diff options
author | Valery Febvre <vfebvre at easter-eggs.com> | 2004-08-21 17:12:21 +0000 |
---|---|---|
committer | Valery Febvre <vfebvre at easter-eggs.com> | 2004-08-21 17:12:21 +0000 |
commit | 5dc6f94ffd3bbf0d45559068c86da4247bd454e8 (patch) | |
tree | 13cf6efee4e35b60c0d91347b1bb34429bfdd0ca /lasso/id-ff | |
parent | 87e3c2dbfc60a82b6d4b48f2bc2b4f34e3c6abad (diff) | |
download | lasso-5dc6f94ffd3bbf0d45559068c86da4247bd454e8.tar.gz lasso-5dc6f94ffd3bbf0d45559068c86da4247bd454e8.tar.xz lasso-5dc6f94ffd3bbf0d45559068c86da4247bd454e8.zip |
Moved param 'http_method' of lasso_login_build_authn_request_msg() method
in lasso_login_init_authn_request()
BEWARE : this change breaks the API
Diffstat (limited to 'lasso/id-ff')
-rw-r--r-- | lasso/id-ff/lecp.c | 5 | ||||
-rw-r--r-- | lasso/id-ff/login.c | 38 | ||||
-rw-r--r-- | lasso/id-ff/login.h | 7 |
3 files changed, 31 insertions, 19 deletions
diff --git a/lasso/id-ff/lecp.c b/lasso/id-ff/lecp.c index 726bc2e7..e06845db 100644 --- a/lasso/id-ff/lecp.c +++ b/lasso/id-ff/lecp.c @@ -183,7 +183,10 @@ lasso_lecp_init_authn_request(LassoLecp *lecp) g_return_val_if_fail(LASSO_IS_LECP(lecp), -1); - res = lasso_login_init_authn_request(LASSO_LOGIN(lecp)); + /* FIXME : BAD usage of http_method + using POST method so that the lib:AuthnRequest is initialize with + a signature template */ + res = lasso_login_init_authn_request(LASSO_LOGIN(lecp), lassoHttpMethodPost); return(res); } diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 6d72aaa2..1bd89856 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -518,7 +518,6 @@ lasso_login_build_artifact_msg(LassoLogin *login, * lasso_login_build_authn_request_msg: * @login: a LassoLogin * @remote_providerID: the providerID of the identity provider - * @http_method: the HTTP method to send the AuthnRequest (REDIRECT or POST) * * Builds an authentication request. Depending of the SSO protocol profile of * the identity provider (defined in metadata file), the data for the sending of @@ -528,8 +527,7 @@ lasso_login_build_artifact_msg(LassoLogin *login, **/ gint lasso_login_build_authn_request_msg(LassoLogin *login, - const gchar *remote_providerID, - lassoHttpMethod http_method) + const gchar *remote_providerID) { LassoProvider *provider, *remote_provider; xmlChar *md_authnRequestsSigned = NULL; @@ -543,10 +541,6 @@ lasso_login_build_authn_request_msg(LassoLogin *login, g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BADTYPE_OR_NULL_OBJ); g_return_val_if_fail(remote_providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE); - if (http_method != lassoHttpMethodRedirect && http_method != lassoHttpMethodPost) { - message(G_LOG_LEVEL_CRITICAL, "Invalid HTTP method, it must be REDIRECT or POST\n."); - return (LASSO_PARAM_ERROR_INVALID_VALUE); - } LASSO_PROFILE(login)->remote_providerID = g_strdup(remote_providerID); @@ -584,7 +578,7 @@ lasso_login_build_authn_request_msg(LassoLogin *login, goto done; } - if (http_method == lassoHttpMethodRedirect) { + if (login->http_method == lassoHttpMethodRedirect) { /* REDIRECT -> query */ if (must_sign) { query = lasso_node_export_to_query(LASSO_PROFILE(login)->request, @@ -610,7 +604,7 @@ lasso_login_build_authn_request_msg(LassoLogin *login, LASSO_PROFILE(login)->msg_body = NULL; g_free(query); } - else if (http_method == lassoHttpMethodPost) { + else if (login->http_method == lassoHttpMethodPost) { /* POST -> formular */ if (must_sign) { ret = lasso_samlp_request_abstract_sign_signature_tmpl(LASSO_SAMLP_REQUEST_ABSTRACT(LASSO_PROFILE(login)->request), @@ -774,20 +768,34 @@ lasso_login_dump(LassoLogin *login) } gint -lasso_login_init_authn_request(LassoLogin *login) +lasso_login_init_authn_request(LassoLogin *login, + lassoHttpMethod http_method) { g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BADTYPE_OR_NULL_OBJ); + if (http_method != lassoHttpMethodRedirect && http_method != lassoHttpMethodPost) { + message(G_LOG_LEVEL_CRITICAL, "Invalid HTTP method, it must be REDIRECT or POST\n."); + return (LASSO_PARAM_ERROR_INVALID_VALUE); + } - /* FIXME */ - LASSO_PROFILE(login)->request = lasso_authn_request_new(LASSO_PROFILE(login)->server->providerID, - lassoSignatureTypeNone, - 0); - LASSO_PROFILE(login)->request_type = lassoMessageTypeAuthnRequest; + login->http_method = http_method; + + if (http_method == lassoHttpMethodPost) { + LASSO_PROFILE(login)->request = lasso_authn_request_new(LASSO_PROFILE(login)->server->providerID, + lassoSignatureTypeWithX509, + lassoSignatureMethodRsaSha1); + } + else { + LASSO_PROFILE(login)->request = lasso_authn_request_new(LASSO_PROFILE(login)->server->providerID, + lassoSignatureTypeNone, + 0); + } if (LASSO_PROFILE(login)->request == NULL) { return (-2); } + LASSO_PROFILE(login)->request_type = lassoMessageTypeAuthnRequest; + return (0); } diff --git a/lasso/id-ff/login.h b/lasso/id-ff/login.h index cd8daea7..aff97602 100644 --- a/lasso/id-ff/login.h +++ b/lasso/id-ff/login.h @@ -62,6 +62,7 @@ struct _LassoLogin { gchar *assertionArtifact; gchar *response_dump; /*< private >*/ + lassoHttpMethod http_method; LassoLoginPrivate *private; }; @@ -85,8 +86,7 @@ LASSO_EXPORT gint lasso_login_build_artifact_msg (LassoLogin lassoHttpMethod http_method); LASSO_EXPORT gint lasso_login_build_authn_request_msg (LassoLogin *login, - const gchar *remote_providerID, - lassoHttpMethod http_method); + const gchar *remote_providerID); LASSO_EXPORT gint lasso_login_build_authn_response_msg (LassoLogin *login, gboolean authentication_result, @@ -99,7 +99,8 @@ LASSO_EXPORT void lasso_login_destroy (LassoLogin *lo LASSO_EXPORT gchar* lasso_login_dump (LassoLogin *login); -LASSO_EXPORT gint lasso_login_init_authn_request (LassoLogin *login); +LASSO_EXPORT gint lasso_login_init_authn_request (LassoLogin *login, + lassoHttpMethod http_method); LASSO_EXPORT gint lasso_login_init_from_authn_request_msg (LassoLogin *login, gchar *authn_request_msg, |