summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* ID-WSF 2.0: in lasso_idwsf2_get_name_identifier, use ↵Benjamin Dauvergne2010-03-021-21/+15
| | | | lasso_saml2_assertion_decrypt_subject
* ID-WSF 2.0: in lasso_idwsf2_profile_check_security_mechanism, add common ↵Benjamin Dauvergne2010-03-021-23/+49
| | | | logic for SAML 2.0 secmech, check for presence of a server object,
* ID-WSF 2.0: fix MDAssociationQueryResponse handlingBenjamin Dauvergne2010-03-021-15/+25
| | | | | | | | * lasso/id-wsf-2.0/discovery.c: - in lasso_idwsf2_discovery_validate_request, use svcmdids to intialize response to MSAssociationQuery requests. - in lasso_idwsf2_discovery_process_response_msg, extract received svcmdids; use lasso_check_good_rc when needed.
* ID-WSF 2.0: change signature of lasso_idwsf2_discovery_add_identity_to_eprBenjamin Dauvergne2010-03-021-16/+16
| | | | | | | | | * lasso/id-wsf-2.0/discovery.c: - in lasso_idwsf2_discovery_add_identity_to_epr, receive an Epr instead of an EprMetadata node, and use lasso_wsa_endpoint_reference_add_security_token to add the assertion token instead of duplicating this logic. - in lasso_idwsf2_discovery_build_epr change the call site.
* ID-WSF 2.0: fix documentation of lasso_idwsf2_data_service_build_request_msgBenjamin Dauvergne2010-03-021-2/+3
|
* SAML 2.0: in lasso_saml2_assertion_get_issuer_provider, check type of server ↵Benjamin Dauvergne2010-03-021-0/+1
| | | | argument
* Core: add do/while(0) around block of goto_cleanup_with_rcBenjamin Dauvergne2010-03-021-2/+2
|
* Core: add PROFILE errors around assertion validationBenjamin Dauvergne2010-03-022-2/+44
| | | | | | | | * lasso/errors.c lasso/errors.h: - add errors concerning invalid assertion, assertion with invalid conditions, unknown issuers, or when the issuer is not a provider we marked as an IdP. - add error for missing sender id in an ID-WSF message.
* Core: add a level argument to lasso_xmlnode_to_string and ↵Benjamin Dauvergne2010-03-025-9/+29
| | | | _lasso_node_export_to_xml
* Binding perl: add support for out parametersBenjamin Dauvergne2010-02-222-17/+38
| | | | | * bindings/perl/lang.py: support GObject out parameters.
* SAML 2.0: LassoSaml2ConditionAbstract does not match its element name ↵Benjamin Dauvergne2010-02-221-0/+3
| | | | | | | | | anymore, add a registry mapping * lasso/xml/saml-2.0/saml2_condition_abstract.c: last commit to this file changed the element name from ConditionAbstract to Condition so the XML parser cannot find the corresponding GObject class anymore.
* SAML 2.0: add more accessors for ConditionsBenjamin Dauvergne2010-02-223-20/+202
| | | | | | | | | | | | | | * lasso/saml-2.0/saml2_helper.{c,h}: distribute code from lasso_saml2_assertion_validate_conditions to lasso_saml2_assertion_validate_time_checks and lasso_saml2_assertion_validate_audience. add lasso_saml2_assertion_allows_proxying and lasso_saml2_assertion_allows_proxying_to, to respectively check for proxying of the current assertion, and for proxying to a specific provider (you must call both of them to test completely the proxying status of an assertion). * docs/reference/lasso/lasso-sections.txt: reference new functions into documentation.
* Bindings python: use more accessors from utils.pyBenjamin Dauvergne2010-02-221-41/+31
| | | | | * binings/python/lang.py: remove direct access to type tuples in favor of using accesors from utils.py.
* Bindings: make is_int more robust, and fix remove_modifiersBenjamin Dauvergne2010-02-221-6/+9
|
* Bindings php5: use accessort from bindings/utils.pyBenjamin Dauvergne2010-02-221-29/+38
| | | | | * bindings/php5/wrapper_source.py: do not handle 'type/variable' tuple directly, use accessors.
* Binding python: add pickling support to LassoNodeBenjamin Dauvergne2010-02-221-0/+10
| | | | | | | * bindings/python/lang.py: support pickling protocol methods __getstate__ and __setstate__ leveraging the lasso_node_dump and lasso_node_new_from_dump methods from Lasso.
