Reduce duplicate namespaces

Author: tvdijen

src/XML/CanonicalizableElementTrait.php

@@ -7,6 +7,8 @@
 use DOMElement;
 use SimpleSAML\XMLSecurity\Constants as C;
 use SimpleSAML\XMLSecurity\Exception\CanonicalizationFailedException;
+use SimpleSAML\XMLSecurity\Exception\ReferenceValidationFailedException;
+use SimpleSAML\XMLSecurity\Utils\XPath;
 use SimpleSAML\XMLSecurity\XML\ds\Transforms;
 use SimpleSAML\XPath\Constants as XPATH_C;
 
@@ -34,7 +36,7 @@ abstract protected function getOriginalXML(): DOMElement;
      * @param \DOMElement $element The DOM element that needs canonicalization.
      * @param string $c14nMethod The identifier of the canonicalization algorithm to use.
      *   See \SimpleSAML\XMLSecurity\Constants.
-     * @param string[]|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters).
+     * @param array<mixed>|null $xpaths An array of xpaths to filter the nodes by. Defaults to null (no filters).
      * @param string[]|null $prefixes An array of namespace prefixes to filter the nodes by.
      *   Defaults to null (no filters).
      *
@@ -121,6 +123,7 @@ public function processTransforms(
         $canonicalMethod = C::C14N_EXCLUSIVE_WITHOUT_COMMENTS;
         $arXPath = null;
         $prefixList = null;
+
         foreach ($transforms->getTransform() as $transform) {
             $canonicalMethod = $transform->getAlgorithm()->getValue();
             switch ($canonicalMethod) {
@@ -141,14 +144,20 @@ public function processTransforms(
                         $xpathValue = $xpath->getContent()->getValue();
                         $arXPath['query'] = '(.//. | .//@* | .//namespace::*)[' . $xpathValue . ']';
 
-//                        $arXpath['namespaces'] = $xpath->getNamespaces();
-                        // TODO: review if $nsnode->localName is equivalent to the keys in getNamespaces()
-//                        $nslist = $xp->query('./namespace::*', $node);
-//                        foreach ($nslist as $nsnode) {
-//                            if ($nsnode->localName != "xml") {
-//                                $arXPath['namespaces'][$nsnode->localName] = $nsnode->nodeValue;
-//                            }
-//                        }
+                        $xpCache = XPath::getXPath($transform->toXML());
+                        $nslist = $xpCache->query('./namespace::*', $data);
+                        Assert::lessThanEq(
+                            $nslist->count(),
+                            C::MAX_XPATH_NAMESPACES,
+                            ReferenceValidationFailedException::class,
+                            'Too many namespaces.',
+                        );
+
+                        foreach ($nslist as $nsnode) {
+                            if ($nsnode->localName != "xml") {
+                                $arXPath['namespaces'][$nsnode->localName] = $nsnode->nodeValue;
+                            }
+                        }
                     }
                     break;
             }