← Back to branch summary

~ubuntu-branches/ubuntu/hardy/lasso/hardy

« back to all changes in this revision

Viewing changes to lasso/id-wsf/wsf_profile.c

  • Committer: Bazaar Package Importer
  • Author(s): Loic Pefferkorn
  • Date: 2005-11-25 19:20:59 UTC
  • mfrom: (1.1.2 upstream)
  • Revision ID: james.westby@ubuntu.com-20051125192059-m4894lhpynmkrmwr
Tags: 0.6.3-4ubuntu1
Resynchronise with Debian.

Show diffs side-by-side

added added

removed removed

Lines of Context:
lasso/id-wsf/wsf_profile.c
1
 
/* $Id: wsf_profile.c,v 1.14 2005/05/16 15:12:42 nclapies Exp $
 
1
/* $Id: wsf_profile.c,v 1.21 2005/09/28 08:50:45 nclapies Exp $
2
2
 *
3
3
 * Lasso - A free implementation of the Liberty Alliance specifications.
4
4
 *
24
24
 
25
25
#include <lasso/id-wsf/wsf_profile.h>
26
26
#include <lasso/xml/disco_modify.h>
 
27
#include <lasso/xml/soap_fault.h>
27
28
#include <lasso/xml/soap_binding_correlation.h>
 
29
#include <lasso/xml/soap_binding_provider.h>
 
30
#include <lasso/xml/wsse_security.h>
 
31
#include <lasso/xml/saml_assertion.h>
 
32
 
 
33
#include <lasso/id-ff/server.h>
 
34
#include <lasso/id-ff/providerprivate.h>
 
35
 
 
36
#include <xmlsec/xmltree.h>
 
37
#include <xmlsec/xmldsig.h>
 
38
#include <xmlsec/templates.h>
 
39
#include <xmlsec/crypto.h>
 
40
 
 
41
struct _LassoWsfProfilePrivate
 
42
{
 
43
        gboolean dispose_has_run;
 
44
        char *security_mech_id;
 
45
        LassoSoapFault *fault;
 
46
};
28
47
 
29
48
/*****************************************************************************/
30
49
/* private methods                                                           */
31
50
/*****************************************************************************/
32
51
 
 
52
LassoSoapFault*
 
53
lasso_wsf_profile_get_fault(LassoWsfProfile *profile)
 
54
{
 
55
        return profile->private_data->fault;
 
56
}
 
57
 
 
58
gboolean
 
59
lasso_security_mech_id_is_x509_authentication(const gchar *security_mech_id)
 
60
{
 
61
        if (!security_mech_id)
 
62
                return FALSE;
 
63
 
 
64
        if (strcmp(security_mech_id, LASSO_SECURITY_MECH_X509) == 0 || \
 
65
                strcmp(security_mech_id, LASSO_SECURITY_MECH_TLS_X509) == 0 || \
 
66
                strcmp(security_mech_id, LASSO_SECURITY_MECH_CLIENT_TLS_X509) == 0)
 
67
                return TRUE;
 
68
 
 
69
        return FALSE;
 
70
}
 
71
 
 
72
gboolean
 
73
lasso_security_mech_id_is_saml_authentication(const gchar *security_mech_id)
 
74
{
 
75
        if (!security_mech_id)
 
76
                return FALSE;
 
77
 
 
78
        if (strcmp(security_mech_id, LASSO_SECURITY_MECH_SAML) == 0 || \
 
79
                strcmp(security_mech_id, LASSO_SECURITY_MECH_TLS_SAML) == 0 || \
 
80
                strcmp(security_mech_id, LASSO_SECURITY_MECH_CLIENT_TLS_SAML) == 0)
 
81
                return TRUE;
 
82
 
 
83
        return FALSE;
 
84
}
 
85
 
 
86
void lasso_wsf_profile_set_security_mech_id(LassoWsfProfile *profile,
 
87
        const gchar *security_mech_id)
 
88
{
 
89
        profile->private_data->security_mech_id = g_strdup(security_mech_id);
 
90
}
 
91
 
 
92
xmlNode*
 
93
lasso_wsf_profile_add_x509_authentication(LassoWsfProfile *profile, LassoNode *envelope,
 
