1
/* $Id: name_id_management.c,v 1.19 2007/01/08 13:36:00 fpeters Exp $
3
* Lasso - A free implementation of the Liberty Alliance specifications.
5
* Copyright (C) 2004, 2005 Entr'ouvert
6
* http://lasso.entrouvert.org
8
* Authors: See AUTHORS file in top-level directory.
10
* This program is free software; you can redistribute it and/or modify
11
* it under the terms of the GNU General Public License as published by
12
* the Free Software Foundation; either version 2 of the License, or
13
* (at your option) any later version.
15
* This program is distributed in the hope that it will be useful,
16
* but WITHOUT ANY WARRANTY; without even the implied warranty of
17
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18
* GNU General Public License for more details.
20
* You should have received a copy of the GNU General Public License
21
* along with this program; if not, write to the Free Software
22
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25
#include <lasso/saml-2.0/name_id_management.h>
26
#include <lasso/saml-2.0/providerprivate.h>
27
#include <lasso/saml-2.0/profileprivate.h>
28
#include <lasso/id-ff/providerprivate.h>
29
#include <lasso/id-ff/identityprivate.h>
30
#include <lasso/id-ff/serverprivate.h>
31
#include <lasso/xml/xml_enc.h>
33
/*****************************************************************************/
35
/*****************************************************************************/
38
* lasso_name_id_management_init_request:
39
* @name_id_management: a #LassoNameIdManagement
40
* @remote_provider_id: the providerID of the remote provider.
41
* @new_name_id: the new NameId or NULL to terminate a federation
42
* @http_method: if set, then it get the protocol profile in metadata
43
* corresponding of this HTTP request method.
45
* Initializes a new Name Id Management Request.
47
* Return value: 0 on success; or a negative value otherwise.
50
lasso_name_id_management_init_request(LassoNameIdManagement *name_id_management,
51
char *remote_provider_id,
53
LassoHttpMethod http_method)
55
LassoProfile *profile;
56
LassoProvider *remote_provider;
57
LassoFederation *federation;
58
LassoSaml2NameID *name_id, *name_id_n;
59
LassoSamlp2RequestAbstract *request;
61
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
62
LASSO_PARAM_ERROR_INVALID_VALUE);
63
g_return_val_if_fail(remote_provider_id != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
65
profile = LASSO_PROFILE(name_id_management);
67
/* verify if the identity */
68
if (LASSO_IS_IDENTITY(profile->identity) == FALSE) {
69
return critical_error(LASSO_PROFILE_ERROR_IDENTITY_NOT_FOUND);
72
/* set the remote provider id */
73
profile->remote_providerID = g_strdup(remote_provider_id);
75
remote_provider = g_hash_table_lookup(profile->server->providers,
76
profile->remote_providerID);
77
if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
78
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
82
federation = g_hash_table_lookup(profile->identity->federations,
83
profile->remote_providerID);
84
if (LASSO_IS_FEDERATION(federation) == FALSE) {
85
return critical_error(LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
88
/* get the current NameID */
89
name_id_n = LASSO_SAML2_NAME_ID(lasso_profile_get_nameIdentifier(profile));
91
name_id = LASSO_SAML2_NAME_ID(name_id_n);
93
if (federation->local_nameIdentifier) {
94
profile->nameIdentifier = g_object_ref(federation->local_nameIdentifier);
96
profile->nameIdentifier = g_object_ref(name_id_n);
99
/* XXX: check HTTP method is supported */
101
profile->request = lasso_samlp2_manage_name_id_request_new();
103
request = LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request);
104
request->ID = lasso_build_unique_id(32);
105
request->Version = g_strdup("2.0");
106
request->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string(
107
LASSO_PROVIDER(profile->server)->ProviderID));
108
request->IssueInstant = lasso_get_current_time();
110
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(request)->NameID = g_object_ref( \
111
profile->nameIdentifier);
114
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(request)->NewID = g_strdup(new_name_id);
116
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(request)->Terminate = \
117
LASSO_SAMLP2_TERMINATE(lasso_samlp2_terminate_new());
120
profile->http_request_method = http_method;
127
* lasso_name_id_management_build_request_msg:
128
* @name_id_management: a #LassoNameIdManagement
130
* Builds the Name Id Management request message.
