entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity
4,774 Commits 7 Branches 40 Tags 14 MiB
Commit Graph

4774 Commits

Author SHA1 Message Date
Benjamin Dauvergne a041a2ef81 Initialize all uninitialized rc variables 2010-04-30 09:23:01 +00:00
Benjamin Dauvergne 9cc0ff6d43 Test: only test custom namespace if ID-WSF is enabled 2010-04-30 09:22:49 +00:00
Benjamin Dauvergne 99f82a04b5 in lasso_idwsf2_data_service_build_response_msg, allows SOAPFault as responses 2010-04-28 16:52:45 +00:00
Benjamin Dauvergne f4de58cf3e Fix uninitialized local variable 2010-04-28 16:52:43 +00:00
Benjamin Dauvergne 03d218f712 in lasso_session_count_assertions, do not emit warning if session is not an object 2010-04-28 16:52:42 +00:00
Benjamin Dauvergne 0be003d290 SAML 2.0: always restart initial request processing in lasso_logout_build_response_msg 
* Does it also in process_response_msg if no more assertions are
   present.
 * Take into account that lasso_saml20_profile_process_any_response
   already check for the status code, and so specify finer error code in
   the cleanup code.
 2010-04-27 22:55:27 +00:00
Benjamin Dauvergne 6e4d8b57d4 SAML 2.0: fix lasso_saml20_provider_get_first_http_method 
* LassoServer object can have many roles, use the default role of the
   remote provider to decide on which to assume.
 2010-04-27 22:55:25 +00:00
Benjamin Dauvergne 5106f38f06 SAML 2.0 Logout: in init_request, remove the assertion anyway 
* lasso/saml-2.0/logout.c:
   when initiating a logout, if no problem is found, remove the assertion.
   you can always continue by changing profile->http_request_method to
   SOAP for example and redo a build_request_msg.
 2010-04-27 22:55:23 +00:00
Benjamin Dauvergne 86e549141f SAML 2.0: lasso_saml20_profile_process_any_response_msg, change status code checking 2010-04-27 22:55:21 +00:00
Benjamin Dauvergne 24599cbe7f SAML 2.0: lasso_logout_build_response_msg, just verify there is saved data from a previous request before switching them 
* lasso/saml-2.0/logout.c:
   There is no need to check what the previous remote provider ID was,
   just that initial_remote_providerID is not NULL in order to switch
   request, response and remote_providerID.
 2010-04-22 11:19:34 +00:00
Benjamin Dauvergne 6e072c2b5f Fix wrong change g_free -> lasso_release inside example code 2010-04-22 11:19:32 +00:00
Benjamin Dauvergne dc0da3d1b0 Provider: fix problem when reusing the same lists nodes in Descriptors 2010-04-22 01:12:32 +00:00
Benjamin Dauvergne 0e8441afe3 Improve safety by replacing all g_hash_table_destroy use by lasso_release_ghashtable 2010-04-22 00:45:02 +00:00
Benjamin Dauvergne 2f5ef5fef0 Improve safety by replacing all g_list_free use by lasso_release_list 2010-04-22 00:44:57 +00:00
Benjamin Dauvergne 1ef02e3fe2 Improve safety by replacing all g_string_free use by lasso_release_gstring 2010-04-22 00:44:49 +00:00
Benjamin Dauvergne 0a169eda51 Improve safety by replacing all g_free use by lasso_release 2010-04-22 00:44:45 +00:00
Benjamin Dauvergne c93fb2a356 Start an example listing for an IdP SingleSignOn endpoint 2010-04-22 00:44:31 +00:00
Benjamin Dauvergne 3304176c37 Free xmlSecKey 2010-04-22 00:44:28 +00:00
Benjamin Dauvergne e66252fb5f Fix potential SEGFAULT in _lasso_node_free_custom_element 2010-04-22 00:44:25 +00:00
Benjamin Dauvergne 34c7642226 Utils: add lasso_assign_list 2010-04-22 00:44:22 +00:00
Benjamin Dauvergne f08387c983 Add lasso_release_gstring 2010-04-22 00:44:19 +00:00
Benjamin Dauvergne 7682ce4eac Utils: add lasso_release_ghashtable 2010-04-22 00:44:15 +00:00
Benjamin Dauvergne 38d3f9d9a4 SAML 2.0 Profile: remove unused must_sign variable 2010-04-22 00:44:11 +00:00
Benjamin Dauvergne 71ce60e8fc First try to check that objects are fully functionals before proceeding 2010-04-22 00:44:07 +00:00
Benjamin Dauvergne 79c38864c2 Fix potential SEGFAULT of an unknown provider 2010-04-22 00:44:01 +00:00
Benjamin Dauvergne 11a8f53846 SAML 2.0: in lasso_saml20_process_federation, only handle the case of PERSISTENT format 
* lasso/saml-2.0/login.c:
   in lasso_saml20_process_federation:
   - if no name id format can be found by the request, use the default from
     the metadata file (first declared NameIDFormat)
   - instead of checking if format is TRANSIENT, check if it is PERSISTENT,
     and proceed with the federation, if not just return 0.
   - return LASSO_PROFILE_ERROR_UNKNOWN_PROVIDER instead of
     LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND.
   - in any case, check for consent.
