Replace EOL mbhsoft/phpunit-xsdvalidation lib

Author: johanib

composer.json

@@ -18,8 +18,8 @@
         "twig/twig": "^3"
     },
     "require-dev": {
+        "ext-libxml": "*",
         "ext-zlib": "*",
-        "mbhsoft/phpunit-xsdvalidation": "^3.0",
         "mockery/mockery": "^1.5",
         "overtrue/phplint": "*",
         "phpmd/phpmd": "^2.6",

src/Tests/Component/Metadata/MetadataFactoryTest.php

@@ -18,7 +18,6 @@
 
 namespace Surfnet\SamlBundle\Tests\Component\Metadata;
 
-use Jasny\PHPUnit\Constraint\XSDValidation;
 use Mockery as m;
 use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
 use PHPUnit\Framework\TestCase;
@@ -43,6 +42,8 @@ class MetadataFactoryTest extends TestCase
 
     public m\Mock|RouterInterface $router;
 
+    private XsdValidator $xsdValidator;
+
     public function setUp(): void
     {
         // Load the XML template from filesystem as the FilesystemLoader does not honour the bundle prefix
@@ -54,6 +55,24 @@ public function setUp(): void
         $this->twig = new Environment($loader);
         $this->router = m::mock(RouterInterface::class);
         $this->router->shouldReceive('generate')->andReturn('https://foobar.example.com');
+        $this->xsdValidator = new XsdValidator();
+    }
+
+    /**
+     * Helper method to assert XML document is valid against XSD schema
+     */
+    private function assertXmlIsValidAgainstXsd(\DOMDocument $document, string $xsdPath): void
+    {
+        $errors = $this->xsdValidator->validate($document, $xsdPath);
+
+        if (!empty($errors)) {
+            self::fail(
+                "XML document does not validate against XSD schema.\n" .
+                "Validation errors:\n" . implode("\n", $errors)
+            );
+        }
+
+        self::assertTrue(true, "XML document is valid against XSD schema");
     }
 
     public function test_valid_metadata_xml(): void
@@ -112,9 +131,8 @@ public function test_builds_idp_metadata(): void
         $metadataConfiguration->ssoRoute = 'https://foobar.example.com';
         $this->buildFactory($metadataConfiguration);
         $metadata = $this->factory->generate();
-        $constraint = new  XSDValidation(__DIR__ . '/xsd/metadata.xsd');
         self::assertEquals($expectedResult, $metadata->__toString());
-        self::assertThat($metadata->document, $constraint);
+        $this->assertXmlIsValidAgainstXsd($metadata->document, __DIR__ . '/xsd/metadata.xsd');
     }
 
     public function test_builds_idp_metadata_signed(): void
@@ -131,8 +149,7 @@ public function test_builds_idp_metadata_signed(): void
         $signingService = new SigningService($keyLoader, $privateKeyLoader);
         $this->buildFactory($metadataConfiguration, $signingService);
         $metadata = $this->factory->generate();
-        $constraint = new  XSDValidation(__DIR__ . '/xsd/metadata.xsd');
-        self::assertThat($metadata->document, $constraint);
+        $this->assertXmlIsValidAgainstXsd($metadata->document, __DIR__ . '/xsd/metadata.xsd');
     }
 
     private function buildFactory(MetadataConfiguration $metadata, SigningService $signingService = null): void

