produce 1.1 requests and notifications when interoperating with previous

liberty implementations

lasso/id-ff/defederation.c

@@ -223,6 +223,11 @@ lasso_defederation_init_notification(LassoDefederation *defederation, gchar *rem
 			g_strdup(profile->msg_relayState);
 	}
 
+	if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
+		profile->request->MajorVersion = 1;
+		profile->request->MinorVersion = 1;
+	}
+
 	/* Set the nameIdentifier attribute from content local variable */
 	profile->nameIdentifier = g_object_ref(nameIdentifier);
 

lasso/id-ff/login.c

@@ -914,6 +914,10 @@ lasso_login_init_authn_request(LassoLogin *login, const gchar *remote_providerID
 	profile->request->RequestID = lasso_build_unique_id(32);
 	profile->request->MajorVersion = LASSO_LIB_MAJOR_VERSION_N;
 	profile->request->MinorVersion = LASSO_LIB_MINOR_VERSION_N;
+	if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
+		profile->request->MajorVersion = 1;
+		profile->request->MinorVersion = 1;
+	}
 	profile->request->IssueInstant = lasso_get_current_time();
 	LASSO_LIB_AUTHN_REQUEST(profile->request)->ProviderID = g_strdup(
 			LASSO_PROVIDER(profile->server)->ProviderID);

lasso/id-ff/logout.c

@@ -373,6 +373,12 @@ lasso_logout_init_request(LassoLogout *logout, char *remote_providerID,
 				LASSO_SIGNATURE_TYPE_NONE,
 				0);
 	}
+
+	if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
+		profile->request->MajorVersion = 1;
+		profile->request->MinorVersion = 1;
+	}
+
 	if (session_index)
 		LASSO_LIB_LOGOUT_REQUEST(profile->request)->SessionIndex = session_index;
 	if (profile->msg_relayState)

lasso/id-ff/name_identifier_mapping.c

@@ -244,6 +244,11 @@ lasso_name_identifier_mapping_init_request(LassoNameIdentifierMapping *mapping,
 		return critical_error(LASSO_PROFILE_ERROR_BUILDING_REQUEST_FAILED);
 	}
 
+	if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
+		profile->request->MajorVersion = 1;
+		profile->request->MinorVersion = 1;
+	}
+
 	profile->http_request_method = LASSO_HTTP_METHOD_SOAP;
 
 	return 0;

lasso/id-ff/name_registration.c

@@ -324,6 +324,11 @@ lasso_name_registration_init_request(LassoNameRegistration *name_registration,
 	LASSO_LIB_REGISTER_NAME_IDENTIFIER_REQUEST(profile->request)->RelayState = 
 			g_strdup(profile->msg_relayState);
 
+	if (lasso_provider_compatibility_level(remote_provider) < LIBERTY_1_2) {
+		profile->request->MajorVersion = 1;
+		profile->request->MinorVersion = 1;
+	}
+
 	profile->http_request_method = http_method;
 
 	return 0;

lasso/id-ff/provider.c

@@ -35,7 +35,7 @@
 struct _LassoProviderPrivate
 {
 	gboolean dispose_has_run;
-	gboolean liberty_12_conformance; /* conformance with Liberty 1.2 specs */
+	LibertyConformanceLevel conformance;
 	GHashTable *SPDescriptor;
 	char *default_assertion_consumer;
 	GHashTable *IDPDescriptor;
@@ -522,6 +522,12 @@ lasso_provider_get_type()
 	return this_type;
 }
 
+LibertyConformanceLevel
+lasso_provider_compatibility_level(LassoProvider *provider)
+{
+	return provider->private_data->conformance;
+}
+
 gboolean
 lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 {
@@ -529,7 +535,6 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 	xmlXPathContext *xpathCtx;
 	xmlXPathObject *xpathObj;
 	xmlNode *node;
-	gboolean compatibility = FALSE; /* compatibility with ID-FF 1.1 metadata files */
 	const char *xpath_idp = "/md:EntityDescriptor/md:IDPDescriptor";
 	const char *xpath_sp = "/md:EntityDescriptor/md:SPDescriptor";
 
@@ -538,6 +543,7 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 		return FALSE;
 
 	provider->metadata_filename = g_strdup(metadata);
+	provider->private_data->conformance = LIBERTY_1_2;
 
 	xpathCtx = xmlXPathNewContext(doc);
 	xmlXPathRegisterNs(xpathCtx, "md", LASSO_METADATA_HREF);
@@ -556,7 +562,7 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 			xmlXPathFreeContext(xpathCtx);
 			return FALSE;
 		}
-		compatibility = TRUE;
+		provider->private_data->conformance = LIBERTY_1_1;
 		xpath_idp = "/md11:IDPDescriptor";
 		xpath_sp = "/md11:SPDescriptor";
 	}
@@ -567,7 +573,7 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 	if (xpathObj && xpathObj->nodesetval && xpathObj->nodesetval->nodeNr == 1) {
 		load_descriptor(xpathObj->nodesetval->nodeTab[0],
 				provider->private_data->IDPDescriptor, provider);
-		if (compatibility) {
+		if (provider->private_data->conformance < LIBERTY_1_2) {
 			/* lookup ProviderID */
 			node = xpathObj->nodesetval->nodeTab[0]->children;
 			while (node) {
@@ -585,7 +591,7 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 	if (xpathObj && xpathObj->nodesetval && xpathObj->nodesetval->nodeNr == 1) {
 		load_descriptor(xpathObj->nodesetval->nodeTab[0],
 				provider->private_data->SPDescriptor, provider);
-		if (compatibility) {
+		if (provider->private_data->conformance < LIBERTY_1_2) {
 			/* lookup ProviderID */
 			node = xpathObj->nodesetval->nodeTab[0]->children;
 			while (node) {
@@ -602,8 +608,6 @@ lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata)
 	xmlFreeDoc(doc);
 	xmlXPathFreeContext(xpathCtx);
 
-	provider->private_data->liberty_12_conformance = compatibility;
-
 	return TRUE;
 }
 

lasso/id-ff/providerprivate.h

@@ -29,9 +29,16 @@
 extern "C" {
 #endif /* __cplusplus */ 
 
+typedef enum {
+	LIBERTY_1_0,
+	LIBERTY_1_1,
+	LIBERTY_1_2,
+} LibertyConformanceLevel;
+
 gboolean lasso_provider_load_metadata(LassoProvider *provider, const gchar *metadata);
 int lasso_provider_verify_signature(LassoProvider *provider,
 		const char *message, const char *id_attr_name, LassoMessageFormat format);
+LibertyConformanceLevel lasso_provider_compatibility_level(LassoProvider *provider);
 
 #ifdef __cplusplus
 }