Implement DOM schema validation

composer.json

@@ -32,9 +32,9 @@
         "psr/http-message": "^2.0",
         "psr/log": "^2.0 || ^3.0",
         "simplesamlphp/assert": "~1.6.0",
-        "simplesamlphp/xml-common": "~1.22.0",
+        "simplesamlphp/xml-common": "~1.23.0",
         "simplesamlphp/xml-security": "~1.12.0",
-        "simplesamlphp/xml-soap": "~1.5.6"
+        "simplesamlphp/xml-soap": "~1.6.0"
     },
     "require-dev": {
         "ext-intl": "*",

src/XML/alg/AbstractAlgElement.php

@@ -19,4 +19,7 @@ abstract class AbstractAlgElement extends AbstractElement
 
     /** @var string */
     public const NS_PREFIX = 'alg';
+
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/sstc-saml-metadata-algsupport-v1.0.xsd';
 }

src/XML/alg/DigestMethod.php

@@ -9,6 +9,8 @@
 use SimpleSAML\SAML2\Assert\Assert as SAMLAssert;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\XsNamespace as NS;
 
 /**
@@ -17,9 +19,10 @@
  * @link http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport.pdf
  * @package simplesamlphp/saml2
  */
-final class DigestMethod extends AbstractAlgElement
+final class DigestMethod extends AbstractAlgElement implements SchemaValidatableElementInterface
 {
     use ExtendableElementTrait;
+    use SchemaValidatableElementTrait;
 
     /** The namespace-attribute for the xs:any element */
     public const XS_ANY_ELT_NAMESPACE = NS::ANY;

src/XML/alg/SigningMethod.php

@@ -9,6 +9,8 @@
 use SimpleSAML\SAML2\Assert\Assert as SAMLAssert;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\ExtendableElementTrait;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\XsNamespace as NS;
 
 use function strval;
@@ -19,9 +21,10 @@
  * @link http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport.pdf
  * @package simplesamlphp/saml2
  */
-final class SigningMethod extends AbstractAlgElement
+final class SigningMethod extends AbstractAlgElement implements SchemaValidatableElementInterface
 {
     use ExtendableElementTrait;
+    use SchemaValidatableElementTrait;
 
     /** The namespace-attribute for the xs:any element */
     public const XS_ANY_ELT_NAMESPACE = NS::ANY;

src/XML/ecp/AbstractEcpElement.php

@@ -21,4 +21,7 @@ abstract class AbstractEcpElement extends AbstractElement
 
     /** @var string */
     public const NS_PREFIX = 'ecp';
+
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/saml-schema-ecp-2.0.xsd';
 }

src/XML/ecp/RelayState.php

@@ -10,15 +10,18 @@
 use SimpleSAML\SOAP\Constants as C;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\MissingAttributeException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\StringElementTrait;
 
 /**
  * Class representing the ECP RelayState element.
  *
  * @package simplesamlphp/saml2
  */
-final class RelayState extends AbstractEcpElement
+final class RelayState extends AbstractEcpElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
     use StringElementTrait;
 
     /**

src/XML/ecp/Request.php

@@ -13,6 +13,8 @@
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\MissingAttributeException;
 use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 use function intval;
 use function strval;
@@ -22,8 +24,10 @@
  *
  * @package simplesamlphp/saml2
  */
-final class Request extends AbstractEcpElement
+final class Request extends AbstractEcpElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * Create a ECP Request element.
      *

src/XML/ecp/RequestAuthenticated.php

@@ -10,6 +10,8 @@
 use SimpleSAML\SOAP\Constants as C;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\MissingAttributeException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 use function boolval;
 use function strval;
@@ -19,8 +21,10 @@
  *
  * @package simplesamlphp/saml2
  */
-final class RequestAuthenticated extends AbstractEcpElement
+final class RequestAuthenticated extends AbstractEcpElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * Create a ECP RequestAuthenticated element.
      *

src/XML/ecp/Response.php

@@ -11,14 +11,18 @@
 use SimpleSAML\SOAP\Constants as C;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\MissingAttributeException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 /**
  * Class representing the ECP Response element.
  *
  * @package simplesamlphp/saml2
  */
-final class Response extends AbstractEcpElement
+final class Response extends AbstractEcpElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * Create a ECP Response element.
      *

