/**
* Test adding multiple elements of a given type with given values.
*/
public function testGetAddStrings()
{
$document = SAML2_DOMDocumentFactory::fromString('<root/>');
SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', FALSE, array('value1', 'value2'));
$this->assertEquals('<root>' . '<ns:somenode xmlns:ns="testns">value1</ns:somenode>' . '<ns:somenode xmlns:ns="testns">value2</ns:somenode>' . '</root>', $document->saveXML($document->firstChild));
$document->loadXML('<ns:root xmlns:ns="testns"/>');
SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', FALSE, array('value1', 'value2'));
$this->assertEquals('<ns:root xmlns:ns="testns">' . '<ns:somenode>value1</ns:somenode>' . '<ns:somenode>value2</ns:somenode>' . '</ns:root>', $document->saveXML($document->firstChild));
$document->loadXML('<root/>');
SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', TRUE, array('en' => 'value (en)', 'no' => 'value (no)'));
$this->assertEquals('<root>' . '<ns:somenode xmlns:ns="testns" xml:lang="en">value (en)</ns:somenode>' . '<ns:somenode xmlns:ns="testns" xml:lang="no">value (no)</ns:somenode>' . '</root>', $document->saveXML($document->firstChild));
$document->loadXML('<ns:root xmlns:ns="testns"/>');
SAML2_Utils::addStrings($document->firstChild, 'testns', 'ns:somenode', TRUE, array('en' => 'value (en)', 'no' => 'value (no)'));
$this->assertEquals('<ns:root xmlns:ns="testns">' . '<ns:somenode xml:lang="en">value (en)</ns:somenode>' . '<ns:somenode xml:lang="no">value (no)</ns:somenode>' . '</ns:root>', $document->saveXML($document->firstChild));
}
/**
* Convert this element to XML.
*
* @param DOMElement $parent The element we should append to.
*/
public function toXML(DOMElement $parent)
{
assert('is_string($this->registrationAuthority)');
assert('is_int($this->registrationInstant) || is_null($this->registrationInstant)');
assert('is_array($this->RegistrationPolicy)');
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(SAML2_XML_mdrpi_Common::NS_MDRPI, 'mdrpi:RegistrationInfo');
$parent->appendChild($e);
$e->setAttribute('registrationAuthority', $this->registrationAuthority);
if ($this->registrationInstant !== NULL) {
$e->setAttribute('registrationInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->registrationInstant));
}
SAML2_Utils::addStrings($e, SAML2_XML_mdrpi_Common::NS_MDRPI, 'mdrpi:RegistrationPolicy', TRUE, $this->RegistrationPolicy);
return $e;
}
/**
* Add this PDPDescriptor to an EntityDescriptor.
*
* @param DOMElement $parent The EntityDescriptor we should append this IDPSSODescriptor to.
* @return DOMElement
*/
public function toXML(DOMElement $parent)
{
assert('is_array($this->AuthzService)');
assert('!empty($this->AuthzService)');
assert('is_array($this->AssertionIDRequestService)');
assert('is_array($this->NameIDFormat)');
$e = parent::toXML($parent);
foreach ($this->AuthzService as $ep) {
$ep->toXML($e, 'md:AuthzService');
}
foreach ($this->AssertionIDRequestService as $ep) {
$ep->toXML($e, 'md:AssertionIDRequestService');
}
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:NameIDFormat', FALSE, $this->NameIDFormat);
return $e;
}
/**
* Convert this Organization to XML.
*
* @param DOMElement $parent The element we should add this organization to.
* @return DOMElement This Organization-element.
