SAML 2.0 Helper: add lasso_saml2_assertion_set_one_time_use

3 files changed, 28 insertions, 1 deletions

diff --git a/docs/reference/lasso/lasso-sections.txt b/docs/reference/lasso/lasso-sections.txt
index 808c045c..a054ba1c 100644
--- a/docs/reference/lasso/lasso-sections.txt
+++ b/docs/reference/lasso/lasso-sections.txt
@@ -3023,6 +3023,7 @@ lasso_saml2_assertion_add_attribute_with_node
 lasso_saml2_assertion_get_in_response_to
 lasso_saml2_assertion_decrypt_subject
 lasso_saml2_assertion_has_one_time_use
+lasso_saml2_assertion_set_one_time_use
 <SUBSECTION Standard>
 LASSO_SAML2_ASSERTION
 LASSO_IS_SAML2_ASSERTION
diff --git a/lasso/saml-2.0/saml2_helper.c b/lasso/saml-2.0/saml2_helper.c
index 4a242ee0..ae2cda33 100644
--- a/lasso/saml-2.0/saml2_helper.c
+++ b/lasso/saml-2.0/saml2_helper.c
@@ -310,8 +310,31 @@ lasso_saml2_assertion_set_basic_conditions(LassoSaml2Assertion *saml2_assertion,
 
 	saml2_conditions = lasso_saml2_assertion_get_conditions (saml2_assertion, TRUE);
 	set_notbefore_and_notonorafter (saml2_assertion->Conditions, tolerance, length);
+	lasso_saml2_assertion_set_one_time_use(saml2_assertion, one_time_use);
+}
+
+/**
+ * lasso_saml2_assertion_set_one_time_use:
+ * @saml2_assertion: a #LassoSaml2Assertion object
+ * @one_time_use: is this assertion to be used one time only ?
+ *
+ * Set the one time use condition on this assertion.
+ */
+void
+lasso_saml2_assertion_set_one_time_use(LassoSaml2Assertion *saml2_assertion,
+		gboolean one_time_use)
+{
+	LassoSaml2Conditions * saml2_conditions;
+
+	g_return_if_fail (LASSO_IS_SAML2_ASSERTION (saml2_assertion));
+
+	saml2_conditions = lasso_saml2_assertion_get_conditions(saml2_assertion, TRUE);
+	lasso_list_add_new_gobject (saml2_conditions->OneTimeUse, lasso_saml2_one_time_use_new());
 	if (one_time_use) {
-		lasso_list_add_new_gobject (saml2_conditions->OneTimeUse, lasso_saml2_one_time_use_new());
+		lasso_list_add_new_gobject(saml2_conditions->OneTimeUse,
+				lasso_saml2_one_time_use_new());
+	} else {
+		lasso_release_list_of_gobjects(saml2_conditions->OneTimeUse);
 	}
 }
 
diff --git a/lasso/saml-2.0/saml2_helper.h b/lasso/saml-2.0/saml2_helper.h
index 998c4462..9a86d0b0 100644
--- a/lasso/saml-2.0/saml2_helper.h
+++ b/lasso/saml-2.0/saml2_helper.h
@@ -142,6 +142,9 @@ LASSO_EXPORT LassoSaml2AssertionValidationState lasso_saml2_assertion_allows_pro
 LASSO_EXPORT LassoSaml2AssertionValidationState lasso_saml2_assertion_allows_proxying_to(
 		LassoSaml2Assertion *saml2_assertion, const char *audience);
 
+LASSO_EXPORT void lasso_saml2_assertion_set_one_time_use(LassoSaml2Assertion *saml2_assertion,
+		gboolean one_time_use);
+
 #ifdef __cplusplus
 }
 #endif /* __cplusplus */