diff options
Diffstat (limited to 'lasso/id-ff')
-rw-r--r-- | lasso/id-ff/Makefile.am | 10 | ||||
-rw-r--r-- | lasso/id-ff/authn_environ.c | 96 | ||||
-rw-r--r-- | lasso/id-ff/authn_environ.h | 14 | ||||
-rw-r--r-- | lasso/id-ff/environ.c | 46 | ||||
-rw-r--r-- | lasso/id-ff/environ.h | 22 | ||||
-rw-r--r-- | lasso/id-ff/identity.c | 9 | ||||
-rw-r--r-- | lasso/id-ff/identity.h | 3 | ||||
-rw-r--r-- | lasso/id-ff/provider.c | 40 | ||||
-rw-r--r-- | lasso/id-ff/provider.h | 19 | ||||
-rw-r--r-- | lasso/id-ff/server_environ.c | 68 | ||||
-rw-r--r-- | lasso/id-ff/server_environ.h | 25 | ||||
-rw-r--r-- | lasso/id-ff/session_environ.c | 238 | ||||
-rw-r--r-- | lasso/id-ff/session_environ.h | 71 | ||||
-rw-r--r-- | lasso/id-ff/user_environ.c | 82 | ||||
-rw-r--r-- | lasso/id-ff/user_environ.h | 24 |
15 files changed, 400 insertions, 367 deletions
diff --git a/lasso/id-ff/Makefile.am b/lasso/id-ff/Makefile.am index e35619e1..a9fc0e90 100644 --- a/lasso/id-ff/Makefile.am +++ b/lasso/id-ff/Makefile.am @@ -15,15 +15,17 @@ INCLUDES = \ noinst_LTLIBRARIES = liblasso-environs.la liblasso_environs_la_SOURCES = \ + environ.c \ + identity.c \ provider.c \ server_environ.c \ session_environ.c \ - user_environ.c \ - identity.c + user_environ.c liblassoinclude_HEADERS = \ + environ.h \ + identity.h \ provider.h \ server_environ.h \ session_environ.h \ - user_environ.h \ - identity.h
\ No newline at end of file + user_environ.h diff --git a/lasso/id-ff/authn_environ.c b/lasso/id-ff/authn_environ.c index fea7f87f..4205bf86 100644 --- a/lasso/id-ff/authn_environ.c +++ b/lasso/id-ff/authn_environ.c @@ -29,12 +29,75 @@ /*****************************************************************************/ char* -lasso_authn_environ_build_request(LassoAuthnEnviron *env) { +lasso_authn_environ_build_request(LassoAuthnEnviron *env, char *authnRequestProtocolProfile){ LassoEnviron *e = LASSO_ENVIRON(env); + LassoNode *node = LASSO_NODE(e->local_provider); + char *url, *query, *protocolProfile; - e->request = lasso_authn_request_new(lasso_node_get_attr_value(LASSO_NODE(e->local_provider), "ProviderID")); + e->request = lasso_authn_request_new(lasso_node_get_attr_value(node, "ProviderID")); + if(authnRequestProtocolProfile){ + lasso_lib_authn_request_set_protocolProfile(e->request, authnRequestProtocolProfile); + } + + /* get the url and protocol profile */ + url = lasso_node_get_child_content(node, "SingleSignOnServiceUrl", NULL); + g_return_val_if_fail (url, NULL); + protocolProfile = lasso_node_get_child_content(node, "SingleSignOnProtocolProfile", NULL); + g_return_val_if_fail (protocolProfile, NULL); + + /* get or post ? */ + if(strcmp(protocolProfile, lassoLibProtocolProfileSSOGet)==0){ + printf("AuthnRequest Redirect method ...\n"); + return build_request_url(e, url, query, lassoLibProtocolProfileSSOGet); + } + else if(strcmp(protocolProfile, lassoLibProtocolProfileSSOPost)==0){ + printf("AuthnRequest POST method ...\n"); + return build_request_url(e, url, lassoLibProtocolProfileSSOPost); + } + else + printf("No method ...\n"); + + return(NULL); +} + +gboolean lasso_authn_environ_process_request_from_query(LassoAuthnEnviron *env, + char *query, + int isAuthenticated){ + LassoEnviron *e = LASSO_ENVIRON(env); + LassoNode *node = LASSO_NODE(e->local_provider); + char *protocolProfile, *providerId; + + protocolProfile = lasso_authn_request_get_protocolProfile(query); + if(strcmp(protocolProfile, lassoLibProtocolProfileArtifact)==0){ + printf("artifact ...\n"); + } + else if(strcmp(protocolProfile, lassoLibProtocolProfilePost)==0){ + printf("post ...\n"); + providerId = lasso_node_get_attr_value(node, "ProviderID"); + e->response = lasso_authn_response_new_from_request_query(query, providerId); + return lasso_authn_response_must_authenticate(e->response, isAuthenticated); + } } +char *lasso_authn_environ_dump_response(LassoAuthnEnviron *env){ + LassoEnviron *e = LASSO_ENVIRON(env); + char *dump; + + dump = lasso_node_dump(e->response, "utf-8", 1); + + return(dump); +} + +char *lasso_environ_process_authentication(LassoAuthnEnviron *env, gboolean isAuthenticated){ + LassoEnviron *e = LASSO_ENVIRON(env); + LassoNode *response, *assertion, *statement; + + response = e->response; + + +} + + /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -73,21 +136,26 @@ GType lasso_authn_environ_get_type() return this_type; } -LassoEnviron* lasso_authn_environ_new(const gchar *metadata, - const gchar *public_key, - const gchar *private_key, - const gchar *certificate) +LassoAuthnEnviron* lasso_authn_environ_new(gchar *metadata, + gchar *public_key, + gchar *private_key, + gchar *certificate) { - LassoEnviron *env; - LassoNode *local_provider; + LassoAuthnEnviron *authn; + LassoEnviron *e; + LassoNode *local_provider; - env = LASSO_ENVIRON(g_object_new(LASSO_TYPE_AUTHN_ENVIRON, NULL)); + authn = g_object_new(LASSO_TYPE_AUTHN_ENVIRON, NULL); + e = LASSO_ENVIRON(authn); local_provider = lasso_provider_new(metadata); - lasso_provider_set_public_key(LASSO_PROVIDER(local_provider), public_key); - lasso_provider_set_private_key(LASSO_PROVIDER(local_provider), private_key); - lasso_provider_set_certificate(LASSO_PROVIDER(local_provider), certificate); - env->local_provider = local_provider; + if(public_key) + lasso_provider_set_public_key(LASSO_PROVIDER(local_provider), public_key); + if(private_key) + lasso_provider_set_private_key(LASSO_PROVIDER(local_provider), private_key); + if(certificate) + lasso_provider_set_certificate(LASSO_PROVIDER(local_provider), certificate); + e->local_provider = local_provider; - return LASSO_ENVIRON(g_object_new(LASSO_TYPE_AUTHN_ENVIRON, NULL)); + return(authn); } diff --git a/lasso/id-ff/authn_environ.h b/lasso/id-ff/authn_environ.h index 2eb42162..254b3e47 100644 --- a/lasso/id-ff/authn_environ.h +++ b/lasso/id-ff/authn_environ.h @@ -51,10 +51,16 @@ struct _LassoAuthnEnvironClass { }; LASSO_EXPORT GType lasso_authn_environ_get_type(void); -LASSO_EXPORT LassoEnviron* lasso_authn_environ_new(const gchar *metadata, - const gchar *public_key, - const gchar *private_key, - const gchar *certificate); +LASSO_EXPORT LassoAuthnEnviron *lasso_authn_environ_new(gchar *metadata, + gchar *public_key, + gchar *private_key, + gchar *certificate); + +LASSO_EXPORT char *lasso_authn_environ_build_request(LassoAuthnEnviron *env, char *authnRequestProtocolProfile); + +LASSO_EXPORT gboolean lasso_authn_environ_process_request_from_query(LassoAuthnEnviron *env, + char *query, + int isAuthenticated); #ifdef __cplusplus } diff --git a/lasso/id-ff/environ.c b/lasso/id-ff/environ.c index 99e239a9..2b2fa321 100644 --- a/lasso/id-ff/environ.c +++ b/lasso/id-ff/environ.c @@ -1,11 +1,12 @@ -/* $Id$ +/* $Id$ * * Lasso - A free implementation of the Liberty Alliance specifications. * * Copyright (C) 2004 Entr'ouvert * http://lasso.entrouvert.org * - * Author: Valery Febvre <vfebvre@easter-eggs.com> + * Authors: Valery Febvre <vfebvre@easter-eggs.com> + * Nicolas Clapies <nclapies@entrouvert.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -25,41 +26,27 @@ #include <lasso/environs/environ.h> /*****************************************************************************/ -/* public methods */ +/* functions */ /*****************************************************************************/ -void -lasso_environ_add_peer_provider(LassoEnviron *env, - const gchar *metadata, - const gchar *public_key, - const gchar *private_key, - const gchar *certificate) -{ - LassoNode *provider; - provider = lasso_provider_new(metadata); - lasso_provider_set_public_key(LASSO_PROVIDER(provider), public_key); - lasso_provider_set_private_key(LASSO_PROVIDER(provider), private_key); - lasso_provider_set_certificate(LASSO_PROVIDER(provider), certificate); - g_datalist_set_data(env->peer_providers, - lasso_node_get_attr_value(provider, "ProviderID"), - provider); -} +/*****************************************************************************/ +/* public methods */ +/*****************************************************************************/ + /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ static void -lasso_environ_instance_init(LassoEnviron *env) +lasso_environ_instance_init(LassoEnviron *environ) { - g_datalist_init(&(env->peer_providers)); - env->request = NULL; - env->response = NULL; } static void -lasso_environ_class_init(LassoEnvironClass *klass) { +lasso_environ_class_init(LassoEnvironClass *class) +{ } GType lasso_environ_get_type() { @@ -86,12 +73,11 @@ GType lasso_environ_get_type() { } LassoEnviron* -lasso_environ_new(LassoProvider *local_provider) +lasso_environ_new() { - LassoEnviron *env; - - env = LASSO_ENVIRON(g_object_new(LASSO_TYPE_ENVIRON, NULL)); - env->local_provider = local_provider; + LassoEnviron *environ; + + g_object_new(LASSO_TYPE_ENVIRON, NULL); - return (env); + return(environ); } diff --git a/lasso/id-ff/environ.h b/lasso/id-ff/environ.h index 8040785d..14e79b01 100644 --- a/lasso/id-ff/environ.h +++ b/lasso/id-ff/environ.h @@ -31,7 +31,6 @@ extern "C" { #endif /* __cplusplus */ #include <lasso/xml/xml.h> -#include <lasso/environs/provider.h> #define LASSO_TYPE_ENVIRON (lasso_environ_get_type()) #define LASSO_ENVIRON(obj) (G_TYPE_CHECK_INSTANCE_CAST((obj), LASSO_TYPE_ENVIRON, LassoEnviron)) @@ -40,22 +39,12 @@ extern "C" { #define LASSP_IS_ENVIRON_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), LASSO_TYPE_ENVIRON)) #define LASSO_ENVIRON_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), LASSO_TYPE_ENVIRON, LassoEnvironClass)) -typedef enum { - LassoEnvironTypeGet = 1, - LassoEnvironTypePost, - LassoEnvironTypeSoap -} LassoEnvironType; - typedef struct _LassoEnviron LassoEnviron; typedef struct _LassoEnvironClass LassoEnvironClass; struct _LassoEnviron { GObject parent; - LassoProvider *local_provider; - GData *peer_providers; - LassoNode *request; - LassoNode *response; - LassoEnvironType type; + /*< public >*/ /*< private >*/ }; @@ -63,14 +52,9 @@ struct _LassoEnvironClass { GObjectClass parent; }; -LASSO_EXPORT GType lasso_environ_get_type(void); -LASSO_EXPORT LassoEnviron* lasso_environ_new(LassoProvider *local_provider); +LASSO_EXPORT GType lasso_environ_get_type (void); -LASSO_EXPORT void lasso_environ_add_peer_provider(LassoEnviron *env, - const gchar *metadata, - const gchar *public_key, - const gchar *private_key, - const gchar *certificate); +LASSO_EXPORT LassoEnviron *lasso_environ_new (void); #ifdef __cplusplus } diff --git a/lasso/id-ff/identity.c b/lasso/id-ff/identity.c index bee2a4bb..6188c73e 100644 --- a/lasso/id-ff/identity.c +++ b/lasso/id-ff/identity.c @@ -28,15 +28,14 @@ /* public methods */ /*****************************************************************************/ -char *lasso_identity_get_alias(LassoIdentity *identity){ - return(lasso_node_get_attr_value(LASSO_NODE(identity), "Alias")); +int