* Add lasso_string_to_xsd_integer, to parse xsd:integer valuesBenjamin Dauvergne2010-02-222-0/+33
|
* SAML 2.0: fix bad name of Condition element, keep xmlNode as it is abstractBenjamin Dauvergne2010-02-221-1/+2
| | | | | | | | * lasso/xml/saml-2.0/saml2_condition_abstract.c: saml2:Condition is an element whose type is abstract, it must be used as an extension point helped by the xsi:type field. As the content is unknown before hand we must keep the original xmlNode for later analysis.
* Bindings python tests: update idwsf2_tests.pyBenjamin Dauvergne2010-02-221-1359/+160
|
* Bindings: in utils.py, make clean_type handle None valueBenjamin Dauvergne2010-02-221-0/+2
|
* ID-WSF 2.0: reorganize EPR minting, add a process_request method to disco ↵Benjamin Dauvergne2010-02-2210-133/+315
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | service * data_service.c: remove dependency on discovery.h * discovery.{c,h}: - add a lasso_idwsf2_discovery_process_request_msg to extract request data before validate request (SvcMDID, SvcMD or RequestService). - store SvcMDID in a private field, add a setter for it. - SvcMDID is now used for building response to MDAssociationQuery and parsing request for MDQuery, MDDelete, MDAssociationAdd and MDAssociationDelete. * idwsf2_helper.{c,h}: - change security mechanism argument of lasso_wsa_endpoint_reference_add_security_token from a NULL terminated string array to a GList. * saml2_login.{c,h}: - add a lasso_server_create_assertion_as_idwsf2_security_token for minting assertion for ID-WSF 2.0 security, to be used in Discovery bootstap EPR creation and EPR minting for Discovery service Query responses. - add a lasso_saml2_assertion_get_discovery_bootstrap_epr, and rewirte lasso_login_idwsf2_get_discovery_bootstrap_epr to use it. - make lasso_login_idwsf2_add_discovery_bootstrap_epr accept a list of security mechanisms, not just one. * tests/idwsf2_tests.c: - adapt to new argument type of lasso_login_idwsf2_add_discovery_bootstrap_epr.
* Core: add new example to LassoLogout for asynchronous response handlingBenjamin Dauvergne2010-02-221-11/+56
|
* Support multiline error messages in build_strerror.pyBenjamin Dauvergne2010-02-222-9/+14
|
* SAML 2.0: add lasso_saml2_encrypted_element_server_decrypt and ↵Benjamin Dauvergne2010-02-222-0/+50
| | | | lasso_saml2_assertion_decrypt_subject
* Fix idp5-saml2 metadatasBenjamin Dauvergne2010-02-221-11/+22
| | | | | | * tests/data/idp5-saml2/metadata.xml: we do not have the private key for the encryption public key, so I copied the signing public key.
* Fix lasso_extract_gobject_from_listBenjamin Dauvergne2010-02-222-2/+13
|
* (no commit message)Mikael Ates2010-02-211-1/+1
|
* Documentation: add example to LassoLogout, fix bad markup in ↵Benjamin Dauvergne2010-02-173-4/+161
| | | | id-wsf-2.0/profile.c
* ID-WSF 2.0: also check sender match assertion in ↵Benjamin Dauvergne2010-02-171-0/+10
| | | | | | | | lasso_idwsf2_profile_check_security_mechanism * lasso/id-wsf-2.0/profile.c: for BEARER mechanism, also check that the SPNameQualifier of the Subject match the Sender of the request.
* ID-WSF 2.0: add lasso_idwsf2_discovery_get_svcmdids to public APIBenjamin Dauvergne2010-02-171-0/+1
|
* Tests integration: force C localeBenjamin Dauvergne2010-02-171-0/+1
| | | | | | * tests/integration/saml2/__init__.py: authentic now use 'system locale' by default, so force C locale to get english IHM string to make twill happy.
* SAML 2.0: if assertion possess a signed original_xmlnode return it instead ↵Benjamin Dauvergne2010-02-171-1/+18
| | | | | | | | | | | | of using get_xmlNode * lasso/xml/saml-2.0/saml2_assertion.c: assertion in lasso when read are not usable anymore because the signature is lost, this commit allows to keep assertion unaltered after reading them if they contained a top level signature (a signature contained in the Assertion node). This is useful for reusing assertion kept in a LassoSession object and for using assertion as security token for ID-WSF.
* Core: use lasso_xmlnode_to_string in LassoNode export functionsBenjamin Dauvergne2010-02-171-95/+33
| | | | | * lasso/xml/xml.c: remove duplicate codes and use lasso_xmlnode_to_string instead.
* Current state of ID-WSF 2.0 python testBenjamin Dauvergne2010-02-171-6/+76
|
* Binding php5: fix generation of list freeingBenjamin Dauvergne2010-02-171-2/+2
| | | | | * bindings/php5/wrapper_source.py: free_glist wants a GList** as first argument.
