summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorolavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53>2013-06-11 05:38:19 +0000
committerolavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53>2013-06-11 05:38:19 +0000
commit6608bb2e1ee076627916ffe7f1457d7d096e9383 (patch)
treee212604f5e466dd0ddb464e8ca01dfddc9460ec3
parent764a70d1c84a4195d9db117f1fbcb17a94cd49de (diff)
downloadmod_auth_mellon-6608bb2e1ee076627916ffe7f1457d7d096e9383.zip
mod_auth_mellon-6608bb2e1ee076627916ffe7f1457d7d096e9383.tar.gz
mod_auth_mellon-6608bb2e1ee076627916ffe7f1457d7d096e9383.tar.xz
Add support for reciving HTTP-Artifact responses over POST.
The HTTP-Artifact response is also allowed to be sent as a POST request. This patch adds support for loading those responses. Thanks to Nikola Ivačič for implementing this! git-svn-id: https://modmellon.googlecode.com/svn/trunk@217 a716ebb1-153a-0410-b759-cfb97c6a1b53
-rw-r--r--auth_mellon_handler.c58
1 files changed, 46 insertions, 12 deletions
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c
index ffbbc24..2887ec9 100644
--- a/auth_mellon_handler.c
+++ b/auth_mellon_handler.c
@@ -1970,7 +1970,7 @@ static int am_handle_post_reply(request_rec *r)
/* Make sure that this is a POST request. */
if(r->method_number != M_POST) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
- "Exptected POST request for HTTP-POST endpoint."
+ "Expected POST request for HTTP-POST endpoint."
" Got a %s request instead.", r->method);
/* According to the documentation for request_rec, a handler which
@@ -2060,11 +2060,13 @@ static int am_handle_artifact_reply(request_rec *r)
LassoLogin *login;
char *response;
char *relay_state;
+ char *saml_art;
+ char *post_data;
/* Make sure that this is a GET request. */
- if(r->method_number != M_GET) {
+ if(r->method_number != M_GET && r->method_number != M_POST) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
- "Exptected GET request for the HTTP-Artifact endpoint."
+ "Expected GET or POST request for the HTTP-Artifact endpoint."
" Got a %s request instead.", r->method);
/* According to the documentation for request_rec, a handler which
@@ -2093,14 +2095,41 @@ static int am_handle_artifact_reply(request_rec *r)
}
/* Parse artifact url. */
- rc = lasso_login_init_request(login, r->args,
+ if (r->method_number == M_GET) {
+ rc = lasso_login_init_request(login, r->args,
LASSO_HTTP_METHOD_ARTIFACT_GET);
- if(rc < 0) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
- "Failed to handle login response."
- " Lasso error: [%i] %s", rc, lasso_strerror(rc));
- lasso_login_destroy(login);
- return HTTP_BAD_REQUEST;
+
+ if(rc < 0) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Failed to handle login response."
+ " Lasso error: [%i] %s", rc, lasso_strerror(rc));
+ lasso_login_destroy(login);
+ return HTTP_BAD_REQUEST;
+ }
+ } else {
+ rc = am_read_post_data(r, &post_data, NULL);
+ if (rc != OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r,
+ "Error reading POST data.");
+ return HTTP_BAD_REQUEST;
+ }
+
+ saml_art = am_extract_query_parameter(r->pool, post_data, "SAMLart");
+ if (saml_art == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rc, r,
+ "Error reading POST data missing SAMLart form parameter.");
+ return HTTP_BAD_REQUEST;
+ }
+ ap_unescape_url(saml_art);
+
+ rc = lasso_login_init_request(login, saml_art, LASSO_HTTP_METHOD_ARTIFACT_POST);
+ if(rc < 0) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Failed to handle login response."
+ " Lasso error: [%i] %s", rc, lasso_strerror(rc));
+ lasso_login_destroy(login);
+ return HTTP_BAD_REQUEST;
+ }
}
/* Prepare SOAP request. */
@@ -2138,8 +2167,13 @@ static int am_handle_artifact_reply(request_rec *r)
}
/* Extract the RelayState parameter. */
- relay_state = am_extract_query_parameter(r->pool, r->args,
- "RelayState");
+ if (r->method_number == M_GET) {
+ relay_state = am_extract_query_parameter(r->pool, r->args,
+ "RelayState");
+ } else {
+ relay_state = am_extract_query_parameter(r->pool, post_data,
+ "RelayState");
+ }
/* Finish handling the reply with the common handler. */
return am_handle_reply_common(r, login, relay_state, "");