94
        LassoSignatureMethod sign_method)
 
95
{
 
96
        xmlNode *envelope_node, *signature = NULL, *sign_tmpl, *reference, *key_info, *t;
 
97
        xmlNode *header, *correlation = NULL, *security = NULL, *body = NULL;
 
98
        xmlSecDSigCtx *dsigCtx;
 
99
        xmlDoc *doc;
 
100
 
 
101
        LassoSignatureType sign_type = LASSO_SIGNATURE_TYPE_WITHX509;
 
102
 
 
103
        envelope_node = lasso_node_get_xmlNode(envelope, 1);
 
104
 
 
105
        doc = xmlNewDoc((xmlChar*)"1.0");
 
106
        xmlDocSetRootElement(doc, envelope_node);
 
107
 
 
108
        /* Get correlation, body and security elements */
 
109
        t = envelope_node->children;
 
110
        while (t) {
 
111
                if (strcmp((char *) t->name, "Header") == 0)
 
112
                        header = t;
 
113
                else if (strcmp((char *) t->name, "Body") == 0)
 
114
                        body = t;
 
115
                t = t->next;
 
116
        }
 
117
        if (header == NULL)
 
118
                return NULL;
 
119
        if (body == NULL)
 
120
                return NULL;
 
121
 
 
122
        t = header->children;
 
123
        while (t) {
 
124
                if (strcmp((char *) t->name, "Correlation") == 0)
 
125
                        correlation = t;
 
126
                else if (strcmp((char *) t->name, "Security") == 0)
 
127
                        security = t;
 
128
                t = t->next;
 
129
        }
 
130
        if (correlation == NULL)
 
131
                return NULL;
 
132
        if (security == NULL)
 
133
                return NULL;
 
134
 
 
135
        /* Add signature template */
 
136
        if (sign_method == LASSO_SIGNATURE_METHOD_RSA_SHA1) {
 
137
                signature = xmlSecTmplSignatureCreate(NULL,
 
138
                                xmlSecTransformExclC14NId,
 
139
                                xmlSecTransformRsaSha1Id, NULL);
 
140
        } else {
 
141
                signature = xmlSecTmplSignatureCreate(NULL,
 
142
                                xmlSecTransformExclC14NId,
 
143
                                xmlSecTransformDsaSha1Id, NULL);
 
144
        }
 
145
        
 
146
        xmlAddChild(security, signature);
 
147
 
 
148
        /* FIXME: add real reference on SOAP elements */
 
149
        /*id = G_STRUCT_MEMBER(char*, node, snippet_signature->offset);
 
150
        uri = g_strdup_printf("#%s", id);
 
151
        reference = xmlSecTmplSignatureAddReference(signature,
 
152
                xmlSecTransformSha1Id, NULL, (xmlChar*)uri, NULL);
 
153
        g_free(uri);*/
 
154
 
 
155
        reference = xmlSecTmplSignatureAddReference(signature, xmlSecTransformSha1Id,
 
156
                NULL, NULL, NULL);
 
157
        xmlSecTmplReferenceAddTransform(reference, xmlSecTransformEnvelopedId);
 
158
        xmlSecTmplReferenceAddTransform(reference, xmlSecTransformExclC14NId);
 
159
 
 
160
        /* FIXME: X509 authentication needs X509 signature type */
 
161
        if (profile->server->certificate != NULL && profile->server->certificate[0] != 0) {
 
162
                key_info = xmlSecTmplSignatureEnsureKeyInfo(signature, NULL);
 
163
                xmlSecTmplKeyInfoAddX509Data(key_info);
 
164
        }
 
165
 
 
166
        /* Sign SOAP message */
 
167
        sign_tmpl = xmlSecFindNode(security, xmlSecNodeSignature, xmlSecDSigNs);
 
168
        if (sign_tmpl == NULL)
 
169
                return NULL;
 
170
 
 
171
        dsigCtx = xmlSecDSigCtxCreate(NULL);
 
172
        dsigCtx->signKey = xmlSecCryptoAppKeyLoad(profile->server->private_key,
 
173
                xmlSecKeyDataFormatPem, NULL, NULL, NULL);
 
