1
/* $Id: name_identifier_mapping.c,v 1.17 2004/09/01 09:59:53 fpeters Exp $
3
* Lasso - A free implementation of the Liberty Alliance specifications.
5
* Copyright (C) 2004 Entr'ouvert
6
* http://lasso.entrouvert.org
8
* Authors: Nicolas Clapies <nclapies@entrouvert.com>
9
* Valery Febvre <vfebvre@easter-eggs.com>
11
* This program is free software; you can redistribute it and/or modify
12
* it under the terms of the GNU General Public License as published by
13
* the Free Software Foundation; either version 2 of the License, or
14
* (at your option) any later version.
16
* This program is distributed in the hope that it will be useful,
17
* but WITHOUT ANY WARRANTY; without even the implied warranty of
18
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19
* GNU General Public License for more details.
21
* You should have received a copy of the GNU General Public License
22
* along with this program; if not, write to the Free Software
23
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26
#include <lasso/environs/name_identifier_mapping.h>
28
/*****************************************************************************/
30
/*****************************************************************************/
33
lasso_name_identifier_mapping_dump(LassoNameIdentifierMapping *mapping)
37
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), NULL);
43
lasso_name_identifier_mapping_build_request_msg(LassoNameIdentifierMapping *mapping)
45
LassoProfile *profile;
46
LassoProvider *provider;
47
xmlChar *protocolProfile;
51
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
53
profile = LASSO_PROFILE(mapping);
55
/* get the prototocol profile of the name_identifier_mapping */
56
provider = lasso_server_get_provider_ref(profile->server,
57
profile->remote_providerID,
59
if(provider == NULL) {
60
message(G_LOG_LEVEL_ERROR, "Provider %s not found\n", profile->remote_providerID);
64
protocolProfile = lasso_provider_get_nameIdentifierMappingProtocolProfile(provider,
68
message(G_LOG_LEVEL_ERROR, err->message);
74
if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) || \
75
xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)) {
76
debug("building a soap request message\n");
77
profile->request_type = lassoHttpMethodSoap;
78
/* profile->msg_url = lasso_provider_get_nameIdentifierMappingServiceURL(provider, NULL); */
79
profile->msg_body = lasso_node_export_to_soap(profile->request);
81
else if(xmlStrEqual(protocolProfile,lassoLibProtocolProfileSloSpHttp) || \
82
xmlStrEqual(protocolProfile,lassoLibProtocolProfileSloIdpHttp)) {
83
debug("building a http get request message\n");
84
profile->request_type = lassoHttpMethodRedirect;
85
profile->msg_url = lasso_node_export_to_query(profile->request,
86
profile->server->signature_method,
87
profile->server->private_key);
88
profile->msg_body = NULL;
95
lasso_name_identifier_mapping_build_response_msg(LassoNameIdentifierMapping *mapping)
97
LassoProfile *profile;
98
LassoProvider *provider;
99
xmlChar *protocolProfile;
103
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
105
profile = LASSO_PROFILE(mapping);
107
provider = lasso_server_get_provider_ref(profile->server,
108
profile->remote_providerID,
110
if(provider == NULL) {
111
message(G_LOG_LEVEL_ERROR, "Provider %s not found\n", profile->remote_providerID);
115
protocolProfile = lasso_provider_get_nameIdentifierMappingProtocolProfile(provider,
119
message(G_LOG_LEVEL_ERROR, err->message);
125
if(xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloSpSoap) || \
126
xmlStrEqual(protocolProfile, lassoLibProtocolProfileSloIdpSoap)) {
127
debug("building a soap response message\n");
128
/* profile->msg_url = lasso_provider_get_nameIdentifierMappingServiceURL(provider, NULL); */
129
profile->msg_body = lasso_node_export_to_soap(profile->response);
131
else if(xmlStrEqual(protocolProfile,lassoLibProtocolProfileSloSpHttp) || \
132
xmlStrEqual(protocolProfile,lassoLibProtocolProfileSloIdpHttp)) {
133
debug("building a http get response message\n");
134
profile->response_type = lassoHttpMethodRedirect;
135
profile->msg_url = lasso_node_export_to_query(profile->response,
136
profile->server->signature_method,
137
profile->server->private_key);
138
profile->msg_body = NULL;
145
lasso_name_identifier_mapping_init_request(LassoNameIdentifierMapping *mapping,
146
gchar *remote_providerID)
148
LassoProfile *profile;
149
LassoNode *nameIdentifier;
150
LassoFederation *federation;
152
xmlChar *content, *nameQualifier, *format;
154
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
155
g_return_val_if_fail(remote_providerID != NULL, -2);
157
profile = LASSO_PROFILE(mapping);
159
profile->remote_providerID = remote_providerID;
162
federation = lasso_identity_get_federation(profile->identity, profile->remote_providerID);
163
if(federation == NULL) {
164
message(G_LOG_LEVEL_ERROR, "error, federation not found\n");
168
/* get the name identifier (!!! depend on the provider type : SP or IDP !!!)*/
169
switch(profile->provider_type) {
170
case lassoProviderTypeSp:
171
debug("service provider\n");
172
nameIdentifier = LASSO_NODE(lasso_federation_get_local_nameIdentifier(federation));
174
nameIdentifier = LASSO_NODE(lasso_federation_get_remote_nameIdentifier(federation));
176
case lassoProviderTypeIdp:
177
debug("federation provider\n");
178
/* get the next assertion (next authenticated service provider) */
179
nameIdentifier = LASSO_NODE(lasso_federation_get_remote_nameIdentifier(federation));
