From 5b7353c5f8cc2545aea69b49d2df6c6a32ea03a1 Mon Sep 17 00:00:00 2001
From: Emmanuel Raviart <eraviart@entrouvert.com>
Date: Wed, 8 Sep 2004 00:44:52 +0000
Subject: Restructured ColdFusion code. Added single logout code. Both single
 sign-on and single logout work.

---
 java/coldfusion/src/CFLasso.java             | 151 --------------------------
 java/coldfusion/src/CFLassoSingleLogout.java |  98 +++++++++++++++++
 java/coldfusion/src/CFLassoSingleSignOn.java | 156 +++++++++++++++++++++++++++
 java/coldfusion/web/assertionConsumer.cfm    |  11 +-
 java/coldfusion/web/singleLogout.cfm         |  40 +++++++
 java/coldfusion/web/singleSignOn.cfm         |   8 +-
 6 files changed, 306 insertions(+), 158 deletions(-)
 delete mode 100644 java/coldfusion/src/CFLasso.java
 create mode 100644 java/coldfusion/src/CFLassoSingleLogout.java
 create mode 100644 java/coldfusion/src/CFLassoSingleSignOn.java
 create mode 100644 java/coldfusion/web/singleLogout.cfm

(limited to 'java')

diff --git a/java/coldfusion/src/CFLasso.java b/java/coldfusion/src/CFLasso.java
deleted file mode 100644
index 9233379c..00000000
--- a/java/coldfusion/src/CFLasso.java
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * ColdFusionLasso -- ColdFusion bindings for Lasso library
- *
- * Copyright (C) 2004 Entr'ouvert
- * http://lasso.entrouvert.org
- *
- * Authors: Emmanuel Raviart <eraviart@entrouvert.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
- */
-
-
-/*
- * Simple wrapper for JLasso, to ease its use by ColdFusion applications.
- *
- * To compile it:
- * $ javac -classpath ../../lasso.jar CFLasso.java
- *
- * To test it:
- * $ export LD_LIBRARY_PATH=../../.libs/
- * $ java -classpath ../../lasso.jar:. CFLasso
- *
- * To use it:
- * $ jar cf CFLasso.jar CFLasso.class
- * edit ColdFusion file bin/jvm.config:
- *   - Add libjlasso.so directory to java.library.path variable.
- *   - Add lasso.jar & CFLasso.jar to java.class.path variable.
- */
-
-import com.entrouvert.lasso.AuthnRequest;
-import com.entrouvert.lasso.Identity;
-import com.entrouvert.lasso.lassoConstants;
-import com.entrouvert.lasso.lasso;
-import com.entrouvert.lasso.Login;
-import com.entrouvert.lasso.Server;
-import com.entrouvert.lasso.Session;
-
-
-public class CFLasso {
-    /* A simple service provider */
-
-    protected Login login = null;
-    protected Server server = null;
-
-    public String idpProviderId = null;
-
-    public void acceptSso() {
-	login.acceptSso();
-    }
-
-    public void assertionConsumer(String queryString) {
-        login = new Login(server);
-	login.initRequest(queryString, lassoConstants.httpMethodRedirect);
-	login.buildRequestMsg();
-    }
-
-    public void configure(String metadataPath, String publicKeyPath, String privateKeyPath,
-			  String idpProviderId, String idpMetadataPath, String idpPublicKeyPath) {
-        server = new Server(metadataPath, publicKeyPath, privateKeyPath, null,
-			    lassoConstants.signatureMethodRsaSha1);
-	this.idpProviderId = idpProviderId;
-        server.addProvider(idpMetadataPath, idpPublicKeyPath, null);
-    }
-
-    public String getIdentityDump() {
-	Identity identity = login.getIdentity();
-	if (identity != null)
-	    return identity.dump();
-	else
-	    return null;
-    }
-
-    public String getMsgBody() {
-	return login.getMsgBody();
-    }
-
-    public String getMsgRelayState() {
-	return login.getMsgRelayState();
-    }
-
-    public String getMsgUrl() {
-	return login.getMsgUrl();
-    }
-
-    public String getNameIdentifier() {
-	return login.getNameIdentifier();
-    }
-
-    public String getSessionDump() {
-	Session session = login.getSession();
-	if (session != null)
-	    return session.dump();
-	else
-	    return null;
-    }
-
-    public String login(String relayState) {
-	AuthnRequest authnRequest;
-	String authnRequestUrl;
-
-        login = new Login(server);
-        login.initAuthnRequest(lassoConstants.httpMethodRedirect);
-	authnRequest = login.getAuthnRequest();
-        authnRequest.setIsPassive(false);
-        authnRequest.setNameIdPolicy(lassoConstants.libNameIdPolicyTypeFederated);
-        authnRequest.setConsent(lassoConstants.libConsentObtained);