174
        if (dsigCtx->signKey == NULL) {
 
175
                xmlSecDSigCtxDestroy(dsigCtx);
 
176
                return NULL;
 
177
        }
 
178
        if (profile->server->certificate != NULL && profile->server->certificate[0] != 0) {
 
179
                if (xmlSecCryptoAppKeyCertLoad(dsigCtx->signKey, profile->server->certificate,
 
180
                        xmlSecKeyDataFormatPem) < 0) {
 
181
                                xmlSecDSigCtxDestroy(dsigCtx);
 
182
                                return NULL;
 
183
                }
 
184
        }
 
185
        if (xmlSecDSigCtxSign(dsigCtx, sign_tmpl) < 0) {
 
186
                xmlSecDSigCtxDestroy(dsigCtx);
 
187
                return NULL;
 
188
        }
 
189
        xmlSecDSigCtxDestroy(dsigCtx);
 
190
 
 
191
        return envelope_node;
 
192
}
 
193
 
 
194
gint
 
195
lasso_wsf_profile_verify_x509_authentication(LassoWsfProfile *profile, xmlDoc *doc)
 
196
{
 
197
        LassoProvider *provider;
 
198
        char *providerID = NULL;
 
199
 
 
200
        xmlNode *provider_node, *security, *signature, *x509data, *node;
 
201
        xmlSecKeysMngr *keys_mngr = NULL;
 
202
        xmlSecDSigCtx *dsigCtx;
 
203
 
 
204
        xmlXPathContext *xpathCtx = NULL;
 
205
        xmlXPathObject *xpathObj;
 
206
 
 
207
        xpathCtx = xmlXPathNewContext(doc);
 
208
 
 
209
        /* <Provider> */
 
210
        xmlXPathRegisterNs(xpathCtx, (xmlChar*)"sb", (xmlChar*)LASSO_SOAP_BINDING_HREF);
 
211
        xpathObj = xmlXPathEvalExpression((xmlChar*)"//sb:Provider", xpathCtx);
 
212
        if (xpathObj->nodesetval && xpathObj->nodesetval->nodeNr) {
 
213
                provider_node = xpathObj->nodesetval->nodeTab[0];
 
214
        }
 
215
        providerID = (char *) xmlGetProp(provider_node, (xmlChar *) "providerID");
 
216
        provider = lasso_server_get_provider(profile->server, providerID);
 
217
 
 
218
        node = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature, xmlSecDSigNs);
 
219
        if(node == NULL)
 
220
                return LASSO_DS_ERROR_SIGNATURE_NOT_FOUND;
 
221
 
 
222
        x509data = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeX509Data, xmlSecDSigNs);
 
223
        if (x509data != NULL && provider->ca_cert_chain != NULL) {
 
224
                keys_mngr = lasso_load_certs_from_pem_certs_chain_file(
 
225
                                provider->ca_cert_chain);
 
226
                if (keys_mngr == NULL) {
 
227
                        xmlFreeDoc(doc);
 
228
                        return LASSO_DS_ERROR_CA_CERT_CHAIN_LOAD_FAILED;
 
229
                }
 
230
        }
 
231
 
 
232
        dsigCtx = xmlSecDSigCtxCreate(keys_mngr);
 
233
        if (keys_mngr == NULL) {
 
234
                dsigCtx->signKey = lasso_provider_get_public_key(provider);
 
235
                if (dsigCtx->signKey == NULL) {
 
236
                        xmlSecDSigCtxDestroy(dsigCtx);
 
237
                        xmlFreeDoc(doc);
 
238
                        return LASSO_DS_ERROR_PUBLIC_KEY_LOAD_FAILED;
 
239
                }
 
240
        }
 
241
        
 
242
        if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
 
243
                xmlSecDSigCtxDestroy(dsigCtx);
 
244
                if (keys_mngr)
 
245
                        xmlSecKeysMngrDestroy(keys_mngr);
 
246
                return LASSO_DS_ERROR_SIGNATURE_VERIFICATION_FAILED;
 
247
        }
 
248
 
 
249
        if (keys_mngr)
 
250
                xmlSecKeysMngrDestroy(keys_mngr);
 
