From c888ef73f74a8987a31573d2c9509d22243bafc8 Mon Sep 17 00:00:00 2001 From: olavmrk Date: Wed, 7 Dec 2011 10:19:44 +0000 Subject: Initialize AuthnRequest with asked AuthnContextClassRef if needed Thanks to Benjamin Dauvergne for implementing this. git-svn-id: https://modmellon.googlecode.com/svn/trunk@142 a716ebb1-153a-0410-b759-cfb97c6a1b53 --- auth_mellon_handler.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'auth_mellon_handler.c') diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index eea0f05..78aaf0d 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -2418,6 +2418,9 @@ static int am_send_authn_request(request_rec *r, const char *idp, LassoSamlp2AuthnRequest *request; gint ret; char *redirect_to; + am_dir_cfg_rec *dir_cfg; + + dir_cfg = am_get_dir_cfg(r); /* Add cookie for cookie test. We know that we should have * a valid cookie when we return from the IdP after SP-initiated @@ -2465,6 +2468,27 @@ static int am_send_authn_request(request_rec *r, const char *idp, LASSO_SAMLP2_REQUEST_ABSTRACT(request)->Consent = g_strdup(LASSO_SAML2_CONSENT_IMPLICIT); + /* Add AuthnContextClassRef */ + if (dir_cfg->authn_context_class_ref->nelts) { + apr_array_header_t *refs = dir_cfg->authn_context_class_ref; + int i = 0; + LassoSamlp2RequestedAuthnContext *req_authn_context; + + req_authn_context = (LassoSamlp2RequestedAuthnContext*) + lasso_samlp2_requested_authn_context_new(); + + request->RequestedAuthnContext = req_authn_context; + + for (i = 0; i < refs->nelts; i++) { + const char *ref = ((char **)refs->elts)[i]; + req_authn_context->AuthnContextClassRef = + g_list_append(req_authn_context->AuthnContextClassRef, + g_strdup(ref)); + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "adding AuthnContextClassRef %s to the " + "AuthnRequest", ref); + } + } /* * Make sure the Destination attribute is set to the IdP -- cgit