Add mssp-elements

simplesamlphp · Sep 1, 2024 · fb31131 · fb31131
1 parent 629ee2f
commit fb31131
Show file tree

Hide file tree

Showing 13 changed files with 380 additions and 0 deletions.
diff --git a/resources/schemas/mssp.xsd b/resources/schemas/mssp.xsd
@@ -0,0 +1,14 @@
+<xs:schema targetNamespace="http://schemas.microsoft.com/ws/2005/07/securitypolicy"
+  elementFormDefault="qualified"
+  xmlns:tns="http://schemas.microsoft.com/ws/2005/07/securitypolicy"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
+
+  <xs:import namespace="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
+    schemaLocation="ws-securitypolicy-1.2.xsd"/>
+
+  <xs:element name="RsaToken" type="sp:TokenAssertionType"/>
+  <xs:element name="MustNotSendCancel" type="sp:QNameAssertionType"/>
+  <xs:element name="RequireClientCertificate" type="sp:QNameAssertionType"/>
+  <xs:element name="SslContextToken" type="sp:TokenAssertionType"/>
+</xs:schema>
diff --git a/src/XML/mssp/MustNotSendCancel.php b/src/XML/mssp/MustNotSendCancel.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\mssp;
+
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType;
+
+/**
+ * An MustNotSendCancel element
+ *
+ * @package simplesamlphp/ws-security
+ */
+final class MustNotSendCancel extends AbstractQNameAssertionType
+{
+    /** @var string */
+    public const NS = C::NS_WS_SEC;
+
+    /** @var string */
+    public const NS_PREFIX = 'mssp';
+}
diff --git a/src/XML/mssp/RequireClientCertificate.php b/src/XML/mssp/RequireClientCertificate.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\mssp;
+
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType;
+
+/**
+ * An RequireClientCertificate element
+ *
+ * @package simplesamlphp/ws-security
+ */
+final class RequireClientCertificate extends AbstractQNameAssertionType
+{
+    /** @var string */
+    public const NS = C::NS_WS_SEC;
+
+    /** @var string */
+    public const NS_PREFIX = 'mssp';
+}
diff --git a/src/XML/mssp/RsaToken.php b/src/XML/mssp/RsaToken.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\mssp;
+
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType;
+
+/**
+ * An RsaToken element
+ *
+ * @package simplesamlphp/ws-security
+ */
+final class RsaToken extends AbstractTokenAssertionType
+{
+    /** @var string */
+    public const NS = C::NS_WS_SEC;
+
+    /** @var string */
+    public const NS_PREFIX = 'mssp';
+}
diff --git a/src/XML/mssp/SslContextToken.php b/src/XML/mssp/SslContextToken.php
@@ -0,0 +1,22 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\WSSecurity\XML\mssp;
+
+use SimpleSAML\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType;
+
+/**
+ * An SslContextToken element
+ *
+ * @package simplesamlphp/ws-security
+ */
+final class SslContextToken extends AbstractTokenAssertionType
+{
+    /** @var string */
+    public const NS = C::NS_WS_SEC;
+
+    /** @var string */
+    public const NS_PREFIX = 'mssp';
+}
diff --git a/tests/WSSecurity/XML/mssp/MustNotSendCancelTest.php b/tests/WSSecurity/XML/mssp/MustNotSendCancelTest.php
@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\mssp;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\Group;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\XML\sp\QNameAssertionTypeTestTrait;
+use SimpleSAML\WSSecurity\XML\mssp\MustNotSendCancel;
+use SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType;
+use SimpleSAML\WSSecurity\XML\sp\AbstractSpElement;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\MustNotSendCancelTest
+ *
+ * @package simplesamlphp/ws-security
+ */
+#[Group('sp')]
+#[CoversClass(MustNotSendCancel::class)]
+#[CoversClass(AbstractQNameAssertionType::class)]
+#[CoversClass(AbstractSpElement::class)]
+final class MustNotSendCancelTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/mssp.xsd';
+
+        self::$testedClass = MustNotSendCancel::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/mssp_MustNotSendCancel.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/mssp/RequireClientCertificateTest.php b/tests/WSSecurity/XML/mssp/RequireClientCertificateTest.php
@@ -0,0 +1,48 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\mssp;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\Group;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\XML\sp\QNameAssertionTypeTestTrait;
+use SimpleSAML\WSSecurity\XML\mssp\RequireClientCertificate;
+use SimpleSAML\WSSecurity\XML\sp\AbstractQNameAssertionType;
+use SimpleSAML\WSSecurity\XML\sp\AbstractSpElement;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\sp\RequireClientCertificateTest
+ *
+ * @package simplesamlphp/ws-security
+ */
+#[Group('sp')]
+#[CoversClass(RequireClientCertificate::class)]
+#[CoversClass(AbstractQNameAssertionType::class)]
+#[CoversClass(AbstractSpElement::class)]
+final class RequireClientCertificateTest extends TestCase
+{
+    use QNameAssertionTypeTestTrait;
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/mssp.xsd';
+
+        self::$testedClass = RequireClientCertificate::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/mssp_RequireClientCertificate.xml',
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/mssp/RsaTokenTest.php b/tests/WSSecurity/XML/mssp/RsaTokenTest.php