*/
public function toXML(DOMElement $parent)
{
assert('is_array($this->Extensions)');
assert('is_array($this->OrganizationName)');
assert('!empty($this->OrganizationName)');
assert('is_array($this->OrganizationDisplayName)');
assert('!empty($this->OrganizationDisplayName)');
assert('is_array($this->OrganizationURL)');
assert('!empty($this->OrganizationURL)');
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:Organization');
$parent->appendChild($e);
SAML2_XML_md_Extensions::addList($e, $this->Extensions);
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationName', TRUE, $this->OrganizationName);
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationDisplayName', TRUE, $this->OrganizationDisplayName);
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:OrganizationURL', TRUE, $this->OrganizationURL);
return $e;
}
/**
* Convert this DiscoHints to XML.
*
* @param DOMElement $parent The element we should append to.
*/
public function toXML(DOMElement $parent)
{
assert('is_array($this->IPHint)');
assert('is_array($this->DomainHint)');
assert('is_array($this->GeolocationHint)');
assert('is_array($this->children)');
if (!empty($this->IPHint) || !empty($this->DomainHint) || !empty($this->GeolocationHint) || !empty($this->children)) {
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(self::NS, 'mdui:DiscoHints');
$parent->appendChild($e);
if (!empty($this->children)) {
foreach ($this->children as $child) {
$child->toXML($e);
}
}
SAML2_Utils::addStrings($e, self::NS, 'mdui:IPHint', FALSE, $this->IPHint);
SAML2_Utils::addStrings($e, self::NS, 'mdui:DomainHint', FALSE, $this->DomainHint);
SAML2_Utils::addStrings($e, self::NS, 'mdui:GeolocationHint', FALSE, $this->GeolocationHint);
return $e;
}
}
/**
* Add a AuthnStatement-node to the assertion.
*
* @param DOMElement $root The assertion element we should add the authentication statement to.
*/
private function addAuthnStatement(DOMElement $root)
{
if ($this->authnContext === NULL || $this->authnInstant === NULL) {
/* No authentication context or AuthnInstant => no authentication statement. */
return;
}
$document = $root->ownerDocument;
$as = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnStatement');
$root->appendChild($as);
$as->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant));
if ($this->sessionNotOnOrAfter !== NULL) {
$as->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter));
}
if ($this->sessionIndex !== NULL) {
$as->setAttribute('SessionIndex', $this->sessionIndex);
}
$ac = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnContext');
$as->appendChild($ac);
SAML2_Utils::addString($ac, SAML2_Const::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContext);
SAML2_Utils::addStrings($ac, SAML2_Const::NS_SAML, 'saml:AuthenticatingAuthority', false, $this->AuthenticatingAuthority);
}
/**
* Convert to DOMElement.
*
* @param DOMElement $parent The element we should append this AttributeConsumingService to.
* @return DOMElement
*/
public function toXML(DOMElement $parent)
{
assert('is_int($this->index)');
assert('is_null($this->isDefault) || is_bool($this->isDefault)');
assert('is_array($this->ServiceName)');
assert('is_array($this->ServiceDescription)');
assert('is_array($this->RequestedAttribute)');
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:AttributeConsumingService');
$parent->appendChild($e);
$e->setAttribute('index', (string) $this->index);
if ($this->isDefault === TRUE) {
$e->setAttribute('isDefault', 'true');
} elseif ($this->isDefault === FALSE) {
$e->setAttribute('isDefault', 'false');
}
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:ServiceName', TRUE, $this->ServiceName);
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:ServiceDescription', TRUE, $this->ServiceDescription);
foreach ($this->RequestedAttribute as $ra) {
$ra->toXML($e);
}
return $e;
}
/**
* Convert this authentication request to an XML element.
*
* @return DOMElement This authentication request.
