*** empty log message ***

author: Nicolas Clapies <nclapies@entrouvert.com> 2004-07-06 19:11:01 +0000
committer: Nicolas Clapies <nclapies@entrouvert.com> 2004-07-06 19:11:01 +0000
commit: c122a7727a1b873eee2293496d9b4db238ce2fd4 (patch)
tree: a7242a857e4d5e56f2d36217b40cd660907ae8d5 /lasso/id-ff/logout.c
parent: b455c8fd195c27ff488cbde7abece94a580d1807 (diff)
download: lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.tar.gz
lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.tar.xz
lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.zip
1 files changed, 186 insertions, 117 deletions
diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c
index 8532704b..1006791a 100644
--- a/lasso/id-ff/logout.c
+++ b/lasso/id-ff/logout.c
@@ -28,121 +28,180 @@
 /* public methods                                                            */
 /*****************************************************************************/
 
-xmlChar *lasso_logout_build_request(LassoLogout *logout){
-     char          *protocolProfile;
-     char          *message, *url, *query, *nameIdentifier, *nameQualifier, *format;
-     LassoNode     *request, identifier;
-     LassoProvider *provider;
-
-     provider = lasso_server_find_provider(logout->server, logout->peer_providerID);
-     if(!provider)
-	  return(NULL);
-
-     identifier = lasso_user_get_nameIdentifier_by_peer_providerID(logout->user, logout->peer_providerID);
-     nameIdentifier = lasso_nameIdentifier_get_content(identifier);
-     nameQualifier = lasso_nameIdentifier_get_nameQualifier(identifier);
-     format = lasso_nameIdentifier_get_format(identifier);
-     
-     request = lasso_logout_request_new(logout->local_providerID,
-					nameIdentifier,
-					nameQualifier,
-					format);
-     if(!request)
-	  return(NULL);
-
-     url = lasso_provider_get_singleLogoutServiceUrl(provider);
-     if(!url)
-	  return(NULL);
-
-     protocolProfile = lasso_provider_get_singleLogoutProtocolProfile(provider);
-     if(!protocolProfile)
-	  return(NULL);
-
-     /* FIXME : do we need to store the url in the logout context ? */
-     if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpHttp) ||
-	xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpHttp)){
-	  /* FIXME : use a constant instead a integer for the signature method */
-	  query = lasso_node_export_to_query(logout->request, 0, logout->server->private_key);
-          /* FIXME : use a more proper method to allocate the message ? */
-	  message = (xmlChar *)malloc(strlen(url)+strlen(query)+2); /* +2 : ? and end of line */
-	  sprintf(message , "%s?%s", url, query);
-	  logout->request_protocol_method = lasso_protocol_method_redirect;
-     }
-     else if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) ||
-	xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)){
-	  message = lasso_node_exort_to_soap(logout->request);
-	  logout->request_protocol_method = lasso_protocol_method_soap;
-     }
-
-     return(message);
+xmlChar *
+lasso_logout_build_request_msg(LassoLogout *logout)
+{
+  LassoProfileContext *profileContext;
+  LassoProvider *provider;
+  xmlChar *protocolProfile;
+  
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+
+  /* get the prototocol profile of the logout */
+  provider = lasso_server_get_provider(profileContext->server, profileContext->remote_providerID);
+  if(provider==NULL){
+    printf("provider not found\n");
+    return(NULL);
+  }
+
+  protocolProfile = lasso_provider_get_singleLogoutProtocolProfile(provider);
+  if(protocolProfile==NULL){
+    printf("No protocol profile for logout request message\n");
+    return(NULL);
+  }
+
+  if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) || xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)){
+    logout->url = lasso_provider_get_singleLogoutServiceUrl(provider);
+    logout->method = lassoProfileContextMethodSoap;
+    return(lasso_node_export_to_soap(profileContext->request));
+  }
+
+  return(NULL);
+}
+
+xmlChar *
+lasso_logout_build_response_msg(LassoLogout *logout)
+{
+  LassoProfileContext *profileContext;
+  LassoProvider *provider;
+  xmlChar *protocolProfile;
+  
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+
