When the same URL was used for many bindings, the current code did not
work. Now we use
lasso_saml20_provider_check_assertion_consumer_service_url() to validate
url and binding are matching, if no binding is suggested we take the
first one defined for this URL.
Using AssertionConsumerServiceIndex and any of the other assertion
consumer designator attributes is still forbidden.
Instad of referring to an old FSF address, point the reader to the FSF
website where the latest licenses and addresses are published.
Signed-off-by: Simo Sorce <simo@redhat.com>
- now any non expected log output is considered an error, by setting a
g_log default handler.
- block_lasso_logs()/unblock_lasso_logs() will block logging output at
the DEBUG level
- begin_check_do_log(level, message, endswith)/end_check_do_log() with
check that the only message emitted between the two macros is one
equals to "message" at the level "level", or ending (to work around
variable parts in a log message) with "message" if "endswith" is True.
This test case is the first to abstract the workflow between two
LassoLogin object (for the idp and sp side). This part of the code could
be used to simplify the code of other tests in the future.
* tests/login_tests_saml2.c:
add logout to first SAML 2.0 login regression test.
* tests/tests.h:
add macros to simplify checking of return value with check macros
(encapsulate fail_unless macro to check for NULL/non-NULL values and
good rc value (0) or expected bad value).
* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.