From d67dcf2465eb6a57790905901db2a622567d3801 Mon Sep 17 00:00:00 2001
From: Noel Light-Hilary <noel@noellh.com>
Date: Tue, 21 Sep 2021 11:02:45 +0100
Subject: [PATCH 1/2] Narrow permitted auth to 'clear' in line with latest
 specs

---
 src/GovTalk.php | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/GovTalk.php b/src/GovTalk.php
index 4d2c012..7fed9e7 100644
--- a/src/GovTalk.php
+++ b/src/GovTalk.php
@@ -770,8 +770,8 @@ public function getSenderEmailAddress()
 
     /**
      * Sets the type of authentication to use for with the message.  The message
-     * type must be one of 'alternative', 'clear', 'MD5' or 'W3Csigned'. Other
-     * values will not be set and will return false.
+     * type must now be 'clear'. Other values will not be set and will return false.
+     * HMRC docs as of 2021 suggest that at least the MD5 type has been retired.
      *
      * @param string $messageAuthType The type of authentication to set.
      * @return boolean True if the authentication type is valid and set, false if it's invalid (and therefore not set).
@@ -779,10 +779,7 @@ public function getSenderEmailAddress()
     public function setMessageAuthentication($messageAuthType)
     {
         switch ($messageAuthType) {
-            case 'alternative':
             case 'clear':
-            case 'MD5':
-            case 'W3Csigned':
                 $this->messageAuthType = $messageAuthType;
                 return true;
             break;
@@ -1174,6 +1171,8 @@ public function sendMessage($cRequestString = null): bool
                 }
             }
             if ($validXMLResponse === true) {
+                // TODO props suppress warnings and bubble errors through in a more helpful way.
+                // Return false when there are major parse errors.
                 $this->fullResponseObject = simplexml_load_string($gatewayResponse);
             }
             return true;

From cf49acaff7fbc65c5911aa0f4e664d09d9bb3717 Mon Sep 17 00:00:00 2001
From: Noel Light-Hilary <noel@noellh.com>
Date: Tue, 21 Sep 2021 11:19:05 +0100
Subject: [PATCH 2/2] Reinstate 'alternative' auth option for now
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

In case I've missed this – as the docs only explicitly talk about retiring
MD5. This also keeps unit tests passing without modification as they did
not explicitly test MD5.
---
 src/GovTalk.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/GovTalk.php b/src/GovTalk.php
index 7fed9e7..46e7c69 100644
--- a/src/GovTalk.php
+++ b/src/GovTalk.php
@@ -779,6 +779,7 @@ public function getSenderEmailAddress()
     public function setMessageAuthentication($messageAuthType)
     {
         switch ($messageAuthType) {
+            case 'alternative':
             case 'clear':
                 $this->messageAuthType = $messageAuthType;
                 return true;