Benjamin Dauvergne
174856fade
Tests: in login_tests_saml2.c, add test for lasso_saml2_assertion_validate_conditions
2010-02-17 10:14:48 +00:00
Benjamin Dauvergne
b0a3c22d39
in idwsf2_tests.py, merge test case for metadata registering, add test case for failure
2010-02-17 10:14:47 +00:00
Benjamin Dauvergne
0ff8c53f44
Bindings: parse defines refering to other defines
...
* bindings/bindings.py:
Allow to build constants using other constants (prefix string), the
constant type is retrieved from the prefix existing record.
2010-02-17 10:14:45 +00:00
Benjamin Dauvergne
39d4444475
in tools.c, add defines to permit import of timegm
2010-02-17 10:14:44 +00:00
Benjamin Dauvergne
017ebd33f9
SAML 2.0: make lasso_saml2_assertion_validate_conditions really work
2010-02-17 10:14:43 +00:00
Benjamin Dauvergne
b13ddc086b
Core: fix lasso_iso_8601_gmt_to_time_t, use timegm instead of mktime
...
* lasso/xml/tools.c:
mktime convert works on local time, we need timegm to work with GMT
time.
2010-02-17 10:14:41 +00:00
Benjamin Dauvergne
685a82b7af
ID-WSF 2.0: add strings for Discovery service Actions
2010-02-17 10:14:39 +00:00
Benjamin Dauvergne
f8558c090c
ID-WSF 2.0: add serialization code for private properties of LassoIdWsf2Profile
2010-02-17 10:14:36 +00:00
Benjamin Dauvergne
953eed0009
ID-WSF 2.0: fix missing initialization of request field in lasso_idwsf2_discovery_validate_md_register
2010-02-17 10:14:35 +00:00
Benjamin Dauvergne
2224370d82
ID-WSF 2.0 Documentation: update lasso-sections.txt with LassoIdWsf2Profile methods
2010-02-17 10:14:34 +00:00
Benjamin Dauvergne
7e43a5b53c
ID-WSF 2.0: fix lasso_idwsf2_discovery_add_simple_service_metadata
...
* lasso/id-wsf-2.0/discovery.c:
options is a string list, and security_mech_ids too, so employ the
corresponding macros.
2010-02-17 10:14:32 +00:00
Benjamin Dauvergne
6aee196410
Core: in utils.h, use a temporary to store reference to freed list
2010-02-17 10:14:31 +00:00
Benjamin Dauvergne
cef121fa5f
ID-WSF 2.0: in lasso_idwsf2_discovery_status2rc, check second level status code too
2010-02-17 10:14:30 +00:00
Benjamin Dauvergne
d642712875
Website: add a link to the developement version documentation
2010-02-17 10:14:27 +00:00
Benjamin Dauvergne
8fe484f903
Binding python: fix leak in string getters
2010-02-15 10:37:51 +00:00
Benjamin Dauvergne
95f3c0625f
SAML 2.0: fix documentation of lasso_saml2_assertion_validate_conditions
2010-02-15 10:37:50 +00:00
Benjamin Dauvergne
19e14481e7
Add signature on EPR secur token
2010-02-15 10:37:49 +00:00
Benjamin Dauvergne
02a889ae8f
Bindings python: udpate id-wsf 2.0 test file
...
* bindings/python/tests/idwsf2_tests.py:
Disco Service registering is working, it now needs a bootstrap epr in
all case (before registering could be done without signatures).
2010-02-15 10:37:48 +00:00
Benjamin Dauvergne
be8312b083
ID-WSF 2.0: add signature to Disco produced EPR SAML 2.0 security tokens
2010-02-15 10:37:46 +00:00
Benjamin Dauvergne
9e558d4ff7
ID-WSF 2.0: in lasso_idwsf2_profile_build_request_msg, properly handle the security token
...
* lasso/id-wsf-2.0/profile.c:
security token is a signed assertion by an IdP or a discovery
service, we must keep as is, that is with the signature, in order to
do that we extract the original xmlNode from the assertion and embed
it in the new message using a LassoMiscTextNode.