251
 
 
252
        if (dsigCtx->status != xmlSecDSigStatusSucceeded) {
 
253
                xmlSecDSigCtxDestroy(dsigCtx);
 
254
                return LASSO_DS_ERROR_INVALID_SIGNATURE;
 
255
        }
 
256
        fprintf(stdout, "Signature is OK\n");
 
257
 
 
258
        return 0;
 
259
}
 
260
 
 
261
gint
 
262
lasso_wsf_profile_add_saml_authentication(LassoWsfProfile *profile,
 
263
        LassoSamlAssertion *credential)
 
264
{
 
265
        LassoSoapHeader *header;
 
266
        LassoWsseSecurity *security;
 
267
        GList *iter;
 
268
 
 
269
        security = lasso_wsse_security_new();
 
270
        security->any = g_list_append(security->any, credential);
 
271
        header = profile->soap_envelope_request->Header;
 
272
        header->Other = g_list_append(header->Other, security);
 
273
 
 
274
        return 0;
 
275
}
 
276
 
33
277
LassoSoapEnvelope*
34
 
lasso_wsf_profile_build_soap_envelope(const char *refToMessageId)
 
278
lasso_wsf_profile_build_soap_envelope(const char *refToMessageId, const char *providerId)
35
279
{
36
280
        LassoSoapEnvelope *envelope;
37
281
        LassoSoapHeader *header;
55
299
                correlation->refToMessageID = g_strdup(refToMessageId);
56
300
        header->Other = g_list_append(header->Other, correlation);
57
301
 
 
302
        /* Provider */
 
303
        if (providerId) {
 
304
                LassoSoapBindingProvider *provider = lasso_soap_binding_provider_new(providerId);
 
305
                header->Other = g_list_append(header->Other, provider);
 
306
        }
 
307
 
58
308
        return envelope;
59
309
}
60
310
 
 
311
gint
 
312
lasso_wsf_profile_verify_saml_authentication(LassoWsfProfile *profile)
 
313
{
 
314
        LassoSoapHeader *header;
 
315
        LassoWsseSecurity *security = NULL;
 
316
        LassoSamlAssertion *credential;
 
317
        GList *iter;
 
318
        
 
319
        header = profile->soap_envelope_request->Header;
 
320
 
 
321
        /* Security */
 
322
        iter = header->Other;
 
323
        while (iter) {
 
324
                if (LASSO_IS_WSSE_SECURITY(iter->data) == TRUE) {
 
325
                        security = LASSO_WSSE_SECURITY(iter->data);
 
326
                        break;
 
327
                }
 
328
                iter = iter->next;
 
329
        }
 
330
        if (!security)
 
331
                return -1;
 
332
        
 
333
        /* Assertion */
 
334
        iter = security->any;
 
335
        while (iter) {
 
336
                if (LASSO_IS_SAML_ASSERTION(iter->data) == TRUE) {
 
337
                        credential = LASSO_SAML_ASSERTION(iter->data);
 
338
                        break;
 
339
                }
 
340
                iter = iter->next;
 
341
        }
 
342
        if (!credential)
 
343
                return -1;
 
344
        
 
345
        return 0;
 
346
}
 
347
 
61
348
/*****************************************************************************/
62
349
/* public methods                                                            */
63
350
/*****************************************************************************/
64
351
 
 
352
/**
 
353
 * lasso_wsf_profile_get_identity:
 
354
 * @profile: a #LassoWsfProfile
 
355
 *
 
356
 * Gets the identity bound to @profile.
 
357
 *
 
358
 * Return value: the identity or NULL if it none was found.  The #LassoIdentity
 
359
 *      object is internally allocated and must not be freed by the caller.
 
360
 **/
 
361
LassoIdentity*
 
362
lasso_wsf_profile_get_identity(LassoWsfProfile *profile)
 
363
{
 
364
        if (profile->identity && g_hash_table_size(profile->identity->federations))
 
365
                return profile->identity;
 
366
        return NULL;
 
367
}
 
368
 
 
369
 
 
370
/**
 
371
 * lasso_wsf_profile_get_session:
 
372
 * @profile: a #LassoWsfProfile
 
373
 *
 
374
 * Gets the session bound to @profile.
 
