SAML 2.0: simplify redirect binding code path

* lasso/saml-2.0/login.c, lasso/saml-2.0/logout.c, lasso/saml-2.0/name_id_management.c: simplify code path associated with generation of the url for the HTTP-Redirect binding using the rencently introduced function lasso_saml20_profile_build_http_redirect.
author: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2009-03-27 15:05:50 +0000
committer: Benjamin Dauvergne <bdauvergne@entrouvert.com> 2009-03-27 15:05:50 +0000
commit: aad866ab670e56ed02a04dd6fd047b322b3d758d (patch)
tree: 27066717c81e4f85cd9bf72c50e7cffdc567aa40
parent: 64f96e01dcfc67f96be915574f8ffdd14432d3ef (diff)
2 files changed, 14 insertions, 102 deletions
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c
index 03072663..209e07c3 100644
--- a/lasso/saml-2.0/login.c
+++ b/lasso/saml-2.0/login.c
@@ -126,7 +126,7 @@ lasso_saml20_login_init_authn_request(LassoLogin *login, LassoHttpMethod http_me
 gint
 lasso_saml20_login_build_authn_request_msg(LassoLogin *login, LassoProvider *remote_provider)
 {
-	char *query, *url;
+	char *url;
 	char *md_authnRequestsSigned;
 	gboolean must_sign;
 	LassoProfile *profile = LASSO_PROFILE(login);
@@ -137,29 +137,8 @@ lasso_saml20_login_build_authn_request_msg(LassoLogin *login, LassoProvider *rem
 	g_free(md_authnRequestsSigned);
 
 	if (login->http_method == LASSO_HTTP_METHOD_REDIRECT) {
-		/* REDIRECT -> query */
-		if (must_sign) {
-			query = lasso_node_export_to_query(profile->request,
-					profile->server->signature_method,
-					profile->server->private_key);
-		} else {
-			query = lasso_node_export_to_query(
-					LASSO_NODE(profile->request), 0, NULL);
-		}
-		if (query == NULL) {
-			return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
-		}
-
-		url = lasso_provider_get_metadata_one(remote_provider,
-				"SingleSignOnService HTTP-Redirect");
-		if (url == NULL) {
-			return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
-		}
-
-		profile->msg_url = lasso_concat_url_query(url, query);
-		profile->msg_body = NULL;
-		g_free(query);
-		g_free(url);
+		return lasso_saml20_build_http_redirect_query_simple(profile, profile->request,
+				must_sign, "SingleSignOnService", FALSE);
 	} else {
 		/* POST, SOAP and Artifact-GET|POST */
 		if (must_sign) {
@@ -1442,24 +1421,17 @@ lasso_saml20_login_build_authn_response_msg(LassoLogin *login)
 		/* build an lib:AuthnResponse base64 encoded */
 		profile->msg_body = lasso_node_export_to_base64(LASSO_NODE(profile->response));
 	} else {
-		char *url, *query;
-
-		/* don't include signature stuff in XML when exporting to a
-		 * query string */
-		LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->sign_type =
-			LASSO_SIGNATURE_TYPE_NONE;
+		int rc;
+		char *url;
 
 		url = profile->msg_url;
-		query = lasso_node_export_to_query(profile->response,
-				profile->server->signature_method,
-				profile->server->private_key);
-		if (query == NULL) {
-			return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
+		rc = lasso_saml20_profile_build_http_redirect(profile, profile->response, 1, profile->msg_url);
+		if (profile->msg_url != url) {
+			lasso_release(url);
+		}
+		if (rc != 0) {
+			return rc;
 		}
-		profile->msg_url = lasso_concat_url_query(url, query);
-		profile->msg_body = NULL;
-		g_free(query);
-		g_free(url);
 	}
 
 
diff --git a/lasso/saml-2.0/logout.c b/lasso/saml-2.0/logout.c
index 8a83c18b..3b890942 100644
--- a/lasso/saml-2.0/logout.c
+++ b/lasso/saml-2.0/logout.c
@@ -210,33 +210,9 @@ lasso_saml20_logout_build_request_msg(LassoLogout *logout, LassoProvider *remote
 		profile->msg_body = lasso_node_export_to_soap(profile->request);
 		return 0;
 	}
-
 	if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
-		char *url, *query;
-
-		/* don't include signature stuff in XML when exporting to a
-		 * query string */
-		LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->sign_type =
-			LASSO_SIGNATURE_TYPE_NONE;
-
-		url = lasso_provider_get_metadata_one(remote_provider,
-				"SingleLogoutService HTTP-Redirect");
-		if (url == NULL) {
-			return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
-		}
-		LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->Destination = g_strdup(url);
-		query = lasso_node_export_to_query(profile->request,
-					profile->server->signature_method,
-					profile->server->private_key);
-		if (query == NULL) {
-			g_free(url);
-			return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
-		}
-		profile->msg_url = lasso_concat_url_query(url, query);
-		profile->msg_body = NULL;
-		g_free(url);
-		g_free(query);
-		return 0;
+		return lasso_saml20_build_http_redirect_query_simple(profile, profile->request,
+				TRUE, "SingleLogoutService", FALSE);
 	}
 
 	/* XXX: artifact support */
@@ -466,8 +442,6 @@ lasso_saml20_logout_build_response_msg(LassoLogout *logout)
 {
 	LassoProfile *profile = LASSO_PROFILE(logout);
 	LassoSamlp2StatusResponse *response;
-	LassoProvider *provider;
-	char *url, *query;
 
 	if (profile->response == NULL) {
 		/* no response set here means request denied */
@@ -510,41 +484,7 @@ lasso_saml20_logout_build_response_msg(LassoLogout *logout)
 	}
 
 	if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
-		/* don't include signature stuff in XML when exporting to a
-		 * query string */
-		LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->sign_type =
-			LASSO_SIGNATURE_TYPE_NONE;
-
-		/* get the provider */
-		provider = g_hash_table_lookup(profile->server->providers,
-				profile->remote_providerID);
-		if (provider == NULL) {
-			return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
-		}
-
-		url = lasso_provider_get_metadata_one(provider,
-				"SingleLogoutService HTTP-Redirect ResponseLocation");
-		if (url == NULL) {
-			url = lasso_provider_get_metadata_one(provider,
-					"SingleLogoutService HTTP-Redirect");
-			if (url == NULL) {
-				return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
-			}
-		}
-		LASSO_SAMLP2_LOGOUT_RESPONSE(profile->response)->relayState = g_strdup(
-				profile->msg_relayState);
-		query = lasso_node_export_to_query(LASSO_NODE(profile->response),
-				profile->server->signature_method,
-				profile->server->private_key);
-		if (query == NULL) {
-			g_free(url);
-			return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
-		}
-		profile->msg_url = lasso_concat_url_query(url, query);
-		profile->msg_body = NULL;
-		g_free(url);
-		g_free(query);
-		return 0;
+		return lasso_saml20_build_http_redirect_query_simple(profile,  profile->response, TRUE, "SingleLogoutService", TRUE);
 	}
 
 	return LASSO_PROFILE_ERROR_MISSING_REQUEST;
author	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2009-03-27 15:05:50 +0000
committer	Benjamin Dauvergne <bdauvergne@entrouvert.com>	2009-03-27 15:05:50 +0000
commit	aad866ab670e56ed02a04dd6fd047b322b3d758d (patch)
tree	27066717c81e4f85cd9bf72c50e7cffdc567aa40
parent	64f96e01dcfc67f96be915574f8ffdd14432d3ef (diff)