diff options
| author | Valery Febvre <vfebvre at easter-eggs.com> | 2004-06-24 00:00:35 +0000 |
|---|---|---|
| committer | Valery Febvre <vfebvre at easter-eggs.com> | 2004-06-24 00:00:35 +0000 |
| commit | 5c9c919917fb9cabc1ddd3b2bf641da3098ecb07 (patch) | |
| tree | 4a2bd8c3ce44c36cebd59d698aa1509a60c6e88e | |
| parent | ccfaf01702cdf41bd1be20781203d06650cbfc8d (diff) | |
*** empty log message ***
| -rw-r--r-- | lasso/Attic/protocols/Makefile.am | 6 | ||||
| -rw-r--r-- | lasso/Attic/protocols/authn_response.c | 493 | ||||
| -rw-r--r-- | lasso/Attic/protocols/authn_response.h | 4 | ||||
| -rw-r--r-- | lasso/id-ff/Makefile.am | 2 | ||||
| -rw-r--r-- | lasso/id-ff/server_environ.c | 2 | ||||
| -rw-r--r-- | lasso/id-ff/server_environ.h | 5 | ||||
| -rw-r--r-- | lasso/id-ff/session_environ.c | 281 | ||||
| -rw-r--r-- | lasso/id-ff/session_environ.h | 57 | ||||
| -rw-r--r-- | lasso/id-ff/user_environ.c | 2 | ||||
| -rw-r--r-- | lasso/id-ff/user_environ.h | 12 | ||||
| -rw-r--r-- | lasso/xml/lib_authn_request.c | 1 | ||||
| -rw-r--r-- | lasso/xml/samlp_request.c | 3 | ||||
| -rw-r--r-- | lasso/xml/samlp_request_abstract.c | 15 | ||||
| -rw-r--r-- | lasso/xml/samlp_request_abstract.h | 21 | ||||
| -rw-r--r-- | lasso/xml/samlp_response_abstract.c | 16 | ||||
| -rw-r--r-- | lasso/xml/samlp_response_abstract.h | 29 | ||||
| -rw-r--r-- | lasso/xml/tools.c | 6 |
17 files changed, 512 insertions, 443 deletions
diff --git a/lasso/Attic/protocols/Makefile.am b/lasso/Attic/protocols/Makefile.am index de71698d..dc1e9187 100644 --- a/lasso/Attic/protocols/Makefile.am +++ b/lasso/Attic/protocols/Makefile.am @@ -31,7 +31,8 @@ liblasso_protocols_la_SOURCES = \ name_identifier_mapping_request.c \ name_identifier_mapping_response.c \ register_name_identifier_request.c \ - register_name_identifier_response.c + register_name_identifier_response.c \ + request.c liblassoinclude_HEADERS = \ protocols.h \ @@ -43,4 +44,5 @@ liblassoinclude_HEADERS = \ name_identifier_mapping_request.h \ name_identifier_mapping_response.h \ register_name_identifier_request.h \ - register_name_identifier_response.h + register_name_identifier_response.h \ + request.h diff --git a/lasso/Attic/protocols/authn_response.c b/lasso/Attic/protocols/authn_response.c index 6b68f2ee..8f7d41a8 100644 --- a/lasso/Attic/protocols/authn_response.c +++ b/lasso/Attic/protocols/authn_response.c @@ -25,153 +25,154 @@ #include <lasso/protocols/authn_response.h> #include <lasso/protocols/authn_request.h> - -static GObjectClass *parent_class = NULL; -static void -lasso_authn_response_set_status(LassoAuthnResponse *response, - const xmlChar *statusCodeValue) { - LassoNode *status, *status_code; +//static GObjectClass *parent_class = NULL; - status = lasso_samlp_status_new(); +/* static void */ +/* lasso_authn_response_set_status(LassoAuthnResponse *response, */ +/* const xmlChar *statusCodeValue) { */ +/* LassoNode *status, *status_code; */ - status_code = lasso_samlp_status_code_new(); - lasso_samlp_status_code_set_value(LASSO_SAMLP_STATUS_CODE(status_code), - statusCodeValue); +/* status = lasso_samlp_status_new(); */ - lasso_samlp_status_set_statusCode(LASSO_SAMLP_STATUS(status), - LASSO_SAMLP_STATUS_CODE(status_code)); +/* status_code = lasso_samlp_status_code_new(); */ +/* lasso_samlp_status_code_set_value(LASSO_SAMLP_STATUS_CODE(status_code), */ +/* statusCodeValue); */ - lasso_samlp_response_set_status(LASSO_SAMLP_RESPONSE(response), - LASSO_SAMLP_STATUS(status)); - lasso_node_destroy(status_code); - lasso_node_destroy(status); -} +/* lasso_samlp_status_set_statusCode(LASSO_SAMLP_STATUS(status), */ +/* LASSO_SAMLP_STATUS_CODE(status_code)); */ + +/* lasso_samlp_response_set_status(LASSO_SAMLP_RESPONSE(response), */ +/* LASSO_SAMLP_STATUS(status)); */ +/* lasso_node_destroy(status_code); */ +/* lasso_node_destroy(status); */ +/* } */ /*****************************************************************************/ /* public methods */ /*****************************************************************************/ -gboolean -lasso_authn_response_must_authenticate(LassoAuthnResponse *response, - gboolean is_authenticated) -{ - GData *gd; - gboolean must_authenticate = FALSE; - /* default values for ForceAuthn and IsPassive */ - gboolean forceAuthn = FALSE; - gboolean isPassive = TRUE; +/* gboolean */ +/* lasso_authn_response_must_authenticate(LassoAuthnResponse *response, */ +/* LassoAuthnRe *request, */ +/* gboolean is_authenticated) */ +/* { */ +/* GData *gd; */ +/* gboolean must_authenticate = FALSE; */ +/* /\* default values for ForceAuthn and IsPassive *\/ */ +/* gboolean forceAuthn = FALSE; */ +/* gboolean isPassive = TRUE; */ - gd = lasso_query_to_dict(LASSO_AUTHN_RESPONSE(response)->query); - /* Get ForceAuthn and IsPassive */ - if (xmlStrEqual(lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ForceAuthn"), 0), "true")) { - forceAuthn = TRUE; - } - if (xmlStrEqual((xmlChar *)lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "IsPassive"), 0), "false")) { - isPassive = FALSE; - } +/* gd = lasso_query_to_dict(LASSO_AUTHN_RESPONSE(response)->query); */ +/* /\* Get ForceAuthn and IsPassive *\/ */ +/* if (xmlStrEqual(lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ForceAuthn"), 0), "true")) { */ +/* forceAuthn = TRUE; */ +/* } */ +/* if (xmlStrEqual((xmlChar *)lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "IsPassive"), 0), "false")) { */ +/* isPassive = FALSE; */ +/* } */ - if ((forceAuthn == TRUE || is_authenticated == FALSE) && isPassive == FALSE) { - must_authenticate = TRUE; - } - else - if (is_authenticated == FALSE && isPassive == TRUE) { - lasso_authn_response_set_status(response, lassoLibStatusCodeNoPassive); - } +/* if ((forceAuthn == TRUE || is_authenticated == FALSE) && isPassive == FALSE) { */ +/* must_authenticate = TRUE; */ +/* } */ +/* else */ +/* if (is_authenticated == FALSE && isPassive == TRUE) { */ +/* lasso_authn_response_set_status(response, lassoLibStatusCodeNoPassive); */ +/* } */ - g_datalist_clear(&gd); - return (must_authenticate); -} - -void -lasso_authn_response_process_authentication_result(LassoAuthnResponse *response, - gboolean authentication_result) -{ - if (authentication_result == FALSE) { - lasso_authn_response_set_status(response, lassoLibStatusCodeUnknownPrincipal); - } -} - -gboolean -lasso_authn_response_verify_signature(LassoAuthnResponse *response, - xmlChar *public_key_file, - xmlChar *private_key_file) -{ - g_return_val_if_fail(LASSO_IS_AUTHN_RESPONSE(response), FALSE); - - gboolean signature_status; - - signature_status = lasso_query_verify_signature(LASSO_AUTHN_RESPONSE(response)->query, - public_key_file, - private_key_file); - - /* Status & StatusCode */ - if (signature_status == 0 || signature_status == 2) { - switch (signature_status) { - case 0: - lasso_authn_response_set_status(response, lassoLibStatusCodeInvalidSignature); - break; - case 2: - lasso_authn_response_set_status(response, lassoLibStatusCodeUnsignedAuthnRequest); - break; - } - } - - if (signature_status == 1) - return (TRUE); - else - return (FALSE); -} +/* g_datalist_clear(&gd); */ +/* return (must_authenticate); */ +/* } */ + +/* void */ +/* lasso_authn_response_process_authentication_result(LassoAuthnResponse *response, */ +/* gboolean authentication_result) */ +/* { */ +/* if (authentication_result == FALSE) { */ +/* lasso_authn_response_set_status(response, lassoLibStatusCodeUnknownPrincipal); */ +/* } */ +/* } */ + +/* gboolean */ +/* lasso_authn_response_verify_signature(LassoAuthnResponse *response, */ +/* xmlChar *public_key_file, */ +/* xmlChar *private_key_file) */ +/* { */ +/* g_return_val_if_fail(LASSO_IS_AUTHN_RESPONSE(response), FALSE); */ + +/* gboolean signature_status; */ + +/* signature_status = lasso_query_verify_signature(LASSO_AUTHN_RESPONSE(response)->query, */ +/* public_key_file, */ +/* private_key_file); */ + +/* /\* Status & StatusCode *\/ */ +/* if (signature_status == 0 || signature_status == 2) { */ +/* switch (signature_status) { */ +/* case 0: */ +/* lasso_authn_response_set_status(response, lassoLibStatusCodeInvalidSignature); */ +/* break; */ +/* case 2: */ +/* lasso_authn_response_set_status(response, lassoLibStatusCodeUnsignedAuthnRequest); */ +/* break; */ +/* } */ +/* } */ + +/* if (signature_status == 1) */ +/* return (TRUE); */ +/* else */ +/* return (FALSE); */ +/* } */ /*****************************************************************************/ /* overrided parent classes methods */ /*****************************************************************************/ -static void -lasso_authn_response_dispose(LassoAuthnResponse *response) -{ - parent_class->dispose(G_OBJECT(response)); -} +/* static void */ +/* lasso_authn_response_dispose(LassoAuthnResponse *response) */ +/* { */ +/* parent_class->dispose(G_OBJECT(response)); */ +/* } */ /* override lasso_node_dump() method */ -static xmlChar * -lasso_authn_response_dump(LassoAuthnResponse *response, - const xmlChar *encoding, - int format) -{ - LassoNode *response_copy, *request, *response_dump; - xmlChar *dump; - - response_dump = lasso_node_new(); - LASSO_NODE_GET_CLASS(response_dump)->set_name(response_dump, "LassoDumpAuthnResponse"); - response_copy = lasso_node_copy(LASSO_NODE(response)); - LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, response_copy, FALSE); - if (response->query != NULL) { - request = lasso_authn_request_new_from_query(response->query); - LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, request, FALSE); - } - else { - request = lasso_node_copy(response->request); - LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, request, FALSE); - } - dump = lasso_node_dump(response_dump, encoding, format); - - lasso_node_destroy(response_copy); - lasso_node_destroy(request); - lasso_node_destroy(response_dump); - - return (dump); -} - -static void -lasso_authn_response_finalize(LassoAuthnResponse *response) -{ - if (response->query != NULL) - g_free(response->query); - if (response->request != NULL) - lasso_node_destroy(response->request); - parent_class->finalize(G_OBJECT(response)); -} +/* static xmlChar * */ +/* lasso_authn_response_dump(LassoAuthnResponse *response, */ +/* const xmlChar *encoding, */ +/* int format) */ +/* { */ +/* LassoNode *response_copy, *request, *response_dump; */ +/* xmlChar *dump; */ + +/* response_dump = lasso_node_new(); */ +/* LASSO_NODE_GET_CLASS(response_dump)->set_name(response_dump, "LassoDumpAuthnResponse"); */ +/* response_copy = lasso_node_copy(LASSO_NODE(response)); */ +/* LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, response_copy, FALSE); */ +/* if (response->query != NULL) { */ +/* request = lasso_authn_request_new_from_query(response->query); */ +/* LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, request, FALSE); */ +/* } */ +/* else { */ +/* request = lasso_node_copy(response->request); */ +/* LASSO_NODE_GET_CLASS(response_dump)->add_child(response_dump, request, FALSE); */ +/* } */ +/* dump = lasso_node_dump(response_dump, encoding, format); */ + +/* lasso_node_destroy(response_copy); */ +/* lasso_node_destroy(request); */ +/* lasso_node_destroy(response_dump); */ + +/* return (dump); */ +/* } */ + +/* static void */ +/* lasso_authn_response_finalize(LassoAuthnResponse *response) */ +/* { */ +/* if (response->query != NULL) */ +/* g_free(response->query); */ +/* if (response->request != NULL) */ +/* lasso_node_destroy(response->request); */ +/* parent_class->finalize(G_OBJECT(response)); */ +/* } */ /*****************************************************************************/ /* instance and class init functions */ @@ -186,13 +187,13 @@ static void lasso_authn_response_class_init(LassoAuthnResponseClass *class) { GObjectClass *gobject_class = G_OBJECT_CLASS(class); - LassoNodeClass *lasso_node_class = LASSO_NODE_CLASS(class); + //LassoNodeClass *lasso_node_class = LASSO_NODE_CLASS(class); - parent_class = g_type_class_peek_parent(class); + //parent_class = g_type_class_peek_parent(class); /* override parent classes methods */ - gobject_class->dispose = (void *)lasso_authn_response_dispose; - gobject_class->finalize = (void *)lasso_authn_response_finalize; - lasso_node_class->dump = lasso_authn_response_dump; + //gobject_class->dispose = (void *)lasso_authn_response_dispose; + //gobject_class->finalize = (void *)lasso_authn_response_finalize; + //lasso_node_class->dump = lasso_authn_response_dump; } GType lasso_authn_response_get_type() { @@ -218,72 +219,47 @@ GType lasso_authn_response_get_type() { return this_type; } -LassoNode* -lasso_authn_response_new_from_dump(xmlChar *buffer) -{ - LassoNode *response, *request, *response_dump, *request_dump, *node_dump; - xmlNodePtr xmlNode_response, xmlNode_request; - - g_return_val_if_fail(buffer != NULL, NULL); - - response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); - request = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_REQUEST, NULL)); - - node_dump = lasso_node_new_from_dump(buffer); - /* get xmlNodes */ - response_dump = lasso_node_get_child(node_dump, "AuthnResponse", NULL); - request_dump = lasso_node_get_child(node_dump, "AuthnRequest", NULL); - /* xmlNodes are copies because they will be freed when node_dump will be destroy */ - xmlNode_response = xmlCopyNode(LASSO_NODE_GET_CLASS(response)->get_xmlNode(response_dump), 1); - xmlNode_request = xmlCopyNode(LASSO_NODE_GET_CLASS(response)->get_xmlNode(request_dump), 1); - - /* put xmlNodes in LassoNodes */ - LASSO_NODE_GET_CLASS(response)->set_xmlNode(response, xmlNode_response); - LASSO_NODE_GET_CLASS(request)->set_xmlNode(request, xmlNode_request); - - LASSO_AUTHN_RESPONSE(response)->request = request; - LASSO_AUTHN_RESPONSE(response)->query = NULL; +/* LassoNode* */ +/* lasso_authn_response_new_from_dump(xmlChar *buffer) */ +/* { */ +/* LassoNode *response, *request, *response_dump, *request_dump, *node_dump; */ +/* xmlNodePtr xmlNode_response, xmlNode_request; */ - lasso_node_destroy(response_dump); - lasso_node_destroy(request_dump); - lasso_node_destroy(node_dump); +/* g_return_val_if_fail(buffer != NULL, NULL); */ - return (response); -} - -LassoNode* -lasso_authn_response_new_from_export(xmlChar *buffer, - gint type) -{ - xmlChar *buffer_decoded = xmlMalloc(strlen(buffer)); - LassoNode *response, *node; - xmlNodePtr xmlNode_response; +/* response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); */ +/* request = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_REQUEST, NULL)); */ - g_return_val_if_fail(buffer != NULL, NULL); +/* node_dump = lasso_node_new_from_dump(buffer); */ +/* /\* get xmlNodes *\/ */ +/* response_dump = lasso_node_get_child(node_dump, "AuthnResponse", NULL); */ +/* request_dump = lasso_node_get_child(node_dump, "AuthnRequest", NULL); */ +/* /\* xmlNodes are copies because they will be freed when node_dump will be destroy *\/ */ +/* xmlNode_response = xmlCopyNode(LASSO_NODE_GET_CLASS(response)->get_xmlNode(response_dump), 1); */ +/* xmlNode_request = xmlCopyNode(LASSO_NODE_GET_CLASS(response)->get_xmlNode(request_dump), 1); */ - xmlSecBase64Decode(buffer, buffer_decoded, strlen(buffer)); +/* /\* put xmlNodes in LassoNodes *\/ */ +/* LASSO_NODE_GET_CLASS(response)->set_xmlNode(response, xmlNode_response); */ +/* LASSO_NODE_GET_CLASS(request)->set_xmlNode(request, xmlNode_request); */ - response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); - - node = lasso_node_new_from_dump(buffer_decoded); - xmlNode_response = xmlCopyNode(LASSO_NODE_GET_CLASS(node)->get_xmlNode(node), 1); - LASSO_NODE_GET_CLASS(response)->set_xmlNode(response, xmlNode_response); +/* LASSO_AUTHN_RESPONSE(response)->request = request; */ +/* LASSO_AUTHN_RESPONSE(response)->query = NULL; */ - LASSO_AUTHN_RESPONSE(response)->request = NULL; - LASSO_AUTHN_RESPONSE(response)->query = NULL; - lasso_node_destroy(node); +/* lasso_node_destroy(response_dump); */ +/* lasso_node_destroy(request_dump); */ +/* lasso_node_destroy(node_dump); */ - return (response); -} +/* return (response); */ +/* } */ LassoNode* lasso_authn_response_new(char *providerID, LassoNode *request){ - LassoAuthnResponse *response; + LassoNode *response; xmlChar *id, *time, content; g_return_val_if_fail(providerID != NULL, NULL); - response = g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL); + response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); /* ResponseID */ id = lasso_build_unique_id(32); @@ -316,76 +292,101 @@ lasso_authn_response_new(char *providerID, LassoNode *request){ } LassoNode* -lasso_authn_response_new_from_request_query(gchar *query, - const xmlChar *providerID) +lasso_authn_response_new_from_export(xmlChar *buffer, + gint type) { - GData *gd; - LassoNode *response; - xmlChar *id, *time; - - g_return_val_if_fail(query != NULL, NULL); - g_return_val_if_fail(providerID != NULL, NULL); - - response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); + xmlChar *buffer_decoded = xmlMalloc(strlen(buffer)); + LassoNode *response, *node; + xmlNodePtr xmlNode_response; - gd = lasso_query_to_dict(query); - /* store query - need to verify signature */ - LASSO_AUTHN_RESPONSE(response)->query = g_strdup(query); - LASSO_AUTHN_RESPONSE(response)->request = lasso_authn_request_new_from_query(query); - - /* ResponseID */ - id = lasso_build_unique_id(32); - lasso_samlp_response_abstract_set_responseID(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - (const xmlChar *)id); - xmlFree(id); - /* MajorVersion */ - lasso_samlp_response_abstract_set_majorVersion(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - lassoLibMajorVersion); - /* MinorVersion */ - lasso_samlp_response_abstract_set_minorVersion(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - lassoLibMinorVersion); - /* IssueInstance */ - time = lasso_get_current_time(); - lasso_samlp_response_abstract_set_issueInstance(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - (const xmlChar *)time); - xmlFree(time); - - /* ProviderID */ - lasso_lib_authn_response_set_providerID(LASSO_LIB_AUTHN_RESPONSE(response), - providerID); - - /* RelayState */ - if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RelayState"), 0) != NULL) { - lasso_lib_authn_response_set_relayState(LASSO_LIB_AUTHN_RESPONSE(response), - lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RelayState"), 0)); - } - /* InResponseTo */ - if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RequestID"), 0) != NULL) { - lasso_samlp_response_abstract_set_inResponseTo(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RequestID"), 0)); - } + g_return_val_if_fail(buffer != NULL, NULL); - /* consent */ - if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "consent"), 0) != NULL) { - lasso_lib_authn_response_set_consent(LASSO_LIB_AUTHN_RESPONSE(response), - lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "consent"), 0)); - } + xmlSecBase64Decode(buffer, buffer_decoded, strlen(buffer)); - /* Recipient */ - lasso_samlp_response_abstract_set_recipient(LASSO_SAMLP_RESPONSE_ABSTRACT(response), - lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ProviderID"), 0)); + response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); - /* Status & StatusCode */ - lasso_authn_response_set_status(response, lassoSamlStatusCodeSuccess); + node = lasso_node_new_from_dump(buffer_decoded); + xmlNode_response = xmlCopyNode(LASSO_NODE_GET_CLASS(node)->get_xmlNode(node), 1); + LASSO_NODE_GET_CLASS(response)->set_xmlNode(response, xmlNode_response); - g_datalist_clear(&gd); +/* LASSO_AUTHN_RESPONSE(response)->request = NULL; */ +/* LASSO_AUTHN_RESPONSE(response)->query = NULL; */ + lasso_node_destroy(node); return (response); } -LassoNode* -lasso_authn_response_new_from_lareq(xmlChar *lareq, - const xmlChar *providerID) -{ +/* LassoNode* */ +/* lasso_authn_response_new_from_request_query(gchar *query, */ +/* const xmlChar *providerID) */ +/* { */ +/* GData *gd; */ +/* LassoNode *response; */ +/* xmlChar *id, *time; */ + +/* g_return_val_if_fail(query != NULL, NULL); */ +/* g_return_val_if_fail(providerID != NULL, NULL); */ + +/* response = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_RESPONSE, NULL)); */ + +/* gd = lasso_query_to_dict(query); */ +/* /\* /\\* store query - need to verify signature *\\/ *\/ */ +/* /\* LASSO_AUTHN_RESPONSE(response)->query = g_strdup(query); *\/ */ +/* /\* LASSO_AUTHN_RESPONSE(response)->request = lasso_authn_request_new_from_query(query); *\/ */ + +/* /\* ResponseID *\/ */ +/* id = lasso_build_unique_id(32); */ +/* lasso_samlp_response_abstract_set_responseID(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* (const xmlChar *)id); */ +/* xmlFree(id); */ +/* /\* MajorVersion *\/ */ +/* lasso_samlp_response_abstract_set_majorVersion(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* lassoLibMajorVersion); */ +/* /\* MinorVersion *\/ */ +/* lasso_samlp_response_abstract_set_minorVersion(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* lassoLibMinorVersion); */ +/* /\* IssueInstance *\/ */ +/* time = lasso_get_current_time(); */ +/* lasso_samlp_response_abstract_set_issueInstance(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* (const xmlChar *)time); */ +/* xmlFree(time); */ + +/* /\* ProviderID *\/ */ +/* lasso_lib_authn_response_set_providerID(LASSO_LIB_AUTHN_RESPONSE(response), */ +/* providerID); */ + +/* /\* RelayState *\/ */ +/* if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RelayState"), 0) != NULL) { */ +/* lasso_lib_authn_response_set_relayState(LASSO_LIB_AUTHN_RESPONSE(response), */ +/* lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RelayState"), 0)); */ +/* } */ +/* /\* InResponseTo *\/ */ +/* if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RequestID"), 0) != NULL) { */ +/* lasso_samlp_response_abstract_set_inResponseTo(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RequestID"), 0)); */ +/* } */ + +/* /\* consent *\/ */ +/* if (lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "consent"), 0) != NULL) { */ +/* lasso_lib_authn_response_set_consent(LASSO_LIB_AUTHN_RESPONSE(response), */ +/* lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "consent"), 0)); */ +/* } */ + +/* /\* Recipient *\/ */ +/* lasso_samlp_response_abstract_set_recipient(LASSO_SAMLP_RESPONSE_ABSTRACT(response), */ +/* lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ProviderID"), 0)); */ + +/* /\* Status & StatusCode *\/ */ +/* lasso_authn_response_set_status(response, lassoSamlStatusCodeSuccess); */ + +/* g_datalist_clear(&gd); */ + +/* return (response); */ +/* } */ + +/* LassoNode* */ +/* lasso_authn_response_new_from_lareq(xmlChar *lareq, */ +/* const xmlChar *providerID) */ +/* { */ -} +/* } */ diff --git a/lasso/Attic/protocols/authn_response.h b/lasso/Attic/protocols/authn_response.h index 4097ab6c..66b95f4f 100644 --- a/lasso/Attic/protocols/authn_response.h +++ b/lasso/Attic/protocols/authn_response.h @@ -46,8 +46,6 @@ typedef struct _LassoAuthnResponseClass LassoAuthnResponseClass; struct _LassoAuthnResponse { LassoLibAuthnResponse parent; /*< public >*/ - gchar *query; - LassoNode *request; /*< private >*/ }; @@ -62,7 +60,7 @@ LASSO_EXPORT LassoNode* lasso_authn_response_new_from_dump (xmlC LASSO_EXPORT LassoNode* lasso_authn_response_new_from_export (xmlChar *buffer, gint type); -LASSO_EXPORT LassoNode* lasso_authn_response_new (char *providerID, +LASSO_EXPORT LassoNode* lasso_authn_response_new (char *providerID, LassoNode *request); LASSO_EXPORT LassoNode* lasso_authn_response_new_from_request_query (gchar *query, diff --git a/lasso/id-ff/Makefile.am b/lasso/id-ff/Makefile.am index a9fc0e90..6232ba56 100644 --- a/lasso/id-ff/Makefile.am +++ b/lasso/id-ff/Makefile.am @@ -15,7 +15,6 @@ INCLUDES = \ noinst_LTLIBRARIES = liblasso-environs.la liblasso_environs_la_SOURCES = \ - environ.c \ identity.c \ provider.c \ server_environ.c \ @@ -23,7 +22,6 @@ liblasso_environs_la_SOURCES = \ user_environ.c liblassoinclude_HEADERS = \ - environ.h \ identity.h \ provider.h \ server_environ.h \ diff --git a/lasso/id-ff/server_environ.c b/lasso/id-ff/server_environ.c index b36c6ec1..b9d3200a 100644 --- a/lasso/id-ff/server_environ.c +++ b/lasso/id-ff/server_environ.c @@ -98,7 +98,7 @@ GType lasso_server_environ_get_type() { (GInstanceInitFunc) lasso_server_environ_instance_init, }; - this_type = g_type_register_static(LASSO_TYPE_ENVIRON, + this_type = g_type_register_static(G_TYPE_OBJECT, "LassoServerEnviron", &this_info, 0); } diff --git a/lasso/id-ff/server_environ.h b/lasso/id-ff/server_environ.h index a1c295cc..6007118f 100644 --- a/lasso/id-ff/server_environ.h +++ b/lasso/id-ff/server_environ.h @@ -31,7 +31,6 @@ extern "C" { #endif /* __cplusplus */ #include <lasso/xml/xml.h> -#include <lasso/environs/environ.h> #include <lasso/environs/provider.h> #define LASSO_TYPE_SERVER_ENVIRON (lasso_server_environ_get_type()) @@ -45,7 +44,7 @@ typedef struct _LassoServerEnviron LassoServerEnviron; typedef struct _LassoServerEnvironClass LassoServerEnvironClass; struct _LassoServerEnviron { - LassoEnviron parent; + GObject parent; GPtrArray *providers; @@ -57,7 +56,7 @@ struct _LassoServerEnviron { }; struct _LassoServerEnvironClass { - LassoEnvironClass parent; + GObjectClass parent; }; LASSO_EXPORT GType lasso_server_environ_get_type (void); diff --git a/lasso/id-ff/session_environ.c b/lasso/id-ff/session_environ.c index 05f7a048..e76e3af1 100644 --- a/lasso/id-ff/session_environ.c +++ b/lasso/id-ff/session_environ.c @@ -22,25 +22,50 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ +#include <lasso/xml/samlp_response.h> +#include <lasso/protocols/request.h> +#include <lasso/protocols/authn_response.h> #include <lasso/environs/session_environ.h> /*****************************************************************************/ +/* functions */ +/*****************************************************************************/ + +static void +set_response_status(LassoNode *response, + const xmlChar *statusCodeValue) { + LassoNode *status, *status_code; + + status = lasso_samlp_status_new(); + + status_code = lasso_samlp_status_code_new(); + lasso_samlp_status_code_set_value(LASSO_SAMLP_STATUS_CODE(status_code), + statusCodeValue); + + lasso_samlp_status_set_statusCode(LASSO_SAMLP_STATUS(status), + LASSO_SAMLP_STATUS_CODE(status_code)); + + lasso_samlp_response_set_status(LASSO_SAMLP_RESPONSE(response), + LASSO_SAMLP_STATUS(status)); + lasso_node_destroy(status_code); + lasso_node_destroy(status); +} + +/*****************************************************************************/ /* public methods */ /*****************************************************************************/ -char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, - const char *responseProtocolProfile, - gboolean isPassive, - gboolean forceAuthn, - const char *nameIDPolicy){ +char *lasso_session_environ_build_authn_request(LassoSessionEnviron *session, + const char *responseProtocolProfile, + gboolean isPassive, + gboolean forceAuthn, + const char *nameIDPolicy){ LassoProvider *provider; char *str, *requestProtocolProfile; char *url, *query; int url_len, query_len; - //LassoEnviron *environ = LASSO_ENVIRON(session); - provider = lasso_server_environ_get_provider(session->server, session->local_providerID); if(!provider) return(NULL); @@ -48,13 +73,13 @@ char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, /* build the request object */ session->request = LASSO_NODE(lasso_authn_request_new(session->local_providerID)); if(responseProtocolProfile!=NULL) - lasso_lib_authn_request_set_protocolProfile(session->request, responseProtocolProfile); + lasso_lib_authn_request_set_protocolProfile(LASSO_LIB_AUTHN_REQUEST(session->request), responseProtocolProfile); if(nameIDPolicy!=NULL) - lasso_lib_authn_request_set_nameIDPolicy(session->request, nameIDPolicy); + lasso_lib_authn_request_set_nameIDPolicy(LASSO_LIB_AUTHN_REQUEST(session->request), nameIDPolicy); - lasso_lib_authn_request_set_isPassive(session->request, isPassive); - lasso_lib_authn_request_set_forceAuthn(session->request, forceAuthn); + lasso_lib_authn_request_set_isPassive(LASSO_LIB_AUTHN_REQUEST(session->request), isPassive); + lasso_lib_authn_request_set_forceAuthn(LASSO_LIB_AUTHN_REQUEST(session->request), forceAuthn); /* export request depending on the request protocol profile */ str = NULL; @@ -69,7 +94,7 @@ char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, str = (char *)malloc(url_len+query_len+2); // +2 for the ? character and the end line character sprintf(str, "%s?%s", url, query); - session->request_protocol_profile = lasso_protocol_profile_type_get; + session->request_protocol_method = lasso_protocol_method_get; } else if(!strcmp(requestProtocolProfile, lassoLibProtocolProfileSSOPost)){ printf("TODO - export the AuthnRequest in a formular\n"); @@ -78,117 +103,126 @@ char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, return(str); } -gboolean lasso_session_environ_process_assertion(LassoSessionEnviron *session, char *str){ - LassoNode *statusCode, *assertion; - LassoNode *nameIdentifier, *idpProvidedNameIdentifier; - char *artifact, *statusCodeValue; - - LassoEnviron *environ = LASSO_ENVIRON(session); - - artifact = strstr(str, "SAMLArt"); - if(artifact){ - printf("TODO - lasso_session_environ_process_assertion() - process artifact\n"); - } - else{ - printf("DEBUG - POST response, process the authnResponse\n"); - session->response = LASSO_NODE(lasso_authn_response_new_from_export(str, 0)); - - /* process the status code value */ - statusCode = lasso_node_get_child(session->response, "StatusCode", NULL); - statusCodeValue = lasso_node_get_attr_value(statusCode, "Value"); - if(strcmp(statusCodeValue, lassoSamlStatusCodeSuccess)) - return(FALSE); - - /* process the assertion */ - assertion = lasso_node_get_child(session->response, "Assertion", NULL); - if(!assertion) - return(FALSE); - - /* set the name identifiers */ - nameIdentifier = lasso_node_get_child(assertion, "NameIdentifier", NULL); - printf("name identifier %s(%s)\n", lasso_node_get_content(nameIdentifier), lasso_node_export(nameIdentifier)); - - idpProvidedNameIdentifier = lasso_node_get_child(assertion, "IDPProvidedNameIdentifier", NULL); - - - } - - return(FALSE); +xmlChar* +lasso_session_environ_process_artifact(LassoSessionEnviron *session, + gchar *artifact) +{ + session->request = lasso_request_new(artifact); + return (lasso_node_export_to_soap(session->request)); } -gboolean lasso_session_environ_process_authnRequest(LassoSessionEnviron *session, - char *str_request, - int protocol_profile_type, - gboolean has_cookie){ - gboolean must_authenticate = TRUE; - char *response_protocol_profile; - char *content; - gboolean isPassive = TRUE; - gboolean forceAuthn = FALSE; - - LassoEnviron *environ = LASSO_ENVIRON(session); - - printf("plop, process AuthnRequest\n"); - - /* get the protocol profile */ - if(protocol_profile_type==lasso_protocol_profile_type_get){ - session->request = LASSO_NODE(lasso_authn_request_new_from_query(str_request)); - } - else if(protocol_profile_type==lasso_protocol_profile_type_post){ - printf("TODO - lasso_session_environ_process_authnRequest() - implement the parsing of the post request\n"); - } - else{ - printf("ERROR - lasso_session_environ_process_authnRequest() - Unknown protocol profile\n"); - } +gboolean +lasso_session_environ_process_authn_response(LassoSessionEnviron *session, + xmlChar *response) +{ + LassoNode *statusCode, *assertion; + LassoNode *nameIdentifier, *idpProvidedNameIdentifier; + char *artifact, *statusCodeValue; - /* Verify the signature */ - printf("TODO - verify the signature\n"); + printf("DEBUG - POST response, process the authnResponse\n"); + session->response = LASSO_NODE(lasso_authn_response_new_from_export(response, 0)); + + /* process the status code value */ + statusCode = lasso_node_get_child(session->response, "StatusCode", NULL); + statusCodeValue = lasso_node_get_attr_value(statusCode, "Value"); + if(strcmp(statusCodeValue, lassoSamlStatusCodeSuccess)) + return(FALSE); + + /* process