src/XML/ecp/SubjectConfirmation.php

@@ -13,14 +13,18 @@
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\MissingAttributeException;
 use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 /**
  * Class representing the ECP SubjectConfirmation element.
  *
  * @package simplesamlphp/saml2
  */
-final class SubjectConfirmation extends AbstractEcpElement
+final class SubjectConfirmation extends AbstractEcpElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * Create a ECP SubjectConfirmation element.
      *

src/XML/element.registry.php

@@ -67,20 +67,14 @@
         'PublicationInfo' => '\SimpleSAML\SAML2\XML\mdrpi\PublicationInfo',
         'PublicationPath' => '\SimpleSAML\SAML2\XML\mdrpi\PublicationPath',
         'RegistrationInfo' => '\SimpleSAML\SAML2\XML\mdrpi\RegistrationInfo',
-        'RegistrationPolicy' => '\SimpleSAML\SAML2\XML\mdrpi\RegistrationPolicy',
-        'UsagePolicy' => '\SimpleSAML\SAML2\XML\mdrpi\UsagePolicy',
     ],
     'urn:oasis:names:tc:SAML:metadata:ui' => [
-        'Description' => '\SimpleSAML\SAML2\XML\mdui\Description',
         'DiscoHints' => '\SimpleSAML\SAML2\XML\mdui\DiscoHints',
-        'DisplayName' => '\SimpleSAML\SAML2\XML\mdui\DisplayName',
         'DomainHint' => '\SimpleSAML\SAML2\XML\mdui\DomainHint',
         'GeolocationHint' => '\SimpleSAML\SAML2\XML\mdui\GeolocationHint',
-        'InformationURL' => '\SimpleSAML\SAML2\XML\mdui\InformationURL',
         'IPHint' => '\SimpleSAML\SAML2\XML\mdui\IPHint',
         'Keywords' => '\SimpleSAML\SAML2\XML\mdui\Keywords',
         'Logo' => '\SimpleSAML\SAML2\XML\mdui\Logo',
-        'PrivacyStatementURL' => '\SimpleSAML\SAML2\XML\mdui\PrivacyStatementURL',
         'UIInfo' => '\SimpleSAML\SAML2\XML\mdui\UIInfo',
     ],
     'urn:oasis:names:tc:SAML:metadata:attribute' => [

src/XML/emd/AbstractEmdElement.php

@@ -19,4 +19,7 @@ abstract class AbstractEmdElement extends AbstractElement
 
     /** @var string */
     public const NS_PREFIX = 'emd';
+
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/eduidmd.xsd';
 }

src/XML/emd/RepublishRequest.php

@@ -10,6 +10,8 @@
 use SimpleSAML\XML\ArrayizableElementInterface;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 use function array_pop;
 
@@ -18,8 +20,12 @@
  *
  * @package simplesamlphp/saml2
  */
-final class RepublishRequest extends AbstractEmdElement implements ArrayizableElementInterface
+final class RepublishRequest extends AbstractEmdElement implements
+    ArrayizableElementInterface,
+    SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * @param \SimpleSAML\SAML2\XML\emd\RepublishTarget $republishTarget
      */

src/XML/idpdisc/DiscoveryResponse.php

@@ -8,6 +8,8 @@
 use SimpleSAML\SAML2\Constants as C;
 use SimpleSAML\SAML2\Exception\ProtocolViolationException;
 use SimpleSAML\SAML2\XML\md\AbstractIndexedEndpointType;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 /**
  * Abstract class to be implemented by all the classes in this namespace
@@ -16,14 +18,18 @@
  *
  * @see http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-idp-discovery.html
  */
-final class DiscoveryResponse extends AbstractIndexedEndpointType
+final class DiscoveryResponse extends AbstractIndexedEndpointType implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /** @var string */
     public const NS = C::NS_IDPDISC;
 
     /** @var string */
     public const NS_PREFIX = 'idpdisc';
 
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/sstc-saml-idp-discovery.xsd';
 
     /**
      * DiscoveryResponse constructor.

src/XML/init/RequestInitiator.php

@@ -9,6 +9,8 @@
 use SimpleSAML\SAML2\Exception\ProtocolViolationException;
 use SimpleSAML\SAML2\XML\md\AbstractEndpointType;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 /**
  * Class for handling the init:RequestInitiator element.
@@ -17,14 +19,18 @@
  *
  * @package simplesamlphp/saml2
  */
-final class RequestInitiator extends AbstractEndpointType
+final class RequestInitiator extends AbstractEndpointType implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /** @var string */
     public const NS = 'urn:oasis:names:tc:SAML:profiles:SSO:request-init';
 
