From fe2750905ddb1d61e1f67e9bf2c8df1af6f66390 Mon Sep 17 00:00:00 2001 From: Tim van Dijen Date: Mon, 16 Sep 2024 13:30:37 +0200 Subject: [PATCH] Strip element registry of any non top-level elements --- src/XML/element.registry.php | 63 ++++-------------------------------- 1 file changed, 7 insertions(+), 56 deletions(-) diff --git a/src/XML/element.registry.php b/src/XML/element.registry.php index 23339efb..78b3ef61 100644 --- a/src/XML/element.registry.php +++ b/src/XML/element.registry.php @@ -4,22 +4,8 @@ return [ 'http://docs.oasis-open.org/wsfed/authorization/200706' => [ + 'AdditionalContext' => '\SimpleSAML\WSSecurity\XML\auth\AdditionalContext', 'ClaimType' => '\SimpleSAML\WSSecurity\XML\auth\ClaimType', - 'ConstrainedValue' => '\SimpleSAML\WSSecurity\XML\auth\ConstrainedValue', - 'Description' => '\SimpleSAML\WSSecurity\XML\auth\Description', - 'DisplayName' => '\SimpleSAML\WSSecurity\XML\auth\DisplayName', - 'DisplayValue' => '\SimpleSAML\WSSecurity\XML\auth\DisplayValue', - 'EncryptedValue' => '\SimpleSAML\WSSecurity\XML\auth\EncryptedValue', - 'StructuredValue' => '\SimpleSAML\WSSecurity\XML\auth\StructuredValue', - 'Value' => '\SimpleSAML\WSSecurity\XML\auth\Value', - 'ValueGreaterThan' => '\SimpleSAML\WSSecurity\XML\auth\ValueGreaterThan', - 'ValueGreaterThanOrEqual' => '\SimpleSAML\WSSecurity\XML\auth\ValueGreaterThanOrEqual', - 'ValueInRangen' => '\SimpleSAML\WSSecurity\XML\auth\ValueInRangen', - 'ValueLessThan' => '\SimpleSAML\WSSecurity\XML\auth\ValueLessThan', - 'ValueLessThanOrEqual' => '\SimpleSAML\WSSecurity\XML\auth\ValueLessThanOrEqual', - 'ValueLowerBound' => '\SimpleSAML\WSSecurity\XML\auth\ValueLowerBound', - 'ValueOneOf' => '\SimpleSAML\WSSecurity\XML\auth\ValueOneOf', - 'ValueUpperBound' => '\SimpleSAML\WSSecurity\XML\auth\ValueUpperBound', ], 'http://docs.oasis-open.org/wsfed/federation/200706' => [ 'AdditionalContextProcessed' => '\SimpleSAML\WSSecurity\XML\fed\AdditionalContextProcessed', @@ -28,34 +14,27 @@ 'AttributeServiceEndpoints' => '\SimpleSAML\WSSecurity\XML\fed\AttributeServiceEndpoints', 'AuthenticationToken' => '\SimpleSAML\WSSecurity\XML\fed\AuthenticationToken', 'AutomaticPseudonyms' => '\SimpleSAML\WSSecurity\XML\fed\AutomaticPseudonyms', - 'ClaimDialect' => '\SimpleSAML\WSSecurity\XML\fed\ClaimDialect', 'ClaimDialectsOffered' => '\SimpleSAML\WSSecurity\XML\fed\ClaimDialectsOffered', 'ClaimTypesOffered' => '\SimpleSAML\WSSecurity\XML\fed\ClaimTypesOffered', 'ClaimTypesRequested' => '\SimpleSAML\WSSecurity\XML\fed\ClaimTypesRequested', 'ClientPseudonym' => '\SimpleSAML\WSSecurity\XML\fed\ClientPseudonym', - 'DisplayName' => '\SimpleSAML\WSSecurity\XML\fed\DisplayName', - 'EMail' => '\SimpleSAML\WSSecurity\XML\fed\EMail', - 'Federation' => '\SimpleSAML\WSSecurity\XML\fed\Federation', 'FederationID' => '\SimpleSAML\WSSecurity\XML\fed\FederationID', + 'FederationMetadata' => '\SimpleSAML\WSSecurity\XML\fed\FederationMetadata', 'FederationMetadataHandler' => '\SimpleSAML\WSSecurity\XML\fed\FederationMetadataHandler', 'FilterPseudonyms' => '\SimpleSAML\WSSecurity\XML\fed\FilterPseudonyms', 'Freshness' => '\SimpleSAML\WSSecurity\XML\fed\Freshness', - 'IssuerName' => '\SimpleSAML\WSSecurity\XML\fed\IssuerName', 