DOMDocumentFactory::normalizeDocument() - Code Metrics - Inspection of "Typed constants" - simplesamlphp/xml-common - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Branch — feature/php8.3 (4d3b0a)

by Tim

created 2025-12-17 09:36 UTC

DOMDocumentFactory::normalizeDocument() C

↳ Parent: Project

Complexity

Conditions	12
Paths	85

Size

Total Lines	45
Code Lines	21

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	12
eloc	21
nc	85
nop	1
dl	0
loc	45
rs	6.9666
c	0
b	0
f	0

How to fix Complexity

<?php

declare(strict_types=1);

namespace SimpleSAML\XML;

use DOMDocument;
use DOMElement;
use SimpleSAML\XML\Assert\Assert;
use SimpleSAML\XML\Exception\IOException;
use SimpleSAML\XML\Exception\RuntimeException;
use SimpleSAML\XML\Exception\UnparseableXMLException;
use SimpleSAML\XPath\XPath;

use function file_get_contents;
use function func_num_args;
use function libxml_clear_errors;
use function libxml_set_external_entity_loader;
use function libxml_use_internal_errors;
use function sprintf;
use function strpos;

/**
 * @package simplesamlphp/xml-common
 */
final class DOMDocumentFactory
{
    /**
     * @var non-negative-int
     * TODO: Add LIBXML_NO_XXE to the defaults when PHP 8.4.0 + libxml 2.13.0 become generally available
     */
    public const int DEFAULT_OPTIONS = \LIBXML_COMPACT | \LIBXML_NONET | \LIBXML_NSCLEAN;



    /**
     * @param string $xml
     * @param non-negative-int $options
     */
    public static function fromString(
        string $xml,
        int $options = self::DEFAULT_OPTIONS,
    ): DOMDocument {
        libxml_set_external_entity_loader(null);
        Assert::notWhitespaceOnly($xml);
        Assert::notRegex(
            $xml,
            '/<(\s*)!(\s*)DOCTYPE/',
            'Dangerous XML detected, DOCTYPE nodes are not allowed in the XML body',
            RuntimeException::class,
        );

        $internalErrors = libxml_use_internal_errors(true);
        libxml_clear_errors();

        // If LIBXML_NO_XXE is available and option not set
        if (func_num_args() === 1 && defined('LIBXML_NO_XXE')) {
            $options |= \LIBXML_NO_XXE;
        }

        $domDocument = self::create();
        $loaded = $domDocument->loadXML($xml, $options);

        libxml_use_internal_errors($internalErrors);

        if (!$loaded) {
            $error = libxml_get_last_error();
            libxml_clear_errors();

            throw new UnparseableXMLException($error);
        }

        libxml_clear_errors();

        foreach ($domDocument->childNodes as $child) {
            Assert::false(
                $child->nodeType === \XML_DOCUMENT_TYPE_NODE,
                'Dangerous XML detected, DOCTYPE nodes are not allowed in the XML body',
                RuntimeException::class,
            );
        }

        return $domDocument;
    }


    /**
     * @param string $file
     * @param non-negative-int $options
     */
    public static function fromFile(
        string $file,
        int $options = self::DEFAULT_OPTIONS,
    ): DOMDocument {
        error_clear_last();
        $xml = @file_get_contents($file);
        if ($xml === false) {
            $e = error_get_last();
            $error = $e['message'] ?? "Check that the file exists and can be read.";

            throw new IOException("File '$file' was not loaded;  $error");
        }

        Assert::notWhitespaceOnly($xml, sprintf('File "%s" does not have content', $file), RuntimeException::class);
        return (func_num_args() < 2) ? static::fromString($xml) : static::fromString($xml, $options);
    }


    /**
     * @param string $version
     * @param string $encoding
     */
    public static function create(string $version = '1.0', string $encoding = 'UTF-8'): DOMDocument
    {
        return new DOMDocument($version, $encoding);
    }


    /**
     * @param \DOMDocument $doc
     */
    public static function normalizeDocument(DOMDocument $doc): DOMDocument
    {
        // Get the root element
        $root = $doc->documentElement;

        // Collect all xmlns attributes from the document
        $xpath = XPath::getXPath($doc);
        $xmlnsAttributes = [];

