summaryrefslogtreecommitdiffstats
path: root/lasso
Commit message (Collapse)AuthorAgeFilesLines
...
* SAML 2.0: if assertion possess a signed original_xmlnode return it instead ↵Benjamin Dauvergne2010-02-171-1/+18
| | | | | | | | | | | | of using get_xmlNode * lasso/xml/saml-2.0/saml2_assertion.c: assertion in lasso when read are not usable anymore because the signature is lost, this commit allows to keep assertion unaltered after reading them if they contained a top level signature (a signature contained in the Assertion node). This is useful for reusing assertion kept in a LassoSession object and for using assertion as security token for ID-WSF.
* Core: use lasso_xmlnode_to_string in LassoNode export functionsBenjamin Dauvergne2010-02-171-95/+33
| | | | | * lasso/xml/xml.c: remove duplicate codes and use lasso_xmlnode_to_string instead.
* Core: add a lasso_xmlnode_to_string functionBenjamin Dauvergne2010-02-172-0/+33
| | | | | | | | * lasso/xml/tools.c lasso/xml/private.h: lots of functions duplicate this code, so we factorized it there. It has two parameters, the xmlnode and boolean deciding whether to format the resulting content (good for reading but bad for signatures).
* SAML 2.0: in lasso_saml20_profile_set_session_from_dump_decrypt, really decryptBenjamin Dauvergne2010-02-171-5/+15
| | | | | | | | | | * lasso/saml-2.0/profile.c: dump for already signed assertion containing an EncryptedID as Subject does not work as before, the decrypted NameID is no more included in it, so instead of trying to plug it in the NameID field we resort to really deciphering the EncryptedID. That could be a performance problem if the session object is stuffed with a lot of assertions.
* ID-WSF 2.0: fix loading of LassoIdWsf2Discovery dumpsBenjamin Dauvergne2010-02-173-5/+25
|
* Core: add error exit to lasso_node_new_from_xmlNodeBenjamin Dauvergne2010-02-171-0/+4
| | | | | | * lasso/xml/xml.c: if building of the node fails, we must keep the initialization of custom nodename and namespace.
* ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction add the ↵Benjamin Dauvergne2010-02-171-5/+20
| | | | | | | | | transactionID to the URL * lasso/id-wsf-2.0/profile.c: simplify use of lasso_idwsf2_profile_redirect_user_for_interaction by directly adding the ID of the SOAP response message to the URL. Report an error if no MessageID can be found.
* ID-WSF 2.0: rewrite and document ↵Benjamin Dauvergne2010-02-172-8/+26
| | | | | | | | | | | lasso_soap_envelope_sb2_get_redirect_request_url * lasso/id-wsf-2.0/soap_binding.{c,h}: fix error in conception of lasso_soap_envelope_sb2_get_redirect_request_url, RedirectRequest is part of a SOAP fault not the headers. Explain in the documentation how to use the RedirectRequest URL. Change the return type to a const string.
* ID-WSF 2.0: add a method to retrieve/create a SOAP Fault to SOAP binding moduleBenjamin Dauvergne2010-02-172-0/+26
| | | | | | * lasso/id-wsf-2.0/soap_binding.{c,h}: add method lasso_soap_envelope_get_soap_fault which returns/create the first SOAP fault inside the body of the SOAP envelope.
* Core: add missing return value owner semantic annotations to gettersBenjamin Dauvergne2010-02-1714-50/+113
| | | | | | | * lasso/id-ff/provider.c: fix lasso_provider_get_base64_succinct_id, it returned a libxml string, copy it with g_strdup before releasing it to stay with GLib allocated string in return values.
* Core: add annotation to getter function about return value owner semanticBenjamin Dauvergne2010-02-173-5/+7
| | | | | | | | | * lasso/id-ff/identity.c lasso/id-ff/profile.c: precise owner semantic of lasso_profile_get_identity, lasso_profile_get_session, lasso_profile_get_server * lasso/id-wsf-2.0/saml2_login.c tests/login_tests_saml2.c: in the same vein add missing release of assertion returned by lasso_login_get_assertion which return a caller owned object.
* ID-WSF 2.0: make lasso_idwsf2_profile_redirect_user_for_interaction choke on ↵Benjamin Dauvergne2010-02-171-7/+47
| | | | | | | | | | missing redirect property on UserInteraction header * lasso/id-wsf-2.0/profile.c: if redirect boolean property is false, refuse to return a redirect request. automatically create a SOAP fault to signal to the requester that it needs to support interaction via redirect.
