← Back to branch summary

~ubuntu-branches/ubuntu/hardy/lasso/hardy

« back to all changes in this revision

Viewing changes to lasso/id-ff/name_identifier_mapping.c

  • Committer: Bazaar Package Importer
  • Author(s): Michael Bienia
  • Date: 2007-07-31 21:35:26 UTC
  • mfrom: (1.1.4 upstream)
  • Revision ID: james.westby@ubuntu.com-20070731213526-oc6jw5mprcd5tjyy
Tags: 2.0.0-1ubuntu1
* Merge from debian unstable. Remaining changes:
  + debian/control:
    - Modify Maintainer value to match DebianMaintainerField spec.
* debian/rules:
  + Add CC=gcc-4.2 to the configure call else configure won't find jni.h
    from libgcj8-dev.
* configure{,.ac}:
  + Add missing quotes around the value for PHP[45]_LIBS.

Show diffs side-by-side

added added

removed removed

Lines of Context:
lasso/id-ff/name_identifier_mapping.c
1
 
/* $Id: name_identifier_mapping.c,v 1.59 2006/01/23 15:30:00 fpeters Exp $
 
1
/* $Id: name_identifier_mapping.c,v 1.65 2007/01/05 13:40:07 fpeters Exp $
2
2
 *
3
3
 * Lasso - A free implementation of the Liberty Alliance specifications.
4
4
 *
57
57
        LassoProfile *profile;
58
58
        LassoProvider *remote_provider;
59
59
 
60
 
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
 
60
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
 
61
                        LASSO_PARAM_ERROR_INVALID_VALUE);
61
62
 
62
63
        profile = LASSO_PROFILE(mapping);
 
64
        lasso_profile_clean_msg_info(profile);
63
65
 
64
66
        if (profile->remote_providerID == NULL) {
65
67
                /* this means lasso_logout_init_request was not called before */
75
77
 
76
78
        if (remote_provider->role != LASSO_PROVIDER_ROLE_IDP) {
77
79
                message(G_LOG_LEVEL_CRITICAL, "Build request msg method is forbidden at IDP");
78
 
                return LASSO_ERROR_UNDEFINED;
 
80
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
79
81
        }
80
82
 
81
83
        profile->msg_url = lasso_provider_get_metadata_one(remote_provider, "SoapEndpoint");
126
128
        LassoProfile *profile;
127
129
        LassoProvider *remote_provider;
128
130
 
129
 
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
 
131
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
 
132
                        LASSO_PARAM_ERROR_INVALID_VALUE);
130
133
 
131
134
        profile = LASSO_PROFILE(mapping);
 
135
        lasso_profile_clean_msg_info(profile);
132
136
 
133
137
        if (profile->remote_providerID == NULL) {
134
138
                /* this means lasso_logout_init_request was not called before */
143
147
 
144
148
        if (remote_provider->role != LASSO_PROVIDER_ROLE_SP) {
145
149
                message(G_LOG_LEVEL_CRITICAL, "Build response msg method is forbidden at SP");
146
 
                return LASSO_ERROR_UNDEFINED;
 
150
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
147
151
        }
148
152
 
149
153
        /* verify the provider type is a service provider type */
197
201
 
198
202
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
199
203
                        LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
200
 
        g_return_val_if_fail(targetNamespace != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
201
 
        g_return_val_if_fail(remote_providerID != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
204
        g_return_val_if_fail(targetNamespace != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
205
        g_return_val_if_fail(remote_providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
202
206
 
203
207
        profile = LASSO_PROFILE(mapping);
204
208
 
218
222
        }
219
223
        if (remote_provider->role != LASSO_PROVIDER_ROLE_IDP) {
220
224
                message(G_LOG_LEVEL_CRITICAL, "Init request method is forbidden for an IDP");
221
 
                return LASSO_ERROR_UNDEFINED;
 
225
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
222
226
        }
223
227
 
224
228
        /* get federation */
287
291
 
288
292
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
289
293
                        LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
290
 
        g_return_val_if_fail(request_msg != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
294
        g_return_val_if_fail(request_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
291
295
 
292
296
        profile = LASSO_PROFILE(mapping);
293
297
 
345
349
        LassoProfile  *profile;
346
350
        LassoProvider *remote_provider;
347
351
        LassoMessageFormat format;
 
352
        LassoLibNameIdentifierMappingResponse *response;
348
353
        int rc;
349
354
        char *statusCodeValue;
350
355
 
351
356
        g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
352
357
                        LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
353
 
        g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
358
        g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
354
359
 