lasso_identity_set_local_name_identifier(LassoIdentity *identity, LassoNode *nameIdentifier){ + user->local_nameIdentifier = nameIdentifier; } -char *lasso_identity_get_name(LassoIdentity *identity){ - return(lasso_node_get_attr_value(LASSO_NODE(identity), "Name")); +int lasso_identity_set_peer_nameIdentifier(LassoIdentity *identity, LassoNode *nameIdentifier){ + user->peer_nameIdentifier = nameIdentifier; } - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ diff --git a/lasso/id-ff/identity.h b/lasso/id-ff/identity.h index 9c138ba3..ab193a0f 100644 --- a/lasso/id-ff/identity.h +++ b/lasso/id-ff/identity.h @@ -45,7 +45,8 @@ typedef struct _LassoIdentityClass LassoIdentityClass; struct _LassoIdentity { LassoNode parent; - LassoNode *identities; + LassoNode *local_nameIdentifier; + LassoNode *peer_nameIdentifier; /*< private >*/ }; diff --git a/lasso/id-ff/provider.c b/lasso/id-ff/provider.c index 580f5b9c..704b97bf 100644 --- a/lasso/id-ff/provider.c +++ b/lasso/id-ff/provider.c @@ -27,26 +27,20 @@ /*****************************************************************************/ /* public methods */ /*****************************************************************************/ +char *lasso_provider_get_providerID(LassoProvider *provider){ + char *content; + + content = lasso_node_get_attr_value(provider->metadata, "ProviderID"); -/* return TRUE if the provider is providerId, else return FALSE */ -gboolean lasso_provider_is_providerId(LassoProvider *provider, const char *providerId){ - LassoNode *entityDescriptor; - - entityDescriptor = lasso_node_get_child(LASSO_NODE(provider), "EntityDescriptor", NULL); - if(strcmp(providerId, lasso_node_get_attr_value(entityDescriptor, "ProviderID"))==0){ - return(TRUE); - } - lasso_node_destroy(entityDescriptor); - - return(FALSE); + return(content); } -xmlChar *lasso_provider_get_singleSignOnProtocolProfile(LassoProvider *provider){ - return(lasso_provider_get_direct_child_content(provider, "SingleSignOnProtocolProfile")); +char *lasso_provider_get_singleSignOnProtocolProfile(LassoProvider *provider){ + return(lasso_node_get_child_content(provider->metadata, "SingleSignOnProtocolProfile", NULL)); } -xmlChar *lasso_provider_get_singleSignOnServiceUrl(LassoProvider *provider){ - return(lasso_provider_get_direct_child_content(provider, "SingleSignOnServiceUrl")); +char *lasso_provider_get_singleSignOnServiceUrl(LassoProvider *provider){ + return(lasso_node_get_child_content(provider->metadata, "SingleSignOnServiceUrl", NULL)); } @@ -111,21 +105,21 @@ LassoNode* lasso_provider_new(){ return (provider); } -LassoNode* lasso_provider_new_metadata_from_filename(char *filename){ - LassoNode *provider, *metadata; +LassoProvider *lasso_provider_new_from_filename(char *filename){ + LassoProvider *provider; xmlDocPtr doc; xmlNodePtr root; - LassoNodeClass *class; + + provider = g_object_new(LASSO_TYPE_PROVIDER, NULL); /* get root element of doc and duplicate it */ doc = xmlParseFile(filename); root = xmlCopyNode(xmlDocGetRootElement(doc), 1); xmlFreeDoc(doc); - metadata = lasso_node_new_from_xmlNode(root); - - provider = lasso_provider_new(); - class = LASSO_NODE_GET_CLASS(provider); - class->add_child(LASSO_NODE(provider), LASSO_NODE(metadata), TRUE); + provider->metadata = lasso_node_new_from_xmlNode(root); + + provider->public_key = NULL; + provider->certificate = NULL; return(provider); } diff --git a/lasso/id-ff/provider.h b/lasso/id-ff/provider.h index 80b818bd..7e21507e 100644 --- a/lasso/id-ff/provider.h +++ b/lasso/id-ff/provider.h @@ -43,6 +43,12 @@ typedef struct _LassoProviderClass LassoProviderClass; struct _LassoProvider { LassoNode parent; + + LassoNode *metadata; + + char *public_key; + char *certificate; + /*< private >*/ }; @@ -50,13 +56,14 @@ struct _LassoProviderClass { LassoNodeClass parent; }; -LASSO_EXPORT GType lasso_provider_get_type(void); -LASSO_EXPORT LassoNode* lasso_provider_new(); -LASSO_EXPORT LassoNode* lasso_provider_new_metadata_from_filename(char *filename); +LASSO_EXPORT GType lasso_provider_get_type (void); +LASSO_EXPORT LassoNode* lasso_provider_new (void); + +LASSO_EXPORT LassoProvider *lasso_provider_new_from_filename (char *filename); +LASSO_EXPORT char *lasso_provider_get_providerID (LassoProvider *provider); -LASSO_EXPORT gboolean lasso_provider_is_providerId(LassoProvider *provider, const char *providerId); -LASSO_EXPORT xmlChar *lasso_provider_get_singleSignOnProtocolProfile(LassoProvider *provider); -LASSO_EXPORT xmlChar *lasso_provider_get_singleSignOnServiceUrl(LassoProvider *provider); +LASSO_EXPORT char *lasso_provider_get_singleSignOnProtocolProfile(LassoProvider *provider); +LASSO_EXPORT char *lasso_provider_get_singleSignOnServiceUrl(LassoProvider *provider); #ifdef __cplusplus } diff --git a/lasso/id-ff/server_environ.c b/lasso/id-ff/server_environ.c index 3b23f19c..10859bad 100644 --- a/lasso/id-ff/server_environ.c +++ b/lasso/id-ff/server_environ.c @@ -28,47 +28,42 @@ /* public methods */ /*****************************************************************************/ -/* add a provider, return the number of providers in the server context */ -int lasso_server_environ_add_provider(LassoServerEnviron *env, LassoProvider *provider){ - LassoNodeClass *class; +int lasso_server_environ_add_provider_from_file(LassoServerEnviron *server, char *filename){ + LassoProvider *provider, *p; - class = LASSO_NODE_GET_CLASS(env); - class->add_child(LASSO_NODE(env), LASSO_NODE(provider), TRUE); - env->nbProviders++; + provider = lasso_provider_new_from_filename(filename); + g_ptr_array_add(server->providers, provider); - return(env->nbProviders); + return(1); } -int lasso_server_environ_add_provider_filename(LassoServerEnviron *env, char *filename){ - LassoNodeClass *class; +LassoProvider *lasso_server_environ_get_provider(LassoServerEnviron *server, char *providerID){ LassoProvider *provider; - int nb; - - provider = lasso_provider_new_metadata_from_filename("./sp.xml"); - nb = lasso_server_environ_add_provider(env, provider); - - return(nb); -} - -LassoProvider *lasso_server_environ_get_provider(LassoServerEnviron *env, const char *providerId){ - LassoProvider *provider; - GPtrArray *children; + char *id; int index, len; - children = lasso_node_get_children(LASSO_NODE(env)); - len = children->len; - index = 0; - while(index<len){ - provider = (LassoProvider *)g_ptr_array_index(children, index); - if(lasso_provider_is_providerId(provider, providerId)){ + len = server->providers->len; + for(index = 0; index<len; index++){ + provider = g_ptr_array_index(server->providers, index); + + id = lasso_provider_get_providerID(provider); + if(!strcmp(providerID, id)){ return(provider); } - index++; } - + return(NULL); } +int lasso_server_environ_set_security(char *private_key, char *public_key, char *certificate){ + g_return_if_fail(private_key); + g_return_if_fail(public_key); + g_return_if_fail(certificate); + + + +} + /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -76,10 +71,7 @@ LassoProvider *lasso_server_environ_get_provider(LassoServerEnviron *env, const static void lasso_server_environ_instance_init(LassoServerEnviron *env) { - LassoNodeClass *class = LASSO_NODE_GET_CLASS(LASSO_NODE(env)); - class->set_name(LASSO_NODE(env), "ServerEnviron"); - env->nbProviders = 0; } static void @@ -102,7 +94,7 @@ GType lasso_server_environ_get_type() { (GInstanceInitFunc) lasso_server_environ_instance_init, }; - this_type = g_type_register_static(LASSO_TYPE_NODE, + this_type = g_type_register_static(LASSO_TYPE_ENVIRON, "LassoServerEnviron", &this_info, 0); } @@ -111,10 +103,16 @@ GType lasso_server_environ_get_type() { LassoServerEnviron *lasso_server_environ_new() { - LassoServerEnviron *env; + LassoServerEnviron *server; + + server = g_object_new(LASSO_TYPE_SERVER_ENVIRON, NULL); + + server->providers = g_ptr_array_new(); - env = LASSO_SERVER_ENVIRON(g_object_new(LASSO_TYPE_SERVER_ENVIRON, NULL)); + server->private_key = NULL; + server->public_key = NULL; + server->certificate = NULL; - return(env); + return(server); } diff --git a/lasso/id-ff/server_environ.h b/lasso/id-ff/server_environ.h index 782e6bdf..a1c295cc 100644 --- a/lasso/id-ff/server_environ.h +++ b/lasso/id-ff/server_environ.h @@ -31,6 +31,7 @@ extern "C" { #endif /* __cplusplus */ #include <lasso/xml/xml.h> +#include <lasso/environs/environ.h> #include <lasso/environs/provider.h> #define LASSO_TYPE_SERVER_ENVIRON (lasso_server_environ_get_type()) @@ -44,21 +45,29 @@ typedef struct _LassoServerEnviron LassoServerEnviron; typedef struct _LassoServerEnvironClass LassoServerEnvironClass; struct _LassoServerEnviron { - LassoNode parent; - int nbProviders; + LassoEnviron parent; + + GPtrArray *providers; + + char *private_key; + char *public_key; + char *certificate; + /*< private >*/ }; struct _LassoServerEnvironClass { - LassoNodeClass parent; + LassoEnvironClass parent; }; -LASSO_EXPORT GType lasso_server_environ_get_type(void); -LASSO_EXPORT LassoServerEnviron *lasso_server_environ_new(); +LASSO_EXPORT GType lasso_server_environ_get_type (void); +LASSO_EXPORT LassoServerEnviron *lasso_server_environ_new (void); + +LASSO_EXPORT int lasso_server_environ_add_provider_from_file (LassoServerEnviron *server, char *filename); +LASSO_EXPORT LassoProvider *lasso_server_environ_get_provider (LassoServerEnviron *server, char *providerID); + +LASSO_EXPORT int lasso_server_environ_set_security (char *private_key, char *public_key, char *certificate); -LASSO_EXPORT int lasso_server_environ_add_provider(LassoServerEnviron *env, LassoProvider *provider); -LASSO_EXPORT int lasso_server_environ_add_provider_filename(LassoServerEnviron *env, char *filename); -LASSO_EXPORT LassoProvider *lasso_server_environ_get_provider(LassoServerEnviron *env, const char *providerId); #ifdef __cplusplus } diff --git a/lasso/id-ff/session_environ.c b/lasso/id-ff/session_environ.c index b27032f8..21159ec6 100644 --- a/lasso/id-ff/session_environ.c +++ b/lasso/id-ff/session_environ.c @@ -28,46 +28,23 @@ /* public methods */ /*****************************************************************************/ -LassoIdentity *lasso_session_environ_assertion_consume(LassoSessionEnviron *session){ - LassoIdentity *identity; - LassoNode *statusCode; - char *statusCodeValue, *nameIdentifier, *idpProvidedNameIdentifier; - - statusCode = lasso_node_get_child(session->response, "StatusCode", NULL); - statusCodeValue = lasso_node_get_attr_value(statusCode, "Value"); - printf("DEBUG - StatusCode Value %s\n", statusCodeValue); - if(!strcmp(statusCodeValue, lassoSamlStatusCodeSuccess)){ - printf("authentication is ok\n"); - - nameIdentifier = lasso_node_get_child_content(session->response, "NameIdentifier", NULL); - idpProvidedNameIdentifier = lasso_node_get_child_content(session->response, "IDPProvidedNameIdentifier", NULL); - - identity = lasso_identity_search_by_alias(session->userEnviron, nameIdentifier); - if(!identity){ - identity = lasso_user_environ_search_by_name(session->userEnviron, idpProvidedNameIdentifier); - } - if(!identity){ - printf("No identity for %s, new identity at %s\n", idpProvidedNameIdentifier, session->local_providerID); - identity = lasso_user_environ_new_from_name(session->peer_providerID, idpProvidedNameIdentifier); - } - return(identity); - } - - return(NULL); -} - char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, - const char *responseProtocolProfile, - gboolean isPassive, - gboolean forceAuthn, - const char *nameIDPolicy){ + const char *responseProtocolProfile, + gboolean isPassive, + gboolean forceAuthn, + const char *nameIDPolicy){ LassoProvider *provider; char *str, *requestProtocolProfile; - printf("DEBUG - Build authentication ...\n"); + char *url, *query; + int url_len, query_len; - provider = lasso_server_environ_get_provider(session->serverEnviron, session->local_providerID); + //LassoEnviron *environ = LASSO_ENVIRON(session); + provider = lasso_server_environ_get_provider(session->server, session->local_providerID); + if(!provider) + return(NULL); + /* build the request object */ session->request = LASSO_NODE(lasso_authn_request_new(session->local_providerID)); if(responseProtocolProfile!=NULL) @@ -80,31 +57,63 @@ char *lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, lasso_lib_authn_request_set_forceAuthn(session->request, forceAuthn); /* export request depending on the request protocol profile */ - requestProtocolProfile = lasso_node_get_child_content(LASSO_NODE(provider), "SingleSignOnProtocolProfile", NULL); + str = NULL; + requestProtocolProfile = lasso_provider_get_singleSignOnProtocolProfile(provider); if(!strcmp(requestProtocolProfile, lassoLibProtocolProfileSSOGet)){ - char *url, *query; - int url_len, query_len; - - url = lasso_node_get_child_content(LASSO_NODE(provider), "SingleSignOnServiceUrl", NULL); + url = lasso_provider_get_singleSignOnServiceUrl(provider); url_len = strlen(url); query = lasso_node_export_to_query(session->request, 1, NULL); query_len = strlen(query); - str = (char *)malloc(url_len+query_len+1); // +1 for the ? character + str = (char *)malloc(url_len+query_len+2); // +2 for the ? character and the end line character sprintf(str, "%s?%s", url, query); - session->request_protocol_profile_type = protocol_profile_type_get; - + session->request_protocol_profile = lasso_protocol_profile_type_get; } else if(!strcmp(requestProtocolProfile, lassoLibProtocolProfileSSOPost)){ + printf("TODO - export the AuthnRequest in a formular\n"); + } + + return(str); +} + +gboolean lasso_session_environ_process_assertion(LassoSessionEnviron *session, char *str){ + LassoNode *statusCode, *assertion; + LassoNode *nameIdentifier, *idpProvidedNameIdentifier; + char *artifact, *statusCodeValue; + + LassoEnviron *environ = LASSO_ENVIRON(session); + + artifact = strstr(str, "SAMLArt"); + if(artifact){ + printf("TODO - lasso_session_environ_process_assertion() - process artifact\n"); } else{ - return(NULL); + printf("DEBUG - POST response, process the authnResponse\n"); + session->response = LASSO_NODE(lasso_authn_response_new_from_export(str, 0)); + + /* process the status code value */ + statusCode = lasso_node_get_child(session->response, "StatusCode", NULL); + statusCodeValue = lasso_node_get_attr_value(statusCode, "Value"); + if(strcmp(statusCodeValue, lassoSamlStatusCodeSuccess)) + return(FALSE); + + /* process the assertion */ + assertion = lasso_node_get_child(session->response, "Assertion", NULL); + if(!assertion) + return(FALSE); + + /* set the name identifiers */ + nameIdentifier = lasso_node_get_child(assertion, "NameIdentifier", NULL); + printf("name identifier %s(%s)\n", lasso_node_get_content(nameIdentifier), lasso_node_export(nameIdentifier)); + + idpProvidedNameIdentifier = lasso_node_get_child(assertion, "IDPProvidedNameIdentifier", NULL); + + } - //printf("data : %s\n", str); - return(str); + return(FALSE); } gboolean lasso_session_environ_process_authnRequest(LassoSessionEnviron *session, @@ -112,37 +121,43 @@ gboolean lasso_session_environ_process_authnRequest(LassoSessionEnviron *session int protocol_profile_type, gboolean has_cookie){ gboolean must_authenticate = TRUE; - char *response_protocolProfile; - char *content; + char *response_protocol_profile; + char *content; gboolean isPassive = TRUE; gboolean forceAuthn = FALSE; - LassoNode *statusCode; - - printf("DEBUG - Process authentication ...\n"); + LassoEnviron *environ = LASSO_ENVIRON(session); - session->request = NULL; - session->response = NULL; + printf("plop, process AuthnRequest\n"); - if(protocol_profile_type==protocol_profile_type_get){ - printf("DEBUG - rebuild AuthnRequest from query\n"); + /* get the protocol profile */ + if(protocol_profile_type==lasso_protocol_profile_type_get){ session->request = LASSO_NODE(lasso_authn_request_new_from_query(str_request)); } + else if(protocol_profile_type==lasso_protocol_profile_type_post){ + printf("TODO - lasso_session_environ_process_authnRequest() - implement the parsing of the post request\n"); + } else{ - printf("DEBUG - unknown protocol profile\n"); - return(FALSE); + printf("ERROR - lasso_session_environ_process_authnRequest() - Unknown protocol profile\n"); } + /* Verify the signature */ + printf("TODO - verify the signature\n"); + + /* set the peer ProviderID