summaryrefslogtreecommitdiffstats
path: root/lasso/id-ff/logout.c
diff options
context:
space:
mode:
Diffstat (limited to 'lasso/id-ff/logout.c')
-rw-r--r--lasso/id-ff/logout.c47
1 files changed, 29 insertions, 18 deletions
diff --git a/lasso/id-ff/logout.c b/lasso/id-ff/logout.c
index 2a10a376..f2454220 100644
--- a/lasso/id-ff/logout.c
+++ b/lasso/id-ff/logout.c
@@ -91,9 +91,11 @@ lasso_logout_build_request_msg(LassoLogout *logout)
/* build the logout request message */
profile->msg_url = lasso_provider_get_metadata_one(
remote_provider, "SoapEndpoint");
- profile->request->private_key_file = profile->server->private_key;
- profile->request->certificate_file = profile->server->certificate;
- profile->msg_body = lasso_node_export_to_soap(LASSO_NODE(profile->request));
+ LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file =
+ profile->server->private_key;
+ LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file =
+ profile->server->certificate;
+ profile->msg_body = lasso_node_export_to_soap(profile->request);
return 0;
}
@@ -190,9 +192,11 @@ lasso_logout_build_response_msg(LassoLogout *logout)
/* build logout response message */
if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) {
profile->msg_url = NULL;
- profile->response->private_key_file = profile->server->private_key;
- profile->response->certificate_file = profile->server->certificate;
- profile->msg_body = lasso_node_export_to_soap(LASSO_NODE(profile->response));
+ LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file =
+ profile->server->private_key;
+ LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file =
+ profile->server->certificate;
+ profile->msg_body = lasso_node_export_to_soap(profile->response);
return 0;
}
@@ -289,6 +293,7 @@ lasso_logout_init_request(LassoLogout *logout, char *remote_providerID,
LassoProfile *profile;
LassoProvider *remote_provider;
LassoSamlNameIdentifier *nameIdentifier;
+ LassoNode *assertion_n;
LassoSamlAssertion *assertion;
LassoFederation *federation = NULL;
gboolean is_http_redirect_get_method = FALSE;
@@ -317,11 +322,13 @@ lasso_logout_init_request(LassoLogout *logout, char *remote_providerID,
}
/* get assertion */
- assertion = lasso_session_get_assertion(session, profile->remote_providerID);
- if (LASSO_IS_SAML_ASSERTION(assertion) == FALSE) {
+ assertion_n = lasso_session_get_assertion(session, profile->remote_providerID);
+ if (LASSO_IS_SAML_ASSERTION(assertion_n) == FALSE) {
message(G_LOG_LEVEL_CRITICAL, "Assertion not found");
return LASSO_ERROR_UNDEFINED;
}
+
+ assertion = LASSO_SAML_ASSERTION(assertion_n);
if (assertion->AuthenticationStatement && LASSO_IS_LIB_AUTHENTICATION_STATEMENT(
assertion->AuthenticationStatement)) {
@@ -425,9 +432,9 @@ lasso_logout_init_request(LassoLogout *logout, char *remote_providerID,
0);
}
- if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
- profile->request->MajorVersion = 1;
- profile->request->MinorVersion = 1;
+ if (lasso_provider_get_protocol_conformance(remote_provider) < LASSO_PROTOCOL_LIBERTY_1_2) {
+ LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MajorVersion = 1;
+ LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MinorVersion = 1;
}
if (session_index)
@@ -671,9 +678,8 @@ lasso_logout_process_response_msg(LassoLogout *logout, gchar *response_msg)
lasso_node_destroy(LASSO_NODE(profile->response));
profile->remote_providerID = logout->initial_remote_providerID;
- profile->request = LASSO_SAMLP_REQUEST_ABSTRACT(logout->initial_request);
- profile->response = LASSO_SAMLP_RESPONSE_ABSTRACT(
- logout->initial_response);
+ profile->request = logout->initial_request;
+ profile->response = logout->initial_response;
logout->initial_remote_providerID = NULL;
logout->initial_request = NULL;
@@ -736,6 +742,7 @@ lasso_logout_validate_request(LassoLogout *logout)
LassoProvider *remote_provider;
LassoSamlNameIdentifier *nameIdentifier;
LassoSamlAssertion *assertion;
+ LassoNode *assertion_n;
g_return_val_if_fail(LASSO_IS_LOGOUT(logout), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
@@ -799,13 +806,15 @@ lasso_logout_validate_request(LassoLogout *logout)
}
/* verify authentication */
- assertion = lasso_session_get_assertion(profile->session, profile->remote_providerID);
- if (assertion == NULL) {
+ assertion_n = lasso_session_get_assertion(profile->session, profile->remote_providerID);
+ if (assertion_n == NULL) {
message(G_LOG_LEVEL_WARNING, "%s has no assertion", profile->remote_providerID);
lasso_profile_set_response_status(profile, LASSO_SAML_STATUS_CODE_REQUEST_DENIED);
return LASSO_ERROR_UNDEFINED;
}
+ assertion = LASSO_SAML_ASSERTION(assertion_n);
+
/* If name identifier is federated, then verify federation */
if (strcmp(nameIdentifier->Format, LASSO_LIB_NAME_IDENTIFIER_FORMAT_FEDERATED) == 0) {
if (LASSO_IS_IDENTITY(profile->identity) == FALSE) {
@@ -893,13 +902,15 @@ static void check_soap_support(gchar *key, LassoProvider *provider, LassoProfile
{
GList *supported_profiles;
LassoSamlAssertion *assertion;
+ LassoNode *assertion_n;
if (strcmp(provider->ProviderID, profile->remote_providerID) == 0)
return; /* original service provider (initiated logout) */
- assertion = lasso_session_get_assertion(profile->session, provider->ProviderID);
- if (assertion == NULL)
+ assertion_n = lasso_session_get_assertion(profile->session, provider->ProviderID);
+ if (assertion_n == NULL)
return; /* not authenticated with this provider */
+ assertion = LASSO_SAML_ASSERTION(assertion_n);
supported_profiles = lasso_provider_get_metadata_list(provider,
"SingleLogoutProtocolProfile");
generated by cgit (git 2.34.1) at 2024-06-30 14:44:04 +0000