355
360
        profile = LASSO_PROFILE(mapping);
356
361
 
360
365
                return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
361
366
        }
362
367
 
363
 
        remote_provider = g_hash_table_lookup(profile->server->providers,
364
 
                        LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response)->ProviderID);
 
368
        response = LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response);
 
369
 
 
370
        remote_provider = g_hash_table_lookup(profile->server->providers, response->ProviderID);
365
371
        if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
366
372
                return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
367
373
        }
369
375
        /* verify signature */
370
376
        rc = lasso_provider_verify_signature(remote_provider, response_msg, "ResponseID", format);
371
377
 
372
 
        statusCodeValue = LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(
373
 
                        profile->response)->Status->StatusCode->Value;
374
 
        if (strcmp(statusCodeValue, LASSO_SAML_STATUS_CODE_SUCCESS) != 0) {
375
 
                message(G_LOG_LEVEL_CRITICAL, "%s", statusCodeValue);
376
 
                return LASSO_ERROR_UNDEFINED;
377
 
        }
378
 
 
 
378
        if (response->Status == NULL || response->Status->StatusCode == NULL) {
 
379
                return LASSO_PROFILE_ERROR_MISSING_STATUS_CODE;
 
380
        }
 
381
 
 
382
        statusCodeValue = response->Status->StatusCode->Value;
 
383
        if (statusCodeValue == NULL || strcmp(statusCodeValue,
 
384
                                LASSO_SAML_STATUS_CODE_SUCCESS) != 0) {
 
385
                return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS;
 
386
        }
 
387
 
 
388
        
379
389
        /* Set the target name identifier */
380
 
        mapping->targetNameIdentifier = g_strdup(LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(
381
 
                        profile->request)->NameIdentifier->content);
 
390
        if (LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request)->NameIdentifier) {
 
391
                mapping->targetNameIdentifier = g_strdup(LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(
 
392
                                        profile->request)->NameIdentifier->content);
 
393
        } else {
 
394
                mapping->targetNameIdentifier = NULL;
 
395
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_IDENTIFIER;
 
396
        }
382
397
 
383
398
        return rc;
384
399
}
420
435
 
421
436
        if (remote_provider->role != LASSO_PROVIDER_ROLE_SP) {
422
437
                message(G_LOG_LEVEL_CRITICAL, "Build request msg method is forbidden at SP");
423
 
                return LASSO_ERROR_UNDEFINED;
 
438
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
424
439
        }
425
440
 
426
441
        /* verify request attribute of mapping is a name identifier mapping request */
427
442
        if (LASSO_IS_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request) == FALSE) {
428
443
                message(G_LOG_LEVEL_CRITICAL, "Invalid NameIdentifierMappingRequest");
429
 
                return LASSO_ERROR_UNDEFINED;
 
444
                return LASSO_PROFILE_ERROR_MISSING_REQUEST;
430
445
        }
431
446
 
432
447
        if (profile->http_request_method != LASSO_HTTP_METHOD_SOAP) {
473
488
        if (nameIdentifier == NULL) {
474
489
                lasso_profile_set_response_status(profile,
475
490
                                LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL);
476
 
                message(G_LOG_LEVEL_CRITICAL, "Name identifier of federation not found");
477
 
                return LASSO_ERROR_UNDEFINED;
 
491
                return LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
478
492
        }
479
493
 
480
494
        /* get the federation of the target name space and his name identifier */
481
495
        if (request->TargetNamespace == NULL) {
482
 
                message(G_LOG_LEVEL_CRITICAL, "Target name space not found");
483
 
                return LASSO_ERROR_UNDEFINED;
 
496
                return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_NAMESPACE;
484
497
        }
485
498
        federation = g_hash_table_lookup(profile->identity->federations, request->TargetNamespace);
486
499
        if (LASSO_IS_FEDERATION(federation) == FALSE) {
487
500
                lasso_profile_set_response_status(profile,
488
501
                                LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST);
489
502
                message(G_LOG_LEVEL_CRITICAL, "Target name space federation not found");
490
 
                return LASSO_ERROR_UNDEFINED;
 
503
                return LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND;
491
504
        }
492
505
 
493
506
        targetNameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->remote_nameIdentifier);
500
513
                                "Name identifier for target name space federation not found");
501
514
                lasso_profile_set_response_status(profile,
502
515
                                LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST);
503
 
                return LASSO_ERROR_UNDEFINED;
 
516
                return LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
504
517
        }
505
518
 
506
519
        LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response)->NameIdentifier =