diff --git a/README.md b/README.md index ed8f5af..b8f8880 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Library can be installed by using Composer: composer require simplesamlphp/openid ``` -## OpenID Federation (draft 42) +## OpenID Federation (draft 43) The initial functionality of the library revolves around the OpenID Federation specification. To use it, create an instance of the class `\SimpleSAML\OpenID\Federation` @@ -207,8 +207,8 @@ Federation tools expose Trust Mark Fetcher which you can use to dynamically fetc /** @var \SimpleSAML\OpenID\Federation $federationTools */ -// Trust Mark ID that you want to fetch. -$trustMarkId = 'https://example.com/trust-mark/member'; +// Trust Mark Type that you want to fetch. +$trustMarkType = 'https://example.com/trust-mark/member'; // ID of Subject for which to fetch the Trust Mark. $subjectId = 'https://leaf-entity.org' // ID of the Trust Mark Issuer from which to fetch the Trust Mark. @@ -222,7 +222,7 @@ try { // Fetch the Trust Mark from Issuer. $trustMarkEntity = $federationTools->trustMarkFetcher()->fromCacheOrFederationTrustMarkEndpoint( - $trustMarkId, + $trustMarkType, $subjectId, $trustMarkIssuerConfigurationStatement ); @@ -237,7 +237,7 @@ try { ### Validating Trust Marks Federation tools expose Trust Mark Validator with several methods for validating Trust Marks, with the most common -one being the one to validate Trust Mark for some entity simply based on the Trust Mark ID. +one being the one to validate Trust Mark for some entity simply based on the Trust Mark Type. If cache is utilized, Trust Mark validation will be cached with cache TTL being the minimum expiration time of Trust Mark, Leaf Entity Statement or `maxCacheDuration`, whatever is smaller. @@ -249,8 +249,8 @@ time of Trust Mark, Leaf Entity Statement or `maxCacheDuration`, whatever is sma /** @var \SimpleSAML\OpenID\Federation\TrustChain $trustChain */ -// Trust Mark ID that you want to validate. -$trustMarkId = 'https://example.com/trust-mark/member'; +// Trust Mark Type that you want to validate. +$trustMarkType = 'https://example.com/trust-mark/member'; // Leaf for which you want to validate the Trust Mark with ID above. $leafEntityConfigurationStatement = $trustChain->getResolvedLeaf(); // Trust Anchor under which you want to validate Trust Mark. @@ -258,16 +258,16 @@ $trustAnchorConfigurationStatement = $trustChain->getResolvedTrustAnchor(); try { // Example which queries cache for previously validated Trust Mark, and does formal validation if not cached. - $federationTools->trustMarkValidator()->fromCacheOrDoForTrustMarkId( - $trustMarkId, + $federationTools->trustMarkValidator()->fromCacheOrDoForTrustMarkType( + $trustMarkType, $leafEntityConfigurationStatement, $trustAnchorConfigurationStatement, $expectedJwtType = \SimpleSAML\OpenID\Codebooks\JwtTypesEnum::TrustMarkJwt, ); // Example which always does formal validation (does not use cache). - $federationTools->trustMarkValidator()->doForTrustMarkId( - $trustMarkId, + $federationTools->trustMarkValidator()->doForTrustMarkType( + $trustMarkType, $leafEntityConfigurationStatement, $trustAnchorConfigurationStatement, $expectedJwtType = \SimpleSAML\OpenID\Codebooks\JwtTypesEnum::TrustMarkJwt, diff --git a/src/Codebooks/ClaimsEnum.php b/src/Codebooks/ClaimsEnum.php index 144c51c..b47f391 100644 --- a/src/Codebooks/ClaimsEnum.php +++ b/src/Codebooks/ClaimsEnum.php @@ -47,6 +47,7 @@ enum ClaimsEnum: string case Delegation = 'delegation'; case Description = 'description'; case Display = 'display'; + case DisplayName = 'display_name'; case EndSessionEndpoint = 'end_session_endpoint'; // ExpirationTime case Exp = 'exp'; @@ -65,6 +66,7 @@ enum ClaimsEnum: string // Identifier case Id = 'id'; case IdTokenSigningAlgValuesSupported = 'id_token_signing_alg_values_supported'; + case InformationUri = 'information_uri'; case IntrospectionEndpoint = 'introspection_endpoint'; case IntrospectionEndpointAuthMethodsSupported = 'introspection_endpoint_auth_methods_supported'; case IntrospectionEndpointAuthSigningAlgValuesSupported = @@ -77,6 +79,7 @@ enum ClaimsEnum: string // JsonWebKeySet case Jwks = 'jwks'; case JwksUri = 'jwks_uri'; + case Keywords = 'keywords'; // KeyId case Kid = 'kid'; case KeyAttestationsRequired = 'key_attestations_required'; @@ -98,6 +101,7 @@ enum ClaimsEnum: string // OpenIDProviderTermsOfServiceUri case OpTosUri = 'op_tos_uri'; case OrganizationName = 'organization_name'; + case OrganizationUri = 'organization_uri'; case Path = 'path'; case PolicyUri = 'policy_uri'; case PostLogoutRedirectUris = 'post_logout_redirect_uris'; @@ -139,8 +143,8 @@ enum ClaimsEnum: string case Type = 'type'; case TrustChain = 'trust_chain'; case TrustMark = 'trust_mark'; - case TrustMarkId = 'trust_mark_id'; case TrustMarkOwners = 'trust_mark_owners'; + case TrustMarkType = 'trust_mark_type'; case TrustMarks = 'trust_marks'; // UserInterfaceLocalesSupported case UiLocalesSupported = 'ui_locales_supported'; diff --git a/src/Codebooks/ParamsEnum.php b/src/Codebooks/ParamsEnum.php index 9f96f48..71ffa7b 100644 --- a/src/Codebooks/ParamsEnum.php +++ b/src/Codebooks/ParamsEnum.php @@ -35,6 +35,6 @@ enum ParamsEnum: string case Scope = 'scope'; case State = 'state'; case TrustMarked = 'trust_marked'; - case TrustMarkId = 'trust_mark_id'; + case TrustMarkType = 'trust_mark_type'; case UiLocales = 'ui_locales'; } diff --git a/src/Federation/Claims/TrustMarkOwnersClaimBag.php b/src/Federation/Claims/TrustMarkOwnersClaimBag.php index 608f152..4a88db7 100644 --- a/src/Federation/Claims/TrustMarkOwnersClaimBag.php +++ b/src/Federation/Claims/TrustMarkOwnersClaimBag.php @@ -19,19 +19,19 @@ public function __construct(TrustMarkOwnersClaimValue ...$trustMarkOwnersClaimVa public function add(TrustMarkOwnersClaimValue ...$trustMarkOwnersClaimValues): void { foreach ($trustMarkOwnersClaimValues as $trustMarkOwnersClaimValue) { - $this->trustMarkOwnersClaimValues[$trustMarkOwnersClaimValue->getTrustMarkId()] = + $this->trustMarkOwnersClaimValues[$trustMarkOwnersClaimValue->getTrustMarkType()] = $trustMarkOwnersClaimValue; } } - public function has(string $trustMarkId): bool + public function has(string $trustMarkType): bool { - return isset($this->trustMarkOwnersClaimValues[$trustMarkId]); + return isset($this->trustMarkOwnersClaimValues[$trustMarkType]); } - public function get(string $trustMarkId): ?TrustMarkOwnersClaimValue + public function get(string $trustMarkType): ?TrustMarkOwnersClaimValue { - return $this->trustMarkOwnersClaimValues[$trustMarkId] ?? null; + return $this->trustMarkOwnersClaimValues[$trustMarkType] ?? null; } /** diff --git a/src/Federation/Claims/TrustMarkOwnersClaimValue.php b/src/Federation/Claims/TrustMarkOwnersClaimValue.php index bf824ce..749c95a 100644 --- a/src/Federation/Claims/TrustMarkOwnersClaimValue.php +++ b/src/Federation/Claims/TrustMarkOwnersClaimValue.php @@ -11,12 +11,12 @@ class TrustMarkOwnersClaimValue implements JsonSerializable { /** - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @param non-empty-string $subject * @param array $otherClaims */ public function __construct( - protected readonly string $trustMarkId, + protected readonly string $trustMarkType, protected readonly string $subject, protected readonly JwksClaim $jwks, protected readonly array $otherClaims = [], @@ -26,9 +26,9 @@ public function __construct( /** * @return non-empty-string */ - public function getTrustMarkId(): string + public function getTrustMarkType(): string { - return $this->trustMarkId; + return $this->trustMarkType; } /** @@ -59,7 +59,7 @@ public function jsonSerialize(): array { return array_merge( [ - ClaimsEnum::TrustMarkId->value => $this->trustMarkId, + ClaimsEnum::TrustMarkType->value => $this->trustMarkType, ClaimsEnum::Sub->value => $this->subject, ClaimsEnum::Jwks->value => $this->jwks->getValue(), ], diff --git a/src/Federation/Claims/TrustMarksClaimBag.php b/src/Federation/Claims/TrustMarksClaimBag.php index dce674f..654a582 100644 --- a/src/Federation/Claims/TrustMarksClaimBag.php +++ b/src/Federation/Claims/TrustMarksClaimBag.php @@ -32,21 +32,21 @@ public function getAll(): array } /** - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @return \SimpleSAML\OpenID\Federation\Claims\TrustMarksClaimValue[] */ - public function getAllFor(string $trustMarkId): array + public function getAllFor(string $trustMarkType): array { return array_values(array_filter( $this->trustMarksClaimValues, - fn(TrustMarksClaimValue $trustMarkClaim): bool => $trustMarkClaim->getTrustMarkId() === $trustMarkId, + fn(TrustMarksClaimValue $trustMarkClaim): bool => $trustMarkClaim->getTrustMarkType() === $trustMarkType, )); } - public function getFirstFor(string $trustMarkId): ?TrustMarksClaimValue + public function getFirstFor(string $trustMarkType): ?TrustMarksClaimValue { foreach ($this->trustMarksClaimValues as $trustMarkClaim) { - if ($trustMarkClaim->getTrustMarkId() === $trustMarkId) { + if ($trustMarkClaim->getTrustMarkType() === $trustMarkType) { return $trustMarkClaim; } } diff --git a/src/Federation/Claims/TrustMarksClaimValue.php b/src/Federation/Claims/TrustMarksClaimValue.php index 10122ec..89604c6 100644 --- a/src/Federation/Claims/TrustMarksClaimValue.php +++ b/src/Federation/Claims/TrustMarksClaimValue.php @@ -14,12 +14,12 @@ class TrustMarksClaimValue implements JsonSerializable { /** - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @param non-empty-string $trustMark * @param array $otherClaims */ public function __construct( - protected readonly string $trustMarkId, + protected readonly string $trustMarkType, protected readonly string $trustMark, protected readonly array $otherClaims = [], ) { @@ -28,9 +28,9 @@ public function __construct( /** * @return non-empty-string */ - public function getTrustMarkId(): string + public function getTrustMarkType(): string { - return $this->trustMarkId; + return $this->trustMarkType; } /** @@ -56,7 +56,7 @@ public function jsonSerialize(): array { return array_merge( [ - ClaimsEnum::TrustMarkId->value => $this->trustMarkId, + ClaimsEnum::TrustMarkType->value => $this->trustMarkType, ClaimsEnum::TrustMark->value => $this->trustMark, ], $this->otherClaims, diff --git a/src/Federation/EntityStatement.php b/src/Federation/EntityStatement.php index 4291ff5..619c4d7 100644 --- a/src/Federation/EntityStatement.php +++ b/src/Federation/EntityStatement.php @@ -210,8 +210,8 @@ public function getTrustMarks(): ?TrustMarksClaimBag public function getTrustMarkOwners(): ?TrustMarkOwnersClaimBag { // trust_mark_owners - // OPTIONAL. It is a JSON object with member names that are Trust Mark identifiers and each - // corresponding value being a JSON object with members: sub, jwks and optionally other members. + // OPTIONAL. It is a JSON object with member names that are Trust Mark Type identifiers, and each + // corresponding value is a JSON object with members: sub, jwks and optionally other members. $claimKey = ClaimsEnum::TrustMarkOwners->value; $trustMarkOwnersClaimData = $this->getPayloadClaim($claimKey); diff --git a/src/Federation/Factories/FederationClaimFactory.php b/src/Federation/Factories/FederationClaimFactory.php index e664219..d2c0073 100644 --- a/src/Federation/Factories/FederationClaimFactory.php +++ b/src/Federation/Factories/FederationClaimFactory.php @@ -26,15 +26,15 @@ public function __construct( * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException */ public function buildTrustMarksClaimValue( - mixed $trustMarkId, + mixed $trustMarkType, mixed $trustMark, mixed $otherClaims = [], ): TrustMarksClaimValue { - $trustMarkId = $this->helpers->type()->ensureNonEmptyString($trustMarkId); + $trustMarkType = $this->helpers->type()->ensureNonEmptyString($trustMarkType); $trustMark = $this->helpers->type()->ensureNonEmptyString($trustMark); $otherClaims = $this->helpers->type()->ensureArrayWithKeysAsNonEmptyStrings($otherClaims); - return new TrustMarksClaimValue($trustMarkId, $trustMark, $otherClaims); + return new TrustMarksClaimValue($trustMarkType, $trustMark, $otherClaims); } /** @@ -47,12 +47,12 @@ public function buildTrustMarksClaimValueFrom(mixed $trustMarksClaimData): Trust $trustMarksClaimData = $this->helpers->type()->ensureArray($trustMarksClaimData); // Each JSON object MUST contain the following two claims and MAY contain other claims. - // trust_mark_id - // The Trust Mark identifier. It MUST be the same value as the id claim contained in the Trust Mark JWT. + // trust_mark_type + // The Trust Mark Type identifier. It MUST be the same value as the id claim contained in the Trust Mark JWT. // trust_mark // A signed JSON Web Token that represents a Trust Mark. - $trustMarkId = $trustMarksClaimData[ClaimsEnum::TrustMarkId->value] ?? throw new TrustMarkException( - 'No ID present in Trust Mark claim.', + $trustMarkType = $trustMarksClaimData[ClaimsEnum::TrustMarkType->value] ?? throw new TrustMarkException( + 'No type present in Trust Mark claim.', ); $trustMark = $trustMarksClaimData[ClaimsEnum::TrustMark->value] ?? throw new TrustMarkException( @@ -61,11 +61,11 @@ public function buildTrustMarksClaimValueFrom(mixed $trustMarksClaimData): Trust $otherClaims = array_diff_key( $trustMarksClaimData, - [ClaimsEnum::TrustMarkId->value => true, ClaimsEnum::TrustMark->value => true], + [ClaimsEnum::TrustMarkType->value => true, ClaimsEnum::TrustMark->value => true], ); return $this->buildTrustMarksClaimValue( - $trustMarkId, + $trustMarkType, $trustMark, $otherClaims, ); @@ -77,18 +77,18 @@ public function buildTrustMarksClaimBag(TrustMarksClaimValue ...$trustMarksClaim } public function buildTrustMarkOwnersClaimValue( - mixed $trustMarkId, + mixed $trustMarkType, mixed $subject, mixed $jwks, mixed $otherClaims = [], ): TrustMarkOwnersClaimValue { - $trustMarkId = $this->helpers->type()->ensureNonEmptyString($trustMarkId); + $trustMarkType = $this->helpers->type()->ensureNonEmptyString($trustMarkType); $subject = $this->helpers->type()->ensureNonEmptyString($subject); $jwksClaim = $this->claimFactory->buildJwks($jwks); $otherClaims = $this->helpers->type()->ensureArrayWithKeysAsNonEmptyStrings($otherClaims); return new TrustMarkOwnersClaimValue( - $trustMarkId, + $trustMarkType, $subject, $jwksClaim, $otherClaims, @@ -105,7 +105,7 @@ public function buildTrustMarkOwnersClaimBagFrom(mixed $trustMarkOwnersClaimData $trustMarkOwnersClaimValues = []; - // It is a JSON object with member names that are Trust Mark identifiers and each corresponding value + // It is a JSON object with member names that are Trust Mark Type identifiers and each corresponding value // being a JSON object with these members: // sub // REQUIRED Identifier of the Trust Mark Owner. @@ -114,7 +114,7 @@ public function buildTrustMarkOwnersClaimBagFrom(mixed $trustMarkOwnersClaimData // for signing. // Other members MAY also be defined and used. - foreach ($trustMarkOwnersClaimData as $trustMarkId => $trustMarkOwnersClaim) { + foreach ($trustMarkOwnersClaimData as $trustMarkType => $trustMarkOwnersClaim) { $trustMarkOwnersClaim = $this->helpers->type()->ensureArray($trustMarkOwnersClaim); @@ -127,11 +127,11 @@ public function buildTrustMarkOwnersClaimBagFrom(mixed $trustMarkOwnersClaimData $otherClaims = array_diff_key( $trustMarkOwnersClaim, - [ClaimsEnum::TrustMarkId->value => true, ClaimsEnum::TrustMark->value => true], + [ClaimsEnum::TrustMarkType->value => true, ClaimsEnum::TrustMark->value => true], ); $trustMarkOwnersClaimValues[] = $this->buildTrustMarkOwnersClaimValue( - $trustMarkId, + $trustMarkType, $subject, $jwks, $otherClaims, diff --git a/src/Federation/TrustMark.php b/src/Federation/TrustMark.php index d0bddba..5101c79 100644 --- a/src/Federation/TrustMark.php +++ b/src/Federation/TrustMark.php @@ -63,15 +63,15 @@ public function getSubject(): string * @return non-empty-string * @throws \SimpleSAML\OpenID\Exceptions\JwsException */ - public function getTrustMarkId(): string + public function getTrustMarkType(): string { - $claimKey = ClaimsEnum::TrustMarkId->value; + $claimKey = ClaimsEnum::TrustMarkType->value; - $trustMarkId = $this->getPayloadClaim($claimKey) ?? throw new TrustMarkException( - 'No Trust Mark ID claim found.', + $trustMarkType = $this->getPayloadClaim($claimKey) ?? throw new TrustMarkException( + 'No Trust Mark Type claim found.', ); - return $this->helpers->type()->ensureNonEmptyString($trustMarkId); + return $this->helpers->type()->ensureNonEmptyString($trustMarkType); } /** @@ -164,7 +164,7 @@ protected function validate(): void $this->validateByCallbacks( $this->getIssuer(...), $this->getSubject(...), - $this->getTrustMarkId(...), + $this->getTrustMarkType(...), $this->getIssuedAt(...), $this->getLogoUri(...), $this->getExpirationTime(...), diff --git a/src/Federation/TrustMarkDelegation.php b/src/Federation/TrustMarkDelegation.php index 6dcc2bc..5240f2b 100644 --- a/src/Federation/TrustMarkDelegation.php +++ b/src/Federation/TrustMarkDelegation.php @@ -35,15 +35,15 @@ public function getSubject(): string * @return non-empty-string * @throws \SimpleSAML\OpenID\Exceptions\JwsException */ - public function getTrustMarkId(): string + public function getTrustMarkType(): string { - $claimKey = ClaimsEnum::TrustMarkId->value; + $claimKey = ClaimsEnum::TrustMarkType->value; - $trustMarkId = $this->getPayloadClaim($claimKey) ?? throw new TrustMarkDelegationException( - 'No Trust Mark ID claim found.', + $trustMarkType = $this->getPayloadClaim($claimKey) ?? throw new TrustMarkDelegationException( + 'No Trust Mark Type claim found.', ); - return $this->helpers->type()->ensureNonEmptyString($trustMarkId); + return $this->helpers->type()->ensureNonEmptyString($trustMarkType); } /** @@ -104,7 +104,7 @@ protected function validate(): void $this->validateByCallbacks( $this->getIssuer(...), $this->getSubject(...), - $this->getTrustMarkId(...), + $this->getTrustMarkType(...), $this->getIssuedAt(...), $this->getExpirationTime(...), $this->getReference(...), diff --git a/src/Federation/TrustMarkFetcher.php b/src/Federation/TrustMarkFetcher.php index 1c613c8..5cdfa69 100644 --- a/src/Federation/TrustMarkFetcher.php +++ b/src/Federation/TrustMarkFetcher.php @@ -45,7 +45,7 @@ public function getExpectedContentTypeHttpHeader(): string * @throws \SimpleSAML\OpenID\Exceptions\OpenIdException */ public function fromCacheOrFederationTrustMarkEndpoint( - string $trustMarkId, + string $trustMarkType, string $subjectId, EntityStatement $entityConfiguration, ): TrustMark { @@ -54,14 +54,14 @@ public function fromCacheOrFederationTrustMarkEndpoint( $this->logger?->debug( 'Trust Mark fetch from cache or federation trust mark endpoint.', - ['trustMarkId' => $trustMarkId, 'subjectId' => $subjectId, 'trustMarkEndpoint' => $trustMarkEndpoint], + ['trustMarkType' => $trustMarkType, 'subjectId' => $subjectId, 'trustMarkEndpoint' => $trustMarkEndpoint], ); return $this->fromCacheOrNetwork( $this->helpers->url()->withParams( $trustMarkEndpoint, [ - ClaimsEnum::TrustMarkId->value => $trustMarkId, + ClaimsEnum::TrustMarkType->value => $trustMarkType, ClaimsEnum::Sub->value => $subjectId, ], ), diff --git a/src/Federation/TrustMarkValidator.php b/src/Federation/TrustMarkValidator.php index 74e212b..e3115c4 100644 --- a/src/Federation/TrustMarkValidator.php +++ b/src/Federation/TrustMarkValidator.php @@ -29,13 +29,13 @@ public function __construct( /** * If cached, validation has already been performed. * - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @param non-empty-string $leafEntityId * @param non-empty-string $trustAnchorId * @throws \Psr\SimpleCache\InvalidArgumentException */ public function isValidationCachedFor( - string $trustMarkId, + string $trustMarkType, string $leafEntityId, string $trustAnchorId, ): bool { @@ -47,7 +47,7 @@ public function isValidationCachedFor( $this->logger?->debug( sprintf( 'Checking cached Trust Mark %s validation for leaf entity %s under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $leafEntityId, $trustAnchorId, ), @@ -56,15 +56,15 @@ public function isValidationCachedFor( if ( !is_null($cachedValue = $this->cacheDecorator->get( null, - $trustMarkId, + $trustMarkType, $leafEntityId, $trustAnchorId, - )) && $cachedValue === $trustMarkId + )) && $cachedValue === $trustMarkType ) { $this->logger?->debug( sprintf( 'Trust Mark %s cached validation found for leaf entity %s under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $leafEntityId, $trustAnchorId, ), @@ -75,7 +75,7 @@ public function isValidationCachedFor( $this->logger?->debug( sprintf( 'Trust Mark %s validation not cached for leaf entity %s under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $leafEntityId, $trustAnchorId, ), @@ -85,22 +85,22 @@ public function isValidationCachedFor( } /** - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @throws \SimpleSAML\OpenID\Exceptions\EntityStatementException * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException * @throws \SimpleSAML\OpenID\Exceptions\JwsException * @throws \SimpleSAML\OpenID\Exceptions\TrustMarkException * @throws \Psr\SimpleCache\InvalidArgumentException */ - public function fromCacheOrDoForTrustMarkId( - string $trustMarkId, + public function fromCacheOrDoForTrustMarkType( + string $trustMarkType, EntityStatement $leafEntityConfiguration, EntityStatement $trustAnchorEntityConfiguration, JwtTypesEnum $expectedJwtType = JwtTypesEnum::TrustMarkJwt, ): void { if ( $this->isValidationCachedFor( - $trustMarkId, + $trustMarkType, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ) @@ -108,8 +108,8 @@ public function fromCacheOrDoForTrustMarkId( return; } - $this->doForTrustMarkId( - $trustMarkId, + $this->doForTrustMarkType( + $trustMarkType, $leafEntityConfiguration, $trustAnchorEntityConfiguration, $expectedJwtType, @@ -117,14 +117,14 @@ public function fromCacheOrDoForTrustMarkId( } /** - * @param non-empty-string $trustMarkId + * @param non-empty-string $trustMarkType * @throws \SimpleSAML\OpenID\Exceptions\EntityStatementException * @throws \SimpleSAML\OpenID\Exceptions\InvalidValueException * @throws \SimpleSAML\OpenID\Exceptions\JwsException * @throws \SimpleSAML\OpenID\Exceptions\TrustMarkException */ - public function doForTrustMarkId( - string $trustMarkId, + public function doForTrustMarkType( + string $trustMarkType, EntityStatement $leafEntityConfiguration, EntityStatement $trustAnchorEntityConfiguration, JwtTypesEnum $expectedJwtType = JwtTypesEnum::TrustMarkJwt, @@ -132,7 +132,7 @@ public function doForTrustMarkId( $this->logger?->debug( sprintf( 'Validating Trust Mark %s for leaf entity %s under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ), @@ -154,18 +154,18 @@ public function doForTrustMarkId( sprintf( 'Leaf entity %s has Trust Marks available, checking for Trust Mark %s.', $leafEntityConfiguration->getIssuer(), - $trustMarkId, + $trustMarkType, ), ['trustMarksClaimBag' => $trustMarksClaimBag->jsonSerialize()], ); - $trustMarksClaimValues = $trustMarksClaimBag->getAllFor($trustMarkId); + $trustMarksClaimValues = $trustMarksClaimBag->getAllFor($trustMarkType); if ($trustMarksClaimValues === []) { $error = sprintf( 'Leaf entity %s has no claims for Trust Mark %s.', $leafEntityConfiguration->getIssuer(), - $trustMarkId, + $trustMarkType, ); $this->logger?->debug($error); throw new TrustMarkException($error); @@ -176,7 +176,7 @@ public function doForTrustMarkId( 'Leaf entity %s has %s claim/claims for Trust Mark %s.', $leafEntityConfiguration->getIssuer(), count($trustMarksClaimValues), - $trustMarkId, + $trustMarkType, ), ); @@ -184,7 +184,7 @@ public function doForTrustMarkId( $this->logger?