handle saml2/sso/post (almost, need to fix return url)

3 files changed, 73 insertions, 10 deletions

diff --git a/lasso/id-ff/Makefile.am b/lasso/id-ff/Makefile.am
index 917507a0..27305f62 100644
--- a/lasso/id-ff/Makefile.am
+++ b/lasso/id-ff/Makefile.am
@@ -29,7 +29,8 @@ lasso_private_h_sources = \
 	providerprivate.h \
 	serverprivate.h \
 	sessionprivate.h \
-	logoutprivate.h
+	logoutprivate.h \
+	loginprivate.h
 
 liblassoinclude_HEADERS = \
 	defederation.h \
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c
index d30a22fc..1b65a648 100644
--- a/lasso/id-ff/login.c
+++ b/lasso/id-ff/login.c
@@ -48,18 +48,10 @@
 #include <lasso/id-ff/serverprivate.h>
 #include <lasso/id-ff/sessionprivate.h>
 #include <lasso/id-ff/identityprivate.h>
+#include <lasso/id-ff/loginprivate.h>
 
 #include <lasso/saml-2.0/loginprivate.h>
 
-struct _LassoLoginPrivate
-{
-	char *soap_request_msg;
-#ifdef LASSO_WSF_ENABLED
-	LassoDiscoResourceID *resourceId;
-	LassoDiscoEncryptedResourceID *encryptedResourceId;
-#endif
-};
-
 
 static void lasso_login_assertion_add_discovery(LassoLogin *login, LassoSamlAssertion *assertion);
 static void lasso_login_build_assertion_artifact(LassoLogin *login);
@@ -886,6 +878,10 @@ lasso_login_build_authn_request_msg(LassoLogin *login)
 	}
 	if (login->http_method == LASSO_HTTP_METHOD_POST) {
 		if (must_sign) {
+			/* XXX: private_key_file is not declared within request
+			 * snippets so it is not freed on destroy, so it is
+			 * normal to not strdup() it; nevertheless it would
+			 * probably be more clean not to to it this way */
 			LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file = 
 				profile->server->private_key;
 			LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file = 
@@ -929,6 +925,10 @@ lasso_login_build_authn_response_msg(LassoLogin *login)
 
 	profile = LASSO_PROFILE(login);
 
+	IF_SAML2(profile) {
+		return lasso_saml20_login_build_authn_response_msg(login);
+	}
+
 	/* ProtocolProfile must be BrwsPost */
 	if (login->protocolProfile != LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST &&
 			login->protocolProfile != LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_LECP) {
@@ -1792,6 +1792,9 @@ dispose(GObject *object)
 	LassoLogin *login = LASSO_LOGIN(object);
 	g_free(login->private_data->soap_request_msg);
 	login->private_data->soap_request_msg = NULL;
+	if (login->private_data->saml2_assertion)
+		lasso_node_destroy(LASSO_NODE(login->private_data->saml2_assertion));
+	login->private_data->saml2_assertion = NULL;
 #ifdef LASSO_WSF_ENABLED
 	if (login->private_data->resourceId)
 		lasso_node_destroy(LASSO_NODE(login->private_data->resourceId));
@@ -1821,6 +1824,7 @@ instance_init(LassoLogin *login)
 {
 	login->private_data = g_new(LassoLoginPrivate, 1);
 	login->private_data->soap_request_msg = NULL;
+	login->private_data->saml2_assertion = NULL;
 #ifdef LASSO_WSF_ENABLED
 	login->private_data->resourceId = NULL;
 	login->private_data->encryptedResourceId = NULL;
diff --git a/lasso/id-ff/loginprivate.h b/lasso/id-ff/loginprivate.h
new file mode 100644
index 00000000..db103ddd
--- /dev/null
+++ b/lasso/id-ff/loginprivate.h
@@ -0,0 +1,58 @@
+/* $Id$ 
+ *
+ * Lasso - A free implementation of the Liberty Alliance specifications.
+ *
+ * Copyright (C) 2004, 2005 Entr'ouvert
+ * http://lasso.entrouvert.org
+ * 
+ * Authors: See AUTHORS file in top-level directory.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef __LASSO_LOGIN_PRIVATE_H__
+#define __LASSO_LOGIN_PRIVATE_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif /* __cplusplus */ 
+
+
+#include <lasso/lasso_config.h>
+#include <lasso/xml/saml-2.0/saml2_assertion.h>
+
+#ifdef LASSO_WSF_ENABLED
+#include <lasso/xml/disco_description.h>
+#include <lasso/xml/disco_resource_offering.h>
+#include <lasso/xml/disco_service_instance.h>
+#endif
+
+
+
+struct _LassoLoginPrivate
+{
+	char *soap_request_msg;
+	LassoSaml2Assertion *saml2_assertion;
+#ifdef LASSO_WSF_ENABLED
+	LassoDiscoResourceID *resourceId;
+	LassoDiscoEncryptedResourceID *encryptedResourceId;
+#endif
+};
+
+#ifdef __cplusplus
+}
+#endif /* __cplusplus */
+
+#endif /* __LASSO_LOGIN_PRIVATE_H__ */