375
 *
 
376
 * Return value: the session or NULL if it none was found.  The #LassoSession
 
377
 *      object is internally allocated and must not be freed by the caller.
 
378
 **/
 
379
LassoSession*
 
380
lasso_wsf_profile_get_session(LassoWsfProfile *profile)
 
381
{
 
382
        if (profile->session == NULL)
 
383
                return NULL;
 
384
 
 
385
        if (lasso_session_is_empty(profile->session))
 
386
                return NULL;
 
387
 
 
388
        return profile->session;
 
389
}
 
390
 
 
391
 
 
392
/**
 
393
 * lasso_wsf_profile_is_identity_dirty:
 
394
 * @profile: a #LassoWsfProfile
 
395
 *
 
396
 * Checks whether identity has been modified (and should therefore be saved).
 
397
 *
 
398
 * Return value: %TRUE if identity has changed
 
399
 **/
 
400
gboolean
 
401
lasso_wsf_profile_is_identity_dirty(LassoWsfProfile *profile)
 
402
{
 
403
        return (profile->identity && profile->identity->is_dirty);
 
404
}
 
405
 
 
406
 
 
407
/**
 
408
 * lasso_wsf_profile_is_session_dirty:
 
409
 * @profile: a #LassoWsfProfile
 
410
 *
 
411
 * Checks whether session has been modified (and should therefore be saved).
 
412
 *
 
413
 * Return value: %TRUE if session has changed
 
414
 **/
 
415
gboolean
 
416
lasso_wsf_profile_is_session_dirty(LassoWsfProfile *profile)
 
417
{
 
418
        return (profile->session && profile->session->is_dirty);
 
419
}
 
420
 
 
421
 
 
422
/**
 
423
 * lasso_wsf_profile_set_identity_from_dump:
 
424
 * @profile: a #LassoWsfProfile
 
425
 * @dump: XML identity dump
 
426
 *
 
427
 * Builds a new #LassoIdentity object from XML dump and binds it to @profile.
 
428
 *
 
429
 * Return value: 0 on success; or a negative value otherwise.
 
430
 **/
 
431
gint
 
432
lasso_wsf_profile_set_identity_from_dump(LassoWsfProfile *profile, const gchar *dump)
 
433
{
 
434
        g_return_val_if_fail(dump != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
435
 
 
436
        profile->identity = lasso_identity_new_from_dump(dump);
 
437
        if (profile->identity == NULL)
 
438
                return critical_error(LASSO_PROFILE_ERROR_BAD_IDENTITY_DUMP);
 
439
 
 
440
        return 0;
 
441
}
 
442
 
 
443
 
 
444
/**
 
445
 * lasso_wsf_profile_set_session_from_dump:
 
446
 * @profile: a #LassoWsfProfile
 
447
 * @dump: XML session dump
 
448
 *
 
449
 * Builds a new #LassoSession object from XML dump and binds it to @profile.
 
450
 *
 
451
 * Return value: 0 on success; or a negative value otherwise.
 
452
 **/
 
453
gint
 
454
lasso_wsf_profile_set_session_from_dump(LassoWsfProfile *profile, const gchar  *dump)
 
455
{
 
456
        g_return_val_if_fail(dump != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
 
457
 
 
458
        profile->session = lasso_session_new_from_dump(dump);
 
459
        if (profile->session == NULL)
 
460
                return critical_error(LASSO_PROFILE_ERROR_BAD_SESSION_DUMP);
 
461
        profile->session->is_dirty = FALSE;
 
462
 
 
463
        return 0;
 
464
}
 
465
 
 
466
 
 
467
 
65
468
gint
66
469
lasso_wsf_profile_init_soap_request(LassoWsfProfile *profile, LassoNode *request)
67
470
{
68
471
        LassoSoapEnvelope *envelope;
69
472
 
70
 
        envelope = lasso_wsf_profile_build_soap_envelope(NULL);
 
473
        envelope = lasso_wsf_profile_build_soap_envelope(NULL,
 
474
                LASSO_PROVIDER(profile->server)->ProviderID);
71
475
        LASSO_WSF_PROFILE(profile)->soap_envelope_request = envelope;
72
476
        envelope->Body->any = g_list_append(envelope->Body->any, request);
73
477
 
