2004-07-30 13:07:25 +02:00
|
|
|
/*
|
|
|
|
|
* idpc - IDP as a C CGI program
|
|
|
|
|
* Copyright (C) 2004 Entr'ouvert
|
|
|
|
|
*
|
|
|
|
|
* Author: Frederic Peters <fpeters@entrouvert.com>
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "idpc.h"
|
2004-08-09 09:52:33 +02:00
|
|
|
|
2004-07-30 13:07:25 +02:00
|
|
|
|
2004-08-03 15:31:18 +02:00
|
|
|
struct req {
|
2004-08-04 17:34:27 +02:00
|
|
|
lassoRequestType type;
|
2004-08-03 14:46:25 +02:00
|
|
|
char* (*request_function) (LassoServer*, char*);
|
|
|
|
|
};
|
|
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_login(LassoServer *server, char *soap_msg);
|
|
|
|
|
char* req_logout(LassoServer *server, char *soap_msg);
|
2004-08-25 18:59:57 +02:00
|
|
|
char* req_defederation(LassoServer *server, char *soap_msg);
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_register_name_identifier(LassoServer *server, char *soap_msg);
|
|
|
|
|
char* req_name_identifier_mapping(LassoServer *server, char *soap_msg);
|
2004-08-03 15:31:18 +02:00
|
|
|
|
|
|
|
|
struct req requests[] = {
|
|
|
|
|
{lassoRequestTypeLogin, req_login},
|
|
|
|
|
{lassoRequestTypeLogout, req_logout},
|
2004-08-25 18:59:57 +02:00
|
|
|
{lassoRequestTypeDefederation, req_defederation},
|
2004-08-03 15:31:18 +02:00
|
|
|
{lassoRequestTypeRegisterNameIdentifier, req_register_name_identifier},
|
|
|
|
|
{lassoRequestTypeNameIdentifierMapping, req_name_identifier_mapping},
|
2004-08-06 12:28:16 +02:00
|
|
|
/* {lassoRequestTypeLecp, req_lecp}, */
|
|
|
|
|
/* LECP requests go to single sign on service URL */
|
2004-08-03 14:46:25 +02:00
|
|
|
{0, NULL}
|
|
|
|
|
};
|
|
|
|
|
|
2004-08-09 09:52:33 +02:00
|
|
|
#define SOAP_204 "[soap204]"
|
|
|
|
|
|
2004-08-03 14:46:25 +02:00
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_login(LassoServer *server, char *soap_msg)
|
2004-08-03 14:46:25 +02:00
|
|
|
{
|
2004-08-04 17:34:27 +02:00
|
|
|
LassoLogin *login;
|
2004-09-10 11:37:11 +02:00
|
|
|
char *assertion_dump = NULL;
|
2004-08-08 17:01:32 +02:00
|
|
|
int rc;
|
2004-08-03 14:46:25 +02:00
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
login = lasso_login_new(server);
|
|
|
|
|
rc = lasso_login_process_request_msg(login, soap_msg);
|
2004-08-05 17:10:00 +02:00
|
|
|
if (rc) {
|
2004-08-05 16:14:01 +02:00
|
|
|
fprintf(stderr, "process_request_msg failed\n");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-09-10 11:37:11 +02:00
|
|
|
rc = db_get_assertion(login->assertionArtifact, &assertion_dump);
|
2004-08-05 17:10:00 +02:00
|
|
|
if (rc) {
|
2004-09-10 11:37:11 +02:00
|
|
|
fprintf(stderr, "db_get_assertion failed\n");
|
2004-09-08 17:14:10 +02:00
|
|
|
} else {
|
2004-09-10 11:37:11 +02:00
|
|
|
rc = lasso_login_set_assertion_from_dump(login, assertion_dump);
|
2004-09-08 17:14:10 +02:00
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "set_assertion_from_dump failed\n");
|
|
|
|
|
}
|
2004-09-10 11:37:11 +02:00
|
|
|
rc = db_remove_assertion(login->assertionArtifact);
|
2004-09-08 17:14:10 +02:00
|
|
|
if (rc) {
|
2004-09-10 11:37:11 +02:00
|
|
|
fprintf(stderr, "db_remove_assertion failed\n");
|
2004-09-08 17:14:10 +02:00
|
|
|
}
|
2004-08-10 20:32:05 +02:00
|
|
|
}
|
2004-08-05 16:14:01 +02:00
|
|
|
|
2004-09-08 17:14:10 +02:00
|
|
|
rc = lasso_login_build_response_msg(login);
|
2004-09-10 11:37:11 +02:00
|
|
|
assertion_dump = strdup(LASSO_PROFILE(login)->msg_body);
|
2004-09-08 17:14:10 +02:00
|
|
|
|
2004-08-10 19:58:09 +02:00
|
|
|
lasso_login_destroy(login);
|
|
|
|
|
|
2004-09-10 11:37:11 +02:00
|
|
|
return assertion_dump;
