Fix SF-Request to PSR-7 conversion

Author: tvdijen

composer.json

@@ -36,11 +36,14 @@
     "require": {
         "php": "^8.1",
 
+        "nyholm/psr7": "~1.8.2",
         "simplesamlphp/saml2": "~5.0.2",
         "simplesamlphp/simplesamlphp": "~2.4.0",
-        "symfony/http-foundation": "~6.4.0"
+        "symfony/http-foundation": "~6.4.0",
+        "symfony/psr-http-message-bridge": "~6.4.0"
     },
     "require-dev": {
+        "beste/clock": "~3.0.0",
         "simplesamlphp/simplesamlphp-test-framework": "~1.9.3",
         "simplesamlphp/xml-security": "~1.13.0"
     },

src/Controller/AttributeServer.php

@@ -5,6 +5,7 @@
 namespace SimpleSAML\Module\exampleattributeserver\Controller;
 
 use DateInterval;
+use Nyholm\Psr7\Factory\Psr17Factory;
 use SimpleSAML\{Configuration, Error, Logger};
 use SimpleSAML\HTTP\RunnableResponse;
 use SimpleSAML\Metadata\MetaDataStorageHandler;
@@ -29,6 +30,7 @@
 };
 use SimpleSAML\SAML2\XML\samlp\{AttributeQuery, Response};
 use SimpleSAML\XML\Utils\Random;
+use Symfony\Bridge\PsrHttpMessage\Factory\{HttpFoundationFactory, PsrHttpFactory};
 use Symfony\Component\HttpFoundation\Request;
 
 /**
@@ -77,19 +79,23 @@ public function setMetadataStorageHandler(MetaDataStorageHandler $handler): void
      */
     public function main(/** @scrutinizer ignore-unused */ Request $request): RunnableResponse
     {
-        $binding = Binding::getCurrentBinding();
-        $query = $binding->receive();
-        if (!($query instanceof AttributeQuery)) {
+        $psr17Factory = new Psr17Factory();
+        $psrHttpFactory = new PsrHttpFactory($psr17Factory, $psr17Factory, $psr17Factory, $psr17Factory);
+        $psrRequest = $psrHttpFactory->createRequest($request);
+
+        $binding = Binding::getCurrentBinding($psrRequest);
+        $message = $binding->receive($psrRequest);
+        if (!($message instanceof AttributeQuery)) {
             throw new Error\BadRequest('Invalid message received to AttributeQuery endpoint.');
         }
 
         $idpEntityId = $this->metadataHandler->getMetaDataCurrentEntityID('saml20-idp-hosted');
 
-        $issuer = $query->getIssuer();
+        $issuer = $message->getIssuer();
         if ($issuer === null) {
             throw new Error\BadRequest('Missing <saml:Issuer> in <samlp:AttributeQuery>.');
         } else {
-            $spEntityId = $issuer->getValue();
+            $spEntityId = $issuer->getContent();
             if ($spEntityId === '') {
                 throw new Error\BadRequest('Empty <saml:Issuer> in <samlp:AttributeQuery>.');
             }
@@ -130,7 +136,7 @@ public function main(/** @scrutinizer ignore-unused */ Request $request): Runnab
             Logger::debug('No attributes requested - return all attributes.');
             $returnAttributes = $attributes;
         } else {
-            foreach ($query->getAttributes() as $reqAttr) {
+            foreach ($message->getAttributes() as $reqAttr) {
                 foreach ($attributes as $attr) {
                     if ($attr->getName() === $reqAttr->getName() && $attr->getNameFormat() === $reqAttr->getNameFormat()) {
                         // The requested attribute is available
@@ -158,15 +164,15 @@ public function main(/** @scrutinizer ignore-unused */ Request $request): Runnab
             issuer: new Issuer($idpEntityId),
             issueInstant: $clock->now(),
             id: (new Random())->generateID(),
-            subject: Subject(
-                identifier: $query->getNameID(),
+            subject: new Subject(
+                identifier: $message->getSubject()->getIdentifier(),
                 subjectConfirmation: [
                     new SubjectConfirmation(
                         method: C::CM_BEARER,
                         subjectConfirmationData: new SubjectConfirmationData(
                             notOnOrAfter: $clock->now()->add(new DateInterval('PT300S')),
                             recipient: $endpoint,
-                            inResponseTo: $query->getId(),
+                            inResponseTo: $message->getId(),
                         ),
                     ),
                 ],
@@ -196,7 +202,7 @@ public function main(/** @scrutinizer ignore-unused */ Request $request): Runnab
             issuer: new Issuer($issuer),
             id: (new Random())->generateID(),
             version: '2.0',
-            inResponseTo: $query->getId(),
+            inResponseTo: $message->getId(),
             destination: $endpoint,
             assertions: [$assertion],
         );

tests/bootstrap.php

@@ -2,6 +2,10 @@
 
 declare(strict_types=1);
 
+use Beste\Clock\LocalizedClock;
+use SimpleSAML\SAML2\Compat\ContainerSingleton;
+use SimpleSAML\SAML2\Compat\MockContainer;
+
 $projectRoot = dirname(__DIR__);
 require_once($projectRoot . '/vendor/autoload.php');
 