77
481
gint
78
482
lasso_wsf_profile_build_soap_request_msg(LassoWsfProfile *profile)
79
483
{
 
484
        LassoSoapEnvelope *envelope;
 
485
        LassoSoapHeader *header;
 
486
        LassoWsseSecurity *security;
 
487
        xmlNode *xmlnode = NULL;
 
488
        char *ret;
 
489
        xmlOutputBuffer *buf;
 
490
        xmlCharEncodingHandler *handler;
 
491
 
80
492
        g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile),
81
493
                             LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
82
494
 
83
 
        /* FIXME : set keys */
84
 
        if (LASSO_IS_SOAP_ENVELOPE(profile->soap_envelope_request) == TRUE) {
85
 
                profile->msg_body = lasso_node_dump(LASSO_NODE(profile->soap_envelope_request));
86
 
        }
87
 
        else if (LASSO_IS_NODE(profile->request) == TRUE) {
88
 
                profile->msg_body = lasso_node_export_to_soap(profile->request);
89
 
        }
 
495
        envelope = profile->soap_envelope_request;
 
496
 
 
497
        if (lasso_security_mech_id_is_x509_authentication(
 
498
                profile->private_data->security_mech_id) == TRUE) {
 
499
                security = lasso_wsse_security_new();
 
500
                header = envelope->Header;
 
501
                header->Other = g_list_append(header->Other, security);
 
502
                xmlnode = lasso_wsf_profile_add_x509_authentication(profile, LASSO_NODE(envelope),
 
503
                        LASSO_SIGNATURE_METHOD_RSA_SHA1);
 
504
        }
 
505
 
 
506
        /* dump soap request */
 
507
        if (xmlnode == NULL)
 
508
                xmlnode = lasso_node_get_xmlNode(LASSO_NODE(envelope), FALSE);
 
509
 
 
510
        handler = xmlFindCharEncodingHandler("utf-8");
 
511
        buf = xmlAllocOutputBuffer(handler);
 
512
        xmlNodeDumpOutput(buf, NULL, xmlnode, 0, 0, "utf-8");
 
513
        xmlOutputBufferFlush(buf);
 
514
        profile->msg_body = g_strdup(
 
515
                (char*)(buf->conv ? buf->conv->content : buf->buffer->content));
 
516
        xmlOutputBufferClose(buf);
 
517
        xmlFreeNode(xmlnode);
90
518
 
91
519
        return 0;
92
520
}
94
522
gint
95
523
lasso_wsf_profile_build_soap_response_msg(LassoWsfProfile *profile)
96
524
{
97
 
        g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile),
98
 
                             LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
99
 
 
100
 
        /* FIXME : set keys */
101
 
        if (LASSO_IS_SOAP_ENVELOPE(profile->soap_envelope_response) == TRUE) {
102
 
                profile->msg_body = lasso_node_dump(LASSO_NODE(profile->soap_envelope_response));
103
 
        }
104
 
        else if (LASSO_IS_NODE(profile->response) == TRUE) {
105
 
                profile->msg_body = lasso_node_export_to_soap(profile->response);
106
 
        }
 
525
        LassoSoapEnvelope *envelope;
 
526
        LassoSoapHeader *header;
 
527
        LassoWsseSecurity *security;
 
528
 
 
529
        xmlNode *xmlnode = NULL;
 
530
        char *ret;
 
531
        xmlOutputBuffer *buf;
 
532
        xmlCharEncodingHandler *handler;
 
533
 
 
534
        g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
535
 
 
536
        envelope = profile->soap_envelope_response;
 
537
 
 
538
        if (lasso_security_mech_id_is_x509_authentication(
 
539
                profile->private_data->security_mech_id) == TRUE) {
 
540
                security = lasso_wsse_security_new();
 
541
                header = envelope->Header;
 
542
                header->Other = g_list_append(header->Other, security);
 
543
 
 
544
                xmlnode = lasso_wsf_profile_add_x509_authentication(profile,
 
545
                        LASSO_NODE(envelope), LASSO_SIGNATURE_METHOD_RSA_SHA1);
 
546
        }
 
547
 
 
548
        /* dump soap request */
 
549
        if (xmlnode == NULL)
 