132
* Return value: 0 on success; or a negative value otherwise.
135
lasso_name_id_management_build_request_msg(LassoNameIdManagement *name_id_management)
137
LassoProfile *profile;
138
LassoProvider *remote_provider;
140
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
141
LASSO_PARAM_ERROR_INVALID_VALUE);
143
profile = LASSO_PROFILE(name_id_management);
144
lasso_profile_clean_msg_info(profile);
146
remote_provider = g_hash_table_lookup(profile->server->providers,
147
profile->remote_providerID);
148
if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
149
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
152
if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) {
153
profile->msg_url = lasso_provider_get_metadata_one(remote_provider,
154
"ManageNameIDService SOAP");
155
/* XXX set private key so message is signed */
156
profile->msg_body = lasso_node_export_to_soap(profile->request);
160
if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
162
url = lasso_provider_get_metadata_one(remote_provider,
163
"ManageNameIDService HTTP-Redirect");
165
return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
167
query = lasso_node_export_to_query(LASSO_NODE(profile->request),
168
profile->server->signature_method,
169
profile->server->private_key);
172
return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
174
profile->msg_url = lasso_concat_url_query(url, query);
175
profile->msg_body = NULL;
181
/* XXX: Artifact profile support */
183
return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD);
188
* lasso_name_id_management_process_request_msg:
189
* @name_id_management: a #LassoNameIdManagement
190
* @request_msg: the Name Id Management request message
192
* Processes a Name Id Management request message. Rebuilds a request object
193
* from the message and check its signature.
195
* Return value: 0 on success; or a negative value otherwise.
198
lasso_name_id_management_process_request_msg(LassoNameIdManagement *name_id_management,
201
LassoProfile *profile;
202
LassoProvider *remote_provider;
203
LassoMessageFormat format;
204
LassoSaml2NameID *name_id;
205
LassoSaml2EncryptedElement *encrypted_id;
206
LassoSaml2EncryptedElement* encrypted_element = NULL;
207
xmlSecKey *encryption_private_key = NULL;
209
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
210
LASSO_PARAM_ERROR_INVALID_VALUE);
212
profile = LASSO_PROFILE(name_id_management);
213
profile->request = lasso_samlp2_manage_name_id_request_new();
214
format = lasso_node_init_from_message(LASSO_NODE(profile->request), request_msg);
215
if (format == LASSO_MESSAGE_FORMAT_UNKNOWN || format == LASSO_MESSAGE_FORMAT_ERROR) {
216
return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
219
if (profile->remote_providerID) {
220
g_free(profile->remote_providerID);
223
profile->remote_providerID = g_strdup(
224
LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->Issuer->content);
225
remote_provider = g_hash_table_lookup(profile->server->providers,
226
profile->remote_providerID);
228
if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
229
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
232
/* verify signatures */
233
profile->signature_status = lasso_provider_verify_signature(
234
remote_provider, request_msg, "ID", format);
235
profile->signature_status = 0; /* XXX: signature check disabled for zxid */
237
if (format == LASSO_MESSAGE_FORMAT_SOAP)
238
profile->http_request_method = LASSO_HTTP_METHOD_SOAP;
239
if (format == LASSO_MESSAGE_FORMAT_QUERY)
240
profile->http_request_method = LASSO_HTTP_METHOD_REDIRECT;
242
name_id = LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NameID;
243
encrypted_id = LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->EncryptedID;
245
if (name_id == NULL && encrypted_id != NULL) {
246
encryption_private_key = profile->server->private_data->encryption_private_key;
247
encrypted_element = LASSO_SAML2_ENCRYPTED_ELEMENT(encrypted_id);
248
if (encrypted_element != NULL && encryption_private_key == NULL) {
249
return LASSO_PROFILE_ERROR_MISSING_ENCRYPTION_PRIVATE_KEY;
251
if (encrypted_element != NULL && encryption_private_key != NULL) {
252
profile->nameIdentifier = LASSO_NODE(lasso_node_decrypt(
253
encrypted_id, encryption_private_key));
254
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NameID = \
255
LASSO_SAML2_NAME_ID(profile->nameIdentifier);
256
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->EncryptedID = NULL;
260
profile->nameIdentifier = g_object_ref(name_id);
263
return profile->signature_status;
268
* lasso_name_id_management_validate_request:
269
* @name_id_management: a #LassoNameIdManagement
271
* Processes a Name Id Management request, performing requested actions against
272
* principal federations. Profile identity may have to be saved afterwards.