2010-02-15 10:37:45 +00:00
Benjamin Dauvergne
293616bcbe
ID-WSF 2.0: in lasso_login_idwsf2_get_discovery_bootstrap_epr, better handle attribute content
...
* lasso/id-wsf-2.0/saml2_login.c:
LassoSaml2AttributeValue can contain many children, so traverse them
all to find the firs LassoWsAddrEndpointReference among them.
2010-02-15 10:37:44 +00:00
Benjamin Dauvergne
3791c7d2ae
ID-WSF 2.0: in lasso_login_idwsf2_add_discovery_bootstrap_epr, initialize ID and Issuer property on bootstrap assertion.
...
* lasso/id-wsf-2.0/saml2_login.c:
initialization of ID and Issuer properties was missing.
2010-02-15 10:37:43 +00:00
Benjamin Dauvergne
7041018303
Core: in lasso_verify_signature, fix conditional about single reference
...
* lasso/xml/toosl.c:
verify that reference is unique if NO_SINGLE_REFERENCE is disabled.
2010-02-15 10:37:42 +00:00
Benjamin Dauvergne
78df73e128
SAML 2.0: in saml2_helper.c, better check issuer element and also test the LassoServer object for issuance, lasso_saml2_assertion_get_issuer_provider
2010-02-15 10:37:41 +00:00
Benjamin Dauvergne
c9b11bf040
ID-WSF 2.0: in lasso_wsa_endpoint_reference_new_for_idwsf2_service, do not forget to add metadata to epr, fill usage property of token
...
* lasso/id-wsf-2.0/idwsf2_helper.c:
add missing initialization code.
2010-02-15 10:37:40 +00:00
Benjamin Dauvergne
f654540ae2
ID-WSF 2.0: fix bad type checking in lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism
...
* lasso/id-wsf-2.0/idwsf2_helper.c:
SecurityMechID is a list of strings not LassoMiscTextNode.
2010-02-15 10:37:39 +00:00
Benjamin Dauvergne
bf323d0011
ID-WSF 2.0: fix bad conditionnal in lasso_idwsf2_discovery_process_metadata_register_response_msg
...
* lasso/id-wsf-2.0/discovery.c:
fix check in
lasso_idwsf2_discovery_process_metadata_register_response_msg
fix duplication of service metadatas inside private list of service
metadatas.
2010-02-15 10:37:38 +00:00
Benjamin Dauvergne
b4c6e69ee1
in server.c, fix missing loading of public keys in constructors
...
* lasso/id-ff/server.c:
constructor for LassoProvider load public keys but they are not
called by LassoServer constructors, so we have to explicitely
duplicate calls to lasso_provider_load_public_keys.
2010-02-15 10:37:36 +00:00
Benjamin Dauvergne
b36312a8b9
ID-WSF 2.0: moved strings to their own header
2010-02-15 10:37:34 +00:00
Benjamin Dauvergne
ab9e4874ef
Add saml2_strings.h to dist
2010-02-12 11:04:38 +00:00
Benjamin Dauvergne
63a210a507
Bindings python: remove default argument if there is parameters without default argument following
2010-02-12 09:48:24 +00:00
Benjamin Dauvergne
686951e381
Use defined symbols instead of magic constants
2010-02-12 09:48:23 +00:00
Benjamin Dauvergne
2f15b4431d
Add LASSO_SAML2_FIELD_ENCODING
...
* lasso/xml/saml-2.0/saml2_strings.h:
add another field name from SAML 2.0 specifications.
2010-02-12 09:48:22 +00:00
Benjamin Dauvergne
dad75ee5f1
Fix lasso_get_relaystate_from_query, support semi-colon and parameter at beginning
...
* lasso/xml/tools.c:
getting first parameter was broken (query_string does not contain '?'
at the beginning) and semi-colon support was missing.
