refactor: simplify Password validation by removing normalization

- Remove normalizeRevocationStatus() helper method as no longer needed
- Remove defensive mixed type handling and instanceof checks
- Trust CrlRevocationChecker type declarations that status is always enum
- logRevocationBlockedSigning() now accepts CrlValidationStatus directly
- Remove test cases with serialized string data (legacy compatibility no longer needed)
- Simplified code expresses contract: CRL validation status is always enum from source

Signed-off-by: Vitor Mattos <1079143+vitormattos@users.noreply.github.com>

Author: vitormattos

lib/Service/IdentifyMethod/SignatureMethod/Password.php

@@ -48,8 +48,7 @@ private function validateCertificateRevocation(array $certificateData): void {
 		if (!array_key_exists('crl_validation', $certificateData)) {
 			return;
 		}
-		$rawStatus = $certificateData['crl_validation'];
-		$status = $this->normalizeRevocationStatus($rawStatus);
+		$status = $certificateData['crl_validation'];
 		if ($status === CrlValidationStatus::VALID) {
 			return;
 		}
@@ -60,24 +59,13 @@ private function validateCertificateRevocation(array $certificateData): void {
 		if ($status === CrlValidationStatus::DISABLED) {
 			return;
 		}
-		$this->logRevocationBlockedSigning($rawStatus);
+		$this->logRevocationBlockedSigning($status);
 		throw new LibresignException($this->getRevocationErrorMessage($status), 422);
 	}
 
-	private function normalizeRevocationStatus(mixed $status): ?CrlValidationStatus {
-		if ($status instanceof CrlValidationStatus) {
-			return $status;
-		}
-		if (is_string($status)) {
-			return CrlValidationStatus::tryFrom($status);
-		}
-		return null;
-	}
-
-	private function logRevocationBlockedSigning(mixed $status): void {
-		$statusValue = $status instanceof CrlValidationStatus ? $status->value : (is_scalar($status) ? (string)$status : get_debug_type($status));
+	private function logRevocationBlockedSigning(CrlValidationStatus $status): void {
 		$this->identifyService->getLogger()->warning('Signing blocked due to CRL validation status', [
-			'status' => $statusValue,
+			'status' => $status->value,
 			'signer_uid' => $this->userSession->getUser()?->getUID(),
 		]);
 	}

tests/php/Unit/Service/IdentifyMethod/PasswordTest.php

@@ -248,42 +248,6 @@ public static function providerValidateToSignWithCertificateData(): array {
 				],
 				'shouldThrow' => false,
 			],
-			'valid certificate with crl validation as serialized string' => [
-				'certificateData' => [
-					'validTo_time_t' => $futureTimestamp,
-					'crl_validation' => CrlValidationStatus::VALID->value,
-				],
-				'shouldThrow' => false,
-			],
-			'disabled crl validation as serialized string' => [
-				'certificateData' => [
-					'validTo_time_t' => $futureTimestamp,
-					'crl_validation' => CrlValidationStatus::DISABLED->value,
-				],
-				'shouldThrow' => false,
-			],
-			'invalid certificate - crl validation failed' => [
-				'certificateData' => [
-					'validTo_time_t' => $futureTimestamp,
-					'crl_validation' => 'failed',
-				],
-				'shouldThrow' => true,
-				'expectedCode' => 422,
-			],
-			'invalid certificate - crl validation empty string' => [
-				'certificateData' => [
-					'validTo_time_t' => $futureTimestamp,
-					'crl_validation' => '',
-				],
-				'shouldThrow' => true,
-			],
-			'invalid certificate - crl validation null' => [
-				'certificateData' => [
-					'validTo_time_t' => $futureTimestamp,
-					'crl_validation' => null,
-				],
-				'shouldThrow' => true,
-			],
 			'invalid certificate - crl urls_inaccessible' => [
 				'certificateData' => [
 					'validTo_time_t' => $futureTimestamp,