the assertion */ + assertion = lasso_node_get_child(session->response, "Assertion", NULL); + if(!assertion) + return(FALSE); + + /* set the name identifiers */ + nameIdentifier = lasso_node_get_child(assertion, "NameIdentifier", NULL); + printf("name identifier %s(%s)\n", lasso_node_get_content(nameIdentifier), lasso_node_export(nameIdentifier)); + + idpProvidedNameIdentifier = lasso_node_get_child(assertion, "IDPProvidedNameIdentifier", NULL); + + return(TRUE); +} - /* set the peer ProviderID from the request */ - content = lasso_node_get_child_content(session->request, "ProviderID", NULL); - session->peer_providerID = (char *)malloc(strlen(content)+1); - sprintf(session->peer_providerID, "%s", content); - printf("request from %s\n", session->peer_providerID); +gboolean lasso_session_environ_process_authn_request(LassoSessionEnviron *session, + char *request, + int request_method, + gboolean is_authenticated){ + LassoProvider *provider; + xmlChar *protocolProfile; + gboolean must_authenticate = TRUE; + gboolean isPassive = TRUE; + gboolean forceAuthn = FALSE; + gboolean signature_status; - /* response with protocol profile */ - response_protocol_profile = lasso_node_get_child_content(session->request, "ProtocolProfile", NULL); - if(!response_protocol_profile || !strcmp(response_protocol_profile, lassoLibProtocolProfileArtifact)){ - session->response_protocol_profile = lasso_protocol_profile_type_artifact; - printf("TODO - lasso_session_environ_process_authnRequest() - implement the artifact response\n"); - } - else if(!strcmp(response_protocol_profile, lassoLibProtocolProfilePost)){ - session->response_protocol_profile = lasso_protocol_profile_type_post; - session->response = LASSO_NODE(lasso_authn_response_new(session->local_providerID, session->request)); - } - /* verify if the user must be authenticated or not */ - content = lasso_node_get_child_content(session->request, "IsPassive", NULL); - if(content && !strcmp(content, "false")){ - isPassive = FALSE; - } + switch (request_method) { + case lasso_protocol_method_get: + + session->request = LASSO_NODE(lasso_authn_request_new_from_query(request)); + session->peer_providerID = lasso_node_get_child_content(session->request, "ProviderID", NULL); + + protocolProfile = lasso_node_get_child_content(session->request, "ProtocolProfile", NULL); + if (xmlStrEqual(protocolProfile, lassoLibProtocolProfilePost)) { + session->response = lasso_authn_response_new(session->local_providerID, session->request); + } + else { + // TODO + //session->response = lasso_response_new(session->local_providerID, session->request); + } + + provider = lasso_server_environ_get_provider(session->server, session->peer_providerID); + if (xmlStrEqual(lasso_node_get_child_content(provider->metadata, "AuthnRequestsSigned", NULL), "true")) { + signature_status = lasso_query_verify_signature(request, + provider->public_key, + session->server->private_key); + /* Status & StatusCode */ + if (signature_status == 0 || signature_status == 2) { + switch (signature_status) { + case 0: + set_response_status(session->response, lassoLibStatusCodeInvalidSignature); + break; + case 2: + set_response_status(session->response, lassoLibStatusCodeUnsignedAuthnRequest); + break; + } + } + } + break; + case lasso_protocol_method_post: + printf("TODO - lasso_session_environ_process_authnRequest() - implement the parsing of the post request\n"); + break; + default: + printf("ERROR - lasso_session_environ_process_authnRequest() - Unknown protocol method\n"); + } + + /* verify if the user must be authenticated or not */ + if (xmlStrEqual(lasso_node_get_child_content(session->request, "IsPassive", NULL), "false")) { + isPassive = FALSE; + } - content = lasso_node_get_child_content(session->request, "ForceAuthn", NULL); - if(content && !strcmp(content, "true")){ - forceAuthn = TRUE; - } + if (xmlStrEqual(lasso_node_get_child_content(session->request, "ForceAuthn", NULL), "true")) { + forceAuthn = TRUE; + } - /* complex test to authentication process */ - if((forceAuthn == TRUE || has_cookie == FALSE) && isPassive == FALSE){ - must_authenticate = TRUE; - } - else if(has_cookie == FALSE && isPassive == TRUE){ - printf("TODO - lasso_session_session_process_authnRequest() - implement the generic setting of the status code value\n"); - must_authenticate = FALSE; - } + /* complex test to authentication process */ + if ((forceAuthn == TRUE || is_authenticated == FALSE) && isPassive == FALSE) { + must_authenticate = TRUE; + } + else if (is_authenticated == FALSE && isPassive == TRUE) { + set_response_status(session->response, lassoLibStatusCodeNoPassive); + printf("TODO - lasso_session_session_process_authnRequest() - implement the generic setting of the status code value\n"); + must_authenticate = FALSE; + } - return(must_authenticate); + return (must_authenticate); } -char *lasso_session_environ_process_authentication(LassoSessionEnviron *session, - gboolean isAuthenticated, - const char *authentication_method){ +char * +lasso_session_environ_process_authentication(LassoSessionEnviron *session, + gint authentication_result, + const char *authentication_method) +{ LassoUserEnviron *user; - char *str, *nameIDPolicy; + xmlChar *str, *nameIDPolicy, *protocolProfile; LassoNode *assertion, *authentication_statement, *idpProvidedNameIdentifier; LassoIdentity *identity; @@ -241,17 +275,13 @@ char *lasso_session_environ_process_authentication(LassoSessionEnviron *session, } /* return a response message */ - str = NULL; - if(session->response_protocol_profile==lasso_protocol_profile_type_post){ - printf("DEBUG - return a post message\n"); - str = lasso_node_export_to_base64(session->response); - } - else if(session->response_protocol_profile==lasso_protocol_profile_type_artifact){ - printf("DEBUG - return a artifact message\n"); - } - else{ - printf("DEBUG - unknown response protocol profile\n"); - } + protocolProfile = lasso_node_get_child_content(session->request, "ProtocolProfile", NULL); + if (xmlStrEqual(protocolProfile, lassoLibProtocolProfilePost)) { + str = lasso_node_export_to_base64(session->response); + } + else { + printf("DEBUG - return a artifact message\n"); + } return(str); } @@ -287,8 +317,7 @@ lasso_session_environ_instance_init(LassoSessionEnviron *session){ session->response = NULL; session->local_providerID = NULL; session->peer_providerID = NULL; - session->request_protocol_profile = 0; - session->response_protocol_profile = 0; + session->request_protocol_method = 0; } static void @@ -311,7 +340,7 @@ GType lasso_session_environ_get_type() { (GInstanceInitFunc) lasso_session_environ_instance_init, }; - this_type = g_type_register_static(LASSO_TYPE_ENVIRON, + this_type = g_type_register_static(G_TYPE_OBJECT, "LassoSessionEnviron", &this_info, 0); } @@ -334,7 +363,7 @@ lasso_session_environ_new(LassoServerEnviron *server, session->server = server; - if (user) { + if (user != NULL) { session->user = user; } diff --git a/lasso/id-ff/session_environ.h b/lasso/id-ff/session_environ.h index 27f42bdc..95eb96d3 100644 --- a/lasso/id-ff/session_environ.h +++ b/lasso/id-ff/session_environ.h @@ -47,15 +47,15 @@ typedef struct _LassoSessionEnviron LassoSessionEnviron; typedef struct _LassoSessionEnvironClass LassoSessionEnvironClass; typedef enum { - lasso_protocol_profile_type_get = 1, - lasso_protocol_profile_type_redirect, - lasso_protocol_profile_type_post, - lasso_protocol_profile_type_soap, - lasso_protocol_profile_type_artifact, -} lasso_protocol_profile_type; + lasso_protocol_method_get = 1, + lasso_protocol_method_redirect, + lasso_protocol_method_post, + lasso_protocol_method_soap, + lasso_protocol_method_artifact, +} lasso_protocol_methods; struct _LassoSessionEnviron { - LassoEnviron parent; + GObject parent; /*< public >*/ LassoServerEnviron *server; @@ -68,14 +68,13 @@ struct _LassoSessionEnviron { char *local_providerID, *peer_providerID; - int request_protocol_profile; - int response_protocol_profile; - + gint request_protocol_method; + /*< private >*/ }; struct _LassoSessionEnvironClass { - LassoNodeClass parent; + GObjectClass parent; }; LASSO_EXPORT GType lasso_session_environ_get_type (void); @@ -85,26 +84,32 @@ LASSO_EXPORT LassoSessionEnviron *lasso_session_environ_new ( gchar *local_providerID, gchar *peer_providerID); -LASSO_EXPORT char *lasso_session_environ_build_authnRequest (LassoSessionEnviron *session, - const char *responseProtocolProfile, - gboolean isPassive, - gboolean forceAuthn, - const char *nameIDPolicy); +LASSO_EXPORT char *lasso_session_environ_build_authn_request (LassoSessionEnviron *session, + const char *responseProtocolProfile, + gboolean isPassive, + gboolean forceAuthn, + const char *nameIDPolicy); + +LASSO_EXPORT xmlChar* lasso_session_environ_process_artifact (LassoSessionEnviron *session, + gchar *artifact); -LASSO_EXPORT gboolean lasso_session_environ_process_assertion (LassoSessionEnviron *session, char *str); +LASSO_EXPORT gboolean lasso_session_environ_process_authn_response (LassoSessionEnviron *session, + xmlChar *response); -LASSO_EXPORT gboolean lasso_session_environ_process_authnRequest (LassoSessionEnviron *session, - char *str_request, - int protocol_profile_type, - gboolean has_cookie); +LASSO_EXPORT gboolean lasso_session_environ_process_authn_request (LassoSessionEnviron *session, + char *request, + int request_method, + gboolean is_authenticated); -LASSO_EXPORT char *lasso_session_environ_process_authentication (LassoSessionEnviron *session, - gboolean isAuthenticated, - const char *authentication_method); +LASSO_EXPORT char *lasso_session_environ_process_authentication (LassoSessionEnviron *session, + gint authentication_result, + const char *authentication_method); -LASSO_EXPORT int lasso_session_environ_set_local_providerID (LassoSessionEnviron *session, char *providerID); +LASSO_EXPORT int lasso_session_environ_set_local_providerID (LassoSessionEnviron *session, + char *providerID); -LASSO_EXPORT int lasso_session_environ_set_peer_providerID (LassoSessionEnviron *session, char *providerID); +LASSO_EXPORT int lasso_session_environ_set_peer_providerID (LassoSessionEnviron *session, + char *providerID); #ifdef __cplusplus } diff --git a/lasso/id-ff/user_environ.c b/lasso/id-ff/user_environ.c index 63eb4acb..843121b8 100644 --- a/lasso/id-ff/user_environ.c +++ b/lasso/id-ff/user_environ.c @@ -84,7 +84,7 @@ GType lasso_user_environ_get_type() { (GInstanceInitFunc) lasso_user_environ_instance_init, }; - this_type = g_type_register_static(LASSO_TYPE_ENVIRON, + this_type = g_type_register_static(G_TYPE_OBJECT, "LassoUserEnviron", &this_info, 0); } diff --git a/lasso/id-ff/user_environ.h b/lasso/id-ff/user_environ.h index aa812aa2..f9075f14 100644 --- a/lasso/id-ff/user_environ.h +++ b/lasso/id-ff/user_environ.h @@ -31,7 +31,6 @@ extern "C" { #endif /* __cplusplus */ #include <lasso/xml/xml.h> -#include <lasso/environs/environ.h> #include <lasso/environs/identity.h> #define LASSO_TYPE_USER_ENVIRON (lasso_user_environ_get_type()) @@ -41,13 +40,13 @@ extern "C" { #define LASSP_IS_USER_ENVIRON_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), LASSO_TYPE_USER_ENVIRON)) #define LASSO_USER_ENVIRON_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), LASSO_TYPE_USER_ENVIRON, LassoUserEnvironClass)) - typedef struct _LassoUserEnviron LassoUserEnviron; typedef struct _LassoUserEnvironClass LassoUserEnvironClass; struct _LassoUserEnviron { - LassoEnviron parent; + GObject parent; + /*< public >*/ GPtrArray *assertions; GPtrArray *identities; @@ -55,13 +54,14 @@ struct _LassoUserEnviron { }; struct _LassoUserEnvironClass { - LassoEnvironClass parent; + GObjectClass parent; }; LASSO_EXPORT GType lasso_user_environ_get_type (void); -LASSO_EXPORT LassoUserEnviron* lasso_user_environ_new (void); +LASSO_EXPORT LassoUserEnviron *lasso_user_environ_new (void); -LASSO_EXPORT LassoIdentity *lasso_user_environ_find_identity (LassoUserEnviron *user, gchar *peer_providerID); +LASSO_EXPORT LassoIdentity *lasso_user_environ_find_identity (LassoUserEnviron *user, + gchar *peer_providerID); #ifdef __cplusplus } diff --git a/lasso/xml/lib_authn_request.c b/lasso/xml/lib_authn_request.c index ee288569..b69b7ad7 100644 --- a/lasso/xml/lib_authn_request.c +++ b/lasso/xml/lib_authn_request.c @@ -193,6 +193,7 @@ lasso_lib_authn_request_set_relayState(LassoLibAuthnRequest *node, const xmlChar *relayState) { g_assert(LASSO_IS_LIB_AUTHN_REQUEST(node)); g_assert(relayState != NULL); + // FIXME : RelayState lenght SHOULD be <= 80 LassoNodeClass *class = LASSO_NODE_GET_CLASS(node); class->new_child(LASSO_NODE (node), "RelayState", relayState, FALSE); diff --git a/lasso/xml/samlp_request.c b/lasso/xml/samlp_request.c index f8d8c8bf..f383c68e 100644 --- a/lasso/xml/samlp_request.c +++ b/lasso/xml/samlp_request.c @@ -41,6 +41,9 @@ </extension> </complexContent> </complexType> + +<element name="AssertionArtifact" type="string"/> + */ /*****************************************************************************/ diff --git a/lasso/xml/samlp_request_abstract.c b/lasso/xml/samlp_request_abstract.c index e8b5ea1f..278aedf5 100644 --- a/lasso/xml/samlp_request_abstract.c +++ b/lasso/xml/samlp_request_abstract.c @@ -110,6 +110,21 @@ lasso_samlp_request_abstract_set_requestID(LassoSamlpRequestAbstract *node, class->set_prop(LASSO_NODE (node), "RequestID", requestID); } +void +lasso_samlp_request_abstract_set_signature(LassoSamlpRequestAbstract *node, + gint sign_method, + const xmlChar *private_key_file, + const xmlChar *certificate_file) +{ + g_assert(LASSO_IS_SAMLP_REQUEST_ABSTRACT(node)); + g_assert(private_key_file != NULL); + g_assert(certificate_file != NULL); + + LassoNodeClass *class = LASSO_NODE_GET_CLASS(node); + class->add_signature(LASSO_NODE (node), sign_method, + private_key_file, certificate_file); +} + /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ diff --git a/lasso/xml/samlp_request_abstract.h b/lasso/xml/samlp_request_abstract.h index b2c4eb2d..8c065592 100644 --- a/lasso/xml/samlp_request_abstract.h +++ b/lasso/xml/samlp_request_abstract.h @@ -57,17 +57,22 @@ LASSO_EXPORT LassoNode* lasso_samlp_request_abstract_new(void); LASSO_EXPORT void lasso_samlp_request_abstract_add_respondWith (LassoSamlpRequestAbstract *node, const xmlChar *respondWith); -LASSO_EXPORT void lasso_samlp_request_abstract_set_issueInstance (LassoSamlpRequestAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_request_abstract_set_issueInstance (LassoSamlpRequestAbstract *node, + const xmlChar *issueInstant); -LASSO_EXPORT void lasso_samlp_request_abstract_set_majorVersion (LassoSamlpRequestAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_request_abstract_set_majorVersion (LassoSamlpRequestAbstract *node, + const xmlChar *majorVersion); -LASSO_EXPORT void lasso_samlp_request_abstract_set_minorVersion (LassoSamlpRequestAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_request_abstract_set_minorVersion (LassoSamlpRequestAbstract *node, + const xmlChar *minorVersion); -LASSO_EXPORT void lasso_samlp_request_abstract_set_requestID (LassoSamlpRequestAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_request_abstract_set_requestID (LassoSamlpRequestAbstract *node, + const xmlChar *requestID); + +LASSO_EXPORT void lasso_samlp_request_abstract_set_signature (LassoSamlpRequestAbstract *node, + gint sign_method, + const xmlChar *private_key_file, + const xmlChar *certificate_file); #ifdef __cplusplus } diff --git a/lasso/xml/samlp_response_abstract.c b/lasso/xml/samlp_response_abstract.c index 2e5539a9..717ebc92 100644 --- a/lasso/xml/samlp_response_abstract.c +++ b/lasso/xml/samlp_response_abstract.c @@ -125,12 +125,20 @@ lasso_samlp_response_abstract_set_responseID(LassoSamlpResponseAbstract *node, class->set_prop(LASSO_NODE (node), "ResponseID", responseID); } -/* TODO - void - lasso_samlp_response_abstract_set_signature(LassoSamlpResponseAbstract *node) +void +lasso_samlp_response_abstract_set_signature(LassoSamlpResponseAbstract *node, + gint sign_method, + const xmlChar *private_key_file, + const xmlChar *certificate_file) { + g_assert(LASSO_IS_SAMLP_RESPONSE_ABSTRACT(node)); + g_assert(private_key_file != NULL); + g_assert(certificate_file != NULL); + + LassoNodeClass *class = LASSO_NODE_GET_CLASS(node); + class->add_signature(LASSO_NODE (node), sign_method, + private_key_file, certificate_file); } -*/ /*****************************************************************************/ /* instance and class init functions */ diff --git a/lasso/xml/samlp_response_abstract.h b/lasso/xml/samlp_response_abstract.h index 8e6c2d23..bf80941f 100644 --- a/lasso/xml/samlp_response_abstract.h +++ b/lasso/xml/samlp_response_abstract.h @@ -54,23 +54,28 @@ struct _LassoSamlpResponseAbstractClass { LASSO_EXPORT GType lasso_samlp_response_abstract_get_type(void); LASSO_EXPORT LassoNode* lasso_samlp_response_abstract_new(void); -LASSO_EXPORT void lasso_samlp_response_abstract_set_inResponseTo (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_inResponseTo (LassoSamlpResponseAbstract *node, + const xmlChar *inResponseTo); -LASSO_EXPORT void lasso_samlp_response_abstract_set_issueInstance (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_issueInstance (LassoSamlpResponseAbstract *node, + const xmlChar *issueInstance); -LASSO_EXPORT void lasso_samlp_response_abstract_set_majorVersion (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_majorVersion (LassoSamlpResponseAbstract *node, + const xmlChar *majorVersion); -LASSO_EXPORT void lasso_samlp_response_abstract_set_minorVersion (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_minorVersion (LassoSamlpResponseAbstract *node, + const xmlChar *minorVersion); -LASSO_EXPORT void lasso_samlp_response_abstract_set_recipient (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_recipient (LassoSamlpResponseAbstract *node, + const xmlChar *recipient); -LASSO_EXPORT void lasso_samlp_response_abstract_set_responseID (LassoSamlpResponseAbstract *, - const xmlChar *); +LASSO_EXPORT void lasso_samlp_response_abstract_set_responseID (LassoSamlpResponseAbstract *node, + const xmlChar *responseID); + +LASSO_EXPORT void lasso_samlp_response_abstract_set_signature (LassoSamlpResponseAbstract *node, + gint sign_method, + const xmlChar *private_key_file, + const xmlChar *certificate_file); #ifdef __cplusplus } diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c index 323dab04..2909c667 100644 --- a/lasso/xml/tools.c +++ b/lasso/xml/tools.c @@ -26,7 +26,7 @@ /** * lasso_build_unique_id: - * @size: the ID's lenght (between 32 and 48) + * @size: the ID's lenght (between 32 and 40) * * Builds an ID which has an unicity probability of 2^(-size*4). * The result is Base64 encoded. @@ -41,9 +41,9 @@ lasso_build_unique_id(guint8 size) less than 2^-128 and SHOULD be less than 2^-160. so we must have 128 <= exp <= 160 we could build a 128-bit binary number but hexa system is shorter - 32 <= hexa number size <= 48 + 32 <= hexa number size <= 40 */ - g_return_val_if_fail((size >= 32 && size <= 48) || size == 0, NULL); + g_return_val_if_fail((size >= 32 && size <= 40) || size == 0, NULL); int i, val; xmlChar *id, *enc_id; |