|
2004-08-03 14:46:25 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_logout(LassoServer *server, char *soap_msg)
|
2004-08-03 14:46:25 +02:00
|
|
|
{
|
2004-08-10 19:58:09 +02:00
|
|
|
LassoLogout *logout = NULL;
|
2004-08-03 15:09:16 +02:00
|
|
|
int rc;
|
2004-08-05 22:00:11 +02:00
|
|
|
char *other_sp;
|
2004-08-10 19:58:09 +02:00
|
|
|
char *answer = NULL;
|
2004-09-08 11:52:57 +02:00
|
|
|
char *soap_answer = NULL;
|
2004-08-03 15:09:16 +02:00
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
logout = lasso_logout_new(server, lassoProviderTypeIdp);
|
2004-08-03 15:09:16 +02:00
|
|
|
|
2004-08-05 22:00:11 +02:00
|
|
|
rc = lasso_logout_process_request_msg(logout,
|
|
|
|
|
soap_msg, lassoHttpMethodSoap);
|
|
|
|
|
if (rc) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "process_request_msg failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-11 16:16:08 +02:00
|
|
|
rc = set_profile_auto(LASSO_PROFILE(logout));
|
2004-08-05 22:00:11 +02:00
|
|
|
if (rc) {
|
2004-08-11 16:16:08 +02:00
|
|
|
fprintf(stderr, "set_profile_auto failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
2004-08-09 09:52:33 +02:00
|
|
|
|
2004-08-06 19:06:46 +02:00
|
|
|
rc = lasso_logout_validate_request(logout);
|
2004-09-08 11:52:57 +02:00
|
|
|
if (rc == LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE) {
|
|
|
|
|
/* some SP don't support SOAP logout; fuck off */
|
|
|
|
|
rc = lasso_logout_build_request_msg(logout);
|
2004-09-08 17:40:08 +02:00
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "build_request_msg failed\n");
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2004-09-08 17:39:03 +02:00
|
|
|
answer = strdup(LASSO_PROFILE(logout)->msg_body);
|
2004-09-08 11:52:57 +02:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2004-08-06 19:06:46 +02:00
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "logout validate request failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-06 19:06:46 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-09 09:52:33 +02:00
|
|
|
rc = save_profile_dumps(LASSO_PROFILE(logout));
|
|
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "save_profile_dumps failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-06 19:24:43 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-05 22:00:11 +02:00
|
|
|
other_sp = lasso_logout_get_next_providerID(logout);
|
|
|
|
|
while (other_sp) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "Other SP: %s\n", other_sp);
|
2004-09-08 11:52:57 +02:00
|
|
|
rc = lasso_logout_init_request(logout, other_sp,
|
|
|
|
|
lassoHttpMethodAny);
|
2004-08-05 22:00:11 +02:00
|
|
|
if (rc) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "init_request failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
|
|
|
|
rc = lasso_logout_build_request_msg(logout);
|
|
|
|
|
if (rc) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "build_request failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
|
|
|
|
|
2004-09-08 11:52:57 +02:00
|
|
|
soap_answer = soap_request(LASSO_PROFILE(logout)->msg_url,
|
|
|
|
|
LASSO_PROFILE(logout)->msg_body, NULL);
|
|
|
|
|
if (soap_answer == NULL) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "soap_request failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
2004-09-08 11:52:57 +02:00
|
|
|
|
|
|
|
|
rc = lasso_logout_process_response_msg(logout,
|
|
|
|
|
soap_answer, lassoHttpMethodSoap);
|
|
|
|
|
if (rc) {
|
|
|
|
|
free(soap_answer);
|
|
|
|
|
fprintf(stderr, "logout_process_response_msg failed\n");
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
