*** empty log message ***

author: Valery Febvre <vfebvre at easter-eggs.com> 2004-07-14 12:53:11 +0000
committer: Valery Febvre <vfebvre at easter-eggs.com> 2004-07-14 12:53:11 +0000
commit: 6dd81a97236a54cde4bf80b18d28b191b13f6127 (patch)
tree: 35c737880f4693c75bb5ce0fb7ef6c05e5e2ca9e
parent: 03cc97448e304d121cfa8c7486a0932d891a40ab (diff)
4 files changed, 128 insertions, 68 deletions
diff --git a/lasso/Attic/protocols/response.c b/lasso/Attic/protocols/response.c
index ae6e589d..34854f62 100644
--- a/lasso/Attic/protocols/response.c
+++ b/lasso/Attic/protocols/response.c
@@ -108,3 +108,30 @@ lasso_response_new()
 
   return (response);
 }
+
+LassoNode*
+lasso_response_new_from_export(xmlChar              *buffer,
+			       lassoNodeExportTypes  export_type)
+{
+  xmlChar *buffer_decoded = xmlMalloc(strlen(buffer));
+  LassoNode *response = NULL, *soap_node, *response_node;
+
+  g_return_val_if_fail(buffer != NULL, NULL);
+
+  response = LASSO_NODE(g_object_new(LASSO_TYPE_RESPONSE, NULL));
+
+  switch (export_type) {
+  case lassoNodeExportTypeBase64:
+  case lassoNodeExportTypeQuery:
+    break;
+  case lassoNodeExportTypeSoap:
+    soap_node = lasso_node_new_from_dump(buffer);
+    response_node = lasso_node_get_child(soap_node, "Response", lassoSamlProtocolHRef);
+    lasso_node_import(response, lasso_node_export(response_node));
+    lasso_node_destroy(response_node);
+    lasso_node_destroy(soap_node);
+    break;
+  }
+
+  return (response);
+}
diff --git a/lasso/Attic/protocols/response.h b/lasso/Attic/protocols/response.h
index 9e2d828a..54228039 100644
--- a/lasso/Attic/protocols/response.h
+++ b/lasso/Attic/protocols/response.h
@@ -52,9 +52,12 @@ struct _LassoResponseClass {
   LassoSamlpResponseClass parent;
 };
 
-LASSO_EXPORT GType      lasso_response_get_type (void);
+LASSO_EXPORT GType      lasso_response_get_type        (void);
 
-LASSO_EXPORT LassoNode* lasso_response_new      (void);
+LASSO_EXPORT LassoNode* lasso_response_new             (void);
+
+LASSO_EXPORT LassoNode* lasso_response_new_from_export (xmlChar              *buffer,
+							lassoNodeExportTypes  export_type);
 
 #ifdef __cplusplus
 }
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c
index 873f0273..d3ea499b 100644
--- a/lasso/id-ff/login.c
+++ b/lasso/id-ff/login.c
@@ -33,7 +33,7 @@ static GObjectClass *parent_class = NULL;
 /* functions                                                                 */
 /*****************************************************************************/
 
-gint
+static gint
 lasso_login_process_federation(LassoLogin *login)
 {
   LassoIdentity *identity;
@@ -81,7 +81,51 @@ lasso_login_process_federation(LassoLogin *login)
   return (0);
 }
 