2010-02-12 09:48:20 +00:00
Benjamin Dauvergne
e48619174b
Documentation: fix typos in saml2_strings.h documentation, add new string symbols to lasso-sections.txt
2010-02-10 17:07:05 +00:00
Benjamin Dauvergne
2b15a5a97f
SAML 2.0: move SAML 2.0 strings to their own header, add documentation
...
* lasso/xml/strings.h:
remove SAML 2.0 strings
* lasso/xml/saml-2.0/saml2_strings.h:
move them here, document useful ones.
2010-02-10 16:00:34 +00:00
Benjamin Dauvergne
30f3a778b4
Documentation: document LsasoSamlp2NameIDPolicy
2010-02-10 13:58:42 +00:00
Benjamin Dauvergne
6b601b55ee
Documentation: complete non finished documentation comments
...
* too much warnings when generating doc, now we can concentrate on
undocumented symbols (in
lasso/docs/reference/lasso/lasso-undocumented.txt).
2010-02-10 13:58:40 +00:00
Benjamin Dauvergne
2a9c9e11b0
Bindings perl: prevent unused functio warning for array_to_glist_gobject
2010-02-10 00:59:30 +00:00
Benjamin Dauvergne
b008ca6925
Tests perl: raise number of tests
2010-02-10 00:59:29 +00:00
Benjamin Dauvergne
db940c119a
Docs: reorder sections in chapter "Lasso Architecture"
2010-02-10 00:35:03 +00:00
Benjamin Dauvergne
a93d3e5f5c
SAML 2.0: separate lasso_saml20_login_process_response_status_and_assertion into multiple functions
...
* lasso/saml-2.0/login.c:
in lasso_saml20_login_process_response_status_and_assertion, extract assertion
decryption, and issuer checking into their own function.
2010-02-10 00:34:59 +00:00
Benjamin Dauvergne
f648941f01
SAML 2.0: when verifying query signature, do not presume order of field and separator
...
* lasso/xml/tools.c:
in lasso_saml2_verify_query_signature, extract needed field and order
them appropriately before computing digest, expect ';' as well as '&'
as separator.
* tests/random_test.c:
add non-regression tests for query signature validation.
* tests/Makefile.am:
make tests link agains static version of liblasso, to get access to
private functions.
2010-02-10 00:34:55 +00:00
Benjamin Dauvergne
d1fdad1d6a
SAML 2.0: complete list of field names for SAML 2.0
2010-02-10 00:34:51 +00:00
Benjamin Dauvergne
f176cde783
Core: in tools.c, enhance urlencoded_to_string to support semu-colon separator
2010-02-10 00:34:47 +00:00
Benjamin Dauvergne
60b5029e03
SAML 2.0: add helper method lasso_saml2_assertion_get_in_response_to
...
* lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
add a method to access easily the InResponseTo attribute.
2010-02-10 00:34:43 +00:00
Benjamin Dauvergne
b758c1c58c
SAML 2.0: in lasso_saml20_login_process_authn_response_msg always report signatures errors
...
* lasso/saml-2.0/login.c:
- in lasso_saml20_login_process_authn_response_msg keep around all error
codes returned by intermediary steps. At the end report the first one.
2010-02-10 00:34:39 +00:00
Benjamin Dauvergne
ee77424f54
SAML 2.0: in lasso_saml20_profile_process_any_response do not stop on missing issuer
...
* lasso/saml-2.0/profile.c:
Issuer is not a mandatory element of SAML 2.0 response,
but if we do not remember which issuer we sent the request (of if
the response is spontaneous) then we will receive a provider not found
error when trying to check the message signature.
2010-02-10 00:34:35 +00:00
Benjamin Dauvergne
8c26e2ba8c
Use new SAML2 strings instead of hardcoding query string field names
2010-02-10 00:34:29 +00:00
Benjamin Dauvergne
90f680a839
Add documentation about runtime flags
...
* lasso/lasso.c:
add a table to Initialization documentation section about
general runtime flags.
2010-02-10 00:34:23 +00:00