diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-04 09:14:17 +0000 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-04 09:14:17 +0000 |
commit | c01e1231fae3c68f89ea750d08cd14d645a94132 (patch) | |
tree | 9ca3d98cff686f68ac3cb148879601b579c9e9c5 /lasso/saml-2.0/saml2_helper.h | |
parent | c1bd6a8f50b2ac52501a9090a9c80d6960ebf59d (diff) | |
download | lasso-c01e1231fae3c68f89ea750d08cd14d645a94132.tar.gz lasso-c01e1231fae3c68f89ea750d08cd14d645a94132.tar.xz lasso-c01e1231fae3c68f89ea750d08cd14d645a94132.zip |
SAML 2.0: in saml2_helper.c, add new methods to manipulate SAML2 assertions
* lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
- add lasso_server_saml2_assertion_setup_signature, to help in
defining signature upon saml2:Assertion nodes.
- add new symbols LASSO_DURATION_MINUTE, LASSO_DURATION_HOUR,
LASSO_DURATION_DAY, LASSO_DURATION_WEEK.
- add method lasso_saml2_assertion_add_attribute_with_node
* docs/reference/lasso/lasso-sections.txt:
declare new functions in saml2_helper section.
Diffstat (limited to 'lasso/saml-2.0/saml2_helper.h')
-rw-r--r-- | lasso/saml-2.0/saml2_helper.h | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/lasso/saml-2.0/saml2_helper.h b/lasso/saml-2.0/saml2_helper.h new file mode 100644 index 00000000..1b99185a --- /dev/null +++ b/lasso/saml-2.0/saml2_helper.h @@ -0,0 +1,98 @@ +/* $Id$ + * + * Lasso - A free implementation of the Liberty Alliance specifications. + * + * Copyright (C) 2004-2007 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: See AUTHORS file in top-level directory. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef __LASSO_SAML20_SAML2_HELPER_H__ +#define __LASSO_SAML20_SAML2_HELPER_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +#include "../export.h" + +#include "../xml/saml-2.0/saml2_assertion.h" +#include "../xml/saml-2.0/saml2_name_id.h" +#include "../xml/saml-2.0/saml2_encrypted_element.h" +#include "../id-ff/provider.h" +#include "../id-ff/server.h" + +typedef enum { + LASSO_SAML2_ASSERTION_VALID, + LASSO_SAML2_ASSERTION_INVALID, + LASSO_SAML2_ASSERTION_INDETERMINATE +} LassoSaml2AssertionValidationState; + +#define LASSO_DURATION_MINUTE 60 +#define LASSO_DURATION_HOUR 3600 +#define LASSO_DURATION_DAY 24*2600 +#define LASSO_DURATION_WEEK LASSO_DURATION_DAY*7 + +LASSO_EXPORT gboolean lasso_saml2_assertion_has_audience_restriction( + LassoSaml2Assertion *saml2_assertion); + +LASSO_EXPORT gboolean lasso_saml2_assertion_is_audience_restricted( + LassoSaml2Assertion *saml2_assertion, char* providerID); + +LASSO_EXPORT LassoSaml2NameID* lasso_saml2_name_id_build_persistent(const char *id, + const char *idpID, const char *providerID); + +LASSO_EXPORT LassoSaml2EncryptedElement* lasso_saml2_encrypted_element_build_encrypted_persistent_name_id( + const char *id, const char *idpID, const LassoProvider *provider); + +LASSO_EXPORT void lasso_saml2_assertion_set_subject_name_id(LassoSaml2Assertion *saml2_assertion, + LassoNode *node); + +LASSO_EXPORT void lasso_saml2_assertion_set_subject_confirmation_name_id( + LassoSaml2Assertion *saml2_assertion, LassoNode *node); + +LASSO_EXPORT void lasso_saml2_assertion_set_subject_confirmation_data( + LassoSaml2Assertion *saml2_assertion, const time_t tolerance, const time_t length, + const char *Recipient, const char *InResponseTo, const char *Address); + +LASSO_EXPORT void lasso_saml2_assertion_set_basic_conditions(LassoSaml2Assertion *saml2_assertion, + time_t tolerance, time_t length, gboolean one_time_use); + +LASSO_EXPORT void lasso_saml2_assertion_add_audience_restriction( + LassoSaml2Assertion *saml2_assertion, const char *providerID); + +LASSO_EXPORT void lasso_saml2_assertion_add_proxy_limit (LassoSaml2Assertion *saml2_assertion, + int proxy_count, GList *proxy_audiences); + +LASSO_EXPORT LassoSaml2AssertionValidationState lasso_saml2_assertion_validate_conditions( + LassoSaml2Assertion *saml2_assertion, const char *relaying_party_providerID); + +LASSO_EXPORT LassoProvider* lasso_saml2_assertion_get_issuer_provider( + const LassoSaml2Assertion *saml2_assertion, const LassoServer *server); + +LASSO_EXPORT int lasso_server_saml2_assertion_setup_signature(LassoServer *server, + LassoSaml2Assertion *saml2_assertion); + +LASSO_EXPORT int lasso_saml2_assertion_add_attribute_with_node(LassoSaml2Assertion *assertion, const char *name, const char *nameformat, LassoNode *content); + + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif /* __LASSO_SAML20_SAML2_HELPER_H__ */ |