qualified) elements.',
-                ProtocolViolationException::class,
-            );
-            Assert::true(
-                !in_array($namespace, [C::NS_SAML, C::NS_SAMLP], true),
-                'Extensions MUST NOT include any SAML-defined namespace elements.',
-                ProtocolViolationException::class,
-            );
-        }
-
-        /**
-         * Set an array with all extensions present.
-         */
-        $this->extensions = $extensions;
-    }
-
-
-    /**
-     * Get an array with all extensions present.
-     *
-     * @return \SimpleSAML\XML\SerializableElementInterface[]
-     */
-    public function getList(): array
-    {
-        return $this->extensions;
+        $this->setElements($extensions);
     }
 
 
     /**
      */
     public function isEmptyElement(): bool
     {
-        if (empty($this->getList())) {
+        if (empty($this->getElements())) {
             return true;
         }
 
-        foreach ($this->getList() as $extension) {
+        foreach ($this->getElements() as $extension) {
             if ($extension->isEmptyElement() === false) {
                 return false;
             }
@@ -96,7 +57,7 @@ public function toXML(?DOMElement $parent = null): DOMElement
         $e = $this->instantiateParentElement($parent);
 
         if (!$this->isEmptyElement()) {
-            foreach ($this->getList() as $extension) {
+            foreach ($this->getElements() as $extension) {
                 if (!$extension->isEmptyElement()) {
                     $extension->toXML($e);
                 }

src/XML/md/AbstractMetadataDocument.php

@@ -44,7 +44,7 @@ public function __construct(
         ?Extensions $extensions = null,
     ) {
         if ($extensions !== null) {
-            $exts = $extensions->getList();
+            $exts = $extensions->getElements();
 
             /**
              * MDUI 2.1: this element MUST NOT appear more than once within a given <md:Extensions> element.

src/XML/md/ContactPerson.php

@@ -388,7 +388,7 @@ public function toArray(): array
             'SurName' => $this->getSurName()?->getContent()->getValue(),
             'EmailAddress' => [],
             'TelephoneNumber' => [],
-            'Extensions' => $this->Extensions?->getList(),
+            'Extensions' => $this->Extensions?->getElements(),
             'attributes' => [],
         ];
 

src/XML/md/EntitiesDescriptor.php

@@ -75,14 +75,14 @@ public function __construct(
              * manner, descendant <md:EntitiesDescriptor> and <md:EntityDescriptor> elements MUST
              * NOT contain a <mdrpi:RegistrationInfo> element in their <md:Extensions> element.
              */
-            $toplevel_regInfo = array_values(array_filter($extensions->getList(), function ($ext) {
+            $toplevel_regInfo = array_values(array_filter($extensions->getElements(), function ($ext) {
                 return $ext instanceof RegistrationInfo;
             }));
 
             /**
              * The <mdrpi:PublicationInfo> element SHOULD only be used on the root element of a metadata document.
              */
-            $toplevel_pubInfo = array_values(array_filter($extensions->getList(), function ($ext) {
+            $toplevel_pubInfo = array_values(array_filter($extensions->getElements(), function ($ext) {
                 return $ext instanceof PublicationInfo;
             }));
 
@@ -94,7 +94,7 @@ public function __construct(
              * When used in this manner, descendant <md:EntitiesDescriptor> and <md:EntityDescriptor>
              * elements MUST NOT contain a <mdrpi:PublicationPath> element in their <md:Extensions> element.
              */
-            $toplevel_pubPath = array_values(array_filter($extensions->getList(), function ($ext) {
+            $toplevel_pubPath = array_values(array_filter($extensions->getElements(), function ($ext) {
                 return $ext instanceof PublicationPath;
             }));
 
@@ -156,7 +156,7 @@ private function getRecursiveExtensions(EntityDescriptor|EntitiesDescriptor $des
     {
         $extensions = [];
         if ($descriptor->getExtensions() !== null) {
-            $extensions = $descriptor->getExtensions()->getList();
+            $extensions = $descriptor->getExtensions()->getElements();
 
             if ($descriptor instanceof EntitiesDescriptor) {
                 $eds = array_merge($descriptor->getEntitiesDescriptors(), $descriptor->getEntityDescriptors());

src/XML/md/Extensions.php

@@ -27,6 +27,7 @@
 use SimpleSAML\XML\SchemaValidatableElementInterface;
 use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XMLSchema\Exception\InvalidDOMElementException;
+use SimpleSAML\XMLSchema\XML\Constants\NS;
 
 use function array_key_exists;
 
@@ -41,6 +42,21 @@ final class Extensions extends AbstractMdElement implements SchemaValidatableEle
     use SchemaValidatableElementTrait;
 
 
+    /** The namespace-attribute for the xs:any element */
+    public const string XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /**
+     * The exclusions for the xs:any element
+     *
+     * @var array<int, array<int, string>>
+     */
+    public const array XS_ANY_ELT_EXCLUSIONS = [
+        ['urn:oasis:names:tc:SAML:2.0:assertion', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:metadata', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:protocol', '*'],
+    ];
+
+
     /**
      * Create an Extensions object from its md:Extensions XML representation.
      *

src/XML/md/Organization.php

@@ -307,7 +307,7 @@ public function toArray(): array
             'OrganizationName' => [],
             'OrganizationDisplayName' => [],
             'OrganizationURL' => [],
-            'Extensions' => $this->getExtensions()?->getList(),
+            'Extensions' => $this->getExtensions()?->getElements(),
             'attributes' => [],
         ];
 

src/XML/saml/AbstractSubjectConfirmationData.php

@@ -45,6 +45,7 @@ abstract class AbstractSubjectConfirmationData extends AbstractAnyType
      */
     public const array XS_ANY_ATTR_EXCLUSIONS = [
         ['urn:oasis:names:tc:SAML:2.0:assertion', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:metadata', '*'],
         ['urn:oasis:names:tc:SAML:2.0:protocol', '*'],
     ];
 

src/XML/saml/Attribute.php

@@ -47,6 +47,7 @@ class Attribute extends AbstractSamlElement implements
      */
     public const array XS_ANY_ATTR_EXCLUSIONS = [
         ['urn:oasis:names:tc:SAML:2.0:assertion', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:metadata', '*'],
         ['urn:oasis:names:tc:SAML:2.0:protocol', '*'],
     ];
 

src/XML/samlp/Extensions.php

@@ -12,6 +12,7 @@
 use SimpleSAML\XML\SchemaValidatableElementInterface;
 use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XMLSchema\Exception\InvalidDOMElementException;
+use SimpleSAML\XMLSchema\XML\Constants\NS;
 
 /**
  * Class for handling SAML2 extensions.
@@ -24,6 +25,21 @@ final class Extensions extends AbstractSamlpElement implements SchemaValidatable
     use SchemaValidatableElementTrait;
 
 
+    /** The namespace-attribute for the xs:any element */
+    public const string XS_ANY_ELT_NAMESPACE = NS::OTHER;
+
+    /**
+     * The exclusions for the xs:any element
+     *
+     * @var array<int, array<int, string>>
+     */
+    public const array XS_ANY_ELT_EXCLUSIONS = [
+        ['urn:oasis:names:tc:SAML:2.0:assertion', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:metadata', '*'],
+        ['urn:oasis:names:tc:SAML:2.0:protocol', '*'],
+    ];
+
+
     /**
      * Create an Extensions object from its samlp:Extensions XML representation.
      *