Issues in XML.php (master) - Issues in master - simplesamlphp/xml-security - Measure and Improve Code Quality continuously with Scrutinizer

Issues (88)

src/Utils/XML.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

<?php

declare(strict_types=1);

namespace SimpleSAML\XMLSecurity\Utils;

use DOMElement;
use SimpleSAML\XMLSecurity\Constants as C;
use SimpleSAML\XMLSecurity\XML\ds\Transforms;

use function count;
use function is_null;

/**
 * Class with utility methods for XML manipulation.
 *
 * @package simplesamlphp/xml-security
 */
class XML
{
    /**
     * Canonicalize any given node.
     *
     * @param \DOMElement $element The DOM element that needs canonicalization.
     * @param string $c14nMethod The identifier of the canonicalization algorithm to use.
     *   See \SimpleSAML\XMLSecurity\Constants.
     * @param string[]|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters).
     * @param string[]|null $prefixes An array of namespace prefixes to filter the nodes by.
     *   Defaults to null (no filters).
     *
     * @return string The canonical representation of the given DOM node, according to the algorithm requested.
     */
    public static function canonicalizeData(
        DOMElement $element,
        string $c14nMethod,
        ?array $xpaths = null,
        ?array $prefixes = null,
    ): string {
        $withComments = match ($c14nMethod) {
            C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_INCLUSIVE_WITH_COMMENTS => true,
            default => false,
        };
        $exclusive = match ($c14nMethod) {
            C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS => true,
            default => false,
        };

        if (
            is_null($xpaths)
            && ($element->ownerDocument !== null)
            && ($element->ownerDocument->documentElement !== null)
            && $element->isSameNode($element->ownerDocument->documentElement)
        ) {
            // check for any PI or comments as they would have been excluded
            $current = $element;
            for ($refNode = $current->previousSibling; $refNode !== null; $current = $refNode) {

                if (
                    (($refNode->nodeType === XML_COMMENT_NODE) && $withComments)
                    || $refNode->nodeType === XML_PI_NODE
                ) {
                    break;
                }
            }

            if ($refNode === null) {
                $element = $element->ownerDocument;
            }
        }

        return $element->C14N($exclusive, $withComments, $xpaths, $prefixes);
    }


    /**
     * Process all transforms specified by a given Reference element.
     *
     * @param \SimpleSAML\XMLSecurity\XML\ds\Transforms $transforms The transforms to apply.
     * @param \DOMElement $data The data referenced.
     *
     * @return string The canonicalized data after applying all transforms specified by $ref.
     *
     * @see http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel
     */
    public static function processTransforms(
        Transforms $transforms,
        DOMElement $data,
    ): string {
        $canonicalMethod = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS;
        $arXPath = null;
        $prefixList = null;
        foreach ($transforms->getTransform() as $transform) {
            $canonicalMethod = $transform->getAlgorithm();
            switch ($canonicalMethod) {
                case C::C14N_EXCLUSIVE_WITHOUT_COMMENTS:
                case C::C14N_EXCLUSIVE_WITH_COMMENTS:
                    $inclusiveNamespaces = $transform->getInclusiveNamespaces();
                    if ($inclusiveNamespaces !== null) {
                        $prefixes = $inclusiveNamespaces->getPrefixes();
                        if (count($prefixes) > 0) {
                            $prefixList = $prefixes;
                        }
                    }
                    break;
                case C::XPATH10_URI:
                    $xpath = $transform->getXPath();
                    if ($xpath !== null) {
                        $arXPath = [];
                        $arXPath['query'] = '(.//. | .//@* | .//namespace::*)[' . $xpath->getExpression() . ']';
//                        $arXpath['namespaces'] = $xpath->getNamespaces();
                        // TODO: review if $nsnode->localName is equivalent to the keys in getNamespaces()
//                        $nslist = $xp->query('./namespace::*', $node);
//                        foreach ($nslist as $nsnode) {
//                            if ($nsnode->localName != "xml") {
//                                $arXPath['namespaces'][$nsnode->localName] = $nsnode->nodeValue;
//                            }
//                        }
                    }
                    break;
            }
        }

