diff options
| -rw-r--r-- | lasso/id-ff/logout.c | 67 | ||||
| -rw-r--r-- | lasso/id-ff/logout.h | 17 | ||||
| -rw-r--r-- | python/environs/py_logout.c | 66 | ||||
| -rw-r--r-- | python/environs/py_logout.h | 4 | ||||
| -rw-r--r-- | python/examples/logout.py | 13 |
5 files changed, 127 insertions, 40 deletions
diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c index 5bb8a529..6a74cafd 100644 --- a/lasso/id-ff/logout.c +++ b/lasso/id-ff/logout.c @@ -243,17 +243,25 @@ lasso_logout_init_request(LassoLogout *logout, return(0); } -gint -lasso_logout_process_request_msg(LassoLogout *logout, - gchar *request_msg, - lassoHttpMethods request_method) +gint lasso_logout_load_user_dump(LassoLogout *logout, + gchar *user_dump) +{ + LassoProfileContext *profileContext; + + g_return_val_if_fail(LASSO_IS_LOGOUT(logout), -1); + g_return_val_if_fail(user_dump!=NULL, -1); + + profileContext = LASSO_PROFILE_CONTEXT(logout); + + profileContext->user = lasso_user_new_from_dump(user_dump); + +} + +gint lasso_logout_load_request_msg(LassoLogout *logout, + gchar *request_msg, + lassoHttpMethods request_method) { LassoProfileContext *profileContext; - LassoIdentity *identity; - LassoNode *nameIdentifier, *assertion; - LassoNode *statusCode; - LassoNodeClass *statusCode_class; - xmlChar *remote_providerID; g_return_val_if_fail(LASSO_IS_LOGOUT(logout), -1); g_return_val_if_fail(request_msg!=NULL, -2); @@ -281,15 +289,43 @@ lasso_logout_process_request_msg(LassoLogout *logout, return(-4); } + /* get the NameIdentifier to load user dump */ + logout->nameIdentifier = lasso_node_get_child_content(profileContext->request,"NameIdentifier", NULL); + + return(0); +} + +gint +lasso_logout_process_request(LassoLogout *logout) +{ + LassoProfileContext *profileContext; + LassoIdentity *identity; + LassoNode *nameIdentifier, *assertion; + LassoNode *statusCode; + LassoNodeClass *statusCode_class; + xmlChar *remote_providerID; + + g_return_val_if_fail(LASSO_IS_LOGOUT(logout), -1); + + profileContext = LASSO_PROFILE_CONTEXT(logout); + + if(profileContext->request==NULL){ + debug(ERROR, "LogoutRequest not found\n"); + return(-1); + } + /* set the remote provider id from the request */ remote_providerID = lasso_node_get_child_content(profileContext->request, "ProviderID", NULL); + if(remote_providerID==NULL){ + debug(ERROR, "ProviderID in LogoutRequest not found\n"); + return(-1); + } profileContext->remote_providerID = remote_providerID; /* set LogoutResponse */ profileContext->response = lasso_logout_response_new(profileContext->server->providerID, lassoSamlStatusCodeSuccess, profileContext->request); - if(profileContext->response==NULL){ message(G_LOG_LEVEL_ERROR, "Error while building response\n"); return(-5); @@ -315,6 +351,7 @@ lasso_logout_process_request_msg(LassoLogout *logout, if(profileContext->user==NULL){ message(G_LOG_LEVEL_WARNING, "User environ not found\n"); statusCode_class->set_prop(statusCode, "Value", lassoSamlStatusCodeRequestDenied); + return(-1); } assertion = lasso_user_get_assertion(profileContext->user, remote_providerID); @@ -338,6 +375,7 @@ lasso_logout_process_request_msg(LassoLogout *logout, return(-10); } + /* verification is ok, save name identifier in logout object */ switch(profileContext->provider_type){ case lassoProviderTypeSp: /* at sp, everything is ok, delete the assertion */ @@ -495,20 +533,19 @@ GType lasso_logout_get_type() { } LassoLogout * -lasso_logout_new(LassoServer *server, - LassoUser *user, - lassoProviderTypes provider_type) +lasso_logout_new(lassoProviderTypes provider_type, + LassoServer *server, + LassoUser *user) { LassoLogout *logout; g_return_val_if_fail(LASSO_IS_SERVER(server), NULL); - g_return_val_if_fail(LASSO_IS_USER(user), NULL); /* set the logout object */ logout = g_object_new(LASSO_TYPE_LOGOUT, + "provider_type", provider_type, "server", server, "user", user, - "provider_type", provider_type, NULL); return(logout); diff --git a/lasso/id-ff/logout.h