from the request */ + content = lasso_node_get_child_content(session->request, "ProviderID", NULL); + session->peer_providerID = (char *)malloc(strlen(content)+1); + sprintf(session->peer_providerID, "%s", content); + printf("request from %s\n", session->peer_providerID); + /* response with protocol profile */ - response_protocolProfile = lasso_node_get_child_content(session->request, "ProtocolProfile", NULL); - if(!response_protocolProfile || !strcmp(response_protocolProfile, lassoLibProtocolProfileArtifact)){ - printf("DEBUG - response with protocol artifact\n"); - session->response = NULL; - session->response_protocol_profile_type = protocol_profile_type_artifact; + response_protocol_profile = lasso_node_get_child_content(session->request, "ProtocolProfile", NULL); + if(!response_protocol_profile || !strcmp(response_protocol_profile, lassoLibProtocolProfileArtifact)){ + session->response_protocol_profile = lasso_protocol_profile_type_artifact; + printf("TODO - lasso_session_session_process_authnRequest() - implement the artifact response\n"); } - else if(!strcmp(response_protocolProfile, lassoLibProtocolProfilePost)){ - printf("DEBUG - response with post profile\n"); - session->response_protocol_profile_type = protocol_profile_type_post; + else if(!strcmp(response_protocol_profile, lassoLibProtocolProfilePost)){ + session->response_protocol_profile = lasso_protocol_profile_type_post; session->response = LASSO_NODE(lasso_authn_response_new(session->local_providerID, session->request)); } @@ -157,73 +172,77 @@ gboolean lasso_session_environ_process_authnRequest(LassoSessionEnviron *session forceAuthn = TRUE; } + /* complex test to authentication process */ if((forceAuthn == TRUE || has_cookie == FALSE) && isPassive == FALSE){ must_authenticate = TRUE; } else if(has_cookie == FALSE && isPassive == TRUE){ - lasso_authn_response_set_status(session->response, lassoLibStatusCodeNoPassive); + printf("TODO - lasso_session_session_process_authnRequest() - implement the generic setting of the status code value\n"); + must_authenticate = FALSE; } return(must_authenticate); } char *lasso_session_environ_process_authentication(LassoSessionEnviron *session, - gboolean isAuthenticated, - const char *authentication_method){ + gboolean isAuthenticated, + const char *authentication_method){ LassoUserEnviron *user; LassoIdentity *identity; char *str, *nameIDPolicy, *nameIdentifier, *idpProvidedNameIdentifier; LassoNode *assertion, *authentication_statement; - printf("DEBUG - Process authentication ...\n"); - /* process the federation policy */ - identity = lasso_user_environ_search_identity(session->userEnviron, session->peer_providerID); + /* TODO : implement a get identity */ + //identity = lasso_user_environ_find_identity(session->user, session->peer_providerID); + identity = NULL; nameIDPolicy = lasso_node_get_child_content(session->request, "NameIDPolicy", NULL); if(!nameIDPolicy || !strcmp(nameIDPolicy, lassoLibNameIDPolicyTypeNone)){ - printf("NameIDPolicy is none\n"); if(!identity){ printf("TODO - set the StatusCode value with lassoLibStatusCodeFederationDoesNotExist\n"); } } else if(!strcmp(nameIDPolicy, lassoLibNameIDPolicyTypeFederated)){ - printf("NameIDPolicy is federated\n"); - if(!identity) - identity = lasso_user_environ_new_identity(session->userEnviron, session->peer_providerID); + if(!identity){ + //identity = lasso_user_environ_new_identity(session->user, session->peer_providerID); + } } else if(!strcmp(nameIDPolicy, lassoLibNameIDPolicyTypeOneTime)){ - + } + printf("plop\n"); + /* fill the response with the assertion */ if(identity){ + printf("no identity\n"); idpProvidedNameIdentifier = lasso_identity_get_alias(identity); nameIdentifier = lasso_identity_get_name(identity); if(!nameIdentifier) nameIdentifier = idpProvidedNameIdentifier; - assertion = lasso_assertion_new(session->local_providerID, lasso_node_get_attr_value(LASSO_NODE(session->request), - "RequestID")); - authentication_statement = lasso_authentication_statement_new(authentication_method, - "TODO", - nameIdentifier, - "TODO", - "TODO", - idpProvidedNameIdentifier, - "TODO", - "TODO"); - lasso_saml_assertion_add_authenticationStatement(assertion, - authentication_statement); - lasso_samlp_response_add_assertion(session->response, assertion); + //assertion = lasso_assertion_new(session->local_providerID, lasso_node_get_attr_value(LASSO_NODE(session->request), + // "RequestID")); + //authentication_statement = lasso_authentication_statement_new(authentication_method, + // "TODO", + // nameIdentifier, + // "TODO", + // "TODO", + // idpProvidedNameIdentifier, + // "TODO", + // "TODO"); + //lasso_saml_assertion_add_authenticationStatement(assertion, + // authentication_statement); + //lasso_samlp_response_add_assertion(session->response, assertion); } /* return a response message */ - if(session->response_protocol_profile_type==protocol_profile_type_post){ + if(session->response_protocol_profile==lasso_protocol_profile_type_post){ printf("DEBUG - return a post message\n"); str = lasso_node_export_to_base64(session->response); } - else if(session->response_protocol_profile_type==protocol_profile_type_artifact){ + else if(session->response_protocol_profile==lasso_protocol_profile_type_artifact){ printf("DEBUG - return a artifact message\n"); } else{ @@ -233,20 +252,23 @@ char *lasso_session_environ_process_authentication(LassoSessionEnviron *session, return(str); } -void lasso_session_environ_set_local_providerID(LassoSessionEnviron *session, char *providerID){ +int lasso_session_environ_set_local_providerID(LassoSessionEnviron *session, char *providerID){ if(session->local_providerID) free(session->local_providerID); session->local_providerID = (char *)malloc(strlen(providerID)+1); strcpy(session->local_providerID, providerID); + + return(1); } -void lasso_session_environ_set_peer_providerID(LassoSessionEnviron *session, char *providerID){ +int lasso_session_environ_set_peer_providerID(LassoSessionEnviron *session, char *providerID){ if(session->peer_providerID) free(session->peer_providerID); session->peer_providerID = (char *)malloc(strlen(providerID)+1); strcpy(session->peer_providerID, providerID); -} + return(1); +} /*****************************************************************************/ @@ -255,8 +277,7 @@ void lasso_session_environ_set_peer_providerID(LassoSessionEnviron *session, cha static void lasso_session_environ_instance_init(LassoSessionEnviron *session){ - LassoNodeClass *class = LASSO_NODE_GET_CLASS(LASSO_NODE(session)); - class->set_name(LASSO_NODE(session), "SessionEnviron"); + } static void @@ -279,7 +300,7 @@ GType lasso_session_environ_get_type() { (GInstanceInitFunc) lasso_session_environ_instance_init, }; - this_type = g_type_register_static(LASSO_TYPE_NODE, + this_type = g_type_register_static(LASSO_TYPE_ENVIRON, "LassoSessionEnviron", &this_info, 0); } @@ -291,12 +312,31 @@ lasso_session_environ_new(LassoServerEnviron *server, LassoUserEnviron *user, ch { LassoSessionEnviron *session; - session = LASSO_SESSION_ENVIRON(g_object_new(LASSO_TYPE_SESSION_ENVIRON, NULL)); + session = g_object_new(LASSO_TYPE_SESSION_ENVIRON, NULL); - session->serverEnviron = server; - session->userEnviron = user; + session->server = server; + + if(user) + session->user = user; + else + session->user = NULL; + + session->message = NULL; + + session->request = NULL; + session->response = NULL; + + /* load the ProviderID name or a reference to the provider ? */ + g_return_if_fail(local_providerID); + g_return_if_fail(peer_providerID); + + session->local_providerID = NULL; lasso_session_environ_set_local_providerID(session, local_providerID); + session->peer_providerID = NULL; lasso_session_environ_set_peer_providerID(session, peer_providerID); + session->request_protocol_profile = 0; + session->response_protocol_profile = 0; + return(session); } diff --git a/lasso/id-ff/session_environ.h b/lasso/id-ff/session_environ.h index df1ca141..63118793 100644 --- a/lasso/id-ff/session_environ.h +++ b/lasso/id-ff/session_environ.h @@ -47,28 +47,29 @@ typedef struct _LassoSessionEnviron LassoSessionEnviron; typedef struct _LassoSessionEnvironClass LassoSessionEnvironClass; typedef enum { - protocol_profile_type_get = 1, - protocol_profile_type_redirect, - protocol_profile_type_post, - protocol_profile_type_soap, - protocol_profile_type_artifact, -} protocol_profile_type; + lasso_protocol_profile_type_get = 1, + lasso_protocol_profile_type_redirect, + lasso_protocol_profile_type_post, + lasso_protocol_profile_type_soap, + lasso_protocol_profile_type_artifact, +} lasso_protocol_profile_type; struct _LassoSessionEnviron { - LassoNode parent; + LassoEnviron parent; - LassoServerEnviron *serverEnviron; - LassoUserEnviron *userEnviron; + LassoServerEnviron *server; + LassoUserEnviron *user; - char *local_providerID; - char *peer_providerID; + char *message; LassoNode *request; LassoNode *response; - int request_protocol_profile_type; - int response_protocol_profile_type; - + char *local_providerID, *peer_providerID; + + int request_protocol_profile; + int response_protocol_profile; + /*< private >*/ }; @@ -76,21 +77,33 @@ struct _LassoSessionEnvironClass { LassoNodeClass parent; }; -LASSO_EXPORT GType lasso_session_environ_get_type(void); -LASSO_EXPORT LassoSessionEnviron *lasso_session_environ_new(LassoServerEnviron *server, - LassoUserEnviron *user, - char *local_providerID, - char *peer_providerID); - -LASSO_EXPORT char * lasso_session_environ_build_authnRequest(LassoSessionEnviron *session, - const char *responseProtocolProfile, - gboolean isPassive, - gboolean forceAuthn, - const char *nameIDPolicy); - -LASSO_EXPORT char *lasso_session_environ_process_authentication(LassoSessionEnviron *session, - gboolean isAuthenticated, - const char *authentication_method); +LASSO_EXPORT GType lasso_session_environ_get_type (void); + +LASSO_EXPORT LassoSessionEnviron *lasso_session_environ_new (LassoServerEnviron *server, + LassoUserEnviron *user, + char *local_providerID, + char *peer_providerID); + +LASSO_EXPORT char *lasso_session_environ_build_authnRequest (LassoSessionEnviron *session, + const char *responseProtocolProfile, + gboolean isPassive, + gboolean forceAuthn, + const char *nameIDPolicy); + +LASSO_EXPORT gboolean lasso_session_environ_process_assertion (LassoSessionEnviron *session, char *str); + +LASSO_EXPORT gboolean lasso_session_environ_process_authnRequest (LassoSessionEnviron *session, + char *str_request, + int protocol_profile_type, + gboolean has_cookie); + +LASSO_EXPORT char *lasso_session_environ_process_authentication (LassoSessionEnviron *session, + gboolean isAuthenticated, + const char *authentication_method); + +LASSO_EXPORT int lasso_session_environ_set_local_providerID (LassoSessionEnviron *session, char *providerID); + +LASSO_EXPORT