* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
on October 2nd; occasional merges since then).
- Compatible with current souk test suites.
- Missing memory management for everything in xml/
- Missing xmlsec support for SOAP messages.
It has been replaced with:
lasso_login_init_self_addressed_authn_request(remote_providerID);
/* ...Set protocolProfile, isPassive, consent, relayState here... */
lasso_login_process_authn_request_message(NULL,
lassoHttpMethodSelfAddressed);
This change was needed because there was no way to set isPassive, consent,
etc, before.
Standardized some error codes and messages.
lasso_login_build_artifact_msg(),
lasso_login_build_authn_response_msg(),
lasso_login_process_federation(),
lasso_lecp_build_authn_response_envelope_msg()
AuthnRequest message accepts now all possible values for the NameIDPolicy:
none, onetime, federated, any
Added lasso_login_must_ask_for_consent() method
This method must be called after lasso_login_process_authn_request_msg()
Added lasso_login_process_without_authn_request_msg() method
This method is useful to initiate SSO from IDP.
Lasso.i was updated according to the changes.
Added an attribute (remote_providerID) in lasso_login_build_response_msg()
Renamed lasso_login_add_response_assertion() into lasso_login_build_assertion()
Renamed lasso_login_init_from_authn_request_msg() into lasso_login_process_authn_request_msg()
Removed lasso_login_get_assertion(), lasso_login_set_assertion and
lasso_login_set_assertion_from_dump() methods
BEWARE : these changes break the API
lasso_node_verify_signature(),
lasso_node_verify_x509_signature()
Added 2 private methods in LassoNode:
add_signature_tmpl(),
sign_signature_tmpl(),
Removed 'err' param in all methods for signing
Removed msg_relayState in dump (must be on LassoProfileContext)
Finished lasso_login_process_request_msg()
lasso_login_new_from_dump() is now almost complete.
lasso_login_process_response_status_and_assertion() static function was rewritten
more error codes and debug messages
Added a new static function : lasso_login_get_assertion_nameIdentifier()