'IssuesSpecificPolicyFault' => '\SimpleSAML\WSSecurity\XML\fed\IssuesSpecificPolicyFault', 'LogicalServiceNamesOffered' => '\SimpleSAML\WSSecurity\XML\fed\LogicalServiceNamesOffered', - 'PPID' => '\SimpleSAML\WSSecurity\XML\fed\PPID', 'PassiveRequestorEndpoint' => '\SimpleSAML\WSSecurity\XML\fed\PassiveRequestorEndpoint', 'PassiveRequestorEndpoints' => '\SimpleSAML\WSSecurity\XML\fed\PassiveRequestorEndpoints', 'ProofToken' => '\SimpleSAML\WSSecurity\XML\fed\ProofToken', 'Pseudonym' => '\SimpleSAML\WSSecurity\XML\fed\Pseudonym', 'PseudonymBasis' => '\SimpleSAML\WSSecurity\XML\fed\PseudonymBasis', 'PseudonymServiceEndpoint' => '\SimpleSAML\WSSecurity\XML\fed\PseudonymServiceEndpoint', + 'PseudonymServiceEndpoints' => '\SimpleSAML\WSSecurity\XML\fed\PseudonymServiceEndpoints', 'Realm' => '\SimpleSAML\WSSecurity\XML\fed\Realm', - 'ReferenceDigest' => '\SimpleSAML\WSSecurity\XML\fed\ReferenceDigest', - 'ReferenceEPR' => '\SimpleSAML\WSSecurity\XML\fed\ReferenceEPR', 'ReferenceToken' => '\SimpleSAML\WSSecurity\XML\fed\ReferenceToken', 'ReferenceToken11' => '\SimpleSAML\WSSecurity\XML\fed\ReferenceToken11', - 'ReferenceType' => '\SimpleSAML\WSSecurity\XML\fed\ReferenceType', 'RelativeTo' => '\SimpleSAML\WSSecurity\XML\fed\RelativeTo', 'RequestProofToken' => '\SimpleSAML\WSSecurity\XML\fed\RequestProofToken', 'RequestPseudonym' => '\SimpleSAML\WSSecurity\XML\fed\RequestPseudonym', @@ -66,13 +45,12 @@ 'RequiresGenericClaimDialect' => '\SimpleSAML\WSSecurity\XML\fed\RequiresGenericClaimDialect', 'SecurityToken' => '\SimpleSAML\WSSecurity\XML\fed\SecurityToken', 'SecurityTokenServiceEndpoint' => '\SimpleSAML\WSSecurity\XML\fed\SecurityTokenServiceEndpoint', - 'SerialNo' => '\SimpleSAML\WSSecurity\XML\fed\SerialNo', + 'SignOut' => '\SimpleSAML\WSSecurity\XML\fed\SignOut', 'SingleSignOutNotificationEndpoint' => '\SimpleSAML\WSSecurity\XML\fed\SingleSignOutNotificationEndpoint', 'SingleSignOutNotificationEndpoints' => '\SimpleSAML\WSSecurity\XML\fed\SingleSignOutNotificationEndpoints', 'SingleSignOutSubscriptionEndpoint' => '\SimpleSAML\WSSecurity\XML\fed\SingleSignOutSubscriptionEndpoint', 'SingleSignOutSubscriptionEndpoints' => '\SimpleSAML\WSSecurity\XML\fed\SingleSignOutSubscriptionEndpoints', 'TargetScopes' => '\SimpleSAML\WSSecurity\XML\fed\TargetScopes', - 'TokenType' => '\SimpleSAML\WSSecurity\XML\fed\TokenType', 'TokenTypesOffered' => '\SimpleSAML\WSSecurity\XML\fed\TokenTypesOffered', 'WebBinding' => '\SimpleSAML\WSSecurity\XML\fed\WebBinding', ], @@ -97,7 +75,6 @@ 'Basic256Rsa15' => '\SimpleSAML\WSSecurity\XML\sp_200507\Basic256Rsa15', 'Basic256Sha256' => '\SimpleSAML\WSSecurity\XML\sp_200507\Basic256Sha256', 'Basic256Sha256Rsa15' => '\SimpleSAML\WSSecurity\XML\sp_200507\Basic256Sha256Rsa15', - 'Body' => '\SimpleSAML\WSSecurity\XML\sp_200507\Body', 'BootstrapPolicy' => '\SimpleSAML\WSSecurity\XML\sp_200507\BootstrapPolicy', 'EncryptBeforeSigning' => '\SimpleSAML\WSSecurity\XML\sp_200507\EncryptBeforeSigning', 'EncryptSignature' => '\SimpleSAML\WSSecurity\XML\sp_200507\EncryptSignature', @@ -105,13 +82,11 @@ 'EncryptedParts' => '\SimpleSAML\WSSecurity\XML\sp_200507\EncryptedParts', 'EncryptionToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\EncryptionToken', 'EndorsingSupportingTokens' => '\SimpleSAML\WSSecurity\XML\sp_200507\EndorsingSupportingTokens', - 