Skip to content

Commit 2633ee4

Browse files
cicnavicicnavi
committed
Add TrustAnchorConfig abstraction value
1 parent d591eda commit 2633ee4

4 files changed

Lines changed: 178 additions & 2 deletions

File tree

src/ValueAbstracts/TrustAnchorConfig.php

Lines changed: 68 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,68 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace SimpleSAML\OpenID\ValueAbstracts;
6+
7+
use SimpleSAML\OpenID\Codebooks\ClaimsEnum;
8+
use SimpleSAML\OpenID\Exceptions\JwksException;
9+
10+
class TrustAnchorConfig
11+
{
12+
/**
13+
* @param non-empty-string $entityId Trust Anchor Entity ID
14+
* @param string|null $jwks Trust Anchor's JWKS JSON object string value, or
15+
* null. If JWKS is provided, it can be used to validate Trust Anchor
16+
* Configuration Statement in addition to using JWKS acquired during Trust
17+
* Chain resolution. If JWKS is not provided, the validity of Trust Anchor
18+
* Configuration Statement will "only" be validated by the JWKS acquired
19+
* during Trust Chain resolution. This means that security will rely "only"
20+
* on protection implied from using TLS on endpoints used during
21+
* Trust Chain resolution.
22+
*/
23+
public function __construct(
24+
protected readonly string $entityId,
25+
protected readonly ?string $jwks = null,
26+
) {
27+
}
28+
29+
30+
/**
31+
* @return non-empty-string
32+
*/
33+
public function getEntityId(): string
34+
{
35+
return $this->entityId;
36+
}
37+
38+
39+
public function getJwks(): ?string
40+
{
41+
return $this->jwks;
42+
}
43+
44+
45+
/**
46+
* @return array{keys:non-empty-array<mixed>}|null
47+
* @throws \SimpleSAML\OpenID\Exceptions\JwksException
48+
*/
49+
public function getJwksAsArray(): ?array
50+
{
51+
if (is_string($this->jwks)) {
52+
$jwks = json_decode($this->jwks, true);
53+
54+
if (
55+
is_array($jwks) &&
56+
array_key_exists(ClaimsEnum::Keys->value, $jwks) &&
57+
is_array($jwks[ClaimsEnum::Keys->value]) &&
58+
$jwks[ClaimsEnum::Keys->value] !== []
59+
) {
60+
return $jwks;
61+
}
62+
63+
throw new JwksException('Invalid JWKS JSON object.');
64+
}
65+
66+
return null;
67+
}
68+
}

src/ValueAbstracts/TrustAnchorConfigBag.php

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace SimpleSAML\OpenID\ValueAbstracts;
6+
7+
use Traversable;
8+
9+
/**
10+
* @implements \IteratorAggregate<non-empty-string,\SimpleSAML\OpenID\ValueAbstracts\TrustAnchorConfig>
11+
*/
12+
class TrustAnchorConfigBag implements \IteratorAggregate
13+
{
14+
/**
15+
* @var array<non-empty-string,\SimpleSAML\OpenID\ValueAbstracts\TrustAnchorConfig>
16+
*/
17+
protected array $trustAnchorConfigs;
18+
19+
20+
public function __construct(
21+
TrustAnchorConfig ...$trustAnchorConfigs,
22+
) {
23+
$this->add(...$trustAnchorConfigs);
24+
}
25+
26+
27+
public function add(TrustAnchorConfig ...$trustAnchorConfigs): void
28+
{
29+
foreach ($trustAnchorConfigs as $trustAnchorConfig) {
30+
$this->trustAnchorConfigs[$trustAnchorConfig->getEntityId()] = $trustAnchorConfig;
31+
}
32+
}
33+
34+
35+
public function getByEntityId(string $entityId): ?TrustAnchorConfig
36+
{
37+
return $this->trustAnchorConfigs[$entityId] ?? null;
38+
}
39+
40+
41+
/**
42+
* @return array<non-empty-string,\SimpleSAML\OpenID\ValueAbstracts\TrustAnchorConfig>
43+
*/
44+
public function getAll(): array
45+
{
46+
return $this->trustAnchorConfigs;
47+
}
48+
49+
50+
/**
51+
* @return \ArrayIterator<string,\SimpleSAML\OpenID\ValueAbstracts\TrustAnchorConfig>
52+
*/
53+
public function getIterator(): Traversable
54+
{
55+
return new \ArrayIterator($this->getAll());
56+
}
57+
}

src/ValueAbstracts/UniqueStringBag.php

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,10 @@
44

55
namespace SimpleSAML\OpenID\ValueAbstracts;
66

7-
class UniqueStringBag implements \JsonSerializable
7+
/**
8+
* @implements \IteratorAggregate<int, string>
9+
*/
10+
class UniqueStringBag implements \JsonSerializable, \IteratorAggregate
811
{
912
/**
1013
* @var string[]
@@ -15,7 +18,16 @@ class UniqueStringBag implements \JsonSerializable
1518
public function __construct(
1619
string ...$values,
1720
) {
18-
$this->values = $values;
21+
$this->add(...$values);
22+
}
23+
24+
25+
/**
26+
* @return \ArrayIterator<int, string>
27+
*/
28+
public function getIterator(): \ArrayIterator
29+
{
30+
return new \ArrayIterator($this->values);
1931
}
2032

2133

tests/src/ValueAbstracts/UniqueStringBagTest.php

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<?php
2+
3+
declare(strict_types=1);
4+
5+
namespace SimpleSAML\Test\OpenID\ValueAbstracts;
6+
7+
use PHPUnit\Framework\Attributes\CoversClass;
8+
use PHPUnit\Framework\TestCase;
9+
use SimpleSAML\OpenID\ValueAbstracts\UniqueStringBag;
10+
11+
#[CoversClass(UniqueStringBag::class)]
12+
final class UniqueStringBagTest extends TestCase
13+
{
14+
protected array $sampleValues = ['foo', 'bar'];
15+
16+
17+
protected function sut(
18+
?array $values = null,
19+
): UniqueStringBag {
20+
$values ??= $this->sampleValues;
21+
22+
return new UniqueStringBag(...$values);
23+
}
24+
25+
26+
public function testIsIterable(): void
27+
{
28+
$bag = $this->sut();
29+
30+
$this->assertInstanceOf(\Traversable::class, $bag);
31+
32+
$result = [];
33+
foreach ($bag as $item) {
34+
$result[] = $item;
35+
}
36+
37+
$this->assertSame(['foo', 'bar'], $result);
38+
}
39+
}

0 commit comments

Comments
 (0)