-	if (relayState != null)
-	    authnRequest.setRelayState(relayState);
-        login.buildAuthnRequestMsg(idpProviderId);
-        authnRequestUrl = login.getMsgUrl();
-	return authnRequestUrl;
-    }
-
-    static public void main(String [] args) {
-	CFLasso lasso = new CFLasso();
-	lasso.configure("../../../tests/data/sp2-la/metadata.xml",
-			"../../../tests/data/sp2-la/public-key.pem",
-			"../../../tests/data/sp2-la/private-key-raw.pem",
-			"https://idp2/metadata",
-			"../../../tests/data/idp2-la/metadata.xml",
-			"../../../tests/data/idp2-la/public-key.pem");
-	String ssoUrl = lasso.login("data to get back");
-	System.out.println("Test");
-	System.out.print("Identity provider single sign-on URL = ");
-	System.out.println(ssoUrl);
-    }
-
-    public void processResponseMsg(String responseMsg) {
-	login.processResponseMsg(responseMsg);
-    }
-
-    public void setIdentityFromDump(String identityDump) {
-	login.setIdentityFromDump(identityDump);
-    }
-
-    public void setSessionFromDump(String sessionDump) {
-	login.setSessionFromDump(sessionDump);
-    }
-}
diff --git a/java/coldfusion/src/CFLassoSingleLogout.java b/java/coldfusion/src/CFLassoSingleLogout.java
new file mode 100644
index 00000000..588c97dd
--- /dev/null
+++ b/java/coldfusion/src/CFLassoSingleLogout.java
@@ -0,0 +1,98 @@
+/*
+ * ColdFusionLasso -- ColdFusion bindings for Lasso library
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ *
+ * Authors: Emmanuel Raviart <eraviart@entrouvert.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+
+import com.entrouvert.lasso.AuthnRequest;
+import com.entrouvert.lasso.Identity;
+import com.entrouvert.lasso.lassoConstants;
+import com.entrouvert.lasso.lasso;
+import com.entrouvert.lasso.Logout;
+import com.entrouvert.lasso.Server;
+import com.entrouvert.lasso.Session;
+
+
+public class CFLassoSingleLogout {
+    /* A simple service provider single logout */
+
+    protected Logout logout = null;
+    protected Server server = null;
+
+    public String idpProviderId = null;
+
+    public void buildRequestMsg() {
+	logout.buildRequestMsg();
+    }
+
+    public void configure(String metadataPath, String publicKeyPath, String privateKeyPath,
+			  String idpProviderId, String idpMetadataPath, String idpPublicKeyPath) {
+        server = new Server(metadataPath, publicKeyPath, privateKeyPath, null,
+			    lassoConstants.signatureMethodRsaSha1);
+	this.idpProviderId = idpProviderId;
+        server.addProvider(idpMetadataPath, idpPublicKeyPath, null);
+        logout = new Logout(server, lassoConstants.providerTypeSp);
+    }
+
+    public String getIdentityDump() {
+	Identity identity = logout.getIdentity();
+	if (identity != null)
+	    return identity.dump();
+	else
+	    return null;
+    }
+
+    public String getMsgBody() {
+	return logout.getMsgBody();
+    }
+
+    public String getMsgUrl() {
+	return logout.getMsgUrl();
+    }
+
+    public String getNameIdentifier() {
+	return logout.getNameIdentifier();
+    }
+
+    public String getSessionDump() {
+	Session session = logout.getSession();
+	if (session != null)
+	    return session.dump();
+	else
+	    return null;
+    }
+
+    public void initRequest() {
+	logout.initRequest(idpProviderId, lassoConstants.httpMethodAny);
+    }
+
+    public void processResponseMsg(String responseMsg) {
+	logout.processResponseMsg(responseMsg, lassoConstants.httpMethodSoap);
+    }
+
+    public void setIdentityFromDump(String identityDump) {
+	logout.setIdentityFromDump(identityDump);
+    }
+
+    public void setSessionFromDump(String sessionDump) {
+	logout.setSessionFromDump(sessionDump);
+    }
+}
diff --git a/java/coldfusion/src/CFLassoSingleSignOn.java b/java/coldfusion/src/CFLassoSingleSignOn.java
new file mode 100644
index 00000000..cfcff127
--- /dev/null
+++ b/java/coldfusion/src/CFLassoSingleSignOn.java
@@ -0,0 +1,156 @@
+/*
+ * ColdFusionLasso -- ColdFusion bindings for Lasso library
+ *
+ * Copyright (C) 2004 Entr'ouvert
+ * http://lasso.entrouvert.org
+ *
+ * Authors: Emmanuel Raviart <eraviart@entrouvert.com>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+
+/*
+ * Simple wrapper for JLasso, to ease its use by ColdFusion applications.