->debug( sprintf( 'Validating Trust Mark %s using claim %s for leaf entity %s, under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $idx, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), @@ -203,7 +203,7 @@ public function doForTrustMarkId( $this->logger?->debug( sprintf( 'Trust Mark %s validated using claim %s for leaf entity %s, under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $idx, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), @@ -215,7 +215,7 @@ public function doForTrustMarkId( sprintf( 'Trust Mark %s validation failed using claim %s for leaf entity %s, under Trust Anchor' . ' %s. Error was %s. Trying next if available.', - $trustMarkId, + $trustMarkType, $idx, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), @@ -229,7 +229,7 @@ public function doForTrustMarkId( throw new TrustMarkException( sprintf( 'Could not validate Trust Mark %s for leaf entity %s under Trust Anchor %s.', - $trustMarkId, + $trustMarkType, $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ), @@ -253,7 +253,7 @@ public function fromCacheOrDoForTrustMarksClaimValue( ): void { if ( $this->isValidationCachedFor( - $trustMarksClaimValue->getTrustMarkId(), + $trustMarksClaimValue->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ) @@ -304,7 +304,7 @@ public function validateTrustMarksClaimValue( $this->logger?->debug( 'Validating Trust Mark claim value.', [ - 'id' => $trustMarksClaimValue->getTrustMarkId(), + 'type' => $trustMarksClaimValue->getTrustMarkType(), 'trustMark' => $trustMarksClaimValue->getTrustMark(), 'otherClaims' => $trustMarksClaimValue->getOtherClaims(), ], @@ -323,12 +323,12 @@ public function validateTrustMarksClaimValue( ['trustMarkPayload' => $trustMarkPayload], ); - if ($trustMarksClaimValue->getTrustMarkId() !== $trustMark->getTrustMarkId()) { + if ($trustMarksClaimValue->getTrustMarkType() !== $trustMark->getTrustMarkType()) { throw new TrustMarkException( sprintf( - 'Invalid TrustMark identifier: %s != %s.', - $trustMarksClaimValue->getTrustMarkId(), - $trustMark->getTrustMarkId(), + 'Invalid Trust Mark Type identifier: %s != %s.', + $trustMarksClaimValue->getTrustMarkType(), + $trustMark->getTrustMarkType(), ), ); } @@ -336,7 +336,7 @@ public function validateTrustMarksClaimValue( // All the claims in the JSON object MUST have the same values as those contained in the Trust Mark JWT. $commonClaims = array_intersect_key($trustMarksClaimValue->getOtherClaims(), $trustMarkPayload); $this->logger?->debug( - 'Validating common values from Trust Mark instance and claim itselt.', + 'Validating common values from Trust Mark instance and claim itself.', ['commonClaims' => $commonClaims], ); @@ -374,7 +374,7 @@ public function fromCacheOrDoForTrustMark( ): void { if ( $this->isValidationCachedFor( - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ) @@ -415,7 +415,7 @@ public function doForTrustMark( $this->validateSubjectClaim($trustMark, $leafEntityConfiguration); // If Trust Mark Issuer is the Trust Anchor itself, we don't have to resolve chain, as Trust Anchor is trusted - // out of band. Otherwise, we have to resolve trust for Trust Mark Issuer. + // out-of-band. Otherwise, we have to resolve trust for Trust Mark Issuer. $trustMarkIssuerEntityConfiguration = $trustMark->getIssuer() === $trustAnchorEntityConfiguration->getIssuer() ? $trustAnchorEntityConfiguration : @@ -430,7 +430,7 @@ public function doForTrustMark( $this->logger?->debug(sprintf( 'Trust Mark %s validated for leaf entity %s under Trust Anchor %s.', - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), )); @@ -448,16 +448,16 @@ public function doForTrustMark( $cacheTtl = $this->maxCacheDurationDecorator->lowestInSecondsComparedToExpirationTime($expirationTime); $this->logger?->debug(sprintf( 'Caching Trust Mark %s validation for leaf entity %s under Trust Anchor %s with TTL %s.', - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), $cacheTtl, )); try { $this->cacheDecorator->set( - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $cacheTtl, - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), ); @@ -465,7 +465,7 @@ public function doForTrustMark( $this->logger?->error(sprintf( 'Error caching Trust Mark %s validation for leaf entity %s under Trust Anchor %s with TTL' . ' %s. Error wa: %s.', - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), $leafEntityConfiguration->getIssuer(), $trustAnchorEntityConfiguration->getIssuer(), $cacheTtl, @@ -491,7 +491,7 @@ public function validateSubjectClaim( 'Leaf entity %s is different than the subject %s of Trust Mark %s', $leafEntityConfiguration->getIssuer(), $trustMark->getSubject(), - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), ); $this->logger?->error($error); throw new TrustMarkException($error); @@ -501,7 +501,7 @@ public function validateSubjectClaim( sprintf( 'Leaf entity %s is the subject of the Trust Mark %s.', $leafEntityConfiguration->getIssuer(), - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), ), ); } @@ -594,7 +594,7 @@ public function validateTrustMarkDelegation( EntityStatement $trustAnchorEntityConfiguration, ): void { $this->logger?->debug('Validating Trust Mark delegation.'); - // If the Trust Mark identifier appears in the trust_mark_owners claim of the Trust Anchor's Entity + // If the Trust Mark Type identifier appears in the trust_mark_owners claim of the Trust Anchor's Entity // Configuration, verify that the Trust Mark contains a delegation claim. $trustMarkOwnersBag = $trustAnchorEntityConfiguration->getTrustMarkOwners(); @@ -613,14 +613,14 @@ public function validateTrustMarkDelegation( ['trustMarkOwners' => $trustMarkOwnersBag->jsonSerialize()], ); - $trustMarkOwnersClaimValue = $trustMarkOwnersBag->get($trustMark->getTrustMarkId()); + $trustMarkOwnersClaimValue = $trustMarkOwnersBag->get($trustMark->getTrustMarkType()); if (is_null($trustMarkOwnersClaimValue)) { $this->logger?->debug( sprintf( 'Trust Anchor %s does not define owner of Trust Mark %s. Skipping delegation validation.', $trustAnchorEntityConfiguration->getIssuer(), - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), ), ); return; @@ -631,7 +631,7 @@ public function validateTrustMarkDelegation( 'Trust Anchor %s defines owner %s of Trust Mark %s. Continuing delegation validation.', $trustAnchorEntityConfiguration->getIssuer(), $trustMarkOwnersClaimValue->getSubject(), - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), ), ); @@ -640,14 +640,14 @@ public function validateTrustMarkDelegation( if (is_null($trustMarkDelegationClaim)) { $error = sprintf( 'Trust Mark %s is missing a Delegation claim.', - $trustMark->getTrustMarkId(), + $trustMark->getTrustMarkType(), ); $this->logger?->error($error); throw new TrustMarkException($error); } $this->logger?->debug( - sprintf('Trust Mark %s has a Delegation claim.', $trustMark->getTrustMarkId()), + sprintf('Trust Mark %s has a Delegation claim.', $trustMark->getTrustMarkType()), ['trustMarkDelegationClaim' => $trustMarkDelegationClaim], ); @@ -701,20 +701,20 @@ public function validateTrustMarkDelegation( $this->logger?->debug('Trust Mark Issuer claim validated.'); - // The ID of the delegation JWT MUST match the id value in the Trust Mark. - $this->logger?->debug('Validating Trust Mark ID claim.'); - if ($trustMark->getTrustMarkId() !== $trustMarkDelegation->getTrustMarkId()) { + // The Type of the delegation JWT MUST match the Type value in the Trust Mark. + $this->logger?->debug('Validating Trust Mark Type claim.'); + if ($trustMark->getTrustMarkType() !== $trustMarkDelegation->getTrustMarkType()) { $error = sprintf( - 'Trust Mark ID claim validation failed. Value was %s, but expected %s.', - $trustMark->getTrustMarkId(), - $trustMarkDelegation->getTrustMarkId(), + 'Trust Mark Type claim validation failed. Value was %s, but expected %s.', + $trustMark->getTrustMarkType(), + $trustMarkDelegation->getTrustMarkType(), ); $this->logger?