550
                xmlnode = lasso_node_get_xmlNode(LASSO_NODE(envelope), TRUE);
 
551
 
 
552
        handler = xmlFindCharEncodingHandler("utf-8");
 
553
        buf = xmlAllocOutputBuffer(handler);
 
554
        xmlNodeDumpOutput(buf, NULL, xmlnode, 0, 0, "utf-8");
 
555
        xmlOutputBufferFlush(buf);
 
556
        profile->msg_body = g_strdup(
 
557
                (char*)(buf->conv ? buf->conv->content : buf->buffer->content));
 
558
        xmlOutputBufferClose(buf);
 
559
        xmlFreeNode(xmlnode);
107
560
 
108
561
        return 0;
109
562
}
110
563
 
111
564
gint
112
 
lasso_wsf_profile_process_soap_request_msg(LassoWsfProfile *profile, const gchar *message)
 
565
lasso_wsf_profile_process_soap_request_msg(LassoWsfProfile *profile,
 
566
        const gchar *message, const gchar *security_mech_id)
113
567
{
114
568
        LassoSoapBindingCorrelation *correlation;
115
 
        LassoSoapEnvelope *envelope;
 
569
        LassoSoapEnvelope *envelope = NULL;
 
570
        LassoSoapFault *fault = NULL;
 
571
        GList *iter;
116
572
        gchar *messageId;
 
573
        int res = 0;
 
574
        xmlDoc *doc;
117
575
 
118
 
        g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile),
119
 
                             LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
 
576
        g_return_val_if_fail(LASSO_IS_WSF_PROFILE(profile), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
120
577
        g_return_val_if_fail(message != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
121
578
 
122
 
        envelope = LASSO_SOAP_ENVELOPE(lasso_node_new_from_dump(message));
 
579
        profile->private_data->security_mech_id = g_strdup(security_mech_id);
 
580
 
 
581
        doc = xmlParseMemory(message, strlen(message));
 
582
 
 
583
        /* If X509 authentication mecanism, then verify signature */
 
584
        if (lasso_security_mech_id_is_x509_authentication(security_mech_id) == TRUE) {
 
585
                res = lasso_wsf_profile_verify_x509_authentication(profile, doc);
 
586
        }
 
587
        if (res > 0) {
 
588
                fault = lasso_soap_fault_new();
 
589
                fault->faultstring = "Invalid signature";
 
590
        }
 
591
 
 
592
        /* FIXME: Remove Signature element if exists, it seg fault when a call to
 
593
                          lasso_node_new_from_xmlNode() */
 
594
        {
 
595
                xmlNode *xmlnode = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature,
 
596
                        xmlSecDSigNs);
 
597
                if (xmlnode) {
 
598
                        xmlUnlinkNode(xmlnode);
 
599
                        xmlFreeNode(xmlnode);
 
600
                }
 
601
        }
 
602
 
 
603
        envelope = LASSO_SOAP_ENVELOPE(lasso_node_new_from_xmlNode(xmlDocGetRootElement(doc)));
123
604
        profile->soap_envelope_request = envelope;
124
 
        profile->request = LASSO_NODE(envelope->Body->any->data); 
125
 
 
126
 
        /* FIXME: Process mustUnderstand attribute */
127
 
 
128
 
        correlation = envelope->Header->Other->data;
129
 
 
 
605
        profile->request = LASSO_NODE(envelope->Body->any->data);
 
606
        correlation = LASSO_SOAP_BINDING_CORRELATION(envelope->Header->Other->data);
130
607
        messageId = correlation->messageID;
131
 
        envelope = lasso_wsf_profile_build_soap_envelope(messageId);
 
608
        envelope = lasso_wsf_profile_build_soap_envelope(messageId,
 
609
                LASSO_PROVIDER(profile->server)->ProviderID);
132
610
        LASSO_WSF_PROFILE(profile)->soap_envelope_response = envelope;
133
611
 
134
 
        return 0;
 
612
        if (fault) {
 
613
                envelope->Body->any = g_list_append(envelope->Body->any, fault);
 
614
                profile->private_data->fault = fault;
 