274
* Return value: 0 on success; or a negative value otherwise.
277
lasso_name_id_management_validate_request(LassoNameIdManagement *name_id_management)
279
LassoProfile *profile;
280
LassoProvider *remote_provider;
281
LassoFederation *federation;
282
LassoSamlp2StatusResponse *response;
283
LassoSaml2NameID *name_id;
285
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
286
LASSO_PARAM_ERROR_INVALID_VALUE);
287
profile = LASSO_PROFILE(name_id_management);
289
if (LASSO_IS_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request) == FALSE)
290
return LASSO_PROFILE_ERROR_MISSING_REQUEST;
292
if (profile->identity == NULL) {
293
return critical_error(LASSO_PROFILE_ERROR_IDENTITY_NOT_FOUND);
296
if (profile->remote_providerID) {
297
g_free(profile->remote_providerID);
300
profile->remote_providerID = g_strdup(
301
LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->Issuer->content);
303
/* get the provider */
304
remote_provider = g_hash_table_lookup(profile->server->providers,
305
profile->remote_providerID);
306
if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
307
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
310
federation = g_hash_table_lookup(profile->identity->federations,
311
profile->remote_providerID);
312
if (LASSO_IS_FEDERATION(federation) == FALSE) {
313
return critical_error(LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
316
if (profile->response) {
317
lasso_node_destroy(profile->response);
320
profile->response = lasso_samlp2_manage_name_id_response_new();
321
response = LASSO_SAMLP2_STATUS_RESPONSE(profile->response);
322
response->ID = lasso_build_unique_id(32);
323
response->Version = g_strdup("2.0");
324
response->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string(
325
LASSO_PROVIDER(profile->server)->ProviderID));
326
response->IssueInstant = lasso_get_current_time();
327
response->InResponseTo = g_strdup(LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->ID);
328
lasso_saml20_profile_set_response_status(profile, LASSO_SAML2_STATUS_CODE_SUCCESS);
330
response->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
331
if (profile->server->certificate) {
332
response->sign_type = LASSO_SIGNATURE_TYPE_WITHX509;
334
response->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE;
336
response->private_key_file = g_strdup(profile->server->private_key);
337
response->certificate_file = g_strdup(profile->server->certificate);
339
/* verify signature status */
340
if (profile->signature_status != 0) {
341
/* XXX: which SAML2 Status Code ? */
342
lasso_saml20_profile_set_response_status(profile,
343
LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE);
344
return profile->signature_status;
347
/* Get the name identifier */
348
name_id = LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NameID;
349
if (name_id == NULL) {
350
message(G_LOG_LEVEL_CRITICAL,
351
"Name identifier not found in name id management request");
352
/* XXX: which status code in SAML 2.0 ? */
353
lasso_saml20_profile_set_response_status(
354
profile, LASSO_SAML2_STATUS_CODE_UNKNOWN_PRINCIPAL);
355
return LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
358
if (LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->Terminate) {
360
lasso_identity_remove_federation(profile->identity, profile->remote_providerID);
362
/* name registration */
363
LassoSaml2NameID *new_name_id;
364
new_name_id = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new());
365
new_name_id->Format = g_strdup(name_id->Format);
366
new_name_id->NameQualifier = g_strdup(name_id->NameQualifier);
367
new_name_id->SPNameQualifier = g_strdup(name_id->SPNameQualifier);
368
if (remote_provider->role == LASSO_PROVIDER_ROLE_SP) {
369
/* if the requester is the service provider, the new
370
* identifier MUST appear in subsequent <NameID>
371
* elements in the SPProvidedID attribute
372
* -- saml-core-2.0-os.pdf, page 58
374
new_name_id->SPProvidedID = g_strdup(
375
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NewID);
376
new_name_id->content = g_strdup(name_id->content);
378
/* If the requester is the identity provider, the new
379
* value will appear in subsequent <NameID> elements as
380
* the element's content.
