diff options
| author | Frederic Peters <fpeters@entrouvert.com> | 2008-05-29 14:14:48 +0000 |
|---|---|---|
| committer | Frederic Peters <fpeters@entrouvert.com> | 2008-05-29 14:14:48 +0000 |
| commit | f7284657161ddfa7526737e2eae5df96d38297ed (patch) | |
| tree | 3993af9fcd8926a33707da80396aa852c974b35e | |
| parent | 621eec08b567ca50c381d30300b97455d3ca6b2c (diff) | |
| download | lasso-f7284657161ddfa7526737e2eae5df96d38297ed.tar.gz lasso-f7284657161ddfa7526737e2eae5df96d38297ed.tar.xz lasso-f7284657161ddfa7526737e2eae5df96d38297ed.zip | |
forbit query strings to be xml signed
| -rw-r--r-- | lasso/saml-2.0/login.c | 5 | ||||
| -rw-r--r-- | lasso/saml-2.0/logout.c | 11 | ||||
| -rw-r--r-- | lasso/saml-2.0/name_id_management.c | 11 |
3 files changed, 27 insertions, 0 deletions
diff --git a/lasso/saml-2.0/login.c b/lasso/saml-2.0/login.c index 022a003f..1a8dae56 100644 --- a/lasso/saml-2.0/login.c +++ b/lasso/saml-2.0/login.c @@ -1461,6 +1461,11 @@ lasso_saml20_login_build_authn_response_msg(LassoLogin *login) } else { char *url, *query; + /* don't include signature stuff in XML when exporting to a + * query string */ + LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->sign_type = + LASSO_SIGNATURE_TYPE_NONE; + url = profile->msg_url; query = lasso_node_export_to_query(profile->response, profile->server->signature_method, diff --git a/lasso/saml-2.0/logout.c b/lasso/saml-2.0/logout.c index 4f1172d7..2b50b891 100644 --- a/lasso/saml-2.0/logout.c +++ b/lasso/saml-2.0/logout.c @@ -211,6 +211,12 @@ lasso_saml20_logout_build_request_msg(LassoLogout *logout, LassoProvider *remote if (logout->initial_http_request_method == LASSO_HTTP_METHOD_REDIRECT) { char *url, *query; + + /* don't include signature stuff in XML when exporting to a + * query string */ + LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->sign_type = + LASSO_SIGNATURE_TYPE_NONE; + url = lasso_provider_get_metadata_one(remote_provider, "SingleLogoutService HTTP-Redirect"); if (url == NULL) { @@ -542,6 +548,11 @@ lasso_saml20_logout_build_response_msg(LassoLogout *logout) } if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + /* don't include signature stuff in XML when exporting to a + * query string */ + LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->sign_type = + LASSO_SIGNATURE_TYPE_NONE; + /* get the provider */ provider = g_hash_table_lookup(profile->server->providers, profile->remote_providerID); diff --git a/lasso/saml-2.0/name_id_management.c b/lasso/saml-2.0/name_id_management.c index 8be7c368..69d06f6d 100644 --- a/lasso/saml-2.0/name_id_management.c +++ b/lasso/saml-2.0/name_id_management.c @@ -178,6 +178,12 @@ lasso_name_id_management_build_request_msg(LassoNameIdManagement *name_id_manage if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { char *url, *query; + + /* don't include signature stuff in XML when exporting to a + * query string */ + LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->sign_type = + LASSO_SIGNATURE_TYPE_NONE; + url = lasso_provider_get_metadata_one(remote_provider, "ManageNameIDService HTTP-Redirect"); if (url == NULL) { @@ -476,6 +482,11 @@ lasso_name_id_management_build_response_msg(LassoNameIdManagement *name_id_manag } if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) { + /* don't include signature stuff in XML when exporting to a + * query string */ + LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->sign_type = + LASSO_SIGNATURE_TYPE_NONE; + /* get the provider */ provider = g_hash_table_lookup(profile->server->providers, profile->remote_providerID); |