'Header' => '\SimpleSAML\WSSecurity\XML\sp_200507\Header', 'HttpsToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\HttpsToken', 'IncludeTimestamp' => '\SimpleSAML\WSSecurity\XML\sp_200507\IncludeTimestamp', 'InclusiveC14N' => '\SimpleSAML\WSSecurity\XML\sp_200507\InclusiveC14N', 'InitiatorToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\InitiatorToken', 'IssuedToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\IssuedToken', - 'Issuer' => '\SimpleSAML\WSSecurity\XML\sp_200507\Issuer', 'KerberosToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\KerberosToken', 'Lax' => '\SimpleSAML\WSSecurity\XML\sp_200507\Lax', 'LaxTsFirst' => '\SimpleSAML\WSSecurity\XML\sp_200507\LaxTsFirst', @@ -131,7 +106,6 @@ 'ProtectionToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\ProtectionToken', 'RecipientToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\RecipientToken', 'RelToken' => '\SimpleSAML\WSSecurity\XML\sp_200507\RelToken', - 'RequestSecurityTokenTemplate' => '\SimpleSAML\WSSecurity\XML\sp_200507\RequestSecurityTokenTemplate', 'RequireClientEntropy' => '\SimpleSAML\WSSecurity\XML\sp_200507\RequireClientEntropy', 'RequireDerivedKeys' => '\SimpleSAML\WSSecurity\XML\sp_200507\RequireDerivedKeys', 'RequireEmbeddedTokenReference' => '\SimpleSAML\WSSecurity\XML\sp_200507\RequireEmbeddedTokenReference', @@ -190,12 +164,13 @@ 'WssX509V1Token11' => '\SimpleSAML\WSSecurity\XML\sp_200507\WssX509V1Token11', 'WssX509V3Token10' => '\SimpleSAML\WSSecurity\XML\sp_200507\WssX509V3Token10', 'WssX509V3Token11' => '\SimpleSAML\WSSecurity\XML\sp_200507\WssX509V3Token11', + 'X509Token' => '\SimpleSAML\WSSecurity\XML\sp_200507\X509Token', + 'XPathFilter20' => '\SimpleSAML\WSSecurity\XML\sp_200507\XPathFilter20', ], 'http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702' => [ 'AbsXPath' => '\SimpleSAML\WSSecurity\XML\sp_200702\AbsXPath', 'AlgorithmSuite' => '\SimpleSAML\WSSecurity\XML\sp_200702\AlgorithmSuite', 'AsymmetricBinding' => '\SimpleSAML\WSSecurity\XML\sp_200702\AsymmetricBinding', - 'Attachments' => '\SimpleSAML\WSSecurity\XML\sp_200702\Attachments', 'Basic128' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic128', 'Basic128Rsa15' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic128Rsa15', 'Basic128Sha256' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic128Sha256', @@ -208,7 +183,6 @@ 'Basic256Rsa15' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic256Rsa15', 'Basic256Sha256' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic256Sha256', 'Basic256Sha256Rsa15' => '\SimpleSAML\WSSecurity\XML\sp_200702\Basic256Sha256Rsa15', - 'Body' => '\SimpleSAML\WSSecurity\XML\sp_200702\Body', 'BootstrapPolicy' => '\SimpleSAML\WSSecurity\XML\sp_200702\BootstrapPolicy', 'ContentEncryptedElements' => '\SimpleSAML\WSSecurity\XML\sp_200702\ContentEncryptedElements', 'EncryptBeforeSigning' => '\SimpleSAML\WSSecurity\XML\sp_200702\EncryptBeforeSigning', @@ -219,7 +193,6 @@ 'EndorsingEncryptedSupportingTokens' => '\SimpleSAML\WSSecurity\XML\sp_200702\EndorsingEncryptedSupportingTokens', 'EndorsingSupportingTokens' => '\SimpleSAML\WSSecurity\XML\sp_200702\EndorsingSupportingTokens', 'HashPassword' => '\SimpleSAML\WSSecurity\XML\sp_200702\HashPassword', - 