public function XMLSecurityDSig::processRefNode in SAML SP 2.0 Single Sign On (SSO) - SAML Service Provider 7
Parameters
DOMNode $refNode:
Return value
bool
1 call to XMLSecurityDSig::processRefNode()
- XMLSecurityDSig::validateReference in includes/
XMLSecurityKey.php
File
- includes/
XMLSecurityKey.php, line 1176
Class
Code
public function processRefNode($refNode) {
$dataObject = null;
/*
* Depending on the URI, we may not want to include comments in the result
* See: http://www.w3.org/TR/xmldsig-core/#sec-ReferenceProcessingModel
*/
$includeCommentNodes = true;
if ($uri = $refNode
->getAttribute("URI")) {
$arUrl = parse_url($uri);
if (empty($arUrl['path'])) {
if ($identifier = $arUrl['fragment']) {
/* This reference identifies a node with the given id by using
* a URI on the form "#identifier". This should not include comments.
*/
$includeCommentNodes = false;
$xPath = new DOMXPath($refNode->ownerDocument);
if ($this->idNS && is_array($this->idNS)) {
foreach ($this->idNS as $nspf => $ns) {
$xPath
->registerNamespace($nspf, $ns);
}
}
$iDlist = '@Id="' . XPath::filterAttrValue($identifier, XPath::DOUBLE_QUOTE) . '"';
if (is_array($this->idKeys)) {
foreach ($this->idKeys as $idKey) {
$iDlist .= " or @" . XPath::filterAttrName($idKey) . '="' . XPath::filterAttrValue($identifier, XPath::DOUBLE_QUOTE) . '"';
}
}
$query = '//*[' . $iDlist . ']';
$dataObject = $xPath
->query($query)
->item(0);
}
else {
$dataObject = $refNode->ownerDocument;
}
}
}
else {
/* This reference identifies the root node with an empty URI. This should
* not include comments.
*/
$includeCommentNodes = false;
$dataObject = $refNode->ownerDocument;
}
$data = $this
->processTransforms($refNode, $dataObject, $includeCommentNodes);
if (!$this
->validateDigest($refNode, $data)) {
return false;
}
if ($dataObject instanceof DOMNode) {
/* Add this node to the list of validated nodes. */
if (!empty($identifier)) {
$this->validatedNodes[$identifier] = $dataObject;
}
else {
$this->validatedNodes[] = $dataObject;
}
}
return true;
}