Scrutinizer

src/SAML2/Assertion.php

@@ -559,7 +559,9 @@ private function parseAttributeValue($attribute, $attributeName)
                 } else {
                     /* Fall back for legacy IdPs sending string value (e.g. SSP < 1.15) */
                     Utils::getContainer()->getLogger()->warning(sprintf("Attribute %s (EPTI) value %d is not an XML NameId", $attributeName, $index));
-                    $this->attributes[$attributeName][] = XML\saml\NameID::fromArray(['Value' => $eptiAttributeValue->textContent]);
+                    $nameId = new XML\saml\NameID();
+                    $nameId->setValue($eptiAttributeValue->textContent);
+                    $this->attributes[$attributeName][] = $nameId;
                 }
             }
 
@@ -766,6 +768,7 @@ public function setNameId($nameId)
         assert(is_array($nameId) || is_null($nameId) || $nameId instanceof XML\saml\NameID);
 
         if (is_array($nameId)) {
+            // @deprecated behaviour
             $nameId = XML\saml\NameID::fromArray($nameId);
         }
         $this->nameId = $nameId;
@@ -1147,7 +1150,7 @@ public function getSignatureMethod()
     /**
      * Set the signature method used.
      *
-     * @param string|null $signatureMethod.
+     * @param string|null $signatureMethod
      */
     public function setSignatureMethod($signatureMethod)
     {
@@ -1189,7 +1192,7 @@ public function getAuthnContextDecl()
     /**
      * Set the authentication context declaration reference.
      *
-     * @param string $authnContextDeclRef
+     * @param string|\SAML2\XML\Chunk $authnContextDeclRef
      * @throws \Exception
      */
     public function setAuthnContextDeclRef($authnContextDeclRef)

src/SAML2/AttributeQuery.php

@@ -159,7 +159,7 @@ public function toUnsignedXML()
                     $type = null;
                 }
 
-                $attributeValue = Utils::addString($attribute, Constants::NS_SAML, 'saml:AttributeValue', (string)$value);
+                $attributeValue = Utils::addString($attribute, Constants::NS_SAML, 'saml:AttributeValue', strval($value));
                 if ($type !== null) {
                     $attributeValue->setAttributeNS(Constants::NS_XSI, 'xsi:type', $type);
                 }

src/SAML2/AuthnRequest.php

@@ -40,7 +40,7 @@ class AuthnRequest extends Request
     /**
      * Set to true if this request is passive.
      *
-     * @var bool.
+     * @var bool
      */
     private $isPassive;
 
@@ -113,7 +113,7 @@ class AuthnRequest extends Request
      *
      * @var array
      */
-    private $audiences;
+    private $audiences = [];
 
     /**
      * @var \SAML2\XML\saml\SubjectConfirmation[]
@@ -441,7 +441,7 @@ public function setIsPassive($isPassive)
      *
      * This may be null, in which case no audience is included.
      *
-     * @return array|null The audiences.
+     * @return array The audiences.
      */
     public function getAudiences()
     {
@@ -455,7 +455,7 @@ public function getAudiences()
      *
      * @param array|null $audiences The audiences.
      */
-    public function setAudiences(array $audiences = null)
+    public function setAudiences(array $audiences)
     {
         $this->audiences = $audiences;
     }
@@ -474,7 +474,7 @@ public function setAudiences(array $audiences = null)
      * be a string instead of an array, where each string
      * is mapped to the value of attribute ProviderID.
      *
-     * @param array List of idpEntries to scope the request to.
+     * @param array $IDPList List of idpEntries to scope the request to.
      */
     public function setIDPList(array $IDPList)
     {
@@ -626,11 +626,11 @@ public function getRequestedAuthnContext()
     /**
      * Set the RequestedAuthnContext.
      *
-     * @param array|null $requestedAuthnContext The RequestedAuthnContext.
+     * @param array $requestedAuthnContext The RequestedAuthnContext.
      */
     public function setRequestedAuthnContext($requestedAuthnContext)
     {
-        assert(is_array($requestedAuthnContext) || is_null($requestedAuthnContext));
+        assert(is_array($requestedAuthnContext));
 