'Header' => '\SimpleSAML\WSSecurity\XML\sp_200702\Header', 'HttpBasicAuthentication' => '\SimpleSAML\WSSecurity\XML\sp_200702\HttpBasicAuthentication', 'HttpDigestAuthentication' => '\SimpleSAML\WSSecurity\XML\sp_200702\HttpDigestAuthentication', 'HttpsToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\HttpsToken', @@ -229,7 +202,6 @@ 'InitiatorSignatureToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\InitiatorSignatureToken', 'InitiatorToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\InitiatorToken', 'IssuedToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\IssuedToken', - 'Issuer' => '\SimpleSAML\WSSecurity\XML\sp_200702\Issuer', 'KerberosToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\KerberosToken', 'KeyValueToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\KeyValueToken', 'Lax' => '\SimpleSAML\WSSecurity\XML\sp_200702\Lax', @@ -256,7 +228,6 @@ 'RecipientEncryptionToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\RecipientEncryptionToken', 'RecipientSignatureToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\RecipientSignatureToken', 'RelToken' => '\SimpleSAML\WSSecurity\XML\sp_200702\RelToken', - 'RequestSecurityTokenTemplate' => '\SimpleSAML\WSSecurity\XML\sp_200702\RequestSecurityTokenTemplate', 'RequireAppliesTo' => '\SimpleSAML\WSSecurity\XML\sp_200702\RequireAppliesTo', 'RequireClientCertificate' => '\SimpleSAML\WSSecurity\XML\sp_200702\RequireClientCertificate', 'RequireClientEntropy' => '\SimpleSAML\WSSecurity\XML\sp_200702\RequireClientEntropy', @@ -322,33 +293,27 @@ 'WssX509V3Token10' => '\SimpleSAML\WSSecurity\XML\sp_200702\WssX509V3Token10', 'WssX509V3Token11' => '\SimpleSAML\WSSecurity\XML\sp_200702\WssX509V3Token11', 'X509Token' => '\SimpleSAML\WSSecurity\XML\sp_200702\X509Token', - 'XPath' => '\SimpleSAML\WSSecurity\XML\sp_200702\XPath', 'XPath10' => '\SimpleSAML\WSSecurity\XML\sp_200702\XPath10', 'XPathFilter20' => '\SimpleSAML\WSSecurity\XML\sp_200702\XPathFilter20', ], 'http://schemas.xmlsoap.org/ws/2004/08/addressing' => [ 'Action' => '\SimpleSAML\WSSecurity\XML\wsa_200408\Action', - 'Address' => '\SimpleSAML\WSSecurity\XML\wsa_200408\Address', 'EndpointReference' => '\SimpleSAML\WSSecurity\XML\wsa_200408\EndpointReference', 'FaultTo' => '\SimpleSAML\WSSecurity\XML\wsa_200408\FaultTo', 'From' => '\SimpleSAML\WSSecurity\XML\wsa_200408\From', 'MessageID' => '\SimpleSAML\WSSecurity\XML\wsa_200408\MessageID', - 'PortType' => '\SimpleSAML\WSSecurity\XML\wsa_200408\PortType', - 'ReferenceParameters' => '\SimpleSAML\WSSecurity\XML\wsa_200408\ReferenceParameters', - 'ReferenceProperties' => '\SimpleSAML\WSSecurity\XML\wsa_200408\ReferenceProperties', 'RelatesTo' => '\SimpleSAML\WSSecurity\XML\wsa_200408\RelatesTo', 'ReplyTo' => '\SimpleSAML\WSSecurity\XML\wsa_200408\ReplyTo', 'RetryAfter' => '\SimpleSAML\WSSecurity\XML\wsa_200408\RetryAfter', - 'ServiceName' => '\SimpleSAML\WSSecurity\XML\wsa_200408\ServiceName', 'To' => '\SimpleSAML\WSSecurity\XML\wsa_200408\To', ], 'http://www.w3.org/2005/08/addressing' => [ 'Action' => '\SimpleSAML\WSSecurity\XML\wsa_200508\Action', - 'Address' => '\SimpleSAML\WSSecurity\XML\wsa_200508\Address', 'EndpointReference' => '\SimpleSAML\WSSecurity\XML\wsa_200508\EndpointReference', 