381
* -- saml-core-2.0-os.pdf, page 58
383
new_name_id->content = g_strdup(
384
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NewID);
387
if (federation->local_nameIdentifier)
388
lasso_node_destroy(LASSO_NODE(federation->local_nameIdentifier));
389
federation->local_nameIdentifier = g_object_ref(new_name_id);
390
profile->identity->is_dirty = TRUE;
397
* lasso_name_id_management_build_response_msg:
398
* @name_id_management: a #LassoNameIdManagement
400
* Builds the Name Id Management response message.
402
* Return value: 0 on success; or a negative value otherwise.
405
lasso_name_id_management_build_response_msg(LassoNameIdManagement *name_id_management)
407
LassoProfile *profile;
408
LassoSamlp2StatusResponse *response;
409
LassoProvider *provider;
412
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
413
LASSO_PARAM_ERROR_INVALID_VALUE);
414
profile = LASSO_PROFILE(name_id_management);
415
lasso_profile_clean_msg_info(profile);
417
if (profile->response == NULL) {
418
/* no response set here means request denied */
419
profile->response = lasso_samlp2_manage_name_id_response_new();
420
response = LASSO_SAMLP2_STATUS_RESPONSE(profile->response);
421
response->ID = lasso_build_unique_id(32);
422
response->Version = g_strdup("2.0");
423
response->Issuer = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new_with_string(
424
LASSO_PROVIDER(profile->server)->ProviderID));
425
response->IssueInstant = lasso_get_current_time();
426
response->InResponseTo = g_strdup(
427
LASSO_SAMLP2_REQUEST_ABSTRACT(profile->request)->ID);
428
lasso_saml20_profile_set_response_status(profile,
429
LASSO_SAML2_STATUS_CODE_REQUEST_DENIED);
431
response->sign_method = LASSO_SIGNATURE_METHOD_RSA_SHA1;
432
if (profile->server->certificate) {
433
response->sign_type = LASSO_SIGNATURE_TYPE_WITHX509;
435
response->sign_type = LASSO_SIGNATURE_TYPE_SIMPLE;
437
response->private_key_file = g_strdup(profile->server->private_key);
438
response->certificate_file = g_strdup(profile->server->certificate);
442
if (profile->remote_providerID == NULL || profile->response == NULL) {
443
/* no remote provider id set or no response set, this means
444
* this function got called before validate_request, probably
445
* because there were no identity or federation */
446
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
449
/* build logout response message */
450
if (profile->http_request_method == LASSO_HTTP_METHOD_SOAP) {
451
profile->msg_url = NULL;
452
profile->msg_body = lasso_node_export_to_soap(profile->response);
456
if (profile->http_request_method == LASSO_HTTP_METHOD_REDIRECT) {
457
/* get the provider */
458
provider = g_hash_table_lookup(profile->server->providers,
459
profile->remote_providerID);
460
if (provider == NULL) {
461
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
464
url = lasso_provider_get_metadata_one(provider,
465
"ManageNameIDService HTTP-Redirect ResponseLocation");
467
url = lasso_provider_get_metadata_one(provider,
468
"ManageNameIDService HTTP-Redirect");
470
return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
473
query = lasso_node_export_to_query(LASSO_NODE(profile->response),
474
profile->server->signature_method,
475
profile->server->private_key);
478
return critical_error(LASSO_PROFILE_ERROR_BUILDING_QUERY_FAILED);
480
profile->msg_url = lasso_concat_url_query(url, query);
481
profile->msg_body = NULL;
487
return LASSO_PROFILE_ERROR_MISSING_REQUEST;
492
* lasso_name_id_management_process_response_msg:
493
* @name_id_management: a #LassoNameIdManagement
494
* @response_msg: the response message
496
* Parses the response message and builds the corresponding response object.
497
* Performs requested actions against principal federations. Profile identity
498
* may have to be saved afterwards.
500
* Return value: 0 on success; or a negative value otherwise.