+  /* get the prototocol profile of the logout */
+  provider = lasso_server_get_provider(profileContext->server, profileContext->remote_providerID);
+  if(provider==NULL){
+    printf("provider not found\n");
+    return(NULL);
+  }
+
+  protocolProfile = lasso_provider_get_singleLogoutProtocolProfile(provider);
+  if(protocolProfile==NULL){
+    printf("No protocol profile for logout response message\n");
+    return(NULL);
+  }
+
+  if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) || xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)){
+    logout->url = lasso_provider_get_singleLogoutServiceUrl(provider);
+    logout->method = lassoProfileContextMethodSoap;
+    return(lasso_node_export_to_soap(profileContext->response));
+  }
+
+  return(NULL);
+}
+
+gint
+lasso_logout_init_request(LassoLogout *logout,
+			  xmlChar     *remote_providerID)
+{
+  LassoProfileContext *profileContext;
+  LassoNode           *nameIdentifier;
+  LassoIdentity       *identity;
+  LassoLogoutRequest  *request;
+
+  xmlChar *content, *nameQualifier, *format;
+
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+
+  /* get identity */
+  identity = lasso_user_get_identity(profileContext->user, profileContext->remote_providerID);
+  if(!identity)
+    return(1);
+
+  /* get the name identifier (!!! depend on the provider type : SP or IDP !!!)*/
+  switch(logout->provider_type){
+  case lassoProfileContextServiceProviderType:
+    nameIdentifier = LASSO_NODE(lasso_identity_get_local_nameIdentifier(identity, profileContext->remote_providerID));
+    if(!nameIdentifier)
+      nameIdentifier = LASSO_NODE(lasso_identity_get_remote_nameIdentifier(identity, profileContext->remote_providerID));
+    break;
+  case lassoProfileContextIdentityProviderType:
+    /* get the next assertion ( next authenticated service provider ) */
+    nameIdentifier = LASSO_NODE(lasso_identity_get_remote_nameIdentifier(identity, profileContext->remote_providerID));
+    if(!nameIdentifier)
+      nameIdentifier = LASSO_NODE(lasso_identity_get_local_nameIdentifier(identity, profileContext->remote_providerID));
+    break;
+  }
+  
+  if(!nameIdentifier){
+    printf("error, name identifier not found\n");
+    return(2);
+  }
+
+  /* build the request */
+  content = lasso_node_get_content(nameIdentifier);
+  nameQualifier = lasso_node_get_attr_value(nameIdentifier, "NameQualifier");
+  format = lasso_node_get_attr_value(nameIdentifier, "Format");
+  profileContext->request = lasso_logout_request_new(lasso_provider_get_providerID(LASSO_PROVIDER(profileContext->server)),
+						     content,
+						     nameQualifier,
+						     format);
+
+  return(0);
+}
+
+gint lasso_logout_handle_request(LassoLogout *logout, xmlChar *request_msg, gint request_method)
+{
+  LassoProfileContext *profileContext;
+  xmlChar *statusCodeValue = lassoSamlStatusCodeSuccess;
+  LassoNode *nameIdentifier;
+
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+
+  /* parse LogoutRequest */
+  switch(request_method){
+  case lassoProfileContextMethodSoap:
+    profileContext->request = lasso_logout_request_new_from_soap(request_msg);
+    break;
+  case lassoProfileContextMethodRedirect:
+    printf("TODO, implement the redirect method\n");
+    break;
+  case lassoProfileContextMethodGet:
+    printf("TODO, implement the get method\n");
+    break;
+  default:
+    printf("error while parsing the request\n");
+    return(0);
+  }
+
+  /* set LogoutResponse */
+  profileContext->response = lasso_logout_response_new(lasso_provider_get_providerID(LASSO_PROVIDER(profileContext->server)),
+						       statusCodeValue,
+						       profileContext->request);
+
+  /* Verify federation and */
+  nameIdentifier = lasso_node_get_child(profileContext->request, "NameIdentifier", NULL);
+  if(lasso_user_verify_federation(profileContext->user, nameIdentifier)==FALSE){
+    // TODO : implement a simple method to set the status code value
+    
+  }
+
+  /* verify authentication (if ok, delete assertion) */
+  if(lasso_user_verify_authentication(profileContext->user, nameIdentifier)==FALSE){
+    // TODO : implement verify authentication
+  }
+
+  return(1);
 }
 