@@ -0,0 +1,87 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\mssp;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\Group;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\mssp\RsaToken;
+use SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\mssp\RsaTokenTest
+ *
+ * @package simplesamlphp/ws-security
+ */
+#[Group('mssp')]
+#[CoversClass(RsaToken::class)]
+#[CoversClass(IncludeTokenTypeTrait::class)]
+#[CoversClass(AbstractTokenAssertionType::class)]
+#[CoversClass(AbstractSpElement::class)]
+final class RsaTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/mssp.xsd';
+
+        self::$testedClass = RsaToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/mssp_RsaToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty RsaToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $msspns = C::NS_WS_SEC;
+        $rsaToken = new RsaToken();
+        $this->assertEquals(
+            "<mssp:RsaToken xmlns:mssp=\"$msspns\"/>",
+            strval($rsaToken),
+        );
+        $this->assertTrue($rsaToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a RsaToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>',
+        )->documentElement);
+
+        $rsaToken = new RsaToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($rsaToken),
+        );
+    }
+}
diff --git a/tests/WSSecurity/XML/mssp/SslContextTokenTest.php b/tests/WSSecurity/XML/mssp/SslContextTokenTest.php
@@ -0,0 +1,87 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\WSSecurity\XML\mssp;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\Group;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Test\WSSecurity\Constants as C;
+use SimpleSAML\WSSecurity\XML\mssp\SslContextToken;
+use SimpleSAML\WSSecurity\XML\sp\AbstractTokenAssertionType;
+use SimpleSAML\WSSecurity\XML\sp\IncludeToken;
+use SimpleSAML\WSSecurity\XML\sp\IncludeTokenTypeTrait;
+use SimpleSAML\XML\Attribute as XMLAttribute;
+use SimpleSAML\XML\Chunk;
+use SimpleSAML\XML\DOMDocumentFactory;
+use SimpleSAML\XML\TestUtils\SchemaValidationTestTrait;
+use SimpleSAML\XML\TestUtils\SerializableElementTestTrait;
+
+use function dirname;
+
+/**
+ * Class \SimpleSAML\WSSecurity\XML\mssp\SslContextTokenTest
+ *
+ * @package simplesamlphp/ws-security
+ */
+#[Group('mssp')]
+#[CoversClass(SslContextToken::class)]
+#[CoversClass(IncludeTokenTypeTrait::class)]
+#[CoversClass(AbstractTokenAssertionType::class)]
+#[CoversClass(AbstractSpElement::class)]
+final class SslContextTokenTest extends TestCase
+{
+    use SchemaValidationTestTrait;
+    use SerializableElementTestTrait;
+
+
+    /**
+     */
+    public static function setUpBeforeClass(): void
+    {
+        self::$schemaFile = dirname(__FILE__, 5) . '/resources/schemas/mssp.xsd';
+
+        self::$testedClass = SslContextToken::class;
+
+        self::$xmlRepresentation = DOMDocumentFactory::fromFile(
+            dirname(__FILE__, 4) . '/resources/xml/mssp_SslContextToken.xml',
+        );
+    }
+
+
+    // test marshalling
+
+
+    /**
+     * Adding an empty SslContextToken element should yield an empty element.
+     */
+    public function testMarshallingEmptyElement(): void
+    {
+        $msspns = C::NS_WS_SEC;
+        $sslContextToken = new SslContextToken();
+        $this->assertEquals(
+            "<mssp:SslContextToken xmlns:mssp=\"$msspns\"/>",
+            strval($sslContextToken),
+        );
+        $this->assertTrue($sslContextToken->isEmptyElement());
+    }
+
+
+    /**
+     * Test that creating a SslContextToken from scratch works.
+     */
+    public function testMarshalling(): void
+    {
+        $attr = new XMLAttribute(C::NAMESPACE, 'ssp', 'attr1', 'value1');
+        $chunk = new Chunk(DOMDocumentFactory::fromString(
+            '<ssp:Chunk xmlns:ssp="urn:x-simplesamlphp:namespace">some</ssp:Chunk>',
+        )->documentElement);
+
+        $sslContextToken = new SslContextToken(IncludeToken::Always, [$chunk], [$attr]);
+        $this->assertEquals(
+            self::$xmlRepresentation->saveXML(self::$xmlRepresentation->documentElement),
+            strval($sslContextToken),
+        );
+    }
+}
diff --git a/tests/resources/xml/mssp_MustNotSendCancel.xml b/tests/resources/xml/mssp_MustNotSendCancel.xml
@@ -0,0 +1 @@
+<mssp:MustNotSendCancel xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/mssp_RequireClientCertificate.xml b/tests/resources/xml/mssp_RequireClientCertificate.xml
@@ -0,0 +1 @@
+<mssp:RequireClientCertificate xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy" xmlns:ssp="urn:x-simplesamlphp:namespace" ssp:attr1="value1"/>
diff --git a/tests/resources/xml/mssp_RsaToken.xml b/tests/resources/xml/mssp_RsaToken.xml
@@ -0,0 +1,3 @@
+<mssp:RsaToken xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</mssp:RsaToken>
diff --git a/tests/resources/xml/mssp_SslContextToken.xml b/tests/resources/xml/mssp_SslContextToken.xml
@@ -0,0 +1,3 @@
+<mssp:SslContextToken xmlns:mssp="http://schemas.microsoft.com/ws/2005/07/securitypolicy" xmlns:ssp="urn:x-simplesamlphp:namespace" IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always" ssp:attr1="value1">
+  <ssp:Chunk>some</ssp:Chunk>
+</mssp:SslContextToken>