* lasso/id-ff/login.c: comment the generation of Advice when ResourceOffering for

  the DiscoService support a security mechanism needing one. Anyway the
  generation of Credentials is broken.
* lasso/id-ff/session.c: add treatment of saml:Advice on newly added
  Assertions, keep the transmitted assertions inside the session indexed by their
  AssertionID.

* lasso/xml/saml_advice.{c,h}: change content to SNIPPET_LIST_XMLNODES.

1 files changed, 19 insertions, 0 deletions

diff --git a/lasso/id-ff/session.c b/lasso/id-ff/session.c
index 7a0534e9..8281709a 100644
--- a/lasso/id-ff/session.c
+++ b/lasso/id-ff/session.c
@@ -43,6 +43,8 @@
 #include <lasso/xml/id-wsf-2.0/sec_token.h>
 #endif
 
+#include <xmlsec/xmltree.h>
+
 
 /*****************************************************************************/
 /* public methods                                                            */
@@ -70,6 +72,23 @@ lasso_session_add_assertion(LassoSession *session, const char *providerID, Lasso
 
 	g_hash_table_insert(session->assertions, g_strdup(providerID), g_object_ref(assertion));
 
+    /* ID-WSF specific need */
+    if (LASSO_IS_SAML_ASSERTION(assertion)) {
+        LassoSamlAssertion *saml_assertion = LASSO_SAML_ASSERTION(assertion);
+        if (saml_assertion->Advice) {
+            LassoSamlAdvice *advice = saml_assertion->Advice;
+            GList *iter;
+            for (iter = advice->any; iter; iter = iter->next) {
+                xmlNode *node = (xmlNodePtr)iter->data;
+                if (xmlSecCheckNodeName(node, (xmlChar*)"Assertion", (xmlChar*)LASSO_SAML_ASSERTION_HREF)) {
+                    xmlChar *id = xmlGetProp(node, (xmlChar*)"AssertionID");
+                    ret = lasso_session_add_assertion_with_id(session, (char*)id, node);
+                    xmlFree(id);
+                }
+            }
+        }
+    }
+
 	session->is_dirty = TRUE;
 
 	return ret;