diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2008-08-01 14:11:20 +0000 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2008-08-01 14:11:20 +0000 |
commit | 593a21e91bf5c658da29b3e763ab021ed6552c80 (patch) | |
tree | 766e2134907276af543280c05f4dd30ff7961437 | |
parent | 2be854e07e4f712e55f0753436ca53174683a105 (diff) | |
download | lasso-593a21e91bf5c658da29b3e763ab021ed6552c80.tar.gz lasso-593a21e91bf5c658da29b3e763ab021ed6552c80.tar.xz lasso-593a21e91bf5c658da29b3e763ab021ed6552c80.zip |
* lasso/id-ff/login.c: comment the generation of Advice when ResourceOffering for
the DiscoService support a security mechanism needing one. Anyway the
generation of Credentials is broken.
* lasso/id-ff/session.c: add treatment of saml:Advice on newly added
Assertions, keep the transmitted assertions inside the session indexed by their
AssertionID.
* lasso/xml/saml_advice.{c,h}: change content to SNIPPET_LIST_XMLNODES.
-rw-r--r-- | lasso/id-ff/login.c | 2 | ||||
-rw-r--r-- | lasso/id-ff/session.c | 19 | ||||
-rw-r--r-- | lasso/xml/saml_advice.c | 10 | ||||
-rw-r--r-- | lasso/xml/saml_advice.h | 5 |
4 files changed, 29 insertions, 7 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index d34b6ad4..92ee7d37 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -280,7 +280,7 @@ lasso_login_assertion_add_discovery(LassoLogin *login, LassoSamlAssertion *asser AttributeStatement */ advice = LASSO_SAML_ADVICE(lasso_saml_advice_new()); - advice->Assertion = LASSO_NODE(credential); + // advice->Assertion = LASSO_NODE(credential); assertion->Advice = advice; } description->CredentialRef = g_list_append( diff --git a/lasso/id-ff/session.c b/lasso/id-ff/session.c index 7a0534e9..8281709a 100644 --- a/lasso/id-ff/session.c +++ b/lasso/id-ff/session.c @@ -43,6 +43,8 @@ #include <lasso/xml/id-wsf-2.0/sec_token.h> #endif +#include <xmlsec/xmltree.h> + /*****************************************************************************/ /* public methods */ @@ -70,6 +72,23 @@ lasso_session_add_assertion(LassoSession *session, const char *providerID, Lasso g_hash_table_insert(session->assertions, g_strdup(providerID), g_object_ref(assertion)); + /* ID-WSF specific need */ + if (LASSO_IS_SAML_ASSERTION(assertion)) { + LassoSamlAssertion *saml_assertion = LASSO_SAML_ASSERTION(assertion); + if (saml_assertion->Advice) { + LassoSamlAdvice *advice = saml_assertion->Advice; + GList *iter; + for (iter = advice->any; iter; iter = iter->next) { + xmlNode *node = (xmlNodePtr)iter->data; + if (xmlSecCheckNodeName(node, (xmlChar*)"Assertion", (xmlChar*)LASSO_SAML_ASSERTION_HREF)) { + xmlChar *id = xmlGetProp(node, (xmlChar*)"AssertionID"); + ret = lasso_session_add_assertion_with_id(session, (char*)id, node); + xmlFree(id); + } + } + } + } + session->is_dirty = TRUE; return ret; diff --git a/lasso/xml/saml_advice.c b/lasso/xml/saml_advice.c index e0df3402..5b3736b5 100644 --- a/lasso/xml/saml_advice.c +++ b/lasso/xml/saml_advice.c @@ -53,9 +53,10 @@ /*****************************************************************************/ static struct XmlSnippet schema_snippets[] = { - { "AssertionIDReference", SNIPPET_LIST_CONTENT, +/* { "AssertionIDReference", SNIPPET_LIST_CONTENT, G_STRUCT_OFFSET(LassoSamlAdvice, AssertionIDReference) }, - { "Assertion", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAdvice, Assertion) }, + { "Assertion", SNIPPET_NODE, G_STRUCT_OFFSET(LassoSamlAdvice, Assertion) }, */ + { "", SNIPPET_LIST_XMLNODES, G_STRUCT_OFFSET(LassoSamlAdvice, any) }, { NULL, 0, 0} }; @@ -66,8 +67,9 @@ static struct XmlSnippet schema_snippets[] = { static void instance_init(LassoSamlAdvice *node) { - node->AssertionIDReference = NULL; - node->Assertion = NULL; +/* node->AssertionIDReference = NULL; + node->Assertion = NULL; */ + node->any = NULL; } static void diff --git a/lasso/xml/saml_advice.h b/lasso/xml/saml_advice.h index 64b09ae3..3dc2464a 100644 --- a/lasso/xml/saml_advice.h +++ b/lasso/xml/saml_advice.h @@ -50,9 +50,10 @@ struct _LassoSamlAdvice { /*< public >*/ /* <element ref="saml:AssertionIDReference"/> */ - GList *AssertionIDReference; + // GList *AssertionIDReference; /* <element ref="saml:Assertion"/> */ - LassoNode *Assertion; /* actually LassoSamlAssertion* but it recurses */ + // LassoNode *Assertion; /* actually LassoSamlAssertion* but it recurses */ + GList *any; /* of xmlNode */ }; struct _LassoSamlAdviceClass { |