b/lasso/id-ff/logout.h index bf86fd26..10ac52b0 100644 --- a/lasso/id-ff/logout.h +++ b/lasso/id-ff/logout.h @@ -51,6 +51,8 @@ struct _LassoLogout { LassoNode *first_request; LassoNode *first_response; gchar *first_remote_providerID; + + gchar *nameIdentifier; /*< public >*/ /*< private >*/ @@ -63,9 +65,9 @@ struct _LassoLogoutClass { LASSO_EXPORT GType lasso_logout_get_type (void); -LASSO_EXPORT LassoLogout* lasso_logout_new (LassoServer *server, - LassoUser *user, - lassoProviderTypes provider_type); +LASSO_EXPORT LassoLogout* lasso_logout_new (lassoProviderTypes provider_type, + LassoServer *server, + LassoUser *user); LASSO_EXPORT gint lasso_logout_build_request_msg (LassoLogout *logout); @@ -78,6 +80,15 @@ LASSO_EXPORT gchar* lasso_logout_get_next_providerID (LassoLogout *log LASSO_EXPORT gint lasso_logout_init_request (LassoLogout *logout, gchar *remote_providerID); +LASSO_EXPORT gint lasso_logout_load_user_dump (LassoLogout *logout, + gchar *user_dump); + +LASSO_EXPORT gint lasso_logout_load_request_msg (LassoLogout *logout, + gchar *request_msg, + lassoHttpMethods request_method); + +LASSO_EXPORT gint lasso_logout_process_request (LassoLogout *logout); + LASSO_EXPORT gint lasso_logout_process_request_msg (LassoLogout *logout, gchar *request_msg, lassoHttpMethods request_method); diff --git a/python/environs/py_logout.c b/python/environs/py_logout.c index 35fa483e..44beca6a 100644 --- a/python/environs/py_logout.c +++ b/python/environs/py_logout.c @@ -56,13 +56,15 @@ PyObject *logout_getattr(PyObject *self, PyObject *args) { if (!strcmp(attr, "__members__")) return Py_BuildValue("[ssss]", "user", "msg_url", "msg_body", - "msg_relayState"); + "nameIdentifier", "msg_relayState"); if (!strcmp(attr, "user")) return (LassoUser_wrap(LASSO_PROFILE_CONTEXT(logout)->user)); if (!strcmp(attr, "msg_url")) return (charPtrConst_wrap(LASSO_PROFILE_CONTEXT(logout)->msg_url)); if (!strcmp(attr, "msg_body")) return (charPtrConst_wrap(LASSO_PROFILE_CONTEXT(logout)->msg_body)); + if (!strcmp(attr, "nameIdentifier")) + return (charPtrConst_wrap(logout->nameIdentifier)); if (!strcmp(attr, "msg_relayState")) return (charPtrConst_wrap(LASSO_PROFILE_CONTEXT(logout)->msg_relayState)); @@ -72,20 +74,20 @@ PyObject *logout_getattr(PyObject *self, PyObject *args) { PyObject *logout_new(PyObject *self, PyObject *args) { + gint provider_type; PyObject *server_obj, *user_obj; LassoLogout *logout; - gint provider_type; - if (CheckArgs(args, "OOI:logout_new")) { - if(!PyArg_ParseTuple(args, (char *) "OOi:logout_new", - &server_obj, &user_obj, &provider_type)) + if (CheckArgs(args, "IOo:logout_new")) { + if(!PyArg_ParseTuple(args, (char *) "IO|O:logout_new", + &provider_type, &server_obj, &user_obj)) return NULL; } else return NULL; - logout = lasso_logout_new(LassoServer_get(server_obj), - LassoUser_get(user_obj), - provider_type); + logout = lasso_logout_new(provider_type, + LassoServer_get(server_obj), + LassoUser_get(user_obj)); return (LassoLogout_wrap(logout)); } @@ -149,12 +151,8 @@ PyObject *logout_get_next_providerID(PyObject *self, PyObject *args) { else return NULL; remote_providerID = lasso_logout_get_next_providerID(LassoLogout_get(logout_obj)); - if(remote_providerID==NULL){ - Py_INCREF(Py_None); - return (Py_None); - } - return (charPtr_wrap(remote_providerID)); + return (charPtrConst_wrap(remote_providerID)); } PyObject *logout_init_request(PyObject *self, PyObject *args) { @@ -174,20 +172,54 @@ PyObject *logout_init_request(PyObject *self, PyObject *args) { return(int_wrap(codeError)); } -PyObject *logout_process_request_msg(PyObject *self, PyObject *args) { +PyObject *logout_load_request_msg(PyObject *self, PyObject *args){ PyObject *logout_obj; gchar *request_msg; gint request_method; gint codeError; - if (CheckArgs(args, "OSI:logout_process_request_msg")) { - if(!PyArg_ParseTuple(args, (char *) "Osi:logout_process_request_msg", + if (CheckArgs(args, "OSI:logout_load_request_msg")) { + if(!PyArg_ParseTuple(args, (char *) "Osi:logout_load_request_msg", &logout_obj, &request_msg, &request_method)) return NULL; } else return NULL; - codeError = lasso_logout_process_request_msg(LassoLogout_get(logout_obj), request_msg, request_method); + codeError = lasso_logout_load_request_msg(LassoLogout_get(logout_obj), request_msg, request_method); + + return(int_wrap(codeError)); +} + +PyObject *logout_load_user_dump(PyObject *self, PyObject *args){ + PyObject *logout_obj; + gchar *user_dump; + gint codeError; + + if (CheckArgs(args, "OS:logout_load_request_msg")) { + if(!PyArg_ParseTuple(args, (char *) "Os:logout_load_request_msg", + &logout_obj, &user_dump)) + return NULL; + } + else return NULL; + + codeError = lasso_logout_load_user_dump(LassoLogout_get(logout_obj), user_dump); + + return(int_wrap(codeError)); +} + + +PyObject *logout_process_request(PyObject *self, PyObject *args) { + PyObject *logout_obj; + gint codeError; + + if (CheckArgs(args, "O:logout_process_request_msg")) { + if(!PyArg_ParseTuple(args, (char *) "O:logout_process_request_msg", + &logout_obj)) + return NULL; + } + else return NULL; + + codeError = lasso_logout_process_request(LassoLogout_get(logout_obj)); return(int_wrap(codeError)); } diff --git a/python/environs/py_logout.h b/python/environs/py_logout.h index 773ec548..8e1f271a 100644 --- a/python/environs/py_logout.h +++ b/python/environs/py_logout.h @@ -46,8 +46,10 @@ PyObject *logout_build_response_msg(PyObject *self, PyObject *args); PyObject *logout_destroy(PyObject *self, PyObject *args); PyObject *logout_get_next_providerID(PyObject *self, PyObject *args); PyObject *logout_init_request(PyObject *self, PyObject *args); +PyObject *logout_load_request_msg(PyObject *self, PyObject *args); +PyObject *logout_load_user_dump(PyObject *self, PyObject *args); PyObject *logout_new(PyObject *self, PyObject *args); -PyObject *logout_process_request_msg(PyObject *self, PyObject *args); +PyObject *logout_process_request(PyObject *self, PyObject *args); PyObject *logout_process_response_msg(PyObject *self, PyObject *args); #endif /* __PYLASSO_PY_LOGOUT_H__ */ diff --git a/python/examples/logout.py b/python/examples/logout.py index c4f13254..60cafe4c 100644 --- a/python/examples/logout.py +++ b/python/examples/logout.py @@ -37,7 +37,7 @@ idpuser_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"h # SP1 build a request : sp1user = lasso.User.new_from_dump(sp1user_dump) -sp1logout = lasso.Logout.new(sp1server, sp1user, lasso.providerTypeSp) +sp1logout = lasso.Logout.new(lasso.providerTypeSp, sp1server, sp1user) sp1logout.init_request() sp1logout.build_request_msg() @@ -48,8 +48,7 @@ sp1logout.destroy() # IDP process request and return a response : idpuser = lasso.User.new_from_dump(idpuser_dump) -idplogout = lasso.Logout.new(idpserver, idpuser, lasso.providerTypeIdp) - +idplogout = lasso.Logout.new(lasso.providerTypeIdp, idpserver) if lasso.get_request_type_from_soap_msg(msg_body)==lasso.requestTypeLogout: print "it's a logout request !" @@ -57,7 +56,12 @@ if lasso.get_request_type_from_soap_msg(msg_body)==lasso.requestTypeLogout: #fake response, only for test ! response_msg_body = "<Envelope><LogoutResponse><ProviderID>https://service-provider2:2003/liberty-alliance/metadata</ProviderID><Status><StatusCode Value=\"Samlp:Success\"></StatusCode></Status></LogoutResponse></Envelope>" -idplogout.process_request_msg(msg_body, lasso.httpMethodSoap) +idplogout.load_request_msg(msg_body, lasso.httpMethodSoap) +nameIdentifier = idplogout.nameIdentifier +print "get the user dump from NameIdentifier : ", nameIdentifier +idplogout.load_user_dump(idpuser_dump) +idplogout.process_request() + next_provider_id = idplogout.get_next_providerID() while next_provider_id: idplogout.init_request(next_provider_id) @@ -69,5 +73,6 @@ while next_provider_id: next_provider_id = idplogout.get_next_providerID() +idplogout.build_response_msg() print "End of logout" |