diff options
author | Frederic Peters <fpeters@entrouvert.com> | 2004-12-13 21:40:12 +0000 |
---|---|---|
committer | Frederic Peters <fpeters@entrouvert.com> | 2004-12-13 21:40:12 +0000 |
commit | ad621f3c384a3c8ab89cf6145ab886985504b17b (patch) | |
tree | 88580fb671c2794432bfaaf18a409d72111280f1 /lasso/id-ff | |
parent | 8da1dce448dcfbe168bee0eb6de6318be3f729ce (diff) | |
download | lasso-ad621f3c384a3c8ab89cf6145ab886985504b17b.tar.gz lasso-ad621f3c384a3c8ab89cf6145ab886985504b17b.tar.xz lasso-ad621f3c384a3c8ab89cf6145ab886985504b17b.zip |
error codes handling in LassoLogin
Diffstat (limited to 'lasso/id-ff')
-rw-r--r-- | lasso/id-ff/login.c | 57 |
1 files changed, 20 insertions, 37 deletions
diff --git a/lasso/id-ff/login.c b/lasso/id-ff/login.c index 836bcfe5..ace5baea 100644 --- a/lasso/id-ff/login.c +++ b/lasso/id-ff/login.c @@ -475,16 +475,13 @@ lasso_login_build_artifact_msg(LassoLogin *login, g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); if (http_method != LASSO_HTTP_METHOD_REDIRECT && http_method != LASSO_HTTP_METHOD_POST) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD)); - return LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD; + return error_code(G_LOG_LEVEL_CRITICAL, LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } /* ProtocolProfile must be BrwsArt */ if (login->protocolProfile != LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_ART) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE)); - return LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE; + return error_code(G_LOG_LEVEL_CRITICAL, + LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE); } /* process federation and build assertion only if signature is OK */ @@ -702,9 +699,8 @@ lasso_login_build_authn_response_msg(LassoLogin *login, /* ProtocolProfile must be BrwsPost */ if (login->protocolProfile != LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE)); - return LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE; + return error_code(G_LOG_LEVEL_CRITICAL, + LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE); } /* create LibAuthnResponse */ @@ -878,9 +874,7 @@ lasso_login_init_authn_request(LassoLogin *login, lassoHttpMethod http_method) g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); if (http_method != LASSO_HTTP_METHOD_REDIRECT && http_method != LASSO_HTTP_METHOD_POST) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD)); - return LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD; + return error_code(G_LOG_LEVEL_CRITICAL, LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } login->http_method = http_method; @@ -926,9 +920,7 @@ lasso_login_init_request(LassoLogin *login, gchar *response_msg, if (response_http_method != LASSO_HTTP_METHOD_REDIRECT && response_http_method != LASSO_HTTP_METHOD_POST) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD)); - return LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD; + return error_code(G_LOG_LEVEL_CRITICAL, LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD); } /* rebuild response (artifact) */ @@ -1058,29 +1050,25 @@ lasso_login_must_ask_for_consent(LassoLogin *login) gboolean lasso_login_must_authenticate(LassoLogin *login) { - gboolean must_authenticate = FALSE; LassoLibAuthnRequest *request; g_return_val_if_fail(LASSO_IS_LOGIN(login), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ); request = LASSO_LIB_AUTHN_REQUEST(LASSO_PROFILE(login)->request); - /* verify if the user must be authenticated or not */ - /* get IsPassive and ForceAuthn in AuthnRequest if exists */ - - if ((request->ForceAuthn || LASSO_PROFILE(login)->session == NULL) && \ - request->IsPassive == FALSE) { - must_authenticate = TRUE; - } - else if (LASSO_PROFILE(login)->identity == NULL && \ - request->IsPassive && \ + if ((request->ForceAuthn || LASSO_PROFILE(login)->session == NULL) && + request->IsPassive == FALSE) + return TRUE; + + if (LASSO_PROFILE(login)->identity == NULL && request->IsPassive && login->protocolProfile == LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST) { lasso_profile_set_response_status(LASSO_PROFILE(login), LASSO_LIB_STATUS_CODE_NO_PASSIVE); + return FALSE; } - return must_authenticate; + return FALSE; } gint @@ -1098,9 +1086,8 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque if (authn_request_msg == NULL) { if (LASSO_PROFILE(login)->request == NULL) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_MISSING_REQUEST)); - return LASSO_PROFILE_ERROR_MISSING_REQUEST; + return error_code(G_LOG_LEVEL_CRITICAL, + LASSO_PROFILE_ERROR_MISSING_REQUEST); } /* LibAuthnRequest already set by lasso_login_init_idp_initiated_authn_request() */ @@ -1134,9 +1121,8 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque protocolProfile = LASSO_LIB_PROTOCOL_PROFILE_BRWS_POST; login->protocolProfile = LASSO_LOGIN_PROTOCOL_PROFILE_BRWS_POST; } else { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE)); - return LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE; + return error_code(G_LOG_LEVEL_CRITICAL, + LASSO_PROFILE_ERROR_INVALID_PROTOCOLPROFILE); } /* check if requested single sign on protocol profile is supported */ @@ -1145,9 +1131,7 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque LASSO_PROVIDER(LASSO_PROFILE(login)->server), LASSO_MD_PROTOCOL_TYPE_SINGLE_SIGN_ON, protocolProfile) == FALSE) { - message(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE)); - return LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE; + return error_code(G_LOG_LEVEL_CRITICAL, LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE); } /* get remote ProviderID */ @@ -1207,8 +1191,7 @@ lasso_login_process_authn_response_msg(LassoLogin *login, gchar *authn_response_ LASSO_LIB_AUTHN_RESPONSE(LASSO_PROFILE(login)->response)->ProviderID); if (LASSO_PROFILE(login)->remote_providerID == NULL) { - ret1 = error_code(G_LOG_LEVEL_CRITICAL, - lasso_strerror(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND)); + ret1 = error_code(G_LOG_LEVEL_CRITICAL, LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND); } remote_provider = g_hash_table_lookup(LASSO_PROFILE(login)->server->providers, |