*/
public function toUnsignedXML()
{
$root = parent::toUnsignedXML();
if ($this->forceAuthn) {
$root->setAttribute('ForceAuthn', 'true');
}
if ($this->isPassive) {
$root->setAttribute('IsPassive', 'true');
}
if ($this->assertionConsumerServiceIndex !== NULL) {
$root->setAttribute('AssertionConsumerServiceIndex', $this->assertionConsumerServiceIndex);
} else {
if ($this->assertionConsumerServiceURL !== NULL) {
$root->setAttribute('AssertionConsumerServiceURL', $this->assertionConsumerServiceURL);
}
if ($this->protocolBinding !== NULL) {
$root->setAttribute('ProtocolBinding', $this->protocolBinding);
}
}
if ($this->attributeConsumingServiceIndex !== NULL) {
$root->setAttribute('AttributeConsumingServiceIndex', $this->attributeConsumingServiceIndex);
}
if (!empty($this->nameIdPolicy)) {
$nameIdPolicy = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'NameIDPolicy');
if (array_key_exists('Format', $this->nameIdPolicy)) {
$nameIdPolicy->setAttribute('Format', $this->nameIdPolicy['Format']);
}
if (array_key_exists('SPNameQualifier', $this->nameIdPolicy)) {
$nameIdPolicy->setAttribute('SPNameQualifier', $this->nameIdPolicy['SPNameQualifier']);
}
if (array_key_exists('AllowCreate', $this->nameIdPolicy) && $this->nameIdPolicy['AllowCreate']) {
$nameIdPolicy->setAttribute('AllowCreate', 'true');
}
$root->appendChild($nameIdPolicy);
}
$rac = $this->requestedAuthnContext;
if (!empty($rac) && !empty($rac['AuthnContextClassRef'])) {
$e = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'RequestedAuthnContext');
$root->appendChild($e);
if (isset($rac['Comparison']) && $rac['Comparison'] !== 'exact') {
$e->setAttribute('Comparison', $rac['Comparison']);
}
foreach ($rac['AuthnContextClassRef'] as $accr) {
SAML2_Utils::addString($e, SAML2_Const::NS_SAML, 'AuthnContextClassRef', $accr);
}
}
if (!empty($this->extensions)) {
SAML2_XML_samlp_Extensions::addList($root, $this->extensions);
}
if ($this->ProxyCount !== NULL || count($this->IDPList) > 0 || count($this->RequesterID) > 0) {
$scoping = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'Scoping');
$root->appendChild($scoping);
if ($this->ProxyCount !== NULL) {
$scoping->setAttribute('ProxyCount', $this->ProxyCount);
}
if (count($this->IDPList) > 0) {
$idplist = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'IDPList');
foreach ($this->IDPList as $provider) {
$idpEntry = $this->document->createElementNS(SAML2_Const::NS_SAMLP, 'IDPEntry');
$idpEntry->setAttribute('ProviderID', $provider);
$idplist->appendChild($idpEntry);
}
$scoping->appendChild($idplist);
}
if (count($this->RequesterID) > 0) {
SAML2_Utils::addStrings($scoping, SAML2_Const::NS_SAMLP, 'RequesterID', FALSE, $this->RequesterID);
}
}
return $root;
}
/**
* Convert this UIInfo to XML.
*
* @param DOMElement $parent The element we should append to.
* @return DOMElement|NULL
*/
public function toXML(DOMElement $parent)
{
assert('is_array($this->DisplayName)');
assert('is_array($this->InformationURL)');
assert('is_array($this->PrivacyStatementURL)');
assert('is_array($this->Keywords)');
assert('is_array($this->Logo)');
assert('is_array($this->children)');
$e = NULL;
if (!empty($this->DisplayName) || !empty($this->Description) || !empty($this->InformationURL) || !empty($this->PrivacyStatementURL) || !empty($this->Keywords) || !empty($this->Logo) || !empty($this->children)) {
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(self::NS, 'mdui:UIInfo');
$parent->appendChild($e);
SAML2_Utils::addStrings($e, self::NS, 'mdui:DisplayName', TRUE, $this->DisplayName);
SAML2_Utils::addStrings($e, self::NS, 'mdui:Description', TRUE, $this->Description);
SAML2_Utils::addStrings($e, self::NS, 'mdui:InformationURL', TRUE, $this->InformationURL);
SAML2_Utils::addStrings($e, self::NS, 'mdui:PrivacyStatementURL', TRUE, $this->PrivacyStatementURL);
if (!empty($this->Keywords)) {
foreach ($this->Keywords as $child) {
$child->toXML($e);
}
}
if (!empty($this->Logo)) {
foreach ($this->Logo as $child) {
$child->toXML($e);
}
}
if (!empty($this->children)) {
foreach ($this->children as $child) {
$child->toXML($e);
}
}
}
return $e;
}
/**
* Add a AuthnStatement-node to the assertion.