-gint
+static gint
+lasso_login_process_response_status_and_assertion(LassoLogin *login) {
+  LassoNode *assertion, *status, *statusCode;
+  LassoProvider *idp;
+  gchar *statusCode_value;
+
+  /* verify signature */
+  assertion = lasso_node_get_child(LASSO_PROFILE_CONTEXT(login)->response,
+				   "Assertion",
+				   lassoLibHRef);
+  idp = lasso_server_get_provider(LASSO_PROFILE_CONTEXT(login)->server,
+				  LASSO_PROFILE_CONTEXT(login)->remote_providerID);
+  if (assertion != NULL) {
+    lasso_node_verify_signature(assertion, idp->ca_certificate);
+  }
+  else {
+    return (-1);
+  }
+
+  /* check StatusCode value */
+  status = lasso_node_get_child(LASSO_PROFILE_CONTEXT(login)->response,
+				"Status",
+				lassoSamlProtocolHRef);
+  if (status != NULL) {
+    statusCode = lasso_node_get_child(status,
+				  "StatusCode",
+				  lassoSamlProtocolHRef);
+    
+    if (statusCode) {
+      statusCode_value = lasso_node_get_content(statusCode);
+      if (xmlStrEqual(statusCode_value, lassoSamlStatusCodeSuccess)) {
+	return (-2);
+      }
+    }
+    else {
+      return (-3);
+    }
+  }
+  else {
+    return (-4);
+  }
+  return (0);
+}
+
+static gint
 lasso_login_add_response_assertion(LassoLogin    *login,
 				   LassoIdentity *identity,
 				   const gchar   *authenticationMethod,
@@ -174,7 +218,8 @@ lasso_login_build_artifact_msg(LassoLogin       *login,
     }
   }
   /* save response dump */
-  login->response_dump = lasso_node_export(LASSO_PROFILE_CONTEXT(login)->response);
+  login->response_dump = lasso_node_export_to_soap(LASSO_PROFILE_CONTEXT(login)->response);
+  //segfault ??? debug(DEBUG, "SOAP enveloped Samlp:response = %s\n", LASSO_LOGIN(login)->response_dump);
 
   providerID = lasso_provider_get_providerID(LASSO_PROVIDER(LASSO_PROFILE_CONTEXT(login)->server));
   remote_provider = lasso_server_get_provider(LASSO_PROFILE_CONTEXT(login)->server,
@@ -527,6 +572,35 @@ lasso_login_init_request(LassoLogin       *login,
   return (0);
 }
 
+gboolean
+lasso_login_must_authenticate(LassoLogin *login)
+{
+  gboolean  must_authenticate = TRUE;
+  gboolean  isPassive = TRUE;
+  gboolean  forceAuthn = FALSE;
+
+  /* verify if the user must be authenticated or not */
+  if (xmlStrEqual(lasso_node_get_child_content(LASSO_PROFILE_CONTEXT(login)->request, "IsPassive", NULL), "false")) {
+    isPassive = FALSE;
+  }
+
+  if (xmlStrEqual(lasso_node_get_child_content(LASSO_PROFILE_CONTEXT(login)->request, "ForceAuthn", NULL), "true")) {
+    forceAuthn = TRUE;
+  }
+
+  /* complex test to login process */
+  if ((forceAuthn == TRUE || LASSO_PROFILE_CONTEXT(login)->user == NULL) && isPassive == FALSE) {
+    must_authenticate = TRUE;
+  }
+  else if (LASSO_PROFILE_CONTEXT(login)->user == NULL && isPassive == TRUE) {
+    lasso_profile_context_set_response_status(LASSO_PROFILE_CONTEXT(login),
+					      lassoLibStatusCodeNoPassive);
+    must_authenticate = FALSE;
+  }
+
+  return (must_authenticate);
+}
+
 gint
 lasso_login_process_authn_response_msg(LassoLogin *login,
 				       gchar      *authn_response_msg)
@@ -539,39 +613,7 @@ lasso_login_process_authn_response_msg(LassoLogin *login,
 										lassoNodeExportTypeBase64);
   LASSO_PROFILE_CONTEXT(login)->response_type = lassoMessageTypeAuthnResponse;
 
-  assertion = lasso_node_get_child(LASSO_PROFILE_CONTEXT(login)->response,
-				   "Assertion",
-				   lassoLibHRef);
-  idp = lasso_server_get_provider(LASSO_PROFILE_CONTEXT(login)->server,
-				  LASSO_PROFILE_CONTEXT(login)->remote_providerID);
-  if (assertion != NULL) {
-    lasso_node_verify_signature(assertion, idp->ca_certificate);
-  }
-  else {
-    return (-1);
-  }
-  status = lasso_node_get_child(LASSO_PROFILE_CONTEXT(login)->response,
-				"Status",
-				lassoSamlProtocolHRef);
-  if (status != NULL) {
-    statusCode = lasso_node_get_child(status,
-				  "StatusCode",
-				  lassoSamlProtocolHRef);
-    
-    if (statusCode) {
-      statusCode_value = lasso_node_get_content(statusCode);
-      if (xmlStrEqual(statusCode_value, lassoSamlStatusCodeSuccess)) {
-	return (-4);
-      }
-    }
-    else {
-      return (-3);
-    }
-  }
-  else {
-    return (-2);
-  }
-  return (0);
+  return (lasso_login_process_response_status_and_assertion(login));
 }
 
 gint
@@ -589,33 +631,17 @@ lasso_login_process_request_msg(LassoLogin *login,
   return (0);
 }
 
