| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
Instad of referring to an old FSF address, point the reader to the FSF
website where the latest licenses and addresses are published.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
KeyInfoSujectConfirmationData sub-type
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new implementations of lasso_node_impl_init_from_xml now validate
namespace of all child nodes befores parsing. It stops on any error. For
node which implement their own parsing of an attribute or a node, it
must declare an XmlSnippet with an offset field set to 0. The 0 value is
invalid for public GObject structure (it's the place of the GObject
machinery like the reference count). The 0 offset can be used for
XmlSnippet in a private structure, so never set the offset to 0 with the
flag SNIPPET_PRIVATE, for a field which is parsed by you get_xmlNode
virtual method.
Other ameliorations in this commit is the possibility to set attributes
with namespace when using the flags SNIPPET_ATTRIBUTE|SNIPPET_ANY. The
syntax for an attribute is inspired by the element tree API from Python:
{namespace}attribute_name
an example:
{http://www.w3.org/2001/XMLSchema-instance}type
for the classic xsi:type attribute.
|
| |
|
|
|
|
|
| |
To allow lasso_node_impl_init_from_xmlnode to do proper namespace
checking, child node which are not of the same namespace as their parent
in their XSD schema must have an explicit namespace declared in the
XmlSnippet.
|
| |
|
|
|
|
| |
node implementation
The goal is to use the KeyInfo structure as a transport format for our cryptographic keys
|
| |
|
|
|
| |
- it can support any content and any attribute without validation
xs:any with processContents="lax"
|
| |
|
|
| |
LassoKeyInformationDataType
|
| |
|
|
|
|
| |
* use a direct mapping to map this class to SubjectConfirmationData
node having the xsi:type attribute.
* overload get_xmlNode method to add the xsi:type attribute on output.
|
| |
|
|
| |
An AttributeValue has an XSchema type of xs:any.
|
| |
|
|
|
| |
Too much human errors with strcmp kind of functions. Also change name os
lasso_is_empty_string to lasso_strisempty.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to permit subclass to modify the base xmlNode created by
lasso_node_impl_get_xmlNode we must defer the concrete to the virtual
method wrapper, lasso_node_get_xmlNode.
To do that it whas needed to make id_attribute another virtual field of
LassoNode subclasses (it can be accessed through an offset registered in
the class object).
This commit solves signature validation error since the patch for
managing more than one SessionIndex element in samlp2:LogoutRequest.
It also factorize the creation of signatures in one place.
|
| |
|
|
|
| |
The new return type is lasso_error_t, it should allow to pinpoint easily
methods returning an error code in bindings.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
support
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lassoxml/disco_send_single_logout.c:
* lassoxml/id-wsf-2.0/sb2_user_interaction_header.c:
* lassoxml/id-wsf-2.0/subsref_app_data.c:
* lassoxml/lib_assertion.c:
* lassoxml/saml-2.0/saml2_condition_abstract.c:
* lassoxml/saml-2.0/saml2_encrypted_element.c:
* lassoxml/ws/wsa_attributed_uri.c:
* lassoxml/ws/wsa_endpoint_reference.c:
class_init is only called the first time an object of the given type
is created, registry mappings must exist before this time, so I moved
the registration code to the _get_type() functions.
|
| |
|
|
|
|
|
|
|
| |
anymore, add a registry mapping
* lasso/xml/saml-2.0/saml2_condition_abstract.c:
last commit to this file changed the element name from
ConditionAbstract to Condition so the XML parser cannot find the
corresponding GObject class anymore.
|
| |
|
|
|
|
|
|
| |
* lasso/xml/saml-2.0/saml2_condition_abstract.c:
saml2:Condition is an element whose type is abstract, it must be used
as an extension point helped by the xsi:type field. As the content is
unknown before hand we must keep the original xmlNode for later
analysis.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
of using get_xmlNode
* lasso/xml/saml-2.0/saml2_assertion.c:
assertion in lasso when read are not usable anymore because the
signature is lost, this commit allows to keep assertion unaltered
after reading them if they contained a top level signature (a
signature contained in the Assertion node).
This is useful for reusing assertion kept in a LassoSession object
and for using assertion as security token for ID-WSF.
|
| | |
|
| |
|
|
|
| |
* lasso/xml/saml-2.0/saml2_strings.h:
add another field name from SAML 2.0 specifications.
|
| |
|
|
| |
symbols to lasso-sections.txt
|
| |
|
|
|
|
|
| |
* lasso/xml/strings.h:
remove SAML 2.0 strings
* lasso/xml/saml-2.0/saml2_strings.h:
move them here, document useful ones.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- lasso/xml/saml-2.0/saml2_authn_context.c:
<AuthnContext/> can contain at least one node among:
- <AuthnContextClassRef/>
- <AuthnContextDeclRef/>
- <AuthnContextDecl/>
to approximate this possibility, we need to make any of them
optional.
<AuthenticatingAuthority/> should be a list but we cannot change it
without breaking the ABI, so we will wait for this.
|
| |
|
|
| |
lasso-sections.txt
|
| | |
|
| |
|
|
| |
recipient argument
|
| |
|
|
| |
HTTP-Artefact
|
| |
|
|
| |
signatures
|
| | |
|
| |
|
|
|
|
|
|
|
| |
NewEncryptedID element to saml2:EncryptedElement
* lasso/xml/saml-2.0/saml2_encrypted_element.c:
add registry mapping from EncryptedID, EncryptedAssertion,
EncryptedAttribute and NewEncryptedID element to
saml2:EncryptedElement
|
| |
|
|
|
|
|
| |
* lasso/xml/saml-2.0/saml2_name_id.c:
* lasso/xml/saml-2.0/saml2_name_id.h:
add a lasso_saml2_name_id_equals method which return TRUE if two
NameId are equal.
|