src/Tests/Component/Metadata/XsdValidator.php

@@ -0,0 +1,74 @@
+<?php declare(strict_types=1);
+
+/**
+ * Copyright 2021 SURF B.V.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\SamlBundle\Tests\Component\Metadata;
+
+use DOMDocument;
+
+/**
+ * Validates XML documents against XSD schemas
+ */
+class XsdValidator
+{
+    /**
+     * Validate an XML document against an XSD schema
+     *
+     * @param DOMDocument $document The XML document to validate
+     * @param string $xsdPath Path to the XSD schema file
+     * @return array Empty array if valid, array of error messages if invalid
+     */
+    public function validate(DOMDocument $document, string $xsdPath): array
+    {
+        if (!file_exists($xsdPath)) {
+            return ["XSD schema file not found: {$xsdPath}"];
+        }
+
+        libxml_use_internal_errors(true);
+        $isValid = $document->schemaValidate($xsdPath);
+
+        if (!$isValid) {
+            $errors = libxml_get_errors();
+            $errorMessages = array_map(function ($error) {
+                return sprintf(
+                    "Line %d: %s",
+                    $error->line,
+                    trim($error->message)
+                );
+            }, $errors);
+            libxml_clear_errors();
+
+            return $errorMessages;
+        }
+
+        libxml_clear_errors();
+        return [];
+    }
+
+    /**
+     * Check if an XML document is valid against an XSD schema
+     *
+     * @param DOMDocument $document The XML document to validate
+     * @param string $xsdPath Path to the XSD schema file
+     * @return bool True if valid, false otherwise
+     */
+    public function isValid(DOMDocument $document, string $xsdPath): bool
+    {
+        return empty($this->validate($document, $xsdPath));
+    }
+}
+

src/Tests/Component/Metadata/XsdValidatorTest.php

@@ -0,0 +1,127 @@
+<?php declare(strict_types=1);
+
+/**
+ * Copyright 2026 SURF B.V.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Surfnet\SamlBundle\Tests\Component\Metadata;
+
+use DOMDocument;
+use PHPUnit\Framework\TestCase;
+
+class XsdValidatorTest extends TestCase
+{
+    private XsdValidator $validator;
+
+    public function setUp(): void
+    {
+        $this->validator = new XsdValidator();
+    }
+
+    public function test_validates_valid_xml_document(): void
+    {
+        $xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://example.com">
+    <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/acs" index="0"/>
+    </md:SPSSODescriptor>
+</md:EntityDescriptor>
+XML;
+
+        $document = new DOMDocument();
+        $document->loadXML($xml);
+
+        $errors = $this->validator->validate($document, __DIR__ . '/xsd/metadata.xsd');
+
+        self::assertEmpty($errors);
+    }
+
+    public function test_is_valid_returns_true_for_valid_xml(): void
+    {
+        $xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://example.com">
+    <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/acs" index="0"/>
+    </md:SPSSODescriptor>
+</md:EntityDescriptor>
+XML;
+
+        $document = new DOMDocument();
+        $document->loadXML($xml);
+
+        $isValid = $this->validator->isValid($document, __DIR__ . '/xsd/metadata.xsd');
+
+        self::assertTrue($isValid);
+    }
+
+    public function test_detects_invalid_xml_document(): void
+    {
+        $xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+    <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/acs" index="0"/>
+    </md:SPSSODescriptor>
+</md:EntityDescriptor>
+XML;
+
+        $document = new DOMDocument();
+        $document->loadXML($xml);
+
+        $errors = $this->validator->validate($document, __DIR__ . '/xsd/metadata.xsd');
+
+        self::assertNotEmpty($errors);
+        self::assertIsArray($errors);
+    }
+
+    public function test_is_valid_returns_false_for_invalid_xml(): void
+    {
+        $xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+    <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://example.com/acs" index="0"/>
+    </md:SPSSODescriptor>
+</md:EntityDescriptor>
+XML;
+
+        $document = new DOMDocument();
+        $document->loadXML($xml);
+
+        $isValid = $this->validator->isValid($document, __DIR__ . '/xsd/metadata.xsd');
+
+        self::assertFalse($isValid);
+    }
+
+    public function test_returns_error_for_missing_xsd_file(): void
+    {
+        $xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://example.com">
+</md:EntityDescriptor>
+XML;
+
+        $document = new DOMDocument();
+        $document->loadXML($xml);
+
+        $errors = $this->validator->validate($document, __DIR__ . '/xsd/non-existent.xsd');
+
+        self::assertNotEmpty($errors);
+        self::assertStringContainsString('not found', $errors[0]);
+    }
+}
+