-gboolean
-lasso_login_must_authenticate(LassoLogin *login)
+gint
+lasso_login_process_response_msg(LassoLogin  *login,
+				 gchar       *response_msg,
+				 const gchar *remote_providerID)
 {
-  gboolean  must_authenticate = TRUE;
-  gboolean  isPassive = TRUE;
-  gboolean  forceAuthn = FALSE;
-
-  /* verify if the user must be authenticated or not */
-  if (xmlStrEqual(lasso_node_get_child_content(LASSO_PROFILE_CONTEXT(login)->request, "IsPassive", NULL), "false")) {
-    isPassive = FALSE;
-  }
-
-  if (xmlStrEqual(lasso_node_get_child_content(LASSO_PROFILE_CONTEXT(login)->request, "ForceAuthn", NULL), "true")) {
-    forceAuthn = TRUE;
-  }
-
-  /* complex test to login process */
-  if ((forceAuthn == TRUE || LASSO_PROFILE_CONTEXT(login)->user == NULL) && isPassive == FALSE) {
-    must_authenticate = TRUE;
-  }
-  else if (LASSO_PROFILE_CONTEXT(login)->user == NULL && isPassive == TRUE) {
-    lasso_profile_context_set_response_status(LASSO_PROFILE_CONTEXT(login),
-					      lassoLibStatusCodeNoPassive);
-    must_authenticate = FALSE;
-  }
+  LASSO_PROFILE_CONTEXT(login)->response = lasso_response_new_from_export(response_msg,
+									  lassoNodeExportTypeSoap);
+  LASSO_PROFILE_CONTEXT(login)->response_type = lassoMessageTypeResponse;
+  LASSO_PROFILE_CONTEXT(login)->remote_providerID = g_strdup(remote_providerID);
 
-  return (must_authenticate);
+  return (lasso_login_process_response_status_and_assertion(login));
 }
 
 /*****************************************************************************/
diff --git a/lasso/id-ff/login.h b/lasso/id-ff/login.h
index 673ee629..10c84c4c 100644
--- a/lasso/id-ff/login.h
+++ b/lasso/id-ff/login.h
@@ -110,13 +110,17 @@ LASSO_EXPORT gint                 lasso_login_init_request                (Lasso
 									   lassoHttpMethods  response_method,
 									   const gchar      *remote_providerID);
 
-LASSO_EXPORT gint                 lasso_login_process_authn_response_msg   (LassoLogin *login,
-									    gchar      *authn_response_msg);
+LASSO_EXPORT gboolean             lasso_login_must_authenticate           (LassoLogin *login);
 
-LASSO_EXPORT gint                 lasso_login_process_request_msg          (LassoLogin *login,
-									    gchar      *request_msg);
+LASSO_EXPORT gint                 lasso_login_process_authn_response_msg  (LassoLogin *login,
+									   gchar      *authn_response_msg);
 
-LASSO_EXPORT gboolean             lasso_login_must_authenticate           (LassoLogin *login);
+LASSO_EXPORT gint                 lasso_login_process_request_msg         (LassoLogin *login,
+									   gchar      *request_msg);
+
+LASSO_EXPORT gint                 lasso_login_process_response_msg        (LassoLogin  *login,
+									   gchar       *response_msg,
+									   const gchar *remote_providerID);
 
 #ifdef __cplusplus
 }
author	Valery Febvre <vfebvre at easter-eggs.com>	2004-07-14 12:53:11 +0000
committer	Valery Febvre <vfebvre at easter-eggs.com>	2004-07-14 12:53:11 +0000
commit	6dd81a97236a54cde4bf80b18d28b191b13f6127 (patch)
tree	35c737880f4693c75bb5ce0fb7ef6c05e5e2ca9e
parent	03cc97448e304d121cfa8c7486a0932d891a40ab (diff)