'FaultTo' => '\SimpleSAML\WSSecurity\XML\wsa_200508\FaultTo', 'From' => '\SimpleSAML\WSSecurity\XML\wsa_200508\From', 'MessageID' => '\SimpleSAML\WSSecurity\XML\wsa_200508\MessageID', + 'Metadata' => '\SimpleSAML\WSSecurity\XML\wsa_200508\Metadata', 'ProblemAction' => '\SimpleSAML\WSSecurity\XML\wsa_200508\ProblemAction', 'ProblemHeaderQName' => '\SimpleSAML\WSSecurity\XML\wsa_200508\ProblemHeaderQName', 'ProblemIRI' => '\SimpleSAML\WSSecurity\XML\wsa_200508\ProblemIRI', @@ -356,7 +321,6 @@ 'RelatesTo' => '\SimpleSAML\WSSecurity\XML\wsa_200508\RelatesTo', 'ReplyTo' => '\SimpleSAML\WSSecurity\XML\wsa_200508\ReplyTo', 'RetryAfter' => '\SimpleSAML\WSSecurity\XML\wsa_200508\RetryAfter', - 'SoapAction' => '\SimpleSAML\WSSecurity\XML\wsa_200508\SoapAction', 'To' => '\SimpleSAML\WSSecurity\XML\wsa_200508\To', ], 'http://www.w3.org/2006/05/addressing/wsdl' => [ @@ -366,15 +330,7 @@ 'UsingAddressing' => '\SimpleSAML\WSSecurity\XML\wsaw\UsingAddressing', ], 'http://schemas.xmlsoap.org/wsdl/' => [ - 'binding' => '\SimpleSAML\WSSecurity\XML\wsdl\Binding', 'definitions' => '\SimpleSAML\WSSecurity\XML\wsdl\Definitions', - 'import' => '\SimpleSAML\WSSecurity\XML\wsdl\Import', - 'message' => '\SimpleSAML\WSSecurity\XML\wsdl\Message', - 'part' => '\SimpleSAML\WSSecurity\XML\wsdl\Part', - 'port' => '\SimpleSAML\WSSecurity\XML\wsdl\Port', - 'portType' => '\SimpleSAML\WSSecurity\XML\wsdl\PortType', - 'service' => '\SimpleSAML\WSSecurity\XML\wsdl\Service', - 'types' => '\SimpleSAML\WSSecurity\XML\wsdl\Types', ], 'http://schemas.xmlsoap.org/ws/2004/09/policy' => [ 'All' => '\SimpleSAML\WSSecurity\XML\wsp\All', @@ -394,7 +350,6 @@ 'Security' => '\SimpleSAML\WSSecurity\XML\wsse\Security', 'SecurityTokenReference' => '\SimpleSAML\WSSecurity\XML\wsse\SecurityTokenReference', 'TransformationParameters' => '\SimpleSAML\WSSecurity\XML\wsse\TransformationParameters', - 'Username' => '\SimpleSAML\WSSecurity\XML\wsse\Username', 'UsernameToken' => '\SimpleSAML\WSSecurity\XML\wsse\UsernameToken', ], 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/' => [ @@ -407,7 +362,6 @@ 'CanonicalizationAlgorithm' => '\SimpleSAML\WSSecurity\XML\wst\CanonicalizationAlgorithm', 'Challenge' => '\SimpleSAML\WSSecurity\XML\wst\Challenge', 'Claims' => '\SimpleSAML\WSSecurity\XML\wst\Claims', - 'Code' => '\SimpleSAML\WSSecurity\XML\wst\Code', 'CombinedHash' => '\SimpleSAML\WSSecurity\XML\wst\CombinedHash', 'ComputedKey' => '\SimpleSAML\WSSecurity\XML\wst\ComputedKey', 'ComputedKeyAlgorithm' => '\SimpleSAML\WSSecurity\XML\wst\ComputedKeyAlgorithm', @@ -426,11 +380,8 @@ 'KeyWrapAlgorithm' => '\SimpleSAML\WSSecurity\XML\wst\KeyWrapAlgorithm', 'Lifetime' => '\SimpleSAML\WSSecurity\XML\wst\Lifetime', 'OnBehalfOf' => '\SimpleSAML\WSSecurity\XML\wst\OnBehalfOf', - 'Participant' => '\SimpleSAML\WSSecurity\XML\wst\Participant', 'Participants' => '\SimpleSAML\WSSecurity\XML\wst\Participants', - 'Primary' => '\SimpleSAML\WSSecurity\XML\wst\Primary', 'ProofEncryption' => '\SimpleSAML\WSSecurity\XML\wst\ProofEncryption', - 'Reason' => '\SimpleSAML\WSSecurity\XML\wst\Reason', 'RenewTarget' => '\SimpleSAML\WSSecurity\XML\wst\RenewTarget', 'Renewing' => '\SimpleSAML\WSSecurity\XML\wst\Renewing', 'RequestKET' => '\SimpleSAML\WSSecurity\XML\wst\RequestKET',