+ *
+ * To compile it:
+ * $ javac -classpath ../../lasso.jar *.java
+ *
+ * To test it:
+ * $ export LD_LIBRARY_PATH=../../.libs/
+ * $ java -classpath ../../lasso.jar:. CFLassoLogin
+ *
+ * To use it:
+ * $ jar cf CFLasso.jar *.class
+ * edit ColdFusion file bin/jvm.config:
+ *   - Add libjlasso.so directory to java.library.path variable.
+ *   - Add lasso.jar & CFLasso.jar to java.class.path variable.
+ */
+
+import com.entrouvert.lasso.AuthnRequest;
+import com.entrouvert.lasso.Identity;
+import com.entrouvert.lasso.lassoConstants;
+import com.entrouvert.lasso.lasso;
+import com.entrouvert.lasso.Login;
+import com.entrouvert.lasso.Server;
+import com.entrouvert.lasso.Session;
+
+
+public class CFLassoSingleSignOn {
+    /* A simple service provider single sign-on */
+
+    protected Login login = null;
+    protected Server server = null;
+
+    public String idpProviderId = null;
+
+    public void acceptSso() {
+	login.acceptSso();
+    }
+
+    public void buildAuthnRequestMsg() {
+        login.buildAuthnRequestMsg(idpProviderId);
+    }
+
+    public void buildRequestMsg() {
+	login.buildRequestMsg();
+    }
+
+    public void configure(String metadataPath, String publicKeyPath, String privateKeyPath,
+			  String idpProviderId, String idpMetadataPath, String idpPublicKeyPath) {
+        server = new Server(metadataPath, publicKeyPath, privateKeyPath, null,
+			    lassoConstants.signatureMethodRsaSha1);
+	this.idpProviderId = idpProviderId;
+        server.addProvider(idpMetadataPath, idpPublicKeyPath, null);
+        login = new Login(server);
+    }
+
+    public String getIdentityDump() {
+	Identity identity = login.getIdentity();
+	if (identity != null)
+	    return identity.dump();
+	else
+	    return null;
+    }
+
+    public String getMsgBody() {
+	return login.getMsgBody();
+    }
+
+    public String getMsgRelayState() {
+	return login.getMsgRelayState();
+    }
+
+    public String getMsgUrl() {
+	return login.getMsgUrl();
+    }
+
+    public String getNameIdentifier() {
+	return login.getNameIdentifier();
+    }
+
+    public String getSessionDump() {
+	Session session = login.getSession();
+	if (session != null)
+	    return session.dump();
+	else
+	    return null;
+    }
+
+    public void initAuthnRequest(String relayState) {
+	AuthnRequest authnRequest;
+	String authnRequestUrl;
+
+        login.initAuthnRequest(lassoConstants.httpMethodRedirect);
+	authnRequest = login.getAuthnRequest();
+        authnRequest.setIsPassive(false);
+        authnRequest.setNameIdPolicy(lassoConstants.libNameIdPolicyTypeFederated);
+        authnRequest.setConsent(lassoConstants.libConsentObtained);
+	if (relayState != null)
+	    authnRequest.setRelayState(relayState);
+    }
+
+    public void initRequest(String queryString) {
+	login.initRequest(queryString, lassoConstants.httpMethodRedirect);
+    }
+
+    static public void main(String [] args) {
+	CFLassoSingleSignOn lasso = new CFLassoSingleSignOn();
+	lasso.configure("../../../tests/data/sp2-la/metadata.xml",
+			"../../../tests/data/sp2-la/public-key.pem",
+			"../../../tests/data/sp2-la/private-key-raw.pem",
+			"https://idp2/metadata",
+			"../../../tests/data/idp2-la/metadata.xml",
+			"../../../tests/data/idp2-la/public-key.pem");
+	lasso.initAuthnRequest("data-to-get-back");
+	lasso.buildAuthnRequestMsg();
+	String ssoUrl = lasso.getMsgUrl();
+	System.out.println("Test");
+	System.out.print("Identity provider single sign-on URL = ");
+	System.out.println(ssoUrl);
+    }
+
+    public void processResponseMsg(String responseMsg) {
+	login.processResponseMsg(responseMsg);
+    }
+
+    public void setIdentityFromDump(String identityDump) {
+	login.setIdentityFromDump(identityDump);
+    }
+
+    public void setSessionFromDump(String sessionDump) {
+	login.setSessionFromDump(sessionDump);
+    }
+}
diff --git a/java/coldfusion/web/assertionConsumer.cfm b/java/coldfusion/web/assertionConsumer.cfm
index 37c2b878..d942318e 100644
--- a/java/coldfusion/web/assertionConsumer.cfm
+++ b/java/coldfusion/web/assertionConsumer.cfm
@@ -10,10 +10,11 @@