        return self::canonicalizeData($data, $canonicalMethod, $arXPath, $prefixList);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace SimpleSAML\XMLSecurity\Utils;
6
7			use DOMElement;
8			use SimpleSAML\XMLSecurity\Constants as C;
9			use SimpleSAML\XMLSecurity\XML\ds\Transforms;
10
11			use function count;
12			use function is_null;
13
14			/**
15			* Class with utility methods for XML manipulation.
16			*
17			* @package simplesamlphp/xml-security
18			*/
19			class XML
20			{
21			/**
22			* Canonicalize any given node.
23			*
24			* @param \DOMElement $element The DOM element that needs canonicalization.
25			* @param string $c14nMethod The identifier of the canonicalization algorithm to use.
26			* See \SimpleSAML\XMLSecurity\Constants.
27			* @param string[]\|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters).
28			* @param string[]\|null $prefixes An array of namespace prefixes to filter the nodes by.
29			* Defaults to null (no filters).
30			*
31			* @return string The canonical representation of the given DOM node, according to the algorithm requested.
32			*/
33			public static function canonicalizeData(
34			DOMElement $element,
35			string $c14nMethod,
36			?array $xpaths = null,
37			?array $prefixes = null,
38			): string {
39			$withComments = match ($c14nMethod) {
40			C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_INCLUSIVE_WITH_COMMENTS => true,
41			default => false,
42			};
43			$exclusive = match ($c14nMethod) {
44			C::C14N_EXCLUSIVE_WITH_COMMENTS, C::C14N_EXCLUSIVE_WITHOUT_COMMENTS => true,
45			default => false,
46			};
47
48			if (
49			is_null($xpaths)
50			&& ($element->ownerDocument !== null)
51			&& ($element->ownerDocument->documentElement !== null)
52			&& $element->isSameNode($element->ownerDocument->documentElement)
53			) {
54			// check for any PI or comments as they would have been excluded
55			$current = $element;
56			for ($refNode = $current->previousSibling; $refNode !== null; $current = $refNode) {
			0 ignored issues – show Unused Code introduced 2023-05-18 23:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$current` is dead and can be removed. Loading history...
57			if (
58			(($refNode->nodeType === XML_COMMENT_NODE) && $withComments)
59			\|\| $refNode->nodeType === XML_PI_NODE
60			) {
61			break;
62			}
63			}
64
65			if ($refNode === null) {
66			$element = $element->ownerDocument;
67			}
68			}
69
70			return $element->C14N($exclusive, $withComments, $xpaths, $prefixes);
71			}
72
73
74			/**
75			* Process all transforms specified by a given Reference element.
76			*
77			* @param \SimpleSAML\XMLSecurity\XML\ds\Transforms $transforms The transforms to apply.
78			* @param \DOMElement $data The data referenced.
79			*
80			* @return string The canonicalized data after applying all transforms specified by $ref.
81			*
82			* @see http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel
83			*/
84			public static function processTransforms(
85			Transforms $transforms,
86			DOMElement $data,
87			): string {
88			$canonicalMethod = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS;
89			$arXPath = null;
90			$prefixList = null;
91			foreach ($transforms->getTransform() as $transform) {
92			$canonicalMethod = $transform->getAlgorithm();
93			switch ($canonicalMethod) {
94			case C::C14N_EXCLUSIVE_WITHOUT_COMMENTS:
95			case C::C14N_EXCLUSIVE_WITH_COMMENTS:
96			$inclusiveNamespaces = $transform->getInclusiveNamespaces();
97			if ($inclusiveNamespaces !== null) {
98			$prefixes = $inclusiveNamespaces->getPrefixes();
99			if (count($prefixes) > 0) {
100			$prefixList = $prefixes;
101			}
102			}
103			break;
104			case C::XPATH10_URI:
105			$xpath = $transform->getXPath();
106			if ($xpath !== null) {
107			$arXPath = [];
108			$arXPath['query'] = '(.//. \| .//@* \| .//namespace::*)[' . $xpath->getExpression() . ']';
109			// $arXpath['namespaces'] = $xpath->getNamespaces();
110			// TODO: review if $nsnode->localName is equivalent to the keys in getNamespaces()
111			// $nslist = $xp->query('./namespace::*', $node);
112			// foreach ($nslist as $nsnode) {
113			// if ($nsnode->localName != "xml") {
114			// $arXPath['namespaces'][$nsnode->localName] = $nsnode->nodeValue;
115			// }
116			// }
117			}
118			break;
119			}
120			}
121
122			return self::canonicalizeData($data, $canonicalMethod, $arXPath, $prefixList);
123			}
124			}
125

simplesamlphp / xml-security

Issues (88)

src/Utils/XML.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like