503
lasso_name_id_management_process_response_msg(
504
LassoNameIdManagement *name_id_management,
507
LassoProfile *profile;
508
LassoHttpMethod response_method;
509
LassoProvider *remote_provider;
510
LassoSamlp2StatusResponse *response;
511
LassoMessageFormat format;
512
char *status_code_value;
515
g_return_val_if_fail(LASSO_IS_NAME_ID_MANAGEMENT(name_id_management),
516
LASSO_PARAM_ERROR_INVALID_VALUE);
517
g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
519
profile = LASSO_PROFILE(name_id_management);
521
if (LASSO_IS_SAMLP2_MANAGE_NAME_ID_RESPONSE(profile->response) == TRUE) {
522
lasso_node_destroy(profile->response);
523
profile->response = NULL;
526
profile->response = lasso_samlp2_manage_name_id_response_new();
527
format = lasso_node_init_from_message(LASSO_NODE(profile->response), response_msg);
530
case LASSO_MESSAGE_FORMAT_SOAP:
531
response_method = LASSO_HTTP_METHOD_SOAP;
533
case LASSO_MESSAGE_FORMAT_QUERY:
534
response_method = LASSO_HTTP_METHOD_REDIRECT;
537
return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
540
profile->remote_providerID = g_strdup(
541
LASSO_SAMLP2_STATUS_RESPONSE(profile->response)->Issuer->content);
543
/* get the provider */
544
remote_provider = g_hash_table_lookup(profile->server->providers,
545
profile->remote_providerID);
546
if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
547
return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
550
/* verify signature */
551
rc = lasso_provider_verify_signature(remote_provider, response_msg, "ID", format);
552
if (rc == LASSO_DS_ERROR_SIGNATURE_NOT_FOUND) {
553
/* XXX: is signature mandatory ? */
554
message(G_LOG_LEVEL_WARNING, "No signature on response");
558
response = LASSO_SAMLP2_STATUS_RESPONSE(profile->response);
560
if (response->Status == NULL || response->Status->StatusCode == NULL
561
|| response->Status->StatusCode->Value == NULL) {
562
message(G_LOG_LEVEL_CRITICAL, "No Status in ManageNameIDResponse !");
563
return LASSO_PROFILE_ERROR_MISSING_STATUS_CODE;
565
status_code_value = response->Status->StatusCode->Value;
567
if (strcmp(status_code_value, LASSO_SAML2_STATUS_CODE_SUCCESS) != 0) {
568
message(G_LOG_LEVEL_CRITICAL, "Status code is not success: %s", status_code_value);
569
return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS;
572
if (LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->Terminate) {
573
lasso_identity_remove_federation(profile->identity, profile->remote_providerID);
575
LassoSaml2NameID *new_name_id, *name_id;
576
LassoFederation *federation;
578
name_id = LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NameID;
580
new_name_id = LASSO_SAML2_NAME_ID(lasso_saml2_name_id_new());
581
new_name_id->Format = g_strdup(name_id->Format);
582
new_name_id->NameQualifier = g_strdup(name_id->NameQualifier);
583
new_name_id->SPNameQualifier = g_strdup(name_id->SPNameQualifier);
584
if (LASSO_PROVIDER(profile->server)->role == LASSO_PROVIDER_ROLE_SP) {
585
/* if the requester is the service provider, the new
586
* identifier MUST appear in subsequent <NameID>
587
* elements in the SPProvidedID attribute
588
* -- saml-core-2.0-os.pdf, page 58
590
new_name_id->SPProvidedID = g_strdup(
591
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NewID);
592
new_name_id->content = g_strdup(name_id->content);
594
/* If the requester is the identity provider, the new
595
* value will appear in subsequent <NameID> elements as
596
* the element's content.
