From 09ca464b6a427586b2a31dbf22cd548255a7984a Mon Sep 17 00:00:00 2001
From: Rick Lambrechts <rick@rl-webdiensten.nl>
Date: Mon, 27 Feb 2023 18:04:05 +0100
Subject: [PATCH] Removed oid ca check

---
 src/Exceptions/UziCaException.php | 13 -----------
 src/UziValidator.php              |  9 --------
 tests/UziValidatorTest.php        | 37 -------------------------------
 3 files changed, 59 deletions(-)
 delete mode 100644 src/Exceptions/UziCaException.php

diff --git a/src/Exceptions/UziCaException.php b/src/Exceptions/UziCaException.php
deleted file mode 100644
index b8087f3..0000000
--- a/src/Exceptions/UziCaException.php
+++ /dev/null
@@ -1,13 +0,0 @@
-<?php
-
-namespace MinVWS\PUZI\Exceptions;
-
-/**
- * Class UziCaException
- * SPDX-License-Identifier: EUPL-1.2
- * @package MinVWS\PUZI\Exceptions
- */
-class UziCaException extends UziException
-{
-    //
-}
diff --git a/src/UziValidator.php b/src/UziValidator.php
index 510397e..b2bc5c6 100644
--- a/src/UziValidator.php
+++ b/src/UziValidator.php
@@ -4,7 +4,6 @@
 
 use MinVWS\PUZI\Exceptions\UziAllowedRoleException;
 use MinVWS\PUZI\Exceptions\UziAllowedTypeException;
-use MinVWS\PUZI\Exceptions\UziCaException;
 use MinVWS\PUZI\Exceptions\UziCardExpired;
 use MinVWS\PUZI\Exceptions\UziCertificateException;
 use MinVWS\PUZI\Exceptions\UziException;
@@ -81,14 +80,6 @@ public function validate(Request $request): void
             throw new UziCertificateException('No UZI data found in certificate');
         }
 
-        if (
-            $this->strictCAcheck === true &&
-            $uziInfo->getOidCa() !== UziConstants::OID_CA_CARE_PROVIDER &&
-            $uziInfo->getOidCa() !== UziConstants::OID_CA_NAMED_EMPLOYEE
-        ) {
-            throw new UziCaException('CA OID not UZI register Care Provider or named employee');
-        }
-
         if (! $x509->validateSignature(count($this->caCerts) > 0)) {
             throw new UziCertificateException('Uzi certificate path not valid');
         }
diff --git a/tests/UziValidatorTest.php b/tests/UziValidatorTest.php
index 1e859a4..1af074a 100644
--- a/tests/UziValidatorTest.php
+++ b/tests/UziValidatorTest.php
@@ -4,7 +4,6 @@
 
 use MinVWS\PUZI\Exceptions\UziAllowedRoleException;
 use MinVWS\PUZI\Exceptions\UziAllowedTypeException;
-use MinVWS\PUZI\Exceptions\UziCaException;
 use MinVWS\PUZI\Exceptions\UziCertificateException;
 use MinVWS\PUZI\Exceptions\UziVersionException;
 use MinVWS\PUZI\UziConstants;
@@ -60,42 +59,6 @@ public function testInvalidCert(): void
         $validator->validate($request);
     }
 
-    public function testValidateIncorectOIDca(): void
-    {
-        $user = new UziUser();
-        $user->setOidCa("1.2.3.4");
-
-        $this->expectException(UziCaException::class);
-        $this->expectExceptionMessage("CA OID not UZI register Care Provider or named employee");
-
-        $request = new Request();
-        $request->server->set('SSL_CLIENT_VERIFY', "SUCCESS");
-        $request->server->set('SSL_CLIENT_CERT', file_get_contents(__DIR__ . '/certs/mock-020-incorrect-oidca.cert'));
-
-        $reader = new UziReader();
-        $validator = new UziValidator($reader, true, [], []);
-        $validator->validate($request);
-    }
-
-    public function testValidateIncorectOIDcaWithoutStrictCheck(): void
-    {
-        $user = new UziUser();
-        $user->setOidCa("1.2.3.4");
-
-        $request = new Request();
-        $request->server->set('SSL_CLIENT_VERIFY', "SUCCESS");
-        $request->server->set('SSL_CLIENT_CERT', file_get_contents(__DIR__ . '/certs/mock-020-incorrect-oidca.cert'));
-
-        $reader = new UziReader();
-        $validator = new UziValidator(
-            $reader,
-            false,
-            [UziConstants::UZI_TYPE_NAMED_EMPLOYEE],
-            [UziConstants::UZI_ROLE_DOCTOR]
-        );
-        $this->assertTrue($validator->isValid($request));
-    }
-
     public function testIncorrectVersion(): void
     {
         $request = new Request();