free(soap_answer);
|
2004-08-05 22:00:11 +02:00
|
|
|
|
|
|
|
|
other_sp = lasso_logout_get_next_providerID(logout);
|
|
|
|
|
}
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "done\n");
|
2004-08-05 22:00:11 +02:00
|
|
|
|
|
|
|
|
rc = lasso_logout_build_response_msg(logout);
|
|
|
|
|
if (rc) {
|
2004-08-06 19:06:46 +02:00
|
|
|
fprintf(stderr, "build_response failed\n");
|
2004-08-10 19:58:09 +02:00
|
|
|
goto cleanup;
|
2004-08-05 22:00:11 +02:00
|
|
|
}
|
|
|
|
|
|
2004-09-08 17:39:03 +02:00
|
|
|
answer = strdup(LASSO_PROFILE(logout)->msg_body);
|
2004-08-10 19:58:09 +02:00
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
if (logout) {
|
|
|
|
|
lasso_logout_destroy(logout);
|
|
|
|
|
}
|
|
|
|
|
return answer;
|
2004-08-03 15:31:18 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-25 18:59:57 +02:00
|
|
|
char* req_defederation(LassoServer *server, char *soap_msg)
|
2004-08-03 15:31:18 +02:00
|
|
|
{
|
2004-08-25 18:59:57 +02:00
|
|
|
LassoDefederation *termination = NULL;
|
2004-08-09 09:52:33 +02:00
|
|
|
LassoIdentity *identity;
|
|
|
|
|
int rc;
|
|
|
|
|
|
2004-08-25 18:59:57 +02:00
|
|
|
termination = lasso_defederation_new(server, lassoProviderTypeIdp);
|
2004-08-09 09:52:33 +02:00
|
|
|
|
2004-08-25 18:59:57 +02:00
|
|
|
rc = lasso_defederation_process_notification_msg(
|
2004-08-09 09:52:33 +02:00
|
|
|
termination, soap_msg, lassoHttpMethodSoap);
|
|
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "process_notifification_msg failed\n");
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-11 16:16:08 +02:00
|
|
|
rc = set_profile_auto(LASSO_PROFILE(termination));
|
2004-08-09 09:52:33 +02:00
|
|
|
if (rc) {
|
2004-08-11 16:16:08 +02:00
|
|
|
fprintf(stderr, "set_profile_auto failed\n");
|
2004-08-25 18:59:57 +02:00
|
|
|
lasso_defederation_destroy(termination);
|
2004-08-09 09:52:33 +02:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-25 18:59:57 +02:00
|
|
|
rc = lasso_defederation_validate_notification(termination);
|
2004-08-09 09:52:33 +02:00
|
|
|
if (rc) {
|
|
|
|
|
fprintf(stderr, "validate_notification failed\n");
|
2004-08-25 18:59:57 +02:00
|
|
|
lasso_defederation_destroy(termination);
|
2004-08-09 09:52:33 +02:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rc = save_profile_dumps(LASSO_PROFILE(termination));
|
|
|
|
|
if (rc) {
|
2004-08-25 18:59:57 +02:00
|
|
|
lasso_defederation_destroy(termination);
|
2004-08-09 09:52:33 +02:00
|
|
|
fprintf(stderr, "save_profile_dumps failed\n");
|
2004-08-10 20:12:14 +02:00
|
|
|
return NULL;
|
2004-08-09 09:52:33 +02:00
|
|
|
}
|
|
|
|
|
|
2004-08-25 18:59:57 +02:00
|
|
|
lasso_defederation_destroy(termination);
|
2004-08-09 09:52:33 +02:00
|
|
|
return SOAP_204;
|
2004-08-03 15:31:18 +02:00
|
|
|
}
|
2004-08-03 15:09:16 +02:00
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_register_name_identifier(LassoServer *server, char *soap_msg)
|
2004-08-03 15:31:18 +02:00
|
|
|
{
|
2004-08-03 14:46:25 +02:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
char* req_name_identifier_mapping(LassoServer *server, char *soap_msg)
|
2004-08-03 15:31:18 +02:00
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2004-08-03 14:46:25 +02:00
|
|
|
|
2004-07-30 13:07:25 +02:00
|
|
|
int soap_end_point()
|
|
|
|
|
{
|
2004-08-04 17:34:27 +02:00
|
|
|
LassoServer *server;
|
2004-07-30 13:07:25 +02:00
|
|
|
int clen = 0;
|
2004-08-08 17:01:32 +02:00
|
|
|
char *soap_msg, *soap_answer = NULL;
|
2004-08-07 11:30:11 +02:00
|
|
|
char *http_verb;
|
2004-08-14 12:12:23 +02:00