597
* -- saml-core-2.0-os.pdf, page 58
599
new_name_id->content = g_strdup(
600
LASSO_SAMLP2_MANAGE_NAME_ID_REQUEST(profile->request)->NewID);
604
federation = g_hash_table_lookup(profile->identity->federations,
605
profile->remote_providerID);
606
if (LASSO_IS_FEDERATION(federation) == FALSE) {
607
return critical_error(LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
610
if (federation->local_nameIdentifier)
611
lasso_node_destroy(LASSO_NODE(federation->local_nameIdentifier));
612
federation->local_nameIdentifier = g_object_ref(new_name_id);
613
profile->identity->is_dirty = TRUE;
621
/*****************************************************************************/
622
/* private methods */
623
/*****************************************************************************/
625
static struct XmlSnippet schema_snippets[] = {
629
static LassoNodeClass *parent_class = NULL;
632
get_xmlNode(LassoNode *node, gboolean lasso_dump)
636
xmlnode = parent_class->get_xmlNode(node, lasso_dump);
637
xmlNodeSetName(xmlnode, (xmlChar*)"NameIdManagement");
638
xmlSetProp(xmlnode, (xmlChar*)"NameIdManagementDumpVersion", (xmlChar*)"1");
644
init_from_xml(LassoNode *node, xmlNode *xmlnode)
646
return parent_class->init_from_xml(node, xmlnode);
649
/*****************************************************************************/
650
/* overridden parent class methods */
651
/*****************************************************************************/
654
dispose(GObject *object)
656
G_OBJECT_CLASS(parent_class)->dispose(object);
660
finalize(GObject *object)
662
G_OBJECT_CLASS(parent_class)->finalize(object);
667
/*****************************************************************************/
668
/* instance and class init functions */
669
/*****************************************************************************/
672
instance_init(LassoNameIdManagement *name_id_management)
677
class_init(LassoNameIdManagementClass *klass)
679
LassoNodeClass *nclass = LASSO_NODE_CLASS(klass);
681
parent_class = g_type_class_peek_parent(klass);
682
nclass->get_xmlNode = get_xmlNode;
683
nclass->init_from_xml = init_from_xml;
684
nclass->node_data = g_new0(LassoNodeClassData, 1);
685
lasso_node_class_set_nodename(nclass, "NameIdManagement");
686
lasso_node_class_add_snippets(nclass, schema_snippets);
688
G_OBJECT_CLASS(klass)->dispose = dispose;
689
G_OBJECT_CLASS(klass)->finalize = finalize;
695
lasso_name_id_management_get_type()
697
static GType this_type = 0;
700
static const GTypeInfo this_info = {
701
sizeof (LassoNameIdManagementClass),
703
(GClassInitFunc) class_init,
705
sizeof(LassoNameIdManagement),
707
(GInstanceInitFunc) instance_init,
710
this_type = g_type_register_static(LASSO_TYPE_PROFILE,
711
"LassoNameIdManagement", &this_info, 0);
717
* lasso_name_id_management_new:
718
* @server: the #LassoServer
720
* Creates a new #LassoNameIdManagement.
722
* Return value: a newly created #LassoNameIdManagement object; or NULL if an error
725
LassoNameIdManagement*
726
lasso_name_id_management_new(LassoServer *server)
728
LassoNameIdManagement *name_id_management;
730
g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
732
name_id_management = g_object_new(LASSO_TYPE_NAME_ID_MANAGEMENT, NULL);
733
LASSO_PROFILE(name_id_management)->server = g_object_ref(server);
735
return name_id_management;
739
* lasso_name_id_management_destroy:
740
* @name_id_management: a #LassoNameIdManagement
742
* Destroys a #LassoNameIdManagement object.
745
lasso_name_id_management_destroy(LassoNameIdManagement *name_id_management)
747
lasso_node_destroy(LASSO_NODE(name_id_management));
751
* lasso_name_id_management_new_from_dump:
752
* @server: the #LassoServer
753
* @dump: XML name_id_management dump
755
* Restores the @dump to a new #LassoLogout.
757
* Return value: a newly created #LassoLogout; or NULL if an error occured
759
LassoNameIdManagement*
760
lasso_name_id_management_new_from_dump(LassoServer *server, const char *dump)
762
LassoNameIdManagement *name_id_management;
768
name_id_management = lasso_name_id_management_new(g_object_ref(server));
769
doc = xmlParseMemory(dump, strlen(dump));
770
init_from_xml(LASSO_NODE(name_id_management), xmlDocGetRootElement(doc));
773
return name_id_management;
777
* lasso_name_id_management_dump:
778
* @name_id_management: a #LassoLogout
780
* Dumps @name_id_management content to an XML string.
782
* Return value: the dump string. It must be freed by the caller.
785
lasso_name_id_management_dump(LassoNameIdManagement *name_id_management)
787
return lasso_node_dump(LASSO_NODE(name_id_management));
added
removed
lasso/saml-2.0/name_id_management.c
