summaryrefslogtreecommitdiffstats
path: root/lasso
Commit message (Collapse)AuthorAgeFilesLines
...
* [Core] dump custom signature parameters in lasso dumpsBenjamin Dauvergne2010-07-161-0/+32
| | | | | | | | | | The signature parameters are serialized as global attributes from the http://lasso.entrouvert.org/lasso/namespaces/0.0 named: SignatureType SignatureMethod PrivateKey PrivateKeyPassword Certificate
* [Core] add lasso_node_set_signature and lasso_node_get_signatureBenjamin Dauvergne2010-07-162-0/+89
| | | | | | Those two methods allows to associate signature parameters to any node. They keep it inside the CustomElement quark. Using a private structure may be more performant.
* [Core] extract signature adding into base class method lasso_node_get_xmlNodeBenjamin Dauvergne2010-07-129-155/+78
| | | | | | | | | | | | | | | In order to permit subclass to modify the base xmlNode created by lasso_node_impl_get_xmlNode we must defer the concrete to the virtual method wrapper, lasso_node_get_xmlNode. To do that it whas needed to make id_attribute another virtual field of LassoNode subclasses (it can be accessed through an offset registered in the class object). This commit solves signature validation error since the patch for managing more than one SessionIndex element in samlp2:LogoutRequest. It also factorize the creation of signatures in one place.
* [SAMLv2] if service provider supports logout, add a SessionIndex from the ↵Benjamin Dauvergne2010-07-121-0/+6
| | | | | | | | assertion ID The standard mandate to provide a SessionIndex to service provider advertaising their support of the logout profile. We follow the convention of using the assertion ID as a SessionIndex.
* [Core] lasso_check_version does not return a proper error codeBenjamin Dauvergne2010-07-121-1/+1
| | | | | lasso_check_version returns 0, 1 or -1 and one is not a proper error code, so the original int return type is kept.
* [Core] change return type of all error returning methodsBenjamin Dauvergne2010-07-1233-191/+191
| | | | | The new return type is lasso_error_t, it should allow to pinpoint easily methods returning an error code in bindings.
* [Core] add a lasso_error_t typedefBenjamin Dauvergne2010-07-123-1/+42
| | | | | | This typedef will serve to mark error returning methods. The ctypes.h header piggyback on export.h to be included in all public headers.
* [Provider] Fix loading of provider without a public keyBenjamin Dauvergne2010-07-051-15/+32
| | | | | This commit also emit propre warning when loading fails for a provider *with* a public key.
* [Core] add macro to release an xmlNodeList objectBenjamin Dauvergne2010-06-291-0/+3
|
* [Core] add macro to release GList of xmlNodeListBenjamin Dauvergne2010-06-291-0/+3
|
* [Core] add macros to manipulate xmlNodeList and GList of xmlNodeListBenjamin Dauvergne2010-06-291-0/+21
| | | | | The method to copy them is xmlCopyNodeList and not xmlCopyNode, so we need another set of macros.
* Merge branch 'issue-101'Benjamin Dauvergne2010-06-291-52/+72
|
* Merge branch 'issue-88'Benjamin Dauvergne2010-06-292-5/+15
|
* Merge branch 'issue-86'Benjamin Dauvergne2010-06-292-0/+138
|
* [XML] in lasso_node_export_to_paos_request check return value of ↵Benjamin Dauvergne2010-06-171-0/+4
| | | | lasso_node_get_xmlNode
* [XML] in _lasso_node_export_to_base64 check return value of ↵Benjamin Dauvergne2010-06-171-0/+2
| | | | lasso_node_export_to_xml
* [XML] in _lasso_node_export_to_xml check return value of lasso_node_get_xmlNodeBenjamin Dauvergne2010-06-171-0/+3
|
* [Core] do not ignore keep_xmlnode flag inherited from parent classesBenjamin Dauvergne2010-06-151-3/+9
| | | | | | We only looked to the keep_xmlnode flag in the node data of the top level class, but any parent class can set this flag and in this case we must honor it too.
* Core: when reloading a dump, use the signing private key password for ↵Benjamin Dauvergne2010-06-141-1/+1
| | | | | | | | | | | loading the encryption private key We currently do not store the encryption private key, instead on reload of a dump, we try to use the signing private key as the encryption private key. But we forgot to use the stored private key password. That's now fixed. Next step would be to keep the encryption private key around also.
* Core: move logging function and macros to their own module, adapt perl bindingBenjamin Dauvergne2010-06-129-95/+211
|
* Core: move lasso_strerror declaration to errors.hBenjamin Dauvergne2010-06-122-2/+4
|
* SAMLv2: rename lasso_saml2_name_id_build_persistent to ↵Benjamin Dauvergne2010-06-122-0/+22
| | | | | | | lasso_saml2_name_id_new_with_persistent_format * keep the old one for compatibility * new one will be picked by bindings as a constructor
* SAMLv2: when initializing signture on assertion, setup an ID if there is noneBenjamin Dauvergne2010-06-121-0/+3
| | | | * without the ID lasso refuse to sign (it's mandatory)
* SAMLv2: in lasso_assertion_query_build_request_msg setup nameidBenjamin Dauvergne2010-06-121-2/+6
| | | | | | | * lasso_profile_get_nameIdentifier does not return profile->nameIdentifier , so we first try to use profile->nameIdentifier and if it is NULL we use lasso_profile_get_nameIdentifier.
