1
/* $Id: authn_request.c,v 1.28 2004/09/01 09:59:53 fpeters Exp $
3
* Lasso - A free implementation of the Liberty Alliance specifications.
5
* Copyright (C) 2004 Entr'ouvert
6
* http://lasso.entrouvert.org
8
* Authors: Valery Febvre <vfebvre@easter-eggs.com>
9
* Nicolas Clapies <nclapies@entrouvert.com>
11
* This program is free software; you can redistribute it and/or modify
12
* it under the terms of the GNU General Public License as published by
13
* the Free Software Foundation; either version 2 of the License, or
14
* (at your option) any later version.
16
* This program is distributed in the hope that it will be useful,
17
* but WITHOUT ANY WARRANTY; without even the implied warranty of
18
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19
* GNU General Public License for more details.
21
* You should have received a copy of the GNU General Public License
22
* along with this program; if not, write to the Free Software
23
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
27
#include <xmlsec/base64.h>
28
#include <lasso/protocols/authn_request.h>
30
/*****************************************************************************/
32
/*****************************************************************************/
35
lasso_authn_request_get_protocolProfile(gchar *query)
37
gchar *protocolProfile;
39
protocolProfile = lasso_g_ptr_array_index(lasso_query_get_value(query, "ProtocolProfile"), 0);
40
if (protocolProfile == NULL)
41
protocolProfile = (gchar *)lassoLibProtocolProfileBrwsArt;
43
return protocolProfile;
46
/*****************************************************************************/
48
/*****************************************************************************/
51
lasso_authn_request_set_requestAuthnContext(LassoAuthnRequest *request,
52
GPtrArray *authnContextClassRefs,
53
GPtrArray *authnContextStatementRefs,
54
const xmlChar *authnContextComparison)
56
LassoNode *request_authn_context;
59
g_return_if_fail (LASSO_IS_AUTHN_REQUEST(request));
62
all arguments are optional
63
however, we need at least one to create the RequestAuthnContext element
65
if (authnContextClassRefs || authnContextStatementRefs || authnContextComparison) {
66
/* ok, we create a new RequestAuthnContext instance */
67
request_authn_context = lasso_lib_request_authn_context_new();
68
/* AuthnContextClassRefs */
69
if (authnContextClassRefs != NULL) {
70
if (authnContextClassRefs->len > 0) {
71
for(i=0; i<authnContextClassRefs->len; i++) {
72
lasso_lib_request_authn_context_add_authnContextClassRef(LASSO_LIB_REQUEST_AUTHN_CONTEXT(request_authn_context),
73
lasso_g_ptr_array_index(authnContextClassRefs, i));
77
/* AuthnContextStatementRefs */
78
if (authnContextStatementRefs != NULL) {
79
if (authnContextStatementRefs->len > 0) {
80
for(i=0; i<authnContextStatementRefs->len; i++) {
81
lasso_lib_request_authn_context_add_authnContextStatementRef(LASSO_LIB_REQUEST_AUTHN_CONTEXT(request_authn_context),
82
lasso_g_ptr_array_index(authnContextStatementRefs, i));
86
/* AuthnContextComparison */
87
if (authnContextComparison != NULL) {
88
lasso_lib_request_authn_context_set_authnContextComparison(LASSO_LIB_REQUEST_AUTHN_CONTEXT(request_authn_context),
89
authnContextComparison);
91
/* Add RequestAuthnContext in AuthnRequest */
92
lasso_lib_authn_request_set_requestAuthnContext(LASSO_LIB_AUTHN_REQUEST(request),
93
LASSO_LIB_REQUEST_AUTHN_CONTEXT(request_authn_context));
94
lasso_node_destroy(request_authn_context);
99
lasso_authn_request_set_scoping(LassoAuthnRequest *request,
104
g_return_if_fail (LASSO_IS_AUTHN_REQUEST(request));
106
/* create a new Scoping instance */
107
scoping = lasso_lib_scoping_new();
109