615
        }
 
616
                
 
617
        return res;
135
618
}
136
619
 
137
620
gint
143
626
                             LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
144
627
        g_return_val_if_fail(message != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
145
628
 
146
 
        envelope = LASSO_SOAP_ENVELOPE(lasso_node_new_from_dump(message));
 
629
        xmlDoc *doc = xmlParseMemory(message, strlen(message));
 
630
        if (lasso_security_mech_id_is_x509_authentication(
 
631
                profile->private_data->security_mech_id) == TRUE) {
 
632
                        int res = lasso_wsf_profile_verify_x509_authentication(profile, doc);
 
633
                        if (res != 0)
 
634
                                return res;
 
635
        }
 
636
        /* FIXME: Remove Signature element if exists, it seg fault when a call to
 
637
                          lasso_node_new_from_xmlNode() */
 
638
        {
 
639
                xmlNode *xmlnode = xmlSecFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature,
 
640
                                                                xmlSecDSigNs);
 
641
                if (xmlnode) {
 
642
                        xmlUnlinkNode(xmlnode);
 
643
                        xmlFreeNode(xmlnode);
 
644
                }
 
645
        }
 
646
 
 
647
        envelope = LASSO_SOAP_ENVELOPE(lasso_node_new_from_xmlNode(xmlDocGetRootElement(doc)));
 
648
 
147
649
        profile->soap_envelope_response = envelope;
 
650
        
 
651
        /* Soap Fault message */
 
652
        if (LASSO_IS_SOAP_FAULT(envelope->Body->any->data) == TRUE)
 
653
                return -1;
 
654
        
 
655
        /* Soap Body message */
148
656
        profile->response = LASSO_NODE(envelope->Body->any->data);
149
657
 
150
 
        /* FIXME: Process mustUnderstand attribute */
151
 
 
152
658
        return 0;
153
659
}
154
660
 
155
661
LassoSoapBindingProvider *lasso_wsf_profile_set_provider_soap_request(LassoWsfProfile *profile,
156
 
                                                                      const char *providerId)
 
662
        const char *providerId)
157
663
{
158
664
        LassoSoapBindingProvider *provider;
159
665
        LassoSoapEnvelope *soap_request;
173
679
}
174
680
 
175
681
/*****************************************************************************/
 
682
/* overrided parent class methods */
 
683
/*****************************************************************************/
 
684
 
 
685
static LassoNodeClass *parent_class = NULL;
 
686
 
 
687
static void
 
688
dispose(GObject *object)
 
689
{
 
690
        LassoWsfProfile *profile = LASSO_WSF_PROFILE(object);
 
691
 
 
692
        if (profile->private_data->dispose_has_run == TRUE)
 
693
                return;
 
694
        profile->private_data->dispose_has_run = TRUE;
 
695
 
 
696
        G_OBJECT_CLASS(parent_class)->dispose(object);
 
697
}
 
698
 
 
699
static void
 
700
finalize(GObject *object)
 
701
 
702
        LassoWsfProfile *profile = LASSO_WSF_PROFILE(object);
 
703
        g_free(profile->private_data);
 
704
        profile->private_data = NULL;
 
705
        G_OBJECT_CLASS(parent_class)->finalize(object);
 
706
}
 
707
 
 
708
/*****************************************************************************/
176
709
/* instance and class init functions                                         */
177
710
/*****************************************************************************/
178
711
 
186
719
        profile->soap_envelope_response = NULL;
187
720
        profile->msg_url = NULL;
188
721
        profile->msg_body = NULL;
 
722
        
 
723
        profile->private_data = g_new0(LassoWsfProfilePrivate, 1);
 
724
        profile->private_data->dispose_has_run = FALSE;
 
725
        profile->private_data->security_mech_id = NULL;
 
726
        profile->private_data->fault = NULL;
189
727
}
190
728
 
191
729
static void
192
730
class_init(LassoWsfProfileClass *klass)
193
731
{
 
732
        parent_class = g_type_class_peek_parent(klass);
194
733
 
 
734
        G_OBJECT_CLASS(klass)->dispose = dispose;
 
735
        G_OBJECT_CLASS(klass)->finalize = finalize;
195
736
}
196
737
 
197
738
GType