*
* @param DOMElement $root The assertion element we should add the authentication statement to.
*/
private function addAuthnStatement(DOMElement $root)
{
if ($this->authnInstant === NULL || $this->authnContextClassRef === NULL && $this->authnContextDecl === NULL && $this->authnContextDeclRef === NULL) {
/* No authentication context or AuthnInstant => no authentication statement. */
return;
}
$document = $root->ownerDocument;
$authnStatementEl = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnStatement');
$root->appendChild($authnStatementEl);
$authnStatementEl->setAttribute('AuthnInstant', gmdate('Y-m-d\\TH:i:s\\Z', $this->authnInstant));
if ($this->sessionNotOnOrAfter !== NULL) {
$authnStatementEl->setAttribute('SessionNotOnOrAfter', gmdate('Y-m-d\\TH:i:s\\Z', $this->sessionNotOnOrAfter));
}
if ($this->sessionIndex !== NULL) {
$authnStatementEl->setAttribute('SessionIndex', $this->sessionIndex);
}
$authnContextEl = $document->createElementNS(SAML2_Const::NS_SAML, 'saml:AuthnContext');
$authnStatementEl->appendChild($authnContextEl);
if (!empty($this->authnContextClassRef)) {
SAML2_Utils::addString($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthnContextClassRef', $this->authnContextClassRef);
}
if (!empty($this->authnContextDecl)) {
$this->authnContextDecl->toXML($authnContextEl);
}
if (!empty($this->authnContextDeclRef)) {
SAML2_Utils::addString($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthnContextDeclRef', $this->authnContextDeclRef);
}
SAML2_Utils::addStrings($authnContextEl, SAML2_Const::NS_SAML, 'saml:AuthenticatingAuthority', FALSE, $this->AuthenticatingAuthority);
}
/**
* Add this IDPSSODescriptor to an EntityDescriptor.
*
* @param DOMElement $parent The EntityDescriptor we should append this IDPSSODescriptor to.
*/
public function toXML(DOMElement $parent)
{
assert('is_null($this->WantAuthnRequestsSigned) || is_bool($this->WantAuthnRequestsSigned)');
assert('is_array($this->SingleSignOnService)');
assert('is_array($this->NameIDMappingService)');
assert('is_array($this->AssertionIDRequestService)');
assert('is_array($this->AttributeProfile)');
assert('is_array($this->Attribute)');
$e = parent::toXML($parent);
if ($this->WantAuthnRequestsSigned === TRUE) {
$e->setAttribute('WantAuthnRequestsSigned', 'true');
} elseif ($this->WantAuthnRequestsSigned === FALSE) {
$e->setAttribute('WantAuthnRequestsSigned', 'false');
}
foreach ($this->SingleSignOnService as $ep) {
$ep->toXML($e, 'md:SingleSignOnService');
}
foreach ($this->NameIDMappingService as $ep) {
$ep->toXML($e, 'md:NameIDMappingService');
}
foreach ($this->AssertionIDRequestService as $ep) {
$ep->toXML($e, 'md:AssertionIDRequestService');
}
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:AttributeProfile', FALSE, $this->AttributeProfile);
foreach ($this->Attribute as $a) {
$a->toXML($e);
}
return $e;
}
/**
* Convert this ContactPerson to XML.
*
* @param DOMElement $parent The element we should add this contact to.
* @return DOMElement The new ContactPerson-element.
