- add a new SNIPPET_MANDATORY:
we could only indicate 0-1 and 0-* cardinalities, now we can also
indicate 1-1 and 1-* cardinalities.
- repect cadinalities when parsing an xmlNode tree into a LassoNode
tree.
- now any non expected log output is considered an error, by setting a
g_log default handler.
- block_lasso_logs()/unblock_lasso_logs() will block logging output at
the DEBUG level
- begin_check_do_log(level, message, endswith)/end_check_do_log() with
check that the only message emitted between the two macros is one
equals to "message" at the level "level", or ending (to work around
variable parts in a log message) with "message" if "endswith" is True.
LassoKey currenly store a LassoSignatureContext inside a
reference-counted and bindable object. It will be used to export API
around key management to bindings.
* use a direct mapping to map this class to SubjectConfirmationData
node having the xsi:type attribute.
* overload get_xmlNode method to add the xsi:type attribute on output.
The flags parameter allows to control the checking of digital signature
upon EntityDescriptor and EntitiesDescriptor nodes in SAML 2.0 metadata
files.
The default behaviour is to check all found signatures and to inherit
signature from EntitiesDescriptor to their children.
By only enabling checking of EntityDescrtiptor node signatures it's also
possible to only check signature at the EntityDescriptor level and so
only trust individual entities and not the aggregating provider.
The aim of this function is now to load any metadata file, and to
replace completely the use of lasso_server_add_provider.
The metadata content argument is replaced by a metadata file path to
more closely match other APIs.
* tests/basic_tests.c:
when testing functionality of lasso registries which map namespace
elements to lasso objects, do not use liberty namespace because it
interacts with other tests -- deserialization of lib:Assertion node
was broken by this test -- when running them in CK_FORK=no mode.
Changed namespace LASSO_LIB_HREF, for "coin" which is less dangerous.
- tests/basic_test.c:
add test11_get_default_name_id_format which parse a metadata file and
try to extract the default name id format.
- tests/data/sp5-saml2/metadata.xml:
add NameIDFormat node for testing.
* lasso/xml/xml.c:
lasso_node_get_xmlnode_for_any_type is broken, if no original_xmlnode
is present, return just cur. Also add all missing cases for the state
of the pair (cur, orignal_xmlnode).
* tests/basic_tests.c:
add a non-regression test, testing all dump/restore functions.
* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
* lots of files: Explicitely set all field of initialized structures,
in order to remove -Wno-missing-field-initilizers from needed
compiler options when using -Wall -Wextra.
* Add full support for xsi:type, with lookup of the QName namespace, will only
work if lib: namespace is correctly declared in the dumped XML fragment.
* Add a test for the new functionnality in lasso_node_new_from_xmlNode.