diff options
author | Valery Febvre <vfebvre at easter-eggs.com> | 2004-08-19 18:48:53 +0000 |
---|---|---|
committer | Valery Febvre <vfebvre at easter-eggs.com> | 2004-08-19 18:48:53 +0000 |
commit | 33833bc3bbfbae8d7a7436f7b13609efa1da6af8 (patch) | |
tree | f6382ddc0bbb24089fe996bb2e36eb59c2a1fe52 /lasso/id-ff | |
parent | c058f4dde9e58c0a622b6d50b920830e27960a73 (diff) | |
download | lasso-33833bc3bbfbae8d7a7436f7b13609efa1da6af8.tar.gz lasso-33833bc3bbfbae8d7a7436f7b13609efa1da6af8.tar.xz lasso-33833bc3bbfbae8d7a7436f7b13609efa1da6af8.zip |
Fixed a mistake with name identifiers of the assertions
Diffstat (limited to 'lasso/id-ff')
-rw-r--r-- | lasso/id-ff/login.c | 71 |
1 files changed, 5 insertions, 66 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 4489028b..67bb64aa 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -47,61 +47,6 @@ struct _LassoLoginPrivate /*****************************************************************************/ /** - * lasso_login_get_assertion_nameIdentifier: - * @assertion: an assertion - * @err: return location for an allocated GError, or NULL to ignore errors - * - * An assertion may contain 2 NameIdentifier elements (one called NameIdentifier - * and the other called IDPProvidedNameIdentifier). - * If contents of the 2 name identifiers are equal then returns one of both - * else returns the NameIdentifier content. - * If both contents are NULL or NameIdentifier elements are missing then - * returns NULL. - * - * Return value: a newly allocated string or NULL - **/ -static gchar* -lasso_login_get_assertion_nameIdentifier(LassoNode *assertion, - GError **err) -{ - xmlChar *ni, *idp_ni; - - if (err != NULL && *err != NULL) { - g_set_error(err, g_quark_from_string("Lasso"), - LASSO_PARAM_ERROR_ERR_CHECK_FAILED, - lasso_strerror(LASSO_PARAM_ERROR_ERR_CHECK_FAILED)); - g_return_val_if_fail (err == NULL || *err == NULL, NULL); - } - if (LASSO_IS_NODE(assertion) == FALSE) { - g_set_error(err, g_quark_from_string("Lasso"), - LASSO_PARAM_ERROR_BADTYPE_OR_NULL_OBJ, - lasso_strerror(LASSO_PARAM_ERROR_BADTYPE_OR_NULL_OBJ)); - g_return_val_if_fail(LASSO_IS_NODE(assertion), NULL); - } - - ni = lasso_node_get_child_content(assertion, "NameIdentifier", NULL, NULL); - idp_ni = lasso_node_get_child_content(assertion, "IDPProvidedNameIdentifier", - NULL, NULL); - - if (xmlStrEqual(ni, idp_ni) && idp_ni != NULL) { - xmlFree(ni); - return (idp_ni); - } - else { - xmlFree(idp_ni); - if (ni != NULL) { - return (ni); - } - else { - g_set_error(err, g_quark_from_string("Lasso"), - LASSO_ERROR_UNDEFINED, - "NameIdentifier value not found in Assertion element.\n"); - return (NULL); - } - } -} - -/** * lasso_login_add_response_assertion: * @login: a Login * @federation: a Federation @@ -153,20 +98,10 @@ lasso_login_add_response_assertion(LassoLogin *login, LASSO_SAML_AUTHENTICATION_STATEMENT(as)); } else { - message(G_LOG_LEVEL_CRITICAL, "Failed to build the AuthenticationStatement element of the Assertion.\n"); ret = -2; goto done; } - /* store NameIdentifier */ - LASSO_PROFILE(login)->nameIdentifier = lasso_login_get_assertion_nameIdentifier(assertion, &err); - if (LASSO_PROFILE(login)->nameIdentifier == NULL) { - message(G_LOG_LEVEL_CRITICAL, err->message); - ret = err->code; - g_error_free(err); - goto done; - } - /* FIXME : How to know if the assertion must be signed or unsigned ? */ /* signature should be added at end */ ret = lasso_saml_assertion_set_signature(LASSO_SAML_ASSERTION(assertion), @@ -267,6 +202,9 @@ lasso_login_process_federation(LassoLogin *login) /* TODO */ } + /* store the IDP name identifier */ + LASSO_PROFILE(login)->nameIdentifier = lasso_node_get_content(federation->local_nameIdentifier, NULL); + done: lasso_federation_destroy(federation); xmlFree(nameIDPolicy); @@ -312,7 +250,8 @@ lasso_login_process_response_status_and_assertion(LassoLogin *login) { } /* store NameIdentifier */ - LASSO_PROFILE(login)->nameIdentifier = lasso_login_get_assertion_nameIdentifier(assertion, &err); + LASSO_PROFILE(login)->nameIdentifier = lasso_node_get_child_content(assertion, "NameIdentifier", + NULL, &err); if (LASSO_PROFILE(login)->nameIdentifier == NULL) { message(G_LOG_LEVEL_CRITICAL, err->message); ret = err->code; |