* Core: update lasso_iso_8601_gmt_to_time_t to support millisecondsBenjamin Dauvergne2010-06-102-5/+42
| | | | | | | | | | | * We now support the two possible formats for xsdtime XSchema datatype: - dddd-dd-ddTdd:dd:ddZ - dddd-dd-ddTdd:dd:dd.d*Z Where d denotes a digit, and * is the kleene star. XSD datetime also supports negative years, but as we cannot represent them with time_t, we can reject it at the lexical level.
* Fix long lines in lasso/id-ff/server.cBenjamin Dauvergne2010-06-101-6/+10
|
* Core: add method lasso_server_set_encryption_private_key_with_passwordBenjamin Dauvergne2010-06-102-7/+35
| | | | * fixes #91.
* SAMLv2: add new methods to class LassoAssertionQueryBenjamin Dauvergne2010-06-104-0/+126
| | | | | | | | * lasso_assertion_query_add_attribute_request: helper to setup request attribute for AttributeQuery messages. * lasso_assertion_query_get_request_type: method to find the type of the last received query. * fixes #90
* SAMLv2: fix initialization of subject in lasso_assertion_query_build_request_msgBenjamin Dauvergne2010-06-101-8/+10
|
* Import tools in utils.hBenjamin Dauvergne2010-06-101-0/+2
|
* Fix collision between defined symbols in tools.h and private.hBenjamin Dauvergne2010-06-101-3/+3
|
* Change all logging to use message()Benjamin Dauvergne2010-06-098-24/+24
|
* Core: in xml error message handler, escape messages to fit on one lineBenjamin Dauvergne2010-06-091-2/+11
|
* Core: remove arrow in log messagesBenjamin Dauvergne2010-06-091-1/+1
|
* Utils: add function to extract/create node in listsBenjamin Dauvergne2010-06-099-1/+38
| | | | | * lasso_extract_gtype_from_list_or_new will help for method with create or extend nodes in lists.
* Add new lasso_log_set_handler and lasso_log_remove_handler functionsFrederic Peters2010-06-092-0/+40
| | | | | They are modeled around the g_log... functions of GLib, they just don't have a domain parameter.
* SAMLv2: make role checking inactive for LassoServerBenjamin Dauvergne2010-06-061-2/+4
| | | | | * LassoServer have no role defined, so checking breaks loading of metadata for LassoServer.
* ID-FFv1.2: for idp initiated sso accept any nameIdPolicyBenjamin Dauvergne2010-06-061-7/+0
| | | | * IdP initiated SSO can be of any kind, no need to limit it.
* SAML 2.0: add checks for proper loading of role descriptorsBenjamin Dauvergne2010-06-041-4/+13
| | | | | | * remove warning for descriptors supporting non SAML 2.0 protocols * checks that at least one descriptor was loaded and that it was for our assigned role.
* SAMLv2: fix error in naming of function in the documentationBenjamin Dauvergne2010-06-041-2/+2
|
* SAMLv2: remove HTTP-Redirect as right binding for AssertionConsumerBenjamin Dauvergne2010-05-311-1/+0
|
* SAMLv2: fix bug giving UnuspportedProfile for SingleSignOn with HTTP-POSTBenjamin Dauvergne2010-05-311-1/+1
| | | | | * The string constant in lasso_saml20_provider_accept_http_method was HTTP-Post instead of HTTP-POST.
* Core: fix extraction of relaystate when URLs contains only one kind of ↵Benjamin Dauvergne2010-05-311-1/+1
| | | | separators
* SAMLv2: simplify lasso_saml20_provider_accept_http_method by only checking ↵Benjamin Dauvergne2010-05-311-12/+3
| | | | | | | for remote provider support * Whatever we do, with asyncrhonous bindings the remote provider can return the response with any asynchronous binding.
* SAML 2.0: in lasso_login_build_assertion set conditions time limit, no ↵Benjamin Dauvergne2010-05-311-4/+2
| | | | SubjectConfirmationData limits
* SAML 2.0: in lasso_login_build_assertion do not conflate sessionNotOnOrAfter ↵Benjamin Dauvergne2010-05-311-4/+0
| | | | with assertion condition notOnOrAfter
* SAMLv2: conflate Responder and Requester when checking second level status codeBenjamin Dauvergne2010-05-111-1/+2
| | | | | | * lasso/saml-2.0/login.c: I'm not sure that most IdP really make the semantic distinction between those two first level status codes, so just conflate them.
* SAMLv2: remove warning message for invalid signature on AuthnResponse messagesBenjamin Dauvergne2010-05-111-4/+0
| | | | | | * lasso/saml-2.0/login.c: we already return an error, no need to clutter the output with warning messages.
* SAML 2.0 Helper: add lasso_saml2_assertion_set_one_time_useBenjamin Dauvergne2010-05-012-1/+27
|
* Fix bad initialization of an rc field from revision 4837Benjamin Dauvergne2010-05-011-1/+1
|
generated by cgit (git 2.34.1) at 2025-09-26 15:37:02 +0000