     /** @var string */
     public const NS_PREFIX = 'init';
 
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/sstc-request-initiation.xsd';
 
     /**
      * EndpointType constructor.

src/XML/md/AbstractMdElement.php

@@ -19,4 +19,7 @@ abstract class AbstractMdElement extends AbstractElement
 
     /** @var string */
     public const NS_PREFIX = 'md';
+
+    /** @var string */
+    public const SCHEMA = 'resources/schemas/saml-schema-metadata-2.0.xsd';
 }

src/XML/md/AbstractRoleDescriptor.php

@@ -17,6 +17,8 @@
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\SchemaViolationException;
 use SimpleSAML\XML\Exception\TooManyElementsException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 use function array_pop;
 use function count;
@@ -27,9 +29,12 @@
  *
  * @package simplesamlphp/saml2
  */
-abstract class AbstractRoleDescriptor extends AbstractRoleDescriptorType implements ExtensionPointInterface
+abstract class AbstractRoleDescriptor extends AbstractRoleDescriptorType implements
+    ExtensionPointInterface,
+    SchemaValidatableElementInterface
 {
     use ExtensionPointTrait;
+    use SchemaValidatableElementTrait;
 
     /** @var string */
     public const LOCALNAME = 'RoleDescriptor';

src/XML/md/AdditionalMetadataLocation.php

@@ -9,6 +9,8 @@
 use SimpleSAML\SAML2\Assert\Assert as SAMLAssert;
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\SchemaViolationException;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\StringElementTrait;
 
 use function trim;
@@ -18,8 +20,9 @@
  *
  * @package simplesamlphp/saml2
  */
-final class AdditionalMetadataLocation extends AbstractMdElement
+final class AdditionalMetadataLocation extends AbstractMdElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
     use StringElementTrait;
 
 

src/XML/md/AffiliateMember.php

@@ -5,15 +5,18 @@
 namespace SimpleSAML\SAML2\XML\md;
 
 use SimpleSAML\SAML2\Assert\Assert as SAMLAssert;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\StringElementTrait;
 
 /**
  * Class implementing AffiliateMember.
  *
  * @package simplesamlphp/saml2
  */
-final class AffiliateMember extends AbstractMdElement
+final class AffiliateMember extends AbstractMdElement implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
     use StringElementTrait;
 
 

src/XML/md/AffiliationDescriptor.php

@@ -12,6 +12,8 @@
 use SimpleSAML\XML\Exception\InvalidDOMElementException;
 use SimpleSAML\XML\Exception\TooManyElementsException;
 use SimpleSAML\XML\ExtendableAttributesTrait;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 use SimpleSAML\XML\XsNamespace as NS;
 use SimpleSAML\XMLSecurity\XML\ds\Signature;
 
@@ -20,9 +22,10 @@
  *
  * @package simplesamlphp/saml2
  */
-final class AffiliationDescriptor extends AbstractMetadataDocument
+final class AffiliationDescriptor extends AbstractMetadataDocument implements SchemaValidatableElementInterface
 {
     use ExtendableAttributesTrait;
+    use SchemaValidatableElementTrait;
 
     /** The namespace-attribute for the xs:anyAttribute element */
     public const XS_ANY_ATTR_NAMESPACE = NS::OTHER;

src/XML/md/ArtifactResolutionService.php

@@ -5,14 +5,18 @@
 namespace SimpleSAML\SAML2\XML\md;
 
 use SimpleSAML\Assert\Assert;
+use SimpleSAML\XML\SchemaValidatableElementInterface;
+use SimpleSAML\XML\SchemaValidatableElementTrait;
 
 /**
  * A class implementing the md:ArtifactResolutionService element.
  *
  * @package simplesamlphp/saml2
  */
-final class ArtifactResolutionService extends AbstractIndexedEndpointType
+final class ArtifactResolutionService extends AbstractIndexedEndpointType implements SchemaValidatableElementInterface
 {
+    use SchemaValidatableElementTrait;
+
     /**
      * ArtifactResolutionService constructor.
      *