-xmlChar *lasso_logout_process_request(LassoLogout *logout,
-				      gchar       *request,
-				      gint         request_method){
-
-     LassoNode     *nameIdentifier, *identity;
-     LassoProvider *provider;
-     char          *protocolProfile;
-     xmlChar       *url, *query, *message;
-
-     switch(request_method){
-     case lasso_protocol_method_redirect:
-	  logout->request = lasso_logout_request_new_from_query(request);
-	  break;
-     case lasso_protocol_method_soap:
-	  logout->request = lasso_logout_request_new_from_soap(request);
-	  break;
-     default:
-	  return(NULL);
-     }
-
-     logout->response = lasso_logout_response_new(logout->local_providerID, lassoSamlStatusCodeSuccess, logout->request);
-
-     logout->peer_providerID = lasso_logout_request_get_providerID(logout->request);
-     
-     /* older and odd method : lasso_node_get_child(logout->request, "NameIdentifier", NULL); */
-     nameIdentifier = lasso_logout_request_get_nameIdentifier(logout->request);
-
-     if(!lasso_profile_context_verify_federation(logout->user, logout->peer_providerID, nameIdentifier)){
-	  lasso_logout_response_set_statusCode_value(logout->response, lassoLibStatusCodeFederationDoesNotExist);
-	  logout->response_status_code_value = lasso_status_response_federation_does_not_exists;
-     }
-
-     if(!lasso_logout_verify_authentication(logout->user, logout->peer_providerID, nameIdentifier)){
-	  lasso_logout_response_set_statusCode_value(logout->response, lassoSamlStatusCodeRequestDenied);
-	  logout->response_status_code_value = lasso_status_response_request_denied;
-     }
-
-     provider = lasso_server_find_provider(logout->server, logout->peer_providerID);
-     if(!provider)
-	  return(NULL);
-
-     url = lasso_provider_get_singleLogoutProtocolServiceReturnUrl(provider);
-     if(!url)
-	  return(NULL);
-
-     protocolProfile = lasso_provider_get_singleLogoutProtocolProfile(provider);
-     if(!protocolProfile)
-	  return(NULL);
-
-     /* FIXME : do we need to store the url in the logout context ? */
-     if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpHttp) ||
-	xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpHttp)){
-	  query = lasso_node_export_to_query(request, 0, NULL);
-	  message = (char *)malloc(strlen(url)+strlen(query)+2); /* FIXME */
-	  sprintf(message , "%s?%s", url, query);
-	  logout->request_protocol_method = lasso_protocol_method_redirect;
-     }
-     else if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) ||
-	xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)){
-	  message = lasso_node_exort_to_soap(request);
-	  logout->request_protocol_method = lasso_protocol_method_soap;
-     }
-
-     logout->response_status_code_value = lasso_status_response_success;
-
-     return(message);
+gint lasso_logout_handle_response(LassoLogout *logout, xmlChar *response_msg, gint response_method)
+{
+  LassoProfileContext *profileContext;
+  gint codeError;
+
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+
+  /* parse LogoutResponse */
+  if(response_method==lassoProfileContextMethodSoap){
+    profileContext->response = lasso_logout_response_new_from_soap(response_msg);
+  }
+    
+  /* verify status code value */
+  // TODO : do the developer needs to get the value of the status code with the level 2 of lasso ?
+  // node = lasso_node_get_child(profileContext->response, "StatusCode", NULL);
+  // statusCodeValue = lasso_node_get_attr_value(node, "Value");
+  
+  return(codeError);
 }
 
 /*****************************************************************************/
@@ -154,7 +213,7 @@ lasso_logout_instance_init(LassoLogout *logout){
 }
 
 static void
-lasso_identity_class_init(LassoLogoutClass *klass) {
+lasso_logout_class_init(LassoLogoutClass *klass) {
 }
 
 GType lasso_logout_get_type() {
@@ -173,19 +232,29 @@ GType lasso_logout_get_type() {
       (GInstanceInitFunc) lasso_logout_instance_init,
     };
     
-    this_type = g_type_register_static(LASSO_TYPE_NODE,
+    this_type = g_type_register_static(LASSO_TYPE_PROFILE_CONTEXT,
 				       "LassoLogout",
 				       &this_info, 0);
   }
   return this_type;
 }
 
-LassoLogout*
-lasso_logout_new()
+LassoLogout *
+lasso_logout_new(LassoServer *server,
+		 LassoUser   *user,
+		 gint         provider_type)
 {
   LassoLogout *logout;
+  LassoProfileContext *profileContext;
 
+  /* set the logout object */
   logout = g_object_new(LASSO_TYPE_LOGOUT, NULL);
+  logout->provider_type = provider_type;
+
+  /* set the properties */
+  profileContext = LASSO_PROFILE_CONTEXT(logout);
+  profileContext->user = user;
+  profileContext->server = server;
 
   return(logout);
 }
author	Nicolas Clapies <nclapies@entrouvert.com>	2004-07-06 19:11:01 +0000
committer	Nicolas Clapies <nclapies@entrouvert.com>	2004-07-06 19:11:01 +0000
commit	c122a7727a1b873eee2293496d9b4db238ce2fd4 (patch)
tree	a7242a857e4d5e56f2d36217b40cd660907ae8d5 /lasso/id-ff/logout.c
parent	b455c8fd195c27ff488cbde7abece94a580d1807 (diff)
download	lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.tar.gz lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.tar.xz lasso-c122a7727a1b873eee2293496d9b4db238ce2fd4.zip