180
if(nameIdentifier == NULL) {
181
nameIdentifier = LASSO_NODE(lasso_federation_get_local_nameIdentifier(federation));
185
message(G_LOG_LEVEL_ERROR, "Unknown provider type\n");
188
lasso_federation_destroy(federation);
190
if(nameIdentifier == NULL) {
191
message(G_LOG_LEVEL_ERROR, "Name identifier not found\n");
195
/* build the request */
196
content = lasso_node_get_content(nameIdentifier, NULL);
197
nameQualifier = lasso_node_get_attr_value(nameIdentifier, "NameQualifier", NULL);
198
format = lasso_node_get_attr_value(nameIdentifier, "Format", NULL);
199
profile->request = lasso_name_identifier_mapping_request_new(profile->server->providerID,
204
g_return_val_if_fail(profile->request != NULL, -6);
210
lasso_name_identifier_mapping_process_request_msg(LassoNameIdentifierMapping *mapping,
212
lassoHttpMethod request_method)
214
LassoProfile *profile;
215
LassoFederation *federation;
216
LassoNode *nameIdentifier;
217
LassoNode *statusCode;
218
LassoNodeClass *statusCode_class;
219
xmlChar *remote_providerID;
221
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
222
g_return_val_if_fail(request_msg!=NULL, -2);
224
profile = LASSO_PROFILE(mapping);
226
switch(request_method){
227
case lassoHttpMethodSoap:
228
debug("build a name_identifier_mapping request from soap msg\n");
229
profile->request = lasso_name_identifier_mapping_request_new_from_soap(request_msg);
231
case lassoHttpMethodRedirect:
232
debug("build a name_identifier_mapping request from query msg\n");
233
profile->request = lasso_name_identifier_mapping_request_new_from_query(request_msg);
235
case lassoHttpMethodGet:
236
message(G_LOG_LEVEL_WARNING, "TODO, implement the get method\n");
239
message(G_LOG_LEVEL_ERROR, "Unknown request method\n");
243
/* set the remote provider id from the request */
244
remote_providerID = lasso_node_get_child_content(profile->request, "ProviderID",
246
profile->remote_providerID = remote_providerID;
248
/* set Name_Identifier_MappingResponse */
249
profile->response = lasso_name_identifier_mapping_response_new(profile->server->providerID,
250
lassoSamlStatusCodeSuccess,
253
g_return_val_if_fail(profile->response!=NULL, -4);
255
statusCode = lasso_node_get_child(profile->response, "StatusCode", NULL, NULL);
256
statusCode_class = LASSO_NODE_GET_CLASS(statusCode);
258
nameIdentifier = lasso_node_get_child(profile->request, "NameIdentifier", NULL, NULL);
259
if(nameIdentifier == NULL) {
260
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
264
remote_providerID = lasso_node_get_child_content(profile->request, "ProviderID",
267
/* Verify federation */
268
federation = lasso_identity_get_federation(profile->identity, remote_providerID);
269
if(federation == NULL) {
270
message(G_LOG_LEVEL_WARNING, "No federation for %s\n", remote_providerID);
271
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
275
if(lasso_federation_verify_nameIdentifier(federation, nameIdentifier) == FALSE){
276
message(G_LOG_LEVEL_WARNING, "No name identifier for %s\n", remote_providerID);
277
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
280
lasso_federation_destroy(federation);
286
lasso_name_identifier_mapping_process_response_msg(LassoNameIdentifierMapping *mapping,
288
lassoHttpMethod response_method)
290
LassoProfile *profile;
291
xmlChar *statusCodeValue;
292
LassoNode *statusCode;
296
g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping), -1);
297
g_return_val_if_fail(response_msg != NULL, -2);
299
profile = LASSO_PROFILE(mapping);
301
/* parse NameIdentifierMappingResponse */
302
switch(response_method){
303
case lassoHttpMethodSoap:
304
profile->response = lasso_name_identifier_mapping_response_new_from_soap(response_msg);
306
message(G_LOG_LEVEL_ERROR, "Unknown response method\n");
310
statusCode = lasso_node_get_child(profile->response, "StatusCode", NULL, NULL);
311
statusCodeValue = lasso_node_get_attr_value(statusCode, "Value", &err);
313
if(!xmlStrEqual(statusCodeValue, lassoSamlStatusCodeSuccess)) {
318
message(G_LOG_LEVEL_ERROR, err->message);
326
/*****************************************************************************/
327
/* instance and class init functions */
328
/*****************************************************************************/
331
lasso_name_identifier_mapping_instance_init(LassoNameIdentifierMapping *name_identifier_mapping)
336
lasso_name_identifier_mapping_class_init(LassoNameIdentifierMappingClass *klass)
340
GType lasso_name_identifier_mapping_get_type() {
341
static GType this_type = 0;
344
static const GTypeInfo this_info = {
345
sizeof (LassoNameIdentifierMappingClass),
348
(GClassInitFunc) lasso_name_identifier_mapping_class_init,
351
sizeof(LassoNameIdentifierMapping),
353
(GInstanceInitFunc) lasso_name_identifier_mapping_instance_init,
356
this_type = g_type_register_static(LASSO_TYPE_PROFILE,
357
"LassoNameIdentifierMapping",
363
LassoNameIdentifierMapping *
364
lasso_name_identifier_mapping_new(LassoServer *server,
365
LassoIdentity *identity,
366
lassoProviderType provider_type)
368
LassoNameIdentifierMapping *mapping;
370
g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
371
g_return_val_if_fail(LASSO_IS_IDENTITY(identity), NULL);
373
/* set the name_identifier_mapping object */
374
mapping = g_object_new(LASSO_TYPE_NAME_IDENTIFIER_MAPPING,
375
"server", lasso_server_copy(server),
376
"identity", lasso_identity_copy(identity),
377
"provider_type", provider_type,