* Core: add a lasso_xmlnode_to_string functionBenjamin Dauvergne2010-02-172-0/+33
| | | | | | | | * lasso/xml/tools.c lasso/xml/private.h: lots of functions duplicate this code, so we factorized it there. It has two parameters, the xmlnode and boolean deciding whether to format the resulting content (good for reading but bad for signatures).
* SAML 2.0: in lasso_saml20_profile_set_session_from_dump_decrypt, really decryptBenjamin Dauvergne2010-02-171-5/+15
| | | | | | | | | | * lasso/saml-2.0/profile.c: dump for already signed assertion containing an EncryptedID as Subject does not work as before, the decrypted NameID is no more included in it, so instead of trying to plug it in the NameID field we resort to really deciphering the EncryptedID. That could be a performance problem if the session object is stuffed with a lot of assertions.
* Current state of idwsf2 testsBenjamin Dauvergne2010-02-171-44/+59
|
* ID-WSF 2.0: fix loading of LassoIdWsf2Discovery dumpsBenjamin Dauvergne2010-02-173-5/+25
|
* Core: add error exit to lasso_node_new_from_xmlNodeBenjamin Dauvergne2010-02-171-0/+4
| | | | | | * lasso/xml/xml.c: if building of the node fails, we must keep the initialization of custom nodename and namespace.
* Binding python: simplify special constructor, use cptrToPyBenjamin Dauvergne2010-02-171-5/+1
|
* ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction add the ↵Benjamin Dauvergne2010-02-171-5/+20
| | | | | | | | | transactionID to the URL * lasso/id-wsf-2.0/profile.c: simplify use of lasso_idwsf2_profile_redirect_user_for_interaction by directly adding the ID of the SOAP response message to the URL. Report an error if no MessageID can be found.
* ID-WSF 2.0: rewrite and document ↵Benjamin Dauvergne2010-02-172-8/+26
| | | | | | | | | | | lasso_soap_envelope_sb2_get_redirect_request_url * lasso/id-wsf-2.0/soap_binding.{c,h}: fix error in conception of lasso_soap_envelope_sb2_get_redirect_request_url, RedirectRequest is part of a SOAP fault not the headers. Explain in the documentation how to use the RedirectRequest URL. Change the return type to a const string.
* ID-WSF 2.0: add a method to retrieve/create a SOAP Fault to SOAP binding moduleBenjamin Dauvergne2010-02-172-0/+26
| | | | | | * lasso/id-wsf-2.0/soap_binding.{c,h}: add method lasso_soap_envelope_get_soap_fault which returns/create the first SOAP fault inside the body of the SOAP envelope.
* Binding python tests: adapt test to use TOP_SRCDIR env varBenjamin Dauvergne2010-02-172-4/+4
|
* Binding python: factorize value freeing generation codeBenjamin Dauvergne2010-02-171-3/+31
| | | | | | | * lasso/python/lang.py: extract value freeing generation code to method free_value, add proper liberation of values at exit of wrapper functions, remove g_free call from return_value generated code.
* Core: add missing return value owner semantic annotations to gettersBenjamin Dauvergne2010-02-1714-50/+113
| | | | | | | * lasso/id-ff/provider.c: fix lasso_provider_get_base64_succinct_id, it returned a libxml string, copy it with g_strdup before releasing it to stay with GLib allocated string in return values.
* Core: add annotation to getter function about return value owner semanticBenjamin Dauvergne2010-02-173-5/+7
| | | | | | | | | * lasso/id-ff/identity.c lasso/id-ff/profile.c: precise owner semantic of lasso_profile_get_identity, lasso_profile_get_session, lasso_profile_get_server * lasso/id-wsf-2.0/saml2_login.c tests/login_tests_saml2.c: in the same vein add missing release of assertion returned by lasso_login_get_assertion which return a caller owned object.
* ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction choke on ↵Benjamin Dauvergne2010-02-171-7/+47
| | | | | | | | | | missing redirect property on UserInteraction header * lasso/id-wsf-2.0/profile.c: if redirect boolean property is false, refuse to return a redirect request. automatically create a SOAP fault to signal to the requester that it needs to support interaction via redirect.
* ID-WSF 2.0: add error code signaling that the requester does not support ↵Benjamin Dauvergne2010-02-172-1/+10
| | | | | | | | redirect request * lasso/errors.c lasso/errors.h: add LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST_UNSUPPORTED_BY_REQUESTER.
generated by cgit (git 2.34.1) at 2025-09-28 02:41:59 +0000