        // Register all namespaces to ensure XPath can handle them
        foreach ($xpath->query('//namespace::*') as $node) {
            $name = $node->nodeName === 'xmlns' ? 'xmlns' : $node->nodeName;
            if ($name !== 'xmlns:xml') {
                $xmlnsAttributes[$name] = $node->nodeValue;
            }
        }

        // If no xmlns attributes found, return early with debug info
        if (empty($xmlnsAttributes)) {
            return $root->ownerDocument;
        }

        // Remove xmlns attributes from all elements
        $nodes = $xpath->query('//*[namespace::*]');
        foreach ($nodes as $node) {
            if ($node instanceof DOMElement) {
                $attributesToRemove = [];
                foreach ($node->attributes as $attr) {
                    if (strpos($attr->nodeName, 'xmlns') === 0 || $attr->nodeName === 'xmlns') {
                        $attributesToRemove[] = $attr->nodeName;
                    }
                }
                foreach ($attributesToRemove as $attrName) {
                    $node->removeAttribute($attrName);
                }
            }
        }

        // Add all collected xmlns attributes to the root element
        foreach ($xmlnsAttributes as $name => $value) {
            $root->setAttribute($name, $value);
        }

        // Return the normalized XML
        return static::fromString($root->ownerDocument->saveXML());
    }


    /**
     * @param \DOMElement $elt
     * @param string $prefix
     */
    public static function lookupNamespaceURI(DOMElement $elt, string $prefix): ?string
    {
        // Collect all xmlns attributes from the document
        $xpath = XPath::getXPath($elt->ownerDocument);

        // Register all namespaces to ensure XPath can handle them
        $xmlnsAttributes = [];
        foreach ($xpath->query('//namespace::*') as $node) {
            $xmlnsAttributes[$node->localName] = $node->nodeValue;
        }

        if (array_key_exists($prefix, $xmlnsAttributes)) {
            return $xmlnsAttributes[$prefix];
        }