->error($error); throw new TrustMarkException($error); } - $this->logger?->debug('Trust Mark ID claim validated.'); + $this->logger?->debug('Trust Mark Type claim validated.'); $this->logger?->debug('Trust Mark delegation validated.'); } diff --git a/tests/src/Federation/Claims/TrustMarkOwnersClaimBagTest.php b/tests/src/Federation/Claims/TrustMarkOwnersClaimBagTest.php index ce00ed1..a5a81af 100644 --- a/tests/src/Federation/Claims/TrustMarkOwnersClaimBagTest.php +++ b/tests/src/Federation/Claims/TrustMarkOwnersClaimBagTest.php @@ -18,7 +18,7 @@ final class TrustMarkOwnersClaimBagTest extends TestCase protected function setUp(): void { $this->trustMarkOwnersClaimValueMock = $this->createMock(TrustMarkOwnersClaimValue::class); - $this->trustMarkOwnersClaimValueMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkOwnersClaimValueMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkOwnersClaimValueMock->method('getSubject')->willReturn('subject'); } @@ -38,21 +38,21 @@ public function testCanAddAndGet(): void $this->assertEmpty($this->sut()->getAll()); $sut = $this->sut($this->trustMarkOwnersClaimValueMock); $this->assertCount(1, $sut->getAll()); - $this->assertTrue($sut->has('trustMarkId')); - $this->assertSame($this->trustMarkOwnersClaimValueMock, $sut->get('trustMarkId')); + $this->assertTrue($sut->has('trustMarkType')); + $this->assertSame($this->trustMarkOwnersClaimValueMock, $sut->get('trustMarkType')); $trustMarkClaimValueMock2 = $this->createMock(TrustMarkOwnersClaimValue::class); - $trustMarkClaimValueMock2->method('getTrustMarkId')->willReturn('trustMarkId2'); + $trustMarkClaimValueMock2->method('getTrustMarkType')->willReturn('trustMarkType2'); $sut->add($trustMarkClaimValueMock2); $this->assertCount(2, $sut->getAll()); - $this->assertTrue($sut->has('trustMarkId2')); - $this->assertSame($trustMarkClaimValueMock2, $sut->get('trustMarkId2')); + $this->assertTrue($sut->has('trustMarkType2')); + $this->assertSame($trustMarkClaimValueMock2, $sut->get('trustMarkType2')); } public function testCanJsonSerialize(): void { $trustMarkClaimValueMock2 = $this->createMock(TrustMarkOwnersClaimValue::class); - $trustMarkClaimValueMock2->method('getTrustMarkId')->willReturn('trustMarkId2'); + $trustMarkClaimValueMock2->method('getTrustMarkType')->willReturn('trustMarkType2'); $this->trustMarkOwnersClaimValueMock->method('getSubject')->willReturn('subject2'); $sut = $this->sut( @@ -60,7 +60,7 @@ public function testCanJsonSerialize(): void $trustMarkClaimValueMock2, ); - $this->assertArrayHasKey('trustMarkId', $sut->jsonSerialize()); - $this->assertArrayHasKey('trustMarkId2', $sut->jsonSerialize()); + $this->assertArrayHasKey('trustMarkType', $sut->jsonSerialize()); + $this->assertArrayHasKey('trustMarkType2', $sut->jsonSerialize()); } } diff --git a/tests/src/Federation/Claims/TrustMarkOwnersClaimValueTest.php b/tests/src/Federation/Claims/TrustMarkOwnersClaimValueTest.php index cb3f2d5..d128011 100644 --- a/tests/src/Federation/Claims/TrustMarkOwnersClaimValueTest.php +++ b/tests/src/Federation/Claims/TrustMarkOwnersClaimValueTest.php @@ -13,7 +13,7 @@ #[CoversClass(TrustMarkOwnersClaimValue::class)] final class TrustMarkOwnersClaimValueTest extends TestCase { - protected string $trustMarkId; + protected string $trustMarkType; protected string $subject = 'subject'; @@ -23,25 +23,25 @@ final class TrustMarkOwnersClaimValueTest extends TestCase protected function setUp(): void { - $this->trustMarkId = 'trustMarkId'; + $this->trustMarkType = 'trustMarkType'; $this->subject = 'subject'; $this->jwksClaimMock = $this->createMock(JwksClaim::class); $this->otherClaims = ['key' => 'value']; } protected function sut( - ?string $trustMarkId = null, + ?string $trustMarkType = null, ?string $subject = null, ?JwksClaim $jwksClaim = null, ?array $otherClaims = null, ): TrustMarkOwnersClaimValue { - $trustMarkId ??= $this->trustMarkId; + $trustMarkType ??= $this->trustMarkType; $subject ??= $this->subject; $jwksClaim ??= $this->jwksClaimMock; $otherClaims ??= $this->otherClaims; return new TrustMarkOwnersClaimValue( - $trustMarkId, + $trustMarkType, $subject, $jwksClaim, $otherClaims, @@ -56,7 +56,7 @@ public function testCanCreateInstance(): void public function testCanGetProperties(): void { $sut = $this->sut(); - $this->assertSame($this->trustMarkId, $sut->getTrustMarkId()); + $this->assertSame($this->trustMarkType, $sut->getTrustMarkType()); $this->assertSame($this->subject, $sut->getSubject()); $this->assertSame($this->jwksClaimMock, $sut->getJwks()); $this->assertSame($this->otherClaims, $sut->getOtherClaims()); @@ -66,7 +66,7 @@ public function testCanJsonSerialize(): void { $this->assertSame( [ - 'trust_mark_id' => $this->trustMarkId, + 'trust_mark_type' => $this->trustMarkType, 'sub' => $this->subject, 'jwks' => [], 'key' => 'value', diff --git a/tests/src/Federation/Claims/TrustMarksClaimBagTest.php b/tests/src/Federation/Claims/TrustMarksClaimBagTest.php index f7e3717..cff58dd 100644 --- a/tests/src/Federation/Claims/TrustMarksClaimBagTest.php +++ b/tests/src/Federation/Claims/TrustMarksClaimBagTest.php @@ -18,7 +18,7 @@ final class TrustMarksClaimBagTest extends TestCase protected function setUp(): void { $this->trustMarkClaimMock = $this->createMock(TrustMarksClaimValue::class); - $this->trustMarkClaimMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkClaimMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkClaimMock->method('getTrustMark')->willReturn('token'); } @@ -48,37 +48,37 @@ public function testCanGetAll(): void public function testCanGetAllFor(): void { $firstTrustMarkClaim = $this->createMock(TrustMarksClaimValue::class); - $firstTrustMarkClaim->method('getTrustMarkId')->willReturn('first'); + $firstTrustMarkClaim->method('getTrustMarkType')->willReturn('first'); $secondTrustMarkClaim = $this->createMock(TrustMarksClaimValue::class); - $secondTrustMarkClaim->method('getTrustMarkId')->willReturn('second'); + $secondTrustMarkClaim->method('getTrustMarkType')->willReturn('second'); $sut = $this->sut($firstTrustMarkClaim, $secondTrustMarkClaim); $allForSecond = $sut->getAllFor('second'); $this->assertCount(1, $allForSecond); - $this->assertSame($secondTrustMarkClaim->getTrustMarkId(), $allForSecond[0]->getTrustMarkId()); + $this->assertSame($secondTrustMarkClaim->getTrustMarkType(), $allForSecond[0]->getTrustMarkType()); } public function testCanGetFirstFor(): void { $firstTrustMarkClaim = $this->createMock(TrustMarksClaimValue::class); - $firstTrustMarkClaim->method('getTrustMarkId')->willReturn('first'); + $firstTrustMarkClaim->method('getTrustMarkType')->willReturn('first'); $secondTrustMarkClaim = $this->createMock(TrustMarksClaimValue::class); - $secondTrustMarkClaim->method('getTrustMarkId')->willReturn('second'); + $secondTrustMarkClaim->method('getTrustMarkType')->willReturn('second'); $sut = $this->sut($firstTrustMarkClaim, $secondTrustMarkClaim); $second = $sut->getFirstFor('second'); $this->assertInstanceof(\SimpleSAML\OpenID\Federation\Claims\TrustMarksClaimValue::class, $second); - $this->assertSame($secondTrustMarkClaim->getTrustMarkId(), $second->getTrustMarkId()); + $this->assertSame($secondTrustMarkClaim->getTrustMarkType(), $second->getTrustMarkType()); } public function testGetFirstForReturnNullIfNoneFound(): void { $firstTrustMarkClaim = $this->createMock(TrustMarksClaimValue::class); - $firstTrustMarkClaim->method('getTrustMarkId')->willReturn('first'); + $firstTrustMarkClaim->method('getTrustMarkType')->willReturn('first'); $sut = $this->sut($firstTrustMarkClaim); diff --git a/tests/src/Federation/Claims/TrustMarksClaimValueTest.php b/tests/src/Federation/Claims/TrustMarksClaimValueTest.php index ae56946..0bacfb3 100644 --- a/tests/src/Federation/Claims/TrustMarksClaimValueTest.php +++ b/tests/src/Federation/Claims/TrustMarksClaimValueTest.php @@ -11,7 +11,7 @@ #[CoversClass(TrustMarksClaimValue::class)] final class TrustMarksClaimValueTest extends TestCase { - protected string $trustMarkId; + protected string $trustMarkType; protected string $trustMark; @@ -19,21 +19,21 @@ final class TrustMarksClaimValueTest extends TestCase protected function setUp(): void { - $this->trustMarkId = 'trustMarkId'; + $this->trustMarkType = 'trustMarkType'; $this->trustMark = 'token'; $this->otherClaims = ['something' => 'else']; } protected function sut( - ?string $trustMarkId = null, + ?string $trustMarkType = null, ?string $trustMark = null, ?array $otherClaims = null, ): TrustMarksClaimValue { - $trustMarkId ??