*/
public function toXML(DOMElement $parent)
{
assert('is_string($this->contactType)');
assert('is_array($this->Extensions)');
assert('is_null($this->Company) || is_string($this->Company)');
assert('is_null($this->GivenName) || is_string($this->GivenName)');
assert('is_null($this->SurName) || is_string($this->SurName)');
assert('is_array($this->EmailAddress)');
assert('is_array($this->TelephoneNumber)');
$doc = $parent->ownerDocument;
$e = $doc->createElementNS(SAML2_Const::NS_MD, 'md:ContactPerson');
$parent->appendChild($e);
$e->setAttribute('contactType', $this->contactType);
SAML2_XML_md_Extensions::addList($e, $this->Extensions);
if (isset($this->Company)) {
SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:Company', $this->Company);
}
if (isset($this->GivenName)) {
SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:GivenName', $this->GivenName);
}
if (isset($this->SurName)) {
SAML2_Utils::addString($e, SAML2_Const::NS_MD, 'md:SurName', $this->SurName);
}
if (!empty($this->EmailAddress)) {
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:EmailAddress', FALSE, $this->EmailAddress);
}
if (!empty($this->TelephoneNumber)) {
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:TelephoneNumber', FALSE, $this->TelephoneNumber);
}
return $e;
}
/**
* Add this AffiliationDescriptor to an EntityDescriptor.
*
* @param DOMElement $parent The EntityDescriptor we should append this endpoint to.
* @param string $name The name of the element we should create.
*/
public function toXML(DOMElement $parent)
{
assert('is_string($this->affiliationOwnerID)');
assert('is_null($this->ID) || is_string($this->ID)');
assert('is_null($this->validUntil) || is_int($this->validUntil)');
assert('is_null($this->cacheDuration) || is_string($this->cacheDuration)');
assert('is_array($this->Extensions)');
assert('is_array($this->AffiliateMember)');
assert('!empty($this->AffiliateMember)');
assert('is_array($this->KeyDescriptor)');
$e = $parent->ownerDocument->createElementNS(SAML2_Const::NS_MD, 'md:AffiliationDescriptor');
$parent->appendChild($e);
$e->setAttribute('affiliationOwnerID', $this->affiliationOwnerID);
if (isset($this->ID)) {
$e->setAttribute('ID', $this->ID);
}
if (isset($this->validUntil)) {
$e->setAttribute('validUntil', gmdate('Y-m-d\\TH:i:s\\Z', $this->validUntil));
}
if (isset($this->cacheDuration)) {
$e->setAttribute('cacheDuration', $this->cacheDuration);
}
SAML2_XML_md_Extensions::addList($e, $this->Extensions);
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:AffiliateMember', FALSE, $this->AffiliateMember);
foreach ($this->KeyDescriptor as $kd) {
$kd->toXML($e);
}
$this->signElement($e, $e->firstChild);
return $e;
}
/**
* Add this SSODescriptorType to an EntityDescriptor.
*
* @param DOMElement $parent The EntityDescriptor we should append this SSODescriptorType to.
* @return DOMElement The generated SSODescriptor DOMElement.
*/
protected function toXML(DOMElement $parent)
{
assert('is_array($this->ArtifactResolutionService)');
assert('is_array($this->SingleLogoutService)');
assert('is_array($this->ManageNameIDService)');
assert('is_array($this->NameIDFormat)');
$e = parent::toXML($parent);
foreach ($this->ArtifactResolutionService as $ep) {
$ep->toXML($e, 'md:ArtifactResolutionService');
}
foreach ($this->SingleLogoutService as $ep) {
$ep->toXML($e, 'md:SingleLogoutService');
}
foreach ($this->ManageNameIDService as $ep) {
$ep->toXML($e, 'md:ManageNameIDService');
}
SAML2_Utils::addStrings($e, SAML2_Const::NS_MD, 'md:NameIDFormat', FALSE, $this->NameIDFormat);
return $e;
}