int lasso_session_environ_set_peer_providerID (LassoSessionEnviron *session, char *providerID); #ifdef __cplusplus } diff --git a/lasso/id-ff/user_environ.c b/lasso/id-ff/user_environ.c index 27184604..d743f4a8 100644 --- a/lasso/id-ff/user_environ.c +++ b/lasso/id-ff/user_environ.c @@ -28,90 +28,14 @@ /* public methods */ /*****************************************************************************/ -LassoIdentity *lasso_user_environ_new_identity(LassoUserEnviron *user, char *peer_providerID){ - LassoIdentity *identity; - LassoNodeClass *class; +int lasso_user_environ_add_assertion(){ - if(!user->identities){ - user->identities = lasso_node_new(); - class = LASSO_NODE_GET_CLASS(LASSO_NODE(user->identities)); - class->set_name(LASSO_NODE(user->identities), "Identities"); - class = LASSO_NODE_GET_CLASS(LASSO_NODE(user)); - class->add_child(LASSO_NODE(user), user->identities, 1); /* !!!! */ - } - - identity = lasso_identity_new(peer_providerID); - class = LASSO_NODE_GET_CLASS(LASSO_NODE(user->identities)); - class->add_child(LASSO_NODE(user->identities), LASSO_NODE(identity), 1); - - return(identity); -} - -LassoIdentity *lasso_user_environ_search_by_alias(LassoUserEnviron *user, char *nameIdentifier){ - LassoNode *identities; - GPtrArray *children; - char *alias_value; - int index; - - identities = lasso_node_get_child(LASSO_NODE(user), "Identities", NULL); - if(!identities) - return(NULL); - - children = lasso_node_get_children(identities); - if(!children) - return(NULL); - - index = 0; - for(index = 0; index<children->len; index++){ - alias_value = lasso_node_get_attr_value(g_ptr_array_index(children, index), "Alias"); - printf("alias : %s\n", alias_value); - } - - return(NULL); -} - -LassoIdentity *lasso_user_environ_search_by_name(LassoUserEnviron *user, char *nameIdentifier){ - LassoNode *identities; - GPtrArray *children; - char *alias_value; - int index; - - identities = lasso_node_get_child(LASSO_NODE(user), "Identities", NULL); - if(!identities) - return(NULL); - - children = lasso_node_get_children(identities); - if(!children) - return(NULL); - - index = 0; - for(index = 0; index<children->len; index++){ - alias_value = lasso_node_get_attr_value(g_ptr_array_index(children, index), "Name"); - printf("name : %s\n", alias_value); - } - - return(NULL); -} - -LassoIdentity *lasso_user_environ_search_identity(LassoUserEnviron *user, char *peer_providerID){ - LassoNode *userNode, *identity; - GPtrArray *identities; - LassoAttr *attr; - int i = 0; - - if(!user->identities) - return(NULL); - - return(NULL); } -void lasso_user_environ_set_userID(LassoUserEnviron *user, char *userID){ - LassoNodeClass *class = LASSO_NODE_GET_CLASS(user); +int lasso_user_environ_add_identity(){ - class->new_child(LASSO_NODE(user), "UserID", userID, FALSE); } - /*****************************************************************************/ /* instance and class init functions */ /*****************************************************************************/ @@ -156,7 +80,5 @@ lasso_user_environ_new() user = LASSO_USER_ENVIRON(g_object_new(LASSO_TYPE_USER_ENVIRON, NULL)); - user->identities = NULL; - return(user); } diff --git a/lasso/id-ff/user_environ.h b/lasso/id-ff/user_environ.h index 06120aaf..9b67ada8 100644 --- a/lasso/id-ff/user_environ.h +++ b/lasso/id-ff/user_environ.h @@ -31,6 +31,7 @@ extern "C" { #endif /* __cplusplus */ #include <lasso/xml/xml.h> +#include <lasso/environs/environ.h> #include <lasso/environs/identity.h> #define LASSO_TYPE_USER_ENVIRON (lasso_user_environ_get_type()) @@ -40,29 +41,32 @@ extern "C" { #define LASSP_IS_USER_ENVIRON_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE ((klass), LASSO_TYPE_USER_ENVIRON)) #define LASSO_USER_ENVIRON_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), LASSO_TYPE_USER_ENVIRON, LassoUserEnvironClass)) + typedef struct _LassoUserEnviron LassoUserEnviron; typedef struct _LassoUserEnvironClass LassoUserEnvironClass; struct _LassoUserEnviron { - LassoNode parent; - - LassoNode *identities; + LassoEnviron parent; + + GPtrArray *assertions; + GPtrArray *identities; /*< private >*/ }; struct _LassoUserEnvironClass { - LassoNodeClass parent; + LassoEnvironClass parent; }; -LASSO_EXPORT GType lasso_user_environ_get_type(void); -LASSO_EXPORT LassoUserEnviron* lasso_user_environ_new(); +LASSO_EXPORT GType lasso_user_environ_get_type (void); +LASSO_EXPORT LassoUserEnviron* lasso_user_environ_new (void); -LASSO_EXPORT LassoIdentity *lasso_user_environ_search_identity(LassoUserEnviron *user, char *peer_providerID); -LASSO_EXPORT LassoIdentity *lasso_user_environ_new_identity(LassoUserEnviron *user, char *peer_providerID); +LASSO_EXPORT char *lasso_user_environ_identity_get_alias (LassoUserEnviron *user, char *securityDomain); +LASSO_EXPORT char *lasso_user_environ_identity_get_name (LassoUserEnviron *user, char *securityDomain); +LASSO_EXPORT int lasso_user_environ_identity_new (LassoUserEnviron *user, char *securityDomain); +LASSO_EXPORT char *lasso_user_environ_identity_new_alias (LassoUserEnviron *user, char *securityDomain); +LASSO_EXPORT int lasso_user_environ_identity_set_name (LassoUserEnviron *user, char *securityDomain, char *name); -LASSO_EXPORT LassoIdentity *lasso_user_search_by_alias(LassoUserEnviron *user, char *nameIdentifier); -LASSO_EXPORT LassoIdentity *lasso_user_search_by_name(LassoUserEnviron *user, char *nameIdentifier); #ifdef __cplusplus } |