WIP: Create classes for SAML entities + metadata

phpcs.xml

@@ -36,6 +36,7 @@
         <exclude-pattern>**/HTTPRedirectTest.php</exclude-pattern>
         <exclude-pattern>**/SOAPTest.php</exclude-pattern>
         <exclude-pattern>tests/SAML2/Assertion/Validation/AssertionValidatorTest.php</exclude-pattern>
+        <exclude-pattern>tests/SAML2/Entity/ServiceProviderTest.php</exclude-pattern>
         <exclude-pattern>tests/SAML2/XML/saml/AssertionTest.php</exclude-pattern>
         <exclude-pattern>tests/SAML2/XML/saml/AttributeValueTest.php</exclude-pattern>
         <exclude-pattern>tests/SAML2/XML/saml/AuthnContextTest.php</exclude-pattern>

src/Binding.php

@@ -28,6 +28,27 @@
  */
 abstract class Binding
 {
+    /**
+     * The schema to be used for schema validation
+     *
+     * @var string
+     */
+    protected static string $schemaFile = 'resources/schemas/saml-schema-protocol-2.0.xsd';
+
+    /**
+     * Whether or not to perform schema validation
+     *
+     * @var bool
+     */
+    protected bool $schemaValidation = true;
+
+    /**
+     * The RelayState associated with the message.
+     *
+     * @var string|null
+     */
+    protected ?string $relayState = null;
+
     /**
      * The destination of messages.
      *
@@ -165,6 +186,50 @@ public function setDestination(?string $destination = null): void
     }
 
 
+    /**
+     * Set the RelayState associated with the message.
+     *
+     * @param string|null $relayState The RelayState.
+     */
+    public function setRelayState(?string $relayState = null): void
+    {
+        $this->relayState = $relayState;
+    }
+
+
+    /**
+     * Get the RelayState associated with the message.
+     *
+     * @return string|null The RelayState.
+     */
+    public function getRelayState(): ?string
+    {
+        return $this->relayState;
+    }
+
+
+    /**
+     * Set the schema validation for the message.
+     *
+     * @param bool $schemaValidation
+     */
+    public function setSchemaValidation(bool $schemaValidation): void
+    {
+        $this->schemaValidation = $schemaValidation;
+    }
+
+
+    /**
+     * Get the schema validation setting.
+     *
+     * @return bool
+     */
+    public function getSchemaValidation(): bool
+    {
+        return $this->schemaValidation;
+    }
+
+
     /**
      * Send a SAML 2 message.
      *

src/Binding/HTTPPost.php

@@ -97,9 +97,11 @@ public function receive(ServerRequestInterface $request): AbstractMessage
         }
 
         $msgStr = base64_decode($msgStr, true);
-        $msgStr = DOMDocumentFactory::fromString($msgStr)->saveXML();
 
-        $document = DOMDocumentFactory::fromString($msgStr);
+        $document = DOMDocumentFactory::fromString(
+            xml: $msgStr,
+            schemaFile: $this->getSchemaValidation() ? self::$schemaFile : null,
+        );
         Utils::getContainer()->debugMessage($document->documentElement, 'in');
 
         $msg = MessageFactory::fromXML($document->documentElement);

src/Binding/HTTPRedirect.php

@@ -167,7 +167,10 @@ public function receive(ServerRequestInterface $request): AbstractMessage
             throw new Exception('Error while inflating SAML message.');
         }
 
-        $document = DOMDocumentFactory::fromString($message);
+        $document = DOMDocumentFactory::fromString(
+            xml: $message,
+            schemaFile: $this->getSchemaValidation() ? self::$schemaFile : null,
+        );
         Utils::getContainer()->debugMessage($document->documentElement, 'in');
         $message = MessageFactory::fromXML($document->documentElement);
 

src/Binding/SOAP.php

@@ -106,8 +106,12 @@ public function receive(/** @scrutinizer ignore-unused */ServerRequestInterface
         $xpCache = XPath::getXPath($document->documentElement);
         /** @var \DOMElement[] $results */
         $results = XPath::xpQuery($xml, '/SOAP-ENV:Envelope/SOAP-ENV:Body/*[1]', $xpCache);
+        $document = DOMDocumentFactory::fromString(
+            xml: $results[0]->ownerDocument->saveXML($results[0]),
+            schemaFile: $this->getSchemaValidation() ? self::$schemaFile : null,
+        );
 
-        return MessageFactory::fromXML($results[0]);
+        return MessageFactory::fromXML($document->documentElement);
     }
 
 

src/Exception/ConstraintValidationFailedException.php

@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\SAML2\Exception;
+
+/**
+ * Exception to be raised when validation of a constraint fails.
+ */
+class ConstraintViolationFailedException extends RuntimeException
+{
+}

src/Exception/MetadataNotFoundException.php

@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\SAML2\Exception;
+
+/**
+ * Exception to be raised when no metadata was found for a specific entityID
+ */
+class MetadataNotFoundException extends RuntimeException
+{
+}