= $this->trustMarkId; + $trustMarkType ??= $this->trustMarkType; $trustMark ??= $this->trustMark; $otherClaims ??= $this->otherClaims; - return new TrustMarksClaimValue($trustMarkId, $trustMark, $otherClaims); + return new TrustMarksClaimValue($trustMarkType, $trustMark, $otherClaims); } public function testCanCreateInstance(): void @@ -44,7 +44,7 @@ public function testCanCreateInstance(): void public function testCanGetProperties(): void { $sut = $this->sut(); - $this->assertSame($this->trustMarkId, $sut->getTrustMarkId()); + $this->assertSame($this->trustMarkType, $sut->getTrustMarkType()); $this->assertSame($this->trustMark, $sut->getTrustMark()); $this->assertSame($this->otherClaims, $sut->getOtherClaims()); } @@ -52,7 +52,7 @@ public function testCanGetProperties(): void public function testCanJsonSerialize(): void { $this->assertSame( - ['trust_mark_id' => $this->trustMarkId, 'trust_mark' => $this->trustMark, 'something' => 'else'], + ['trust_mark_type' => $this->trustMarkType, 'trust_mark' => $this->trustMark, 'something' => 'else'], $this->sut()->jsonSerialize(), ); } diff --git a/tests/src/Federation/EntityStatementTest.php b/tests/src/Federation/EntityStatementTest.php index 22ebc36..1a10e49 100644 --- a/tests/src/Federation/EntityStatementTest.php +++ b/tests/src/Federation/EntityStatementTest.php @@ -296,7 +296,7 @@ public function testTrustMarkOwnersIsOptional(): void public function testTrustMarkOwnersIsBuildUsingFactoryOptional(): void { $this->validPayload['trust_mark_owners'] = [ - 'trustMarkId' => [ + 'trustMarkType' => [ 'sub' => 'subject', 'jwks' => ['keys' => [['key' => 'value']]], ], diff --git a/tests/src/Federation/Factories/FederationClaimFactoryTest.php b/tests/src/Federation/Factories/FederationClaimFactoryTest.php index a736255..9953844 100644 --- a/tests/src/Federation/Factories/FederationClaimFactoryTest.php +++ b/tests/src/Federation/Factories/FederationClaimFactoryTest.php @@ -73,7 +73,7 @@ public function testCanCreateInstance(): void public function testCanBuildTrustMarksClaimValue(): void { $this->assertInstanceOf(TrustMarksClaimValue::class, $this->sut()->buildTrustMarksClaimValue( - 'trustMarkId', + 'trustMarkType', 'trustMark', )); } @@ -81,7 +81,7 @@ public function testCanBuildTrustMarksClaimValue(): void public function testCanBuildTrustMarksClaimValueFrom(): void { $trustMarksClaimData = [ - ClaimsEnum::TrustMarkId->value => 'trustMarkId', + ClaimsEnum::TrustMarkType->value => 'trustMarkType', ClaimsEnum::TrustMark->value => 'trustMark', 'something' => 'else', ]; @@ -103,7 +103,7 @@ public function testCanBuildTrustMarksClaimBag(): void public function testCanBuildTrustMarkOwnersClaimValue(): void { $this->assertInstanceOf(TrustMarkOwnersClaimValue::class, $this->sut()->buildTrustMarkOwnersClaimValue( - 'trustMarkId', + 'trustMarkType', 'subject', $this->jwksArraySample, )); @@ -112,7 +112,7 @@ public function testCanBuildTrustMarkOwnersClaimValue(): void public function testCanBuildTrustMarkOwnersClaimBagFrom(): void { $trustMarkOwnersClaimData = [ - 'trustMarkId' => [ + 'trustMarkType' => [ ClaimsEnum::Sub->value => 'subject', ClaimsEnum::Jwks->value => $this->jwksArraySample, ], diff --git a/tests/src/Federation/Factories/TrustMarkDelegationFactoryTest.php b/tests/src/Federation/Factories/TrustMarkDelegationFactoryTest.php index 52f8014..2e42f20 100644 --- a/tests/src/Federation/Factories/TrustMarkDelegationFactoryTest.php +++ b/tests/src/Federation/Factories/TrustMarkDelegationFactoryTest.php @@ -57,7 +57,7 @@ final class TrustMarkDelegationFactoryTest extends TestCase 'nbf' => 1734016912, 'exp' => 1734020512, // phpcs:ignore - 'trust_mark_id' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', + 'trust_mark_type' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', 'iss' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/', 'sub' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ALeaf/', 'ref' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/ref/trust-mark/member', diff --git a/tests/src/Federation/Factories/TrustMarkFactoryTest.php b/tests/src/Federation/Factories/TrustMarkFactoryTest.php index d00719c..a15dda4 100644 --- a/tests/src/Federation/Factories/TrustMarkFactoryTest.php +++ b/tests/src/Federation/Factories/TrustMarkFactoryTest.php @@ -61,7 +61,7 @@ final class TrustMarkFactoryTest extends TestCase 'nbf' => 1734016912, 'exp' => 1734020512, // phpcs:ignore - 'trust_mark_id' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', + 'trust_mark_type' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', 'iss' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/', 'sub' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ALeaf/', ]; diff --git a/tests/src/Federation/TrustChainResolverTest.php b/tests/src/Federation/TrustChainResolverTest.php index 3870876..6bf4e14 100644 --- a/tests/src/Federation/TrustChainResolverTest.php +++ b/tests/src/Federation/TrustChainResolverTest.php @@ -172,7 +172,7 @@ public function testCanDetectLoopInConfigurationChains(): void { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->leafEntityConfigurationMock @@ -201,7 +201,7 @@ public function testCanBailOnMaxAuthorityHintsRule(): void $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->loggerMock @@ -220,7 +220,7 @@ public function testCanResolveTrustChain(): void { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->leafEntityConfigurationMock @@ -245,7 +245,7 @@ public function testCanResolveMultipleTrustChains(): void { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->leafEntityConfigurationMock @@ -263,7 +263,7 @@ public function testCanResolveTrustChainForTrustAnchorOnly(): void { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->trustChainFactoryMock->expects($this->once())->method('forTrustAnchor'); @@ -320,7 +320,7 @@ public function testCanWarnOnTrustChainResolutionSubordinateStatementFetchError( { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->entityStatementFetcherMock @@ -349,7 +349,7 @@ public function testTrustChainResolveThrowsOnTrustChainBagFactoryError(): void { $this->entityStatementFetcherMock ->method('fromCacheOrWellKnownEndpoint') - ->willReturnCallback(fn(string $entityId) => + ->willReturnCallback(fn(string $entityId): \SimpleSAML\OpenID\Federation\EntityStatement => $this->configChainSample[$entityId] ?? throw new \Exception('No entity.')); $this->leafEntityConfigurationMock diff --git a/tests/src/Federation/TrustMarkDelegationTest.php b/tests/src/Federation/TrustMarkDelegationTest.php index 38df66a..e2e6ecc 100644 --- a/tests/src/Federation/TrustMarkDelegationTest.php +++ b/tests/src/Federation/TrustMarkDelegationTest.php @@ -49,7 +49,7 @@ final class TrustMarkDelegationTest extends TestCase 'nbf' => 1734016912, 'exp' => 1734020512, // phpcs:ignore - 'trust_mark_id' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', + 'trust_mark_type' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', 'iss' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/', 'sub' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ALeaf/', 'ref' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/ref/trust-mark/member', diff --git a/tests/src/Federation/TrustMarkFetcherTest.php b/tests/src/Federation/TrustMarkFetcherTest.php index e6ffbff..11f847b 100644 --- a/tests/src/Federation/TrustMarkFetcherTest.php +++ b/tests/src/Federation/TrustMarkFetcherTest.php @@ -105,7 +105,7 @@ public function testCanFetchFromCacheOrTrustMarkEndpointWhenCached(): void ->with('token'); $this->sut()->fromCacheOrFederationTrustMarkEndpoint( - 'trustMarkId', + 'trustMarkType', 'entityId', $this->entityStatementMock, ); @@ -127,7 +127,7 @@ public function testCanFetchFromCacheOrTrustMarkEndpointWhenNotCached(): void $this->trustMarkFactoryMock->expects($this->once())->method('fromToken'); $this->sut()->fromCacheOrFederationTrustMarkEndpoint( - 'trustMarkId', + 'trustMarkType', 'entityId', $this->entityStatementMock, ); @@ -143,7 +143,7 @@ public function testFetchFromCacheOrTrustMarkEndpointThrowsIfNoFetchEndpoint(): $this->expectExceptionMessage('endpoint'); $this->sut()->fromCacheOrFederationTrustMarkEndpoint( - 'trustMarkId', + 'trustMarkType', 'entityId', $this->entityStatementMock, ); diff --git a/tests/src/Federation/TrustMarkTest.php b/tests/src/Federation/TrustMarkTest.php index 8688aeb..577ff44 100644 --- a/tests/src/Federation/TrustMarkTest.php +++ b/tests/src/Federation/TrustMarkTest.php @@ -53,7 +53,7 @@ final class TrustMarkTest extends TestCase 'nbf' => 1734016912, 'exp' => 1734020512, // phpcs:ignore - 'trust_mark_id' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', + 'trust_mark_type' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/trust-mark/member', 'iss' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ABTrustAnchor/', 'sub' => 'https://08-dap.localhost.markoivancic.from.hr/openid/entities/ALeaf/', ]; diff --git a/tests/src/Federation/TrustMarkValidatorTest.php b/tests/src/Federation/TrustMarkValidatorTest.php index 9b9f369..37fbba1 100644 --- a/tests/src/Federation/TrustMarkValidatorTest.php +++ b/tests/src/Federation/TrustMarkValidatorTest.php @@ -114,15 +114,15 @@ public function testCanGetIsValidationCachedFor(): void $this->cacheDecoratorMock->expects($this->once())->method('get') ->with( null, - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', ) - ->willReturn('trustMarkId'); + ->willReturn('trustMarkType'); $this->assertTrue( $this->sut()->isValidationCachedFor( - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', ), @@ -134,7 +134,7 @@ public function testIsValidationCachedForReturnsFalseIfNotCached(): void $this->cacheDecoratorMock->expects($this->once())->method('get') ->with( null, - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', ) @@ -142,7 +142,7 @@ public function testIsValidationCachedForReturnsFalseIfNotCached(): void $this->assertFalse( $this->sut()->isValidationCachedFor( - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', ), @@ -160,58 +160,58 @@ public function testIsValidationCachedForReturnsFalseIfNoCacheInstance(): void $this->assertFalse( $sut->isValidationCachedFor( - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', ), ); } - public function testFromCacheOrDoForTrustMarkIdChecksCache(): void + public function testFromCacheOrDoForTrustMarkTypeChecksCache(): void { $this->cacheDecoratorMock->expects($this->once())->method('get') ->with( null, - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', - )->willReturn('trustMarkId'); + )->willReturn('trustMarkType'); $this->leafEntityConfigurationMock->expects($this->never())->method('getTrustMarks'); - $this->sut()->fromCacheOrDoForTrustMarkId( - 'trustMarkId', + $this->sut()->fromCacheOrDoForTrustMarkType( + 'trustMarkType', $this->leafEntityConfigurationMock, $this->trustAnchorConfigurationMock, ); } - public function testFromCacheOrDoForTrustMarkIdRuns(): void + public function testFromCacheOrDoForTrustMarkTypeRuns(): void { $this->cacheDecoratorMock->expects($this->once())->method('get'); $this->leafEntityConfigurationMock->expects($this->once())->method('getTrustMarks') ->willReturn($this->trustMarksClaimBagMock); $this->trustMarksClaimBagMock->expects($this->once())->method('getAllFor') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn([$this->trustMarksClaimValueMock]); - $this->trustMarksClaimValueMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarksClaimValueMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkFactoryMock->expects($this->once())->method('fromToken') ->willReturn($this->trustMarkMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $this->trustChainResolverMock->expects($this->once())->method('for'); $this->trustMarkMock->expects($this->once())->method('verifyWithKeySet'); $this->cacheDecoratorMock->expects($this->once())->method('set') - ->with('trustMarkId'); + ->with('trustMarkType'); - $this->sut()->fromCacheOrDoForTrustMarkId( - 'trustMarkId', + $this->sut()->fromCacheOrDoForTrustMarkType( + 'trustMarkType', $this->leafEntityConfigurationMock, $this->trustAnchorConfigurationMock, ); } - public function testDoForTrustMarkIdThrowsIfNoTrustMarks(): void + public function testDoForTrustMarkTypeThrowsIfNoTrustMarks(): void { $this->cacheDecoratorMock->expects($this->never())->method('get'); $this->leafEntityConfigurationMock->expects($this->once())->method('getTrustMarks') @@ -220,49 +220,49 @@ public function testDoForTrustMarkIdThrowsIfNoTrustMarks(): void $this->expectException(TrustMarkException::class); $this->expectExceptionMessage('available'); - $this->sut()->doForTrustMarkId( - 'trustMarkId', + $this->sut()->doForTrustMarkType( + 'trustMarkType', $this->leafEntityConfigurationMock, $this->trustAnchorConfigurationMock, ); } - public function testDoForTrustMarkIdThrowsIfNoTrustMarkWithGivenId(): void + public function testDoForTrustMarkTypeThrowsIfNoTrustMarkWithGivenId(): void { $this->cacheDecoratorMock->expects($this->never())->method('get'); $this->leafEntityConfigurationMock->expects($this->once())->method('getTrustMarks') ->willReturn($this->trustMarksClaimBagMock); $this->trustMarksClaimBagMock->expects($this->once())->method('getAllFor') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn([]); $this->expectException(TrustMarkException::class); $this->expectExceptionMessage('no claims'); - $this->sut()->doForTrustMarkId( - 'trustMarkId', + $this->sut()->doForTrustMarkType( + 'trustMarkType', $this->leafEntityConfigurationMock, $this->trustAnchorConfigurationMock, ); } - public function testDoForTrustMarkIdThrowsForInvalidClaimValue(): void + public function testDoForTrustMarkTypeThrowsForInvalidClaimValue(): void { $this->cacheDecoratorMock->expects($this->never())->method('get'); $this->leafEntityConfigurationMock->expects($this->once())->method('getTrustMarks') ->willReturn($this->trustMarksClaimBagMock); $this->trustMarksClaimBagMock->expects($this->once())->method('getAllFor') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn([$this->trustMarksClaimValueMock]); - $this->trustMarksClaimValueMock->method('getTrustMarkId')->willReturn('invalid'); + $this->trustMarksClaimValueMock->method('getTrustMarkType')->willReturn('invalid'); $this->expectException(TrustMarkException::class); $this->expectExceptionMessage('Could not validate'); - $this->sut()->doForTrustMarkId( - 'trustMarkId', + $this->sut()->doForTrustMarkType( + 'trustMarkType', $this->leafEntityConfigurationMock, $this->trustAnchorConfigurationMock, ); @@ -273,11 +273,11 @@ public function testFromCacheOrDoForTrustMarksClaimValueChecksCache(): void $this->cacheDecoratorMock->expects($this->once())->method('get') ->with( null, - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', - )->willReturn('trustMarkId'); - $this->trustMarksClaimValueMock->method('getTrustMarkId')->willReturn('trustMarkId'); + )->willReturn('trustMarkType'); + $this->trustMarksClaimValueMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkFactoryMock->expects($this->never())->method('fromToken'); $this->sut()->fromCacheOrDoForTrustMarksClaimValue( @@ -290,15 +290,15 @@ public function testFromCacheOrDoForTrustMarksClaimValueChecksCache(): void public function testFromCacheOrDoForTrustMarksClaimValueRuns(): void { $this->cacheDecoratorMock->expects($this->once())->method('get'); - $this->trustMarksClaimValueMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarksClaimValueMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkFactoryMock->expects($this->once())->method('fromToken') ->willReturn($this->trustMarkMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $this->trustChainResolverMock->expects($this->once())->method('for'); $this->trustMarkMock->expects($this->once())->method('verifyWithKeySet'); $this->cacheDecoratorMock->expects($this->once())->method('set') - ->with('trustMarkId'); + ->with('trustMarkType'); $this->sut()->fromCacheOrDoForTrustMarksClaimValue( $this->trustMarksClaimValueMock, @@ -309,12 +309,12 @@ public function testFromCacheOrDoForTrustMarksClaimValueRuns(): void public function testValidateTrustMarksClaimValueThrowsForDifferentPayloadValues(): void { - $this->trustMarksClaimValueMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarksClaimValueMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarksClaimValueMock->method('getOtherClaims') ->willReturn(['key' => 'value']); $this->trustMarkFactoryMock->expects($this->once())->method('fromToken') ->willReturn($this->trustMarkMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getPayload') ->willReturn(['key' => 'differentValue']); @@ -331,12 +331,12 @@ public function testFromCacheOrDoForTrustMarkChecksCache(): void $this->cacheDecoratorMock->expects($this->once())->method('get') ->with( null, - 'trustMarkId', + 'trustMarkType', 'leafEntityId', 'trustAnchorId', - )->willReturn('trustMarkId'); + )->willReturn('trustMarkType'); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->expects($this->never())->method('getSubject'); $this->sut()->fromCacheOrDoForTrustMark( @@ -349,12 +349,12 @@ public function testFromCacheOrDoForTrustMarkChecksCache(): void public function testFromCacheOrDoForTrustMarkRuns(): void { $this->cacheDecoratorMock->expects($this->once())->method('get'); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $this->trustChainResolverMock->expects($this->once())->method('for'); $this->trustMarkMock->expects($this->once())->method('verifyWithKeySet'); $this->cacheDecoratorMock->expects($this->once())->method('set') - ->with('trustMarkId'); + ->with('trustMarkType'); $this->sut()->fromCacheOrDoForTrustMark( $this->trustMarkMock, @@ -369,7 +369,7 @@ public function testDoForTrustMarkTakesIntoAccountTrustMarkExpirationForCacheTtl $leafEntityConfigurationExpirationTime = time() + 120; $this->leafEntityConfigurationMock->method('getExpirationTime') ->willReturn($leafEntityConfigurationExpirationTime); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $trustMarkExpirationTime = time() + 60; $this->trustMarkMock->method('getExpirationTime')->willReturn($trustMarkExpirationTime); @@ -379,7 +379,7 @@ public function testDoForTrustMarkTakesIntoAccountTrustMarkExpirationForCacheTtl $this->trustChainResolverMock->expects($this->once())->method('for'); $this->trustMarkMock->expects($this->once())->method('verifyWithKeySet'); $this->cacheDecoratorMock->expects($this->once())->method('set') - ->with('trustMarkId'); + ->with('trustMarkType'); $this->sut()->doForTrustMark( $this->trustMarkMock, @@ -391,7 +391,7 @@ public function testDoForTrustMarkTakesIntoAccountTrustMarkExpirationForCacheTtl public function testDoForTrustMarksLogsCacheError(): void { $this->cacheDecoratorMock->expects($this->never())->method('get'); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $this->trustChainResolverMock->expects($this->once())->method('for'); $this->trustMarkMock->expects($this->once())->method('verifyWithKeySet'); @@ -411,7 +411,7 @@ public function testDoForTrustMarksLogsCacheError(): void public function testDoForTrustMarkCanHandleTrustAnchorAsTrustMarkIssuer(): void { $this->cacheDecoratorMock->expects($this->never())->method('get'); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getSubject')->willReturn('leafEntityId'); $this->trustMarkMock->method('getIssuer')->willReturn('trustAnchorId'); $this->trustAnchorConfigurationMock->expects($this->once())->method('getJwks'); @@ -480,10 +480,10 @@ public function testCanValidateTrustMarkDelegation(): void ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn('delegationToken'); $this->trustMarkDelegationFactoryMock->expects($this->once()) @@ -499,7 +499,7 @@ public function testCanValidateTrustMarkDelegation(): void $this->trustMarkMock->method('getIssuer')->willReturn('trustMarkIssuerId'); $this->trustMarkDelegationMock->method('getSubject')->willReturn('trustMarkIssuerId'); - $this->trustMarkDelegationMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkDelegationMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->sut()->validateTrustMarkDelegation( $this->trustMarkMock, @@ -512,10 +512,10 @@ public function testValidateTrustMarkDelegationSkipsIfTrustMarkOwnerNotDefinedOn $this->trustAnchorConfigurationMock->expects($this->once()) ->method('getTrustMarkOwners') ->willReturn($this->trustMarkOwnersClaimBagMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn(null); $debugMessageContainedSkipped = false; @@ -541,10 +541,10 @@ public function testValidateTrustMarkDelegationThrowsForMissingDelegationClaim() ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn(null); $this->expectException(TrustMarkException::class); @@ -563,10 +563,10 @@ public function testValidateTrustMarkDelegationThrowsForInvalidSignature(): void ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn('delegationToken'); $this->trustMarkDelegationFactoryMock->expects($this->once()) @@ -593,10 +593,10 @@ public function testValidateTrustMarkDelegationThrowsForInvalidDelegationIssuer( ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn('delegationToken'); $this->trustMarkDelegationFactoryMock->expects($this->once()) @@ -625,10 +625,10 @@ public function testValidateTrustMarkDelegationThrowsForInvalidTrustMarkIssuer() ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn('delegationToken'); $this->trustMarkDelegationFactoryMock->expects($this->once()) @@ -653,17 +653,17 @@ public function testValidateTrustMarkDelegationThrowsForInvalidTrustMarkIssuer() ); } - public function testValidateTrustMarkDelegationThrowsForInvalidTrustMarkId(): void + public function testValidateTrustMarkDelegationThrowsForInvalidTrustMarkType(): void { $this->trustAnchorConfigurationMock->expects($this->once()) ->method('getTrustMarkOwners') ->willReturn($this->trustMarkOwnersClaimBagMock); $this->trustMarkOwnersClaimBagMock->expects($this->once()) ->method('get') - ->with('trustMarkId') + ->with('trustMarkType') ->willReturn($this->trustMarkOwnersClaimValueMock); - $this->trustMarkMock->method('getTrustMarkId')->willReturn('trustMarkId'); + $this->trustMarkMock->method('getTrustMarkType')->willReturn('trustMarkType'); $this->trustMarkMock->method('getDelegation')->willReturn('delegationToken'); $this->trustMarkDelegationFactoryMock->expects($this->once()) @@ -679,10 +679,10 @@ public function testValidateTrustMarkDelegationThrowsForInvalidTrustMarkId(): vo $this->trustMarkMock->method('getIssuer')->willReturn('trustMarkIssuerId'); $this->trustMarkDelegationMock->method('getSubject')->willReturn('trustMarkIssuerId'); - $this->trustMarkDelegationMock->method('getTrustMarkId')->willReturn('otherTrustMarkId'); + $this->trustMarkDelegationMock->method('getTrustMarkType')->willReturn('otherTrustMarkType'); $this->expectException(TrustMarkException::class); - $this->expectExceptionMessage('Trust Mark ID'); + $this->expectExceptionMessage('Trust Mark Type'); $this->sut()->validateTrustMarkDelegation( $this->trustMarkMock,