         $this->requestedAuthnContext = $requestedAuthnContext;
     }
@@ -872,7 +872,7 @@ private function addSubject(\DOMElement $root)
      */
     private function addConditions(\DOMElement $root)
     {
-        if ($this->audiences !== null) {
+        if ($this->audiences !== []) {
             $document = $root->ownerDocument;
 
             $conditions = $document->createElementNS(Constants::NS_SAML, 'saml:Conditions');
@@ -881,7 +881,7 @@ private function addConditions(\DOMElement $root)
             $ar = $document->createElementNS(Constants::NS_SAML, 'saml:AudienceRestriction');
             $conditions->appendChild($ar);
 
-            Utils::addStrings($ar, Constants::NS_SAML, 'saml:Audience', false, $this->audiences);
+            Utils::addStrings($ar, Constants::NS_SAML, 'saml:Audience', false, $this->getAudiences());
         }
     }
 }

src/SAML2/Certificate/KeyCollection.php

@@ -17,7 +17,7 @@ class KeyCollection extends ArrayCollection
      */
     public function add($key)
     {
-        if (!$key instanceof Key) {
+        if (!($key instanceof Key)) {
             throw InvalidArgumentException::invalidType(
                 'SAML2\Certificate\Key',
                 $key

src/SAML2/Certificate/KeyLoader.php

@@ -29,8 +29,8 @@ public function __construct()
      * Prioritisation order is keys > certData > certificate
      *
      * @param \SAML2\Configuration\CertificateProvider $config
-     * @param null                                    $usage
-     * @param bool                                    $required
+     * @param string|null                              $usage
+     * @param bool                                     $required
      *
      * @return \SAML2\Certificate\KeyCollection
      */

src/SAML2/Compat/AbstractContainer.php

@@ -24,7 +24,7 @@ abstract public function generateId();
      * - **encrypt** XML that is about to be encrypted
      * - **decrypt** XML that was just decrypted
      *
-     * @param string $message
+     * @param string|\DOMNode $message
      * @param string $type
      * @return void
      */

src/SAML2/Compat/ContainerSingleton.php

@@ -7,12 +7,12 @@
 class ContainerSingleton
 {
     /**
-     * @var \SAML2\Compat\Ssp\Container
+     * @var \SAML2\Compat\AbstractContainer
      */
     protected static $container;
 
     /**
-     * @return \SAML2\Compat\Ssp\Container
+     * @return \SAML2\Compat\AbstractContainer
      */
     public static function getInstance()
     {

src/SAML2/HTTPArtifact.php

@@ -118,7 +118,7 @@ public function receive()
         $ar->setDestination($endpoint['Location']);
 
         /* Sign the request */
-        \sspmod_saml_Message::addSign($this->spMetadata, $idpMetadata, $ar); // Shoaib - moved from the SOAPClient.
+        \SimpleSAML\Module\saml\Message::addSign($this->spMetadata, $idpMetadata, $ar); // Shoaib - moved from the SOAPClient.
 
         $soap = new SOAPClient();
 

src/SAML2/HTTPRedirect.php

@@ -154,7 +154,7 @@ public function receive()
      * It also adds a new parameter, SignedQuery, which contains the data that is
      * signed.
      *
-     * @return string The query data that is signed.
+     * @return array The query data that is signed.
      */
     private static function parseQuery()
     {

src/SAML2/LogoutRequest.php

@@ -108,7 +108,7 @@ public function setNotOnOrAfter($notOnOrAfter)
     /**
      * Check whether the NameId is encrypted.
      *
-     * @return true if the NameId is encrypted, false if not.
+     * @return bool True if the NameId is encrypted, false if not.
      */
     public function isNameIdEncrypted()
     {

src/SAML2/Message.php

@@ -23,7 +23,7 @@ abstract class Message implements SignedElement
      *
      * @var array
      */
-    protected $extensions;
+    protected $extensions = [];
 