     <cfset properties=sys.getProperties()>
     <cfdump var="#properties#">
 -->
-    <cfobject action="create" type="Java" class="CFLasso" name="lasso">
+    <cfobject action="create" type="Java" class="CFLassoSingleSignOn" name="lasso">
     <cfset lasso.init()>
     <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")>
-    <cfset lasso.assertionConsumer(#QUERY_STRING#)>
+    <cfset lasso.initRequest(#QUERY_STRING#)>
+    <cfset lasso.buildRequestMsg()>
     <cfset soapUrl=lasso.getMsgUrl()>
     <cfset soapBody=lasso.getMsgBody()>
     <cfset relayState=lasso.getMsgRelayState()>
@@ -30,13 +31,15 @@
     <cfdump var="#cfhttp.fileContent#">
 -->
     <cfset lasso.processResponseMsg(#cfhttp.fileContent#)>
-    <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases. --> 
+    <cfset nameIdentifier=lasso.getNameIdentifier()>
+    <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases,
+         using nameIdentifier to retrieve user and session. --> 
     <!-- cfset lasso.setIdentityFromDump(#identityDump#) -->
     <!-- cfset lasso.setSessionFromDump(#sessionDump#) -->
     <cfset lasso.acceptSso()>
     <cfset identityDump=lasso.getIdentityDump()>
     <cfset sessionDump=lasso.getSessionDump()>
-    <!-- TODO: Store identity dump and session dump into your users and sessions databases.-->
+    <!-- TODO: Store identity dump and session dump into your users and sessions databases. -->
     <cfoutput>
       <p>User is now logged. RelayState = #relayState#</p>
     </cfoutput>
diff --git a/java/coldfusion/web/singleLogout.cfm b/java/coldfusion/web/singleLogout.cfm
new file mode 100644
index 00000000..f7928250
--- /dev/null
+++ b/java/coldfusion/web/singleLogout.cfm
@@ -0,0 +1,40 @@
+<html>
+  <head>
+    <title>Lasso Single Logout</title>
+  </head>
+  <body>
+    <h1>Lasso Single Logout</h1>
+    <cfobject action="create" type="Java" class="CFLassoSingleLogout" name="lasso">
+    <cfset lasso.init()>
+    <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")>
+    <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases. --> 
+    <!-- cfset lasso.setIdentityFromDump(#identityDump#) -->
+    <!-- cfset lasso.setSessionFromDump(#sessionDump#) -->
+    <cfset lasso.initRequest()>
+    <cfset lasso.buildRequestMsg()>
+    <cfset soapUrl=lasso.getMsgUrl()>
+    <cfset soapBody=lasso.getMsgBody()>
+<!--
+    <cfdump var="#soapUrl#">
+    <cfdump var="#soapBody#">
+-->
+    <cfhttp method="POST" url="#soapUrl#">
+     <cfhttpparam type="XML" name="body" value="#soapBody#">
+    </cfhttp>
+<!--
+    <cfdump var="#cfhttp.statuscode#">
+    <cfdump var="#cfhttp.header#">
+    <cfdump var="#cfhttp.fileContent#">
+-->
+    <cfset lasso.processResponseMsg(#cfhttp.fileContent#)>
+    <cfset nameIdentifier=lasso.getNameIdentifier()>
+    <cfset identityDump=lasso.getIdentityDump()>
+    <cfset sessionDump=lasso.getSessionDump()>
+    <!-- TODO: Store identity dump in your users database and remove session dump from sessions
+         database. -->
+    <cfoutput>
+      <p>User is now unlogged.</p>
+    </cfoutput>
+  </body>
+</html>
+
diff --git a/java/coldfusion/web/singleSignOn.cfm b/java/coldfusion/web/singleSignOn.cfm
index dbd40644..12a3181f 100644
--- a/java/coldfusion/web/singleSignOn.cfm
+++ b/java/coldfusion/web/singleSignOn.cfm
@@ -9,11 +9,13 @@
     <cfset properties=sys.getProperties()>
     <cfdump var="#properties#">
 -->
-    <cfobject action="create" type="Java" class="CFLasso" name="lasso">
+    <cfobject action="create" type="Java" class="CFLassoSingleSignOn" name="lasso">
     <cfset lasso.init()>
     <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")>
-    <cfset ssoUrl=lasso.login("important")>
-    <cfoutput>Identity provider single sing-on URL to redirect to = #ssoUrl#</cfoutput>
+    <cfset lasso.initAuthnRequest("important-string")>
+    <cfset lasso.buildAuthnRequestMsg()>
+    <cfset ssoUrl=lasso.getMsgUrl()>
+    <cfoutput><p>Identity provider single sing-on URL to redirect to = #ssoUrl#</p></cfoutput>
     <cflocation url=#ssoUrl#>
   </body>
 </html>
-- 
cgit