|
|
|
lassoRequestType req_type;
|
2004-08-03 14:46:25 +02:00
|
|
|
int i;
|
2004-07-30 13:07:25 +02:00
|
|
|
|
2004-08-07 11:30:11 +02:00
|
|
|
http_verb = getenv("REQUEST_METHOD");
|
|
|
|
|
if (http_verb == NULL) {
|
|
|
|
|
return error_page("No HTTP verb");
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-10 20:12:14 +02:00
|
|
|
if (strcmp(http_verb, "POST") != 0) {
|
|
|
|
|
return error_page("Must be POST");
|
2004-08-07 11:30:11 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (getenv("CONTENT_TYPE") &&
|
|
|
|
|
strcmp(getenv("CONTENT_TYPE"), "text/xml") != 0) {
|
|
|
|
|
return error_page("Content-Type must be text/xml");
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-08 17:36:51 +02:00
|
|
|
server = get_config_server();
|
|
|
|
|
if (server == NULL) {
|
|
|
|
|
return error_page("Failed to get server configuration");
|
|
|
|
|
}
|
2004-07-30 13:07:25 +02:00
|
|
|
|
|
|
|
|
clen = atoi(getenv("CONTENT_LENGTH"));
|
|
|
|
|
|
|
|
|
|
soap_msg = malloc(clen+1);
|
2004-08-06 19:06:46 +02:00
|
|
|
soap_msg[clen] = 0;
|
|
|
|
|
fread(soap_msg, clen, 1, stdin);
|
|
|
|
|
fprintf(stderr, "Got message:\n%s\n", soap_msg);
|
|
|
|
|
|
|
|
|
|
|
2004-08-04 17:34:27 +02:00
|
|
|
req_type = lasso_profile_get_request_type_from_soap_msg(soap_msg);
|
2004-08-03 14:46:25 +02:00
|
|
|
|
2004-08-03 15:31:18 +02:00
|
|
|
for (i=0; requests[i].type && requests[i].type != req_type; i++) ;
|
2004-08-03 14:46:25 +02:00
|
|
|
|
|
|
|
|
if (! requests[i].type) {
|
2004-08-03 15:31:18 +02:00
|
|
|
return error_page("Wrong soap req type");
|
2004-07-30 13:07:25 +02:00
|
|
|
}
|
2004-08-04 17:34:27 +02:00
|
|
|
soap_answer = requests[i].request_function(server, soap_msg);
|
2004-08-10 20:12:14 +02:00
|
|
|
lasso_server_destroy(server);
|
2004-07-30 13:07:25 +02:00
|
|
|
free(soap_msg);
|
|
|
|
|
|
2004-08-03 15:31:18 +02:00
|
|
|
if (soap_answer == NULL) {
|
2004-08-05 16:14:01 +02:00
|
|
|
fprintf(stderr, "soap_answer was NULL\n");
|
2004-08-03 15:31:18 +02:00
|
|
|
return error_page("error in soap end point");
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-09 09:52:33 +02:00
|
|
|
if (strcmp(soap_answer, SOAP_204) == 0) {
|
|
|
|
|
printf("Status: 204\n\n");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-05 16:14:01 +02:00
|
|
|
clen = strlen(soap_answer);
|
2004-07-30 22:22:01 +02:00
|
|
|
printf("Content-type: text/xml\n");
|
|
|
|
|
printf("Content-length: %d\n\n", clen);
|
2004-07-30 13:07:25 +02:00
|
|
|
fputs(soap_answer, stdout);
|
|
|
|
|
free(soap_answer);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-03 10:34:43 +02:00
|
|
|
int main(int argc, char *argv[])
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
2004-08-09 13:57:19 +02:00
|
|
|
if (argc > 1 && handle_args(argc, argv) ) {
|
2004-08-06 23:19:48 +02:00
|
|
|
handle_args(argc, argv);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2004-08-03 10:34:43 +02:00
|
|
|
rc = init_config();
|
2004-08-05 17:10:00 +02:00
|
|
|
if (rc) {
|
2004-08-03 10:34:43 +02:00
|
|
|
return error_page("Failed to init configuration");
|
|
|
|
|
}
|
|
|
|
|
lasso_init();
|
2004-08-05 16:14:01 +02:00
|
|
|
rc = db_init();
|
2004-08-05 17:10:00 +02:00
|
|
|
if (rc) {
|
2004-08-05 16:14:01 +02:00
|
|
|
error_page("Failed to init database access");
|
|
|
|
|
goto shutdown;
|
|
|
|
|
}
|
2004-08-03 10:34:43 +02:00
|
|
|
rc = soap_end_point();
|
2004-08-05 16:14:01 +02:00
|
|
|
shutdown:
|
|
|
|
|
db_finish();
|
2004-08-03 10:34:43 +02:00
|
|
|
lasso_shutdown();
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