@@ -11,3 +15,11 @@
     echo "Linking '$linkPath' to '$projectRoot'\n";
     symlink($projectRoot, $linkPath);
 }
+
+// Load the system clock
+$systemClock = LocalizedClock::in(new DateTimeZone('Z'));
+
+// And set the Mock container as the Container to use.
+$container = new MockContainer();
+$container->setClock($systemClock);
+ContainerSingleton::setContainer($container);

tests/src/Controller/AttributeServerTest.php

@@ -34,7 +34,7 @@ public static function setUpBeforeClass(): void
 
         $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.1';
         $_SERVER['REQUEST_METHOD'] = 'GET';
-        $_GET = ['SAMLRequest' => 'rZNRa8IwFIXfB%2FsPIe9Nm7SaNWhBEEFwg%2BHYw95ie%2Bsy2rQkKei%2FX9o6kQ1EhoQQOLnn3I8bMrOyrlqxcM6oXefgtQNzRIe60lYMV3PcGS0aaZUVWtZghcvFdvG8EYxEojWNa%2FKmwheW6w5pLRinGo3RejnHUpYspuk0oJzHAaM0DhKeyKAESpOEMrnjDKN3MNZb5tgneJ%2B1Hay1dVI7L0WUB1EaRNM3SkWSCsY%2FcPb4gNCspxFDtUGrxtTSXWfrFVUE5VAqQDvljjj7dK61IgzhIOu2AtKYfTgLL7Ivmm273RfkblB%2BtBeful7%2BA6DTtoVclQoKnPW2E4GwY5cTxJg%2FQoR%2FKEaG8%2FuivvoEoQpBSUymhJLE70nKYn%2F0i%2BOh7hZk6ZN79QxtFEYro0AX1XFsNgyygtqfFoc3UDEy8UTJXSGsvrE1nZKnJOrHQGMeR6SfSZzelaU1UIIxUGyk3ndyDwPa%2BHi%2F%2F2L2DQ%3D%3D'];
+        $_GET = ['SAMLRequest' => 'rZNRa8IwFIXfB/sPIe9Nm7SaNWhBEEFwg+HYw95ie+sy2rQkKei/X9o6kQ1EhoQQOLnn3I8bMrOyrlqxcM6oXefgtQNzRIe60lYMV3PcGS0aaZUVWtZghcvFdvG8EYxEojWNa/KmwheW6w5pLRinGo3RejnHUpYspuk0oJzHAaM0DhKeyKAESpOEMrnjDKN3MNZb5tgneJ+1Hay1dVI7L0WUB1EaRNM3SkWSCsY/cPb4gNCspxFDtUGrxtTSXWfrFVUE5VAqQDvljjj7dK61IgzhIOu2AtKYfTgLL7Ivmm273RfkblB+tBeful7+A6DTtoVclQoKnPW2E4GwY5cTxJg/QoR/KEaG8/uivvoEoQpBSUymhJLE70nKYn/0i+Oh7hZk6ZN79QxtFEYro0AX1XFsNgyygtqfFoc3UDEy8UTJXSGsvrE1nZKnJOrHQGMeR6SfSZzelaU1UIIxUGyk3ndyDwPa+Hi//2L2DQ=='];
         $_GET['RelayState'] = 'something';
         $_SERVER['QUERY_STRING'] = 'SAMLRequest=rZNRa8IwFIXfB%2FsPIe9Nm7SaNWhBEEFwg%2BHYw95ie%2Bsy2rQkKei%2FX9o6kQ1EhoQQOLnn3I8bMrOyrlqxcM6oXefgtQNzRIe60lYMV3PcGS0aaZUVWtZghcvFdvG8EYxEojWNa%2FKmwheW6w5pLRinGo3RejnHUpYspuk0oJzHAaM0DhKeyKAESpOEMrnjDKN3MNZb5tgneJ%2B1Hay1dVI7L0WUB1EaRNM3SkWSCsY%2FcPb4gNCspxFDtUGrxtTSXWfrFVUE5VAqQDvljjj7dK61IgzhIOu2AtKYfTgLL7Ivmm273RfkblB%2BtBeful7%2BA6DTtoVclQoKnPW2E4GwY5cTxJg%2FQoR%2FKEaG8%2FuivvoEoQpBSUymhJLE70nKYn%2F0i%2BOh7hZk6ZN79QxtFEYro0AX1XFsNgyygtqfFoc3UDEy8UTJXSGsvrE1nZKnJOrHQGMeR6SfSZzelaU1UIIxUGyk3ndyDwPa%2BHi%2F%2F2L2DQ%3D%3D&RelayState=something';
 
@@ -53,13 +53,11 @@ public static function setUpBeforeClass(): void
     public function testMain(): void
     {
         $_SERVER['REQUEST_URI'] = '/module.php/exampleattributeserver/attributeserver';
-        $request = Request::create(
-            '/module.php/exampleattributeserver/attributeserver',
-            'GET',
-        );
+        $_SERVER['HTTP_HOST'] = 'example.org';
+        $request = Request::createFromGlobals();
 
         $mdh = $this->createMock(MetaDataStorageHandler::class);
-        $mdh->method('getMetaDataCurrentEntityID')->willReturn('entityID');
+        $mdh->method('getMetaDataCurrentEntityID')->willReturn('https://example.org/');
         $mdh->method('getMetaDataConfig')->willReturn(Configuration::loadFromArray([
             'EntityID' => 'auth_source_id',
             'testAttributeEndpoint' => 'test',