     /**
      * The name of the root element of the DOM tree for the message.
@@ -589,7 +589,7 @@ public static function fromXML(\DOMElement $xml)
     /**
      * Retrieve the Extensions.
      *
-     * @return \SAML2\XML\samlp\Extensions
+     * @return \SAML2\XML\samlp\Extensions[]
      */
     public function getExtensions()
     {
@@ -599,12 +599,10 @@ public function getExtensions()
     /**
      * Set the Extensions.
      *
-     * @param array|null $extensions The Extensions
+     * @param array $extensions The Extensions
      */
-    public function setExtensions($extensions)
+    public function setExtensions(array $extensions)
     {
-        assert(is_array($extensions) || is_null($extensions));
-
         $this->extensions = $extensions;
     }
 

src/SAML2/Response.php

@@ -55,7 +55,7 @@ public function getAssertions()
     /**
      * Set the assertions that should be included in this response.
      *
-     * @param \SAML2\Assertion[]|\SAML2\EncryptedAssertion[] The assertions.
+     * @param \SAML2\Assertion[]|\SAML2\EncryptedAssertion[] $assertions The assertions.
      */
     public function setAssertions(array $assertions)
     {

src/SAML2/SOAPClient.php

@@ -119,7 +119,7 @@ public function send(Message $msg, Configuration $srcMetadata, Configuration $ds
         Utils::getContainer()->debugMessage($request, 'out');
 
         $action = 'http://www.oasis-open.org/committees/security';
-        $version = '1.1';
+        $version = SOAP_1_1;
         $destination = $msg->getDestination();
 
         /* Perform SOAP Request over HTTP */
@@ -224,7 +224,7 @@ public static function validateSSL($data, XMLSecurityKey $key)
     /*
      * Extracts the SOAP Fault from SOAP message
      * @param $soapmessage Soap response needs to be type DOMDocument
-     * @return $soapfaultstring string|null
+     * @return string|null $soapfaultstring
      */
     private function getSOAPFault($soapMessage)
     {

src/SAML2/XML/ecp/Response.php

@@ -22,7 +22,7 @@ class Response
     /**
      * Create a ECP Response element.
      *
-     * @param DOMElement|null $xml The XML element we should load.
+     * @param \DOMElement|null $xml The XML element we should load.
      */
     public function __construct(DOMElement $xml = null)
     {
@@ -31,21 +31,21 @@ public function __construct(DOMElement $xml = null)
         }
 
         if (!$xml->hasAttributeNS(Constants::NS_SOAP, 'mustUnderstand')) {
-            throw new Exception('Missing SOAP-ENV:mustUnderstand attribute in <ecp:Response>.');
+            throw new \Exception('Missing SOAP-ENV:mustUnderstand attribute in <ecp:Response>.');
         }
         if ($xml->getAttributeNS(Constants::NS_SOAP, 'mustUnderstand') !== '1') {
-            throw new Exception('Invalid value of SOAP-ENV:mustUnderstand attribute in <ecp:Response>.');
+            throw new \Exception('Invalid value of SOAP-ENV:mustUnderstand attribute in <ecp:Response>.');
         }
 
         if (!$xml->hasAttributeNS(Constants::NS_SOAP, 'actor')) {
-            throw new Exception('Missing SOAP-ENV:actor attribute in <ecp:Response>.');
+            throw new \Exception('Missing SOAP-ENV:actor attribute in <ecp:Response>.');
         }
         if ($xml->getAttributeNS(Constants::NS_SOAP, 'actor') !== 'http://schemas.xmlsoap.org/soap/actor/next') {
-            throw new Exception('Invalid value of SOAP-ENV:actor attribute in <ecp:Response>.');
+            throw new \Exception('Invalid value of SOAP-ENV:actor attribute in <ecp:Response>.');
         }
 
         if (!$xml->hasAttribute('AssertionConsumerServiceURL')) {
-            throw new Exception('Missing AssertionConsumerServiceURL attribute in <ecp:Response>.');
+            throw new \Exception('Missing AssertionConsumerServiceURL attribute in <ecp:Response>.');
         }
 
         $this->setAssertionConsumerServiceURL($xml->getAttribute('AssertionConsumerServiceURL'));
@@ -62,7 +62,7 @@ public function getAssertionConsumerServiceURL()
 