lasso_lib_scoping_set_proxyCount(LASSO_LIB_SCOPING(scoping), proxyCount);
110
/* FIXME : set IDPList here */
111
lasso_lib_authn_request_set_scoping(LASSO_LIB_AUTHN_REQUEST(request),
112
LASSO_LIB_SCOPING(scoping));
113
lasso_node_destroy(scoping);
116
/*****************************************************************************/
117
/* instance and class init functions */
118
/*****************************************************************************/
121
lasso_authn_request_instance_init(LassoAuthnRequest *request)
126
lasso_authn_request_class_init(LassoAuthnRequestClass *class)
130
GType lasso_authn_request_get_type() {
131
static GType this_type = 0;
134
static const GTypeInfo this_info = {
135
sizeof (LassoAuthnRequestClass),
138
(GClassInitFunc) lasso_authn_request_class_init,
141
sizeof(LassoAuthnRequest),
143
(GInstanceInitFunc) lasso_authn_request_instance_init,
146
this_type = g_type_register_static(LASSO_TYPE_LIB_AUTHN_REQUEST,
154
lasso_authn_request_new(const xmlChar *providerID,
155
lassoSignatureType sign_type,
156
lassoSignatureMethod sign_method)
161
request = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_REQUEST, NULL));
163
/* Set ONLY required elements/attributes */
165
id = lasso_build_unique_id(32);
166
lasso_samlp_request_abstract_set_requestID(LASSO_SAMLP_REQUEST_ABSTRACT(request),
167
(const xmlChar *)id);
170
lasso_samlp_request_abstract_set_majorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
171
lassoLibMajorVersion);
173
lasso_samlp_request_abstract_set_minorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
174
lassoLibMinorVersion);
176
time = lasso_get_current_time();
177
lasso_samlp_request_abstract_set_issueInstant(LASSO_SAMLP_REQUEST_ABSTRACT(request),
178
(const xmlChar *)time);
180
/* Signature template */
181
if (sign_type != lassoSignatureTypeNone) {
182
lasso_samlp_request_abstract_set_signature_tmpl(LASSO_SAMLP_REQUEST_ABSTRACT(request),
188
lasso_lib_authn_request_set_providerID(LASSO_LIB_AUTHN_REQUEST(request),
195
lasso_authn_request_new_from_export(gchar *buffer,
196
lassoNodeExportType export_type)
198
LassoNode *request = NULL, *authn_context = NULL, *scoping;
199
LassoNode *request_node, *soap_node;
201
xmlChar *str, *buffer_decoded;
206
g_return_val_if_fail(buffer != NULL, NULL);
208
request = LASSO_NODE(g_object_new(LASSO_TYPE_AUTHN_REQUEST, NULL));
210
switch (export_type) {
211
case lassoNodeExportTypeXml:
212
lasso_node_import(request, buffer);
214
case lassoNodeExportTypeQuery:
215
gd = lasso_query_to_dict(buffer);
217
g_object_unref(request);
222
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RequestID"), 0);
224
lasso_samlp_request_abstract_set_requestID(LASSO_SAMLP_REQUEST_ABSTRACT(request),
227
g_datalist_clear(&gd);
228
g_object_unref(request);
233
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "MajorVersion"), 0);
235
lasso_samlp_request_abstract_set_majorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
238
lasso_samlp_request_abstract_set_majorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
239
lassoLibMajorVersion);
242
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "MinorVersion"), 0);
244
lasso_samlp_request_abstract_set_minorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
247
lasso_samlp_request_abstract_set_minorVersion(LASSO_SAMLP_REQUEST_ABSTRACT(request),
248
lassoLibMinorVersion);
251
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "IssueInstant"), 0);
253
lasso_samlp_request_abstract_set_issueInstant(LASSO_SAMLP_REQUEST_ABSTRACT(request),
257
g_datalist_clear(&gd);
258
g_object_unref(request);
263
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ProviderID"), 0);
265
lasso_lib_authn_request_set_providerID(LASSO_LIB_AUTHN_REQUEST(request), str);