        return null;
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\XML;
6
7			use DOMDocument;
8			use DOMElement;
9			use SimpleSAML\XML\Assert\Assert;
10			use SimpleSAML\XML\Exception\IOException;
11			use SimpleSAML\XML\Exception\RuntimeException;
12			use SimpleSAML\XML\Exception\UnparseableXMLException;
13			use SimpleSAML\XPath\XPath;
14
15			use function file_get_contents;
16			use function func_num_args;
17			use function libxml_clear_errors;
18			use function libxml_set_external_entity_loader;
19			use function libxml_use_internal_errors;
20			use function sprintf;
21			use function strpos;
22
23			/**
24			* @package simplesamlphp/xml-common
25			*/
26			final class DOMDocumentFactory
27			{
28			/**
29			* @var non-negative-int
30			* TODO: Add LIBXML_NO_XXE to the defaults when PHP 8.4.0 + libxml 2.13.0 become generally available
31			*/
32			public const int DEFAULT_OPTIONS = \LIBXML_COMPACT \| \LIBXML_NONET \| \LIBXML_NSCLEAN;
			0 ignored issues – show Bug introduced 2025-12-17 09:53 UTC by Report Bug Copy Issue Report A parse error occurred: Syntax error, unexpected T_STRING, expecting '=' on line 32 at column 21 Loading history...
33
34
35			/**
36			* @param string $xml
37			* @param non-negative-int $options
38			*/
39			public static function fromString(
40			string $xml,
41			int $options = self::DEFAULT_OPTIONS,
42			): DOMDocument {
43			libxml_set_external_entity_loader(null);
44			Assert::notWhitespaceOnly($xml);
45			Assert::notRegex(
46			$xml,
47			'/<(\s)!(\s)DOCTYPE/',
48			'Dangerous XML detected, DOCTYPE nodes are not allowed in the XML body',
49			RuntimeException::class,
50			);
51
52			$internalErrors = libxml_use_internal_errors(true);
53			libxml_clear_errors();
54
55			// If LIBXML_NO_XXE is available and option not set
56			if (func_num_args() === 1 && defined('LIBXML_NO_XXE')) {
57			$options \|= \LIBXML_NO_XXE;
58			}
59
60			$domDocument = self::create();
61			$loaded = $domDocument->loadXML($xml, $options);
62
63			libxml_use_internal_errors($internalErrors);
64
65			if (!$loaded) {
66			$error = libxml_get_last_error();
67			libxml_clear_errors();
68
69			throw new UnparseableXMLException($error);
70			}
71
72			libxml_clear_errors();
73
74			foreach ($domDocument->childNodes as $child) {
75			Assert::false(
76			$child->nodeType === \XML_DOCUMENT_TYPE_NODE,
77			'Dangerous XML detected, DOCTYPE nodes are not allowed in the XML body',
78			RuntimeException::class,
79			);
80			}
81
82			return $domDocument;
83			}
84
85
86			/**
87			* @param string $file
88			* @param non-negative-int $options
89			*/
90			public static function fromFile(
91			string $file,
92			int $options = self::DEFAULT_OPTIONS,
93			): DOMDocument {
94			error_clear_last();
95			$xml = @file_get_contents($file);
96			if ($xml === false) {
97			$e = error_get_last();
98			$error = $e['message'] ?? "Check that the file exists and can be read.";
99
100			throw new IOException("File '$file' was not loaded; $error");
101			}
102
103			Assert::notWhitespaceOnly($xml, sprintf('File "%s" does not have content', $file), RuntimeException::class);
104			return (func_num_args() < 2) ? static::fromString($xml) : static::fromString($xml, $options);
105			}
106
107
108			/**
109			* @param string $version
110			* @param string $encoding
111			*/
112			public static function create(string $version = '1.0', string $encoding = 'UTF-8'): DOMDocument
113			{
114			return new DOMDocument($version, $encoding);
115			}
116
117
118			/**
119			* @param \DOMDocument $doc
120			*/
121			public static function normalizeDocument(DOMDocument $doc): DOMDocument
122			{
123			// Get the root element
124			$root = $doc->documentElement;
125
126			// Collect all xmlns attributes from the document
127			$xpath = XPath::getXPath($doc);
128			$xmlnsAttributes = [];
129
130			// Register all namespaces to ensure XPath can handle them
131			foreach ($xpath->query('//namespace::*') as $node) {
132			$name = $node->nodeName === 'xmlns' ? 'xmlns' : $node->nodeName;
133			if ($name !== 'xmlns:xml') {
134			$xmlnsAttributes[$name] = $node->nodeValue;
135			}
136			}
137
138			// If no xmlns attributes found, return early with debug info
139			if (empty($xmlnsAttributes)) {
140			return $root->ownerDocument;
141			}
142
143			// Remove xmlns attributes from all elements
144			$nodes = $xpath->query('//[namespace::]');
145			foreach ($nodes as $node) {
146			if ($node instanceof DOMElement) {
147			$attributesToRemove = [];
148			foreach ($node->attributes as $attr) {
149			if (strpos($attr->nodeName, 'xmlns') === 0 \|\| $attr->nodeName === 'xmlns') {
150			$attributesToRemove[] = $attr->nodeName;
151			}
152			}
153			foreach ($attributesToRemove as $attrName) {
154			$node->removeAttribute($attrName);
155			}
156			}
157			}
158
159			// Add all collected xmlns attributes to the root element
160			foreach ($xmlnsAttributes as $name => $value) {
161			$root->setAttribute($name, $value);
162			}
163
164			// Return the normalized XML
165			return static::fromString($root->ownerDocument->saveXML());
166			}
167
168
169			/**
170			* @param \DOMElement $elt
171			* @param string $prefix
172			*/
173			public static function lookupNamespaceURI(DOMElement $elt, string $prefix): ?string
174			{
175			// Collect all xmlns attributes from the document
176			$xpath = XPath::getXPath($elt->ownerDocument);
177
178			// Register all namespaces to ensure XPath can handle them
179			$xmlnsAttributes = [];
180			foreach ($xpath->query('//namespace::*') as $node) {
181			$xmlnsAttributes[$node->localName] = $node->nodeValue;
182			}
183
184			if (array_key_exists($prefix, $xmlnsAttributes)) {
185			return $xmlnsAttributes[$prefix];
186			}
187
188			return null;
189			}
190			}
191

simplesamlphp / xml-common

Branch — feature/php8.3 (4d3b0a)

DOMDocumentFactory::normalizeDocument() C

Complexity

Size

Duplication

Importance

How to fix Complexity

Long Method

Duplication Side-by-Side

Filter issues like