* ID-WSF 2.0: add error code signaling that the requester does not support ↵Benjamin Dauvergne2010-02-172-1/+10
| | | | | | | | redirect request * lasso/errors.c lasso/errors.h: add LASSO_WSF_PROFILE_ERROR_REDIRECT_REQUEST_UNSUPPORTED_BY_REQUESTER.
* ID-WSF 2.0: add a create arg to ↵Benjamin Dauvergne2010-02-172-14/+12
| | | | lasso_soap_envelope_get_sb2_user_interaction_header, add it to public API
* ID-WSF 2.0: fix lots of bad usage of g_strcmp0Benjamin Dauvergne2010-02-173-6/+6
| | | | | | | * lasso/id-wsf-2.0/idwsf2_helper.c lasso/id-wsf-2.0/soap_binding.c lasso/id-wsf/data_service.: add missing check for the return value of strcmp, maybe we need a macro like lasso_strequal.
* in tools.c, add defines to permit import of timegmBenjamin Dauvergne2010-02-171-0/+3
|
* SAML 2.0: make lasso_saml2_assertion_validate_conditions really workBenjamin Dauvergne2010-02-171-2/+2
|
* Core: fix lasso_iso_8601_gmt_to_time_t, use timegm instead of mktimeBenjamin Dauvergne2010-02-171-1/+1
| | | | | | * lasso/xml/tools.c: mktime convert works on local time, we need timegm to work with GMT time.
* ID-WSF 2.0: add strings for Discovery service ActionsBenjamin Dauvergne2010-02-1731-52/+57
|
* ID-WSF 2.0: add serialization code for private properties of LassoIdWsf2ProfileBenjamin Dauvergne2010-02-172-1/+192
|
* ID-WSF 2.0: fix missing initialization of request field in ↵Benjamin Dauvergne2010-02-171-0/+2
| | | | lasso_idwsf2_discovery_validate_md_register
* ID-WSF 2.0: fix lasso_idwsf2_discovery_add_simple_service_metadataBenjamin Dauvergne2010-02-171-2/+2
| | | | | | * lasso/id-wsf-2.0/discovery.c: options is a string list, and security_mech_ids too, so employ the corresponding macros.
* Core: in utils.h, use a temporary to store reference to freed listBenjamin Dauvergne2010-02-171-3/+4
|
* ID-WSF 2.0: in lasso_idwsf2_discovery_status2rc, check second level status ↵Benjamin Dauvergne2010-02-171-2/+10
| | | | code too
* SAML 2.0: fix documentation of lasso_saml2_assertion_validate_conditionsBenjamin Dauvergne2010-02-151-1/+1
|
* Add signature on EPR secur tokenBenjamin Dauvergne2010-02-151-1/+1
|
* ID-WSF 2.0: add signature to Disco produced EPR SAML 2.0 security tokensBenjamin Dauvergne2010-02-151-0/+1
|
* ID-WSF 2.0: in lasso_idwsf2_profile_build_request_msg, properly handle the ↵Benjamin Dauvergne2010-02-151-4/+19
| | | | | | | | | | security token * lasso/id-wsf-2.0/profile.c: security token is a signed assertion by an IdP or a discovery service, we must keep as is, that is with the signature, in order to do that we extract the original xmlNode from the assertion and embed it in the new message using a LassoMiscTextNode.
* ID-WSF 2.0: in lasso_login_idwsf2_get_discovery_bootstrap_epr, better handle ↵Benjamin Dauvergne2010-02-151-7/+11
| | | | | | | | attribute content * lasso/id-wsf-2.0/saml2_login.c: LassoSaml2AttributeValue can contain many children, so traverse them all to find the firs LassoWsAddrEndpointReference among them.
* ID-WSF 2.0: in lasso_login_idwsf2_add_discovery_bootstrap_epr, initialize ID ↵Benjamin Dauvergne2010-02-151-3/+5
| | | | | | | and Issuer property on bootstrap assertion. * lasso/id-wsf-2.0/saml2_login.c: initialization of ID and Issuer properties was missing.
* Core: in lasso_verify_signature, fix conditional about single referenceBenjamin Dauvergne2010-02-151-1/+1
| | | | | * lasso/xml/toosl.c: verify that reference is unique if NO_SINGLE_REFERENCE is disabled.