267
g_datalist_clear(&gd);
268
g_object_unref(request);
273
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "NameIDPolicy"), 0);
275
lasso_lib_authn_request_set_nameIDPolicy(LASSO_LIB_AUTHN_REQUEST(request), str);
278
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ForceAuthn"), 0);
280
if(!strcmp(str, "true"))
281
lasso_lib_authn_request_set_forceAuthn(LASSO_LIB_AUTHN_REQUEST(request), TRUE);
282
else if(!strcmp(str, "false"))
283
lasso_lib_authn_request_set_forceAuthn(LASSO_LIB_AUTHN_REQUEST(request), FALSE);
287
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "IsPassive"), 0);
289
if(!strcmp(str, "true"))
290
lasso_lib_authn_request_set_isPassive(LASSO_LIB_AUTHN_REQUEST(request), TRUE);
292
lasso_lib_authn_request_set_isPassive(LASSO_LIB_AUTHN_REQUEST(request), FALSE);
295
/* ProtocolProfile */
296
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ProtocolProfile"), 0);
298
lasso_lib_authn_request_set_protocolProfile(LASSO_LIB_AUTHN_REQUEST(request), str);
300
/* AssertionConsumerServiceID */
301
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "AssertionConsumerServiceID"), 0);
303
lasso_lib_authn_request_set_assertionConsumerServiceID(LASSO_LIB_AUTHN_REQUEST(request), str);
306
array = (GPtrArray *)g_datalist_get_data(&gd, "AuthnContextClassRef");
308
if (authn_context == NULL)
309
authn_context = lasso_lib_request_authn_context_new();
310
for(i=0; i<array->len; i++)
311
lasso_lib_request_authn_context_add_authnContextClassRef(LASSO_LIB_REQUEST_AUTHN_CONTEXT(authn_context),
312
lasso_g_ptr_array_index(array, i));
314
array = (GPtrArray *)g_datalist_get_data(&gd, "AuthnContextStatementRef");
316
if (authn_context == NULL)
317
authn_context = lasso_lib_request_authn_context_new();
318
for(i=0; i<array->len; i++)
319
lasso_lib_request_authn_context_add_authnContextStatementRef(LASSO_LIB_REQUEST_AUTHN_CONTEXT(authn_context),
320
lasso_g_ptr_array_index(array, i));
322
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "AuthnContextComparison"), 0);
324
if (authn_context == NULL)
325
authn_context = lasso_lib_request_authn_context_new();
326
lasso_lib_request_authn_context_set_authnContextComparison(LASSO_LIB_REQUEST_AUTHN_CONTEXT(authn_context),
329
if (authn_context != NULL) {
330
lasso_lib_authn_request_set_requestAuthnContext(LASSO_LIB_AUTHN_REQUEST(request),
331
LASSO_LIB_REQUEST_AUTHN_CONTEXT(authn_context));
332
lasso_node_destroy(authn_context);
336
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "RelayState"), 0);
338
lasso_lib_authn_request_set_relayState(LASSO_LIB_AUTHN_REQUEST(request), str);
343
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "ProxyCount"), 0);
345
/* create a new Scoping instance */
346
scoping = lasso_lib_scoping_new();
348
lasso_lib_scoping_set_proxyCount(LASSO_LIB_SCOPING(scoping), atoi(str));
349
lasso_lib_authn_request_set_scoping(LASSO_LIB_AUTHN_REQUEST(request),
350
LASSO_LIB_SCOPING(scoping));
351
lasso_node_destroy(scoping);
355
str = lasso_g_ptr_array_index((GPtrArray *)g_datalist_get_data(&gd, "consent"), 0);
357
lasso_lib_authn_request_set_consent(LASSO_LIB_AUTHN_REQUEST(request), str);
360
g_datalist_clear(&gd);
362
case lassoNodeExportTypeBase64:
363
buffer_decoded = xmlMalloc(strlen(buffer));
364
xmlSecBase64Decode(buffer, buffer_decoded, strlen(buffer));
365
lasso_node_import(request, buffer_decoded);
366
xmlFree(buffer_decoded);
368
case lassoNodeExportTypeSoap:
369
soap_node = lasso_node_new_from_dump(buffer);
370
request_node = lasso_node_get_child(soap_node, "AuthnRequest",
372
export = lasso_node_export(request_node);
373
lasso_node_import(request, export);
375
lasso_node_destroy(request_node);
376
lasso_node_destroy(soap_node);