     /**
      * Set the value of the AssertionConsumerServiceURL-property
-     * @param string $AssertionConsumerServiceURL
+     * @param string $assertionConsumerServiceURL
      */
     public function setAssertionConsumerServiceURL($assertionConsumerServiceURL)
     {
@@ -76,12 +76,12 @@ public function setAssertionConsumerServiceURL($assertionConsumerServiceURL)
     /**
      * Convert this ECP Response to XML.
      *
-     * @param DOMElement $parent The element we should append this element to.
+     * @param \DOMElement $parent The element we should append this element to.
      */
-    public function toXML(DOMElement $parent)
+    public function toXML(\DOMElement $parent)
     {
         if (!is_string($this->getAssertionConsumerServiceURL())) {
-            throw new InvalidArgumentException("AssertionConsumerServiceURL must be a string");
+            throw new \InvalidArgumentException("AssertionConsumerServiceURL must be a string");
         }
 
         $doc = $parent->ownerDocument;

src/SAML2/XML/md/EntitiesDescriptor.php

@@ -101,7 +101,7 @@ public function __construct(\DOMElement $xml = null)
      */
     public function getName()
     {
-        return $this->name;
+        return $this->Name;
     }
 
     /**

src/SAML2/XML/md/EntityDescriptor.php

@@ -294,9 +294,9 @@ public function setRoleDescriptor(array $roleDescriptor)
 
     /**
      * Add the value to the RoleDescriptor-property
-     * @param \SAML2\XML\md\Role $roleDescriptor
+     * @param \SAML2\XML\md\RoleDescriptor $roleDescriptor
      */
-    public function addRoleDescriptor($roleDescriptor)
+    public function addRoleDescriptor(RoleDescriptor $roleDescriptor)
     {
         $this->RoleDescriptor[] = $roleDescriptor;
     }
@@ -312,7 +312,7 @@ public function getAffiliationDescriptor()
 
     /**
      * Set the value of the AffliationDescriptor-property
-     * @param \SAML2\XML\md\AffiliationDescriptor $affiliationDescriptor|null
+     * @param \SAML2\XML\md\AffiliationDescriptor|null $affiliationDescriptor
      */
     public function setAffiliationDescriptor(AffiliationDescriptor $affiliationDescriptor = null)
     {
@@ -330,7 +330,7 @@ public function getOrganization()
 
     /**
      * Set the value of the Organization-property
-     * @param \SAML2\XML\md\Organization $organization|null
+     * @param \SAML2\XML\md\Organization|null $organization
      */
     public function setOrganization(Organization $organization = null)
     {

src/SAML2/XML/md/IDPSSODescriptor.php

@@ -219,7 +219,7 @@ public function setAttributeProfile(array $attributeProfile)
 
     /**
      * Collect the value of the Attribute-property
-     * @return \SAML2\XML\md\Attribute[]
+     * @return \SAML2\XML\saml\Attribute[]
      */
     public function getAttribute()
     {

src/SAML2/XML/md/PDPDescriptor.php

@@ -78,7 +78,7 @@ public function getAuthzService()
 
     /**
      * Set the value of the AuthzService-property
-     * @param \SAML2\XML\md\EndpointType[] $AuthzService
+     * @param \SAML2\XML\md\EndpointType[] $authzService
      */
     public function setAuthzService(array $authzService = [])
     {

src/SAML2/XML/md/RoleDescriptor.php

@@ -140,7 +140,7 @@ protected function __construct($elementName, \DOMElement $xml = null)
         }
 
         foreach (Utils::xpQuery($xml, './saml_metadata:ContactPerson') as $cp) {
-            $this->addContactPersons(ContactPerson($cp));
+            $this->addContactPerson(new ContactPerson($cp));
         }
     }
 
@@ -270,7 +270,7 @@ public function getOrganization()
 
     /**
      * Set the value of the Organization-property
-     * @param \SAML2\XML\md\Organization $organization|null
+     * @param \SAML2\XML\md\Organization|null $organization
      */
     public function setOrganization(Organization $organization = null)
     {

src/SAML2/XML/md/SSODescriptorType.php

@@ -99,7 +99,7 @@ public function setArtifactResolutionService(array $artifactResolutionService)
 
     /**
      * Add the value to the ArtifactResolutionService-property
-     * @param \SAML2\XML\md\IndexedEndpointType $artifactResolucationService
+     * @param \SAML2\XML\md\IndexedEndpointType $artifactResolutionService
      */
     public function addArtifactResolutionService(IndexedEndpointType $artifactResolutionService)
     {