* SAML 2.0: in saml2_helper.c, better check issuer element and also test the ↵Benjamin Dauvergne2010-02-151-1/+5
| | | | LassoServer object for issuance, lasso_saml2_assertion_get_issuer_provider
* ID-WSF 2.0: in lasso_wsa_endpoint_reference_new_for_idwsf2_service, do not ↵Benjamin Dauvergne2010-02-151-0/+2
| | | | | | | forget to add metadata to epr, fill usage property of token * lasso/id-wsf-2.0/idwsf2_helper.c: add missing initialization code.
* ID-WSF 2.0: fix bad type checking in ↵Benjamin Dauvergne2010-02-151-4/+2
| | | | | | | lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism * lasso/id-wsf-2.0/idwsf2_helper.c: SecurityMechID is a list of strings not LassoMiscTextNode.
* ID-WSF 2.0: fix bad conditionnal in ↵Benjamin Dauvergne2010-02-151-2/+1
| | | | | | | | | | lasso_idwsf2_discovery_process_metadata_register_response_msg * lasso/id-wsf-2.0/discovery.c: fix check in lasso_idwsf2_discovery_process_metadata_register_response_msg fix duplication of service metadatas inside private list of service metadatas.
* in server.c, fix missing loading of public keys in constructorsBenjamin Dauvergne2010-02-151-0/+4
| | | | | | | * lasso/id-ff/server.c: constructor for LassoProvider load public keys but they are not called by LassoServer constructors, so we have to explicitely duplicate calls to lasso_provider_load_public_keys.
* ID-WSF 2.0: moved strings to their own headerBenjamin Dauvergne2010-02-153-859/+938
|
* Add saml2_strings.h to distBenjamin Dauvergne2010-02-121-1/+2
|
* Use defined symbols instead of magic constantsBenjamin Dauvergne2010-02-121-2/+2
|
* Add LASSO_SAML2_FIELD_ENCODINGBenjamin Dauvergne2010-02-121-0/+1
| | | | | * lasso/xml/saml-2.0/saml2_strings.h: add another field name from SAML 2.0 specifications.
* Fix lasso_get_relaystate_from_query, support semi-colon and parameter at ↵Benjamin Dauvergne2010-02-121-7/+22
| | | | | | | | beginning * lasso/xml/tools.c: getting first parameter was broken (query_string does not contain '?' at the beginning) and semi-colon support was missing.
* Documentation: fix typos in saml2_strings.h documentation, add new string ↵Benjamin Dauvergne2010-02-101-10/+10
| | | | symbols to lasso-sections.txt
* SAML 2.0: move SAML 2.0 strings to their own header, add documentationBenjamin Dauvergne2010-02-102-199/+406
| | | | | | | * lasso/xml/strings.h: remove SAML 2.0 strings * lasso/xml/saml-2.0/saml2_strings.h: move them here, document useful ones.
* Documentation: document LsasoSamlp2NameIDPolicyBenjamin Dauvergne2010-02-101-1/+18
|
* Documentation: complete non finished documentation commentsBenjamin Dauvergne2010-02-1023-89/+127
| | | | | | * too much warnings when generating doc, now we can concentrate on undocumented symbols (in lasso/docs/reference/lasso/lasso-undocumented.txt).
* SAML 2.0: separate lasso_saml20_login_process_response_status_and_assertion ↵Benjamin Dauvergne2010-02-101-75/+100
| | | | | | | | into multiple functions * lasso/saml-2.0/login.c: in lasso_saml20_login_process_response_status_and_assertion, extract assertion decryption, and issuer checking into their own function.
* SAML 2.0: when verifying query signature, do not presume order of field and ↵Benjamin Dauvergne2010-02-101-32/+77
| | | | | | | | | | | | | | separator * lasso/xml/tools.c: in lasso_saml2_verify_query_signature, extract needed field and order them appropriately before computing digest, expect ';' as well as '&' as separator. * tests/random_test.c: add non-regression tests for query signature validation. * tests/Makefile.am: make tests link agains static version of liblasso, to get access to private functions.
* SAML 2.0: complete list of field names for SAML 2.0Benjamin Dauvergne2010-02-101-3/+6
|
* Core: in tools.c, enhance urlencoded_to_string to support semu-colon separatorBenjamin Dauvergne2010-02-101-9/+21
|
* SAML 2.0: add helper method lasso_saml2_assertion_get_in_response_toBenjamin Dauvergne2010-02-102-0/+21
| | | | | * lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h: add a method to access easily the InResponseTo attribute.
generated by cgit (git 2.34.1) at 2025-09-27 04:32:42 +0000