diff options
| author | Frederic Peters <fpeters@entrouvert.com> | 2006-09-28 16:09:54 +0000 |
|---|---|---|
| committer | Frederic Peters <fpeters@entrouvert.com> | 2006-09-28 16:09:54 +0000 |
| commit | b08ae207c080463c7e4247fa94dd3ee3ad480ff6 (patch) | |
| tree | df5516b1e38e88a838124fbe91dd8e5c9344a7b4 | |
| parent | 21d9435173f3e36ac17cc97ad6da5b66507a44f2 (diff) | |
| download | lasso-b08ae207c080463c7e4247fa94dd3ee3ad480ff6.tar.gz lasso-b08ae207c080463c7e4247fa94dd3ee3ad480ff6.tar.xz lasso-b08ae207c080463c7e4247fa94dd3ee3ad480ff6.zip | |
better error handling in slo
| -rw-r--r-- | lasso/errors.c | 4 | ||||
| -rw-r--r-- | lasso/errors.h | 1 | ||||
| -rw-r--r-- | lasso/id-ff/logout.c | 11 | ||||
| -rw-r--r-- | swig/Lasso.i | 1 |
4 files changed, 16 insertions, 1 deletions
diff --git a/lasso/errors.c b/lasso/errors.c index 49c897ec..c4bb113a 100644 --- a/lasso/errors.c +++ b/lasso/errors.c @@ -79,6 +79,8 @@ lasso_strerror(int error_code) return "Unsupported protocol profile"; case LASSO_LOGOUT_ERROR_REQUEST_DENIED: return "Request denied by identity provider"; + case LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND: + return "Federation not found on logout"; case LASSO_PROFILE_ERROR_INVALID_QUERY: return "Invalid URL query"; case LASSO_PROFILE_ERROR_INVALID_POST_MSG: @@ -137,7 +139,7 @@ lasso_strerror(int error_code) case LASSO_LOGIN_ERROR_UNKNOWN_PRINCIPAL: return "Unknown principal"; case LASSO_LOGIN_ERROR_FEDERATION_NOT_FOUND: - return "Federation not found"; + return "Federation not found on login"; case LASSO_LOGIN_ERROR_REQUEST_DENIED: return "Request denied"; diff --git a/lasso/errors.h b/lasso/errors.h index f2067c17..923c7430 100644 --- a/lasso/errors.h +++ b/lasso/errors.h @@ -60,6 +60,7 @@ /* Single Logout */ #define LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE -301 #define LASSO_LOGOUT_ERROR_REQUEST_DENIED 302 +#define LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND 303 /* Profile */ #define LASSO_PROFILE_ERROR_INVALID_QUERY -401 diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c index 2a9486c4..f47cc2d2 100644 --- a/lasso/id-ff/logout.c +++ b/lasso/id-ff/logout.c @@ -657,10 +657,20 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) } if (strcmp(statusCodeValue, LASSO_SAML_STATUS_CODE_REQUEST_DENIED) == 0) { /* assertion no longer on idp so removing it locally too */ + message(G_LOG_LEVEL_WARNING, "SP answer is request denied"); lasso_session_remove_assertion( profile->session, profile->remote_providerID); return LASSO_LOGOUT_ERROR_REQUEST_DENIED; } + if (strcmp(statusCodeValue, + LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST) == 0) { + /* how could this happen ? probably error in SP */ + /* let's remove the assertion nevertheless */ + message(G_LOG_LEVEL_WARNING, "SP answer is federation does not exist"); + lasso_session_remove_assertion( + profile->session, profile->remote_providerID); + return LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND; + } message(G_LOG_LEVEL_CRITICAL, "Status code is not success : %s", statusCodeValue); return LASSO_ERROR_UNDEFINED; } @@ -703,6 +713,7 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg) if (profile->response != NULL) lasso_node_destroy(LASSO_NODE(profile->response)); + profile->http_request_method = LASSO_HTTP_METHOD_REDIRECT; profile->remote_providerID = logout->initial_remote_providerID; profile->request = logout->initial_request; profile->response = logout->initial_response; diff --git a/swig/Lasso.i b/swig/Lasso.i index f5c30306..5d4ec11e 100644 --- a/swig/Lasso.i +++ b/swig/Lasso.i @@ -1049,6 +1049,7 @@ typedef enum { #ifndef SWIGPHP4 %rename(LOGOUT_ERROR_UNSUPPORTED_PROFILE) LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE; %rename(LOGOUT_ERROR_REQUEST_DENIED) LASSO_LOGOUT_ERROR_REQUEST_DENIED; +%rename(LOGOUT_ERROR_FEDERATION_NOT_FOUND) LASSO_LOGOUT_ERROR_FEDERATION_NOT_FOUND; #endif /* Profile */ |