 2010-04-20 09:34:23 +00:00
Benjamin Dauvergne 281817ce87 SAML 2.0: in lasso_saml20_login_validate_request, do not check signature if not necessary 2010-04-20 09:34:22 +00:00
Benjamin Dauvergne dd495ca6c3 SAML 2.0: find binding when only AssertionConsumerServiceURL is set, do not check signature on request if asked 2010-04-20 09:34:20 +00:00
Benjamin Dauvergne e9be17236d SAML 2.0: add internal method to retrieve the binding for an URL 2010-04-20 09:34:18 +00:00
Benjamin Dauvergne 6ff6f92720 Login: add internal function _lasso_login_must_verify_*signature 2010-04-20 09:34:17 +00:00
Benjamin Dauvergne 2d89170af6 Login: remove symbol markers in example code 2010-04-19 11:51:28 +00:00
Benjamin Dauvergne 05aad98ec3 Fix documentation problems 2010-04-19 11:30:35 +00:00
Benjamin Dauvergne 81c35bbe2e Ameliorate support for lasso_profile_set_signature_verify_hint 
* lasso/id-ff/profile.h:
   - add end symbol for enum LassoProfileSignatureVerifyHint
 * lasso/id-ff/profile.c:
   - fix documentation of lasso_profile_set_signature_verify_hint
   - do not allow to set or return invalid value for the
     signature_verify_hint attribute.
 * lasso/saml-2.0/login.c:
   - handle new enum value
 * lasso/saml-2.0/profile.c:
   - handle new enum value
   - fix missing catch of signature error reporting when
     signature_verify_hint is IGNORE.
 * docs/reference/lasso/lasso-sections.txt:
   - export enums LassoProfileSignatureHint and
     LassoProfileSignatureVerifyHint
 * tests/metadata_tests.c:
   - fix test of all Role enumerations
 2010-04-16 15:37:17 +00:00
Benjamin Dauvergne 90b965e6a3 Revert "Core: add XML schemas for SAML 2.0" 
This reverts commit 5250c2c89e3983189a3c52cd85ad221ff7b6f64b.
 2010-04-06 15:00:48 +00:00
Benjamin Dauvergne 21015341e4 SAML 2.0: add Destination attribute to requests 
* lasso/saml-2.0/profile.c:
   this change make Lasso respect paragraphs 3.4.5.2 (HTTP-Redirect
   binding securit considerations ) and 3.5.5.2 (the same for HTTP-Post)
   of the saml-bindings-2.0-os.pdf document, and should allow our Authn
   Requests to be accepted by shiboleth IdP.
 2010-04-06 15:00:46 +00:00
Benjamin Dauvergne ca495cce42 Tools: add usage statement to check-lasso-sections.py 2010-04-06 13:11:44 +00:00
Benjamin Dauvergne ff911847a7 Docs: add/remove symbols from lasso-sections.txt 2010-04-06 13:11:42 +00:00
Benjamin Dauvergne c4991e90ec ID-WSF 2.0 DST: make lasso_idwsf2_data_service_set_status_code works event if no response is initialized 2010-04-06 13:11:40 +00:00
Benjamin Dauvergne d10f2982ae Tests: add tests for custom namespace functions 2010-04-06 13:11:38 +00:00
Benjamin Dauvergne 143e775942 ID-FF 1.2 & SAML 2.0: factorize access to role prefix 2010-04-06 13:11:36 +00:00
Benjamin Dauvergne 16034a9898 Tests: make role descriptor loading test less verbose 
* tests/metadata_tests.c:
   remove printf, add checks
 2010-04-06 13:11:34 +00:00
Benjamin Dauvergne 492da50458 Tests: show actual value in check_equals test macro 2010-04-06 13:11:32 +00:00
Benjamin Dauvergne d26bdfaef7 XML: add custom namespace definition handling 2010-04-06 13:11:30 +00:00
Benjamin Dauvergne 46044e2d9c SAML 2.0: fix default assertion consumer handling when isDefault is missing 
* if no default_assertion_consumer value is set after traversing the
   list of endpoint, try to find the first one without isDefault="false"
   and finally take the first one.
 2010-04-06 13:11:28 +00:00
Benjamin Dauvergne b90a0b2160 SAML 2.0: fix default assertion consumer handling 
* the default one is the first with the attribute isDefault not the
   last.
 2010-04-06 13:11:26 +00:00
Benjamin Dauvergne 117649f2d7 Binding python tests: update idwsf1 to explicitely register PP10 HREF 2010-04-06 13:11:23 +00:00
Benjamin Dauvergne 97c88ffa77 Binding python: update idwsf2 test for method change dst.initResponse -> validateRequest 2010-04-06 13:11:21 +00:00
Benjamin Dauvergne 3c4ad4d8bc XML: do not register any DST namespace by default 2010-04-06 13:11:19 +00:00
Benjamin Dauvergne 91e3614a14 XML: add a SNIPPET_COLLECT_NAMESPACES snippet to DstRefResultQuery 2010-04-06 13:11:17 +00:00
Benjamin Dauvergne 7db0387f5a ID-WSF 2.0 Data Service: new accessor, fix use of build_unique_id, change init_response to validate_request 2010-04-06 13:11:14 +00:00