entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity
4,708 Commits 7 Branches 40 Tags 14 MiB
Commit Graph

37 Commits

Author SHA1 Message Date
Benjamin Dauvergne c07cd3898c SAML 2.0&ID-FF 1.2: simplify and complete metadata loading for multi-role support 2010-03-27 16:52:04 +00:00
Benjamin Dauvergne f5442dc84b SAML 2.0: add support for attribute, authentication and authorization authorities metadata 
* server.c,serverprivate.h: add new private method
   lasso_server_get_firs_providerID_by_role(server, role)w
 * defederation.c: use new private method
   lasso_server_get_first_providerID_by_role for find providerID
   when the argument remote_providerID is null in
   lasso_defederation_init_notification.
 * lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
   method lasso_server_get_first_providerID_by_role.
 * provider.h: add thre new provider role (authn,pdp,attribute) and
    four new services (authn,assertionid,attribute,authz) and also
    a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
    array sizing.
 * provider.h: add a LAST member to LassoMdProtocolType enum.
  * providerprivate.h,provider.c:
   - removes separate hashtable for descriptors depending on provider role,
     use only one table named Descriptors.
   - use the LAST members of enumerations to dimention static string arrays.
  * provider.h: add a LAST member to the e
 2010-03-27 16:51:43 +00:00
Benjamin Dauvergne b30498aec6 ID-FF&SAML2: if use is not defined on a key descriptor use the key for any use 
* lasso/id-ff/provider.c lasso/saml-2.0/provider.c: if the "use"
   attribute is not set on a KeyDescriptor, use the key for signing and
   encryption.
 2010-01-14 16:18:24 +00:00
Benjamin Dauvergne e06e9db029 SAML 2.0: in lasso_saml20_provider_accept_http_method, add HTTP-Artifact-POST case, better check for bad inputs, and handle special SingleSignOn case 2010-01-12 15:40:07 +00:00
Benjamin Dauvergne d42c16e239 Core Node: add args to lasso_node_encrypt to set recipient of an encrypted element 2010-01-12 15:39:57 +00:00
Benjamin Dauvergne 2ff13e5414 SAML 2.0: overhaul for ubuquitous binding support, still need work for HTTP-Artefact 2010-01-12 15:39:48 +00:00
Benjamin Dauvergne 56bd9e2405 Fix mitm attack using the AssertionConsumerURL property on requests 
* lasso/saml-2.0/login.c: check that the URL is know before using it
 * lasso/saml-2.0/provider.c lasso/saml-2.0/providerprivate.h:
   add a function to check that an URL corresponds to a know
   AssertionConsumer of the given provider.
 2010-01-12 15:39:31 +00:00
Benjamin Dauvergne 399ca193e3 SAML 2.0: in provider.c, add node encryption function and reference it in doc 
* lasso/saml-2.0/Makefile.am:
   add new header provider.h
 * lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
   add new function lasso_provider_saml2_node_encrypt to encrypt nodes
   and encapslutate the XML Enc datas in a LassoSaml2EncryptedElement
   node.
 * docs/reference/lasso/lasso-sections.txt:
   add function to saml2_utils section
 2010-01-04 09:14:10 +00:00
Benjamin Dauvergne bdd1ad92a0 Core: add const modifier to return value of lasso_provider_get_metadata_list 
- lasso/id-ff/provider.c lasso/id-ff/provider.h:
   change return type of lasso_provider_get_metadata_list from GList* to
   const GList*.
 - lasso/id-ff/logout.c lasso/saml-2.0/logout.c
   lasso/saml-2.0/provider.c:
   change consumers of the API
 2009-09-29 13:20:40 +00:00
Benjamin Dauvergne 00ea5d7113 Core: Add const modifiers to LassoProvider methods 
* lasso/id-ff/provider.c lasso/id-ff/provider.h
   lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
   add const modifier where they could be added.
 2009-09-29 13:20:38 +00:00
Benjamin Dauvergne 7231771856 All: Rework include files handling, separated ID-WSF code from SAML2/ID-FF code 
* nearly all C files: change includes for relative paths.
 * lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
   public include files for ID-WSF 1.0 and ID-WSF 2.0.
 * lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
   remove most of the code related to ID-WSF and push into
   lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
   lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
 * lasso/id-wsf-2.0/saml2_login.c,
   lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
   2.0 support in SAML2 SSO profile.
 2009-08-26 15:14:32 +00:00
Benjamin Dauvergne c5f5f84329 SAML 2.0: Fix many leaks 
* lasso/saml-2.0/login.c:
 * lasso/saml-2.0/logout.c:
 * lasso/saml-2.0/name_id_management.c:
 * lasso/saml-2.0/profile.c:
 * lasso/saml-2.0/provider.c:
   do not mix g_malloc strings with libxml strings, use the
   string/gobject handling macros as much as possible, be a good memory
   citizen, don't put your elbows on the table.
 2009-04-30 14:58:11 +00:00
Benjamin Dauvergne b09ef2e015 Core: do not mix public and private headers 
* lots of files:
   explicitely load the internal header xml/private.h where needed.
 2009-03-27 15:04:26 +00:00
Benjamin Dauvergne aff32ad997 Add log message in the metadata loading process 
- lasso/id-ff/provider.c, lasso/saml-2.0/provider.c: add critical log
   message in each failed loading of metadatas branch cases.
 2008-11-05 11:23:29 +00:00
Benjamin Dauvergne 9ed0670e48 * Remove ending blanks 2008-09-12 15:06:58 +00:00
Benjamin Dauvergne ae1f6a297c * Remove warnings: 
- remove unused parameter from private function signatures
 - remove unused variable
 - initialize variable potentially accessed uninitialized
 - add G_GNUC_UNUSED if function is public or adhering to an interface, and a
   parameter is unused.
 - if ID-WSF is not compiled in, define stubs with G_GNUC_UNUSED on parameters.
 The goal is to compile with -Werror.
 2008-09-12 13:57:22 +00:00
Frédéric Péters 0419af4f0d proper casts of xmlChar* 2008-01-23 12:17:46 +00:00
Damien Laniel 38acc2883b added support for encrypting name identifiers with id-ff 1.2 2007-12-05 10:48:49 +00:00
Frédéric Péters 0a91e76505 added support for sending SAMLv2 AuthnResponse over HTTP-Redirect (which 
shouldn't be used because the assertion within makes for a very big message)
 2007-11-27 23:17:21 +00:00
Damien Laniel e8e38c374d coding style 2007-06-12 14:15:55 +00:00
Damien Laniel 4fc6657e0c updated Copyright dates in all files 2007-05-30 17:17:45 +00:00
Frédéric Péters 33fd80e73b fixed little memory leak 2007-01-06 22:13:53 +00:00
Frédéric Péters 0970475f12 fixing some usage of unitialized variables in SAMLv2 support 2006-12-27 15:24:56 +00:00
Damien Laniel d0edddf2bb Added lasso_provider_set_encryption method to activate or desactive encryption 2006-11-22 10:30:54 +00:00
Damien Laniel 84d4c960be Fixed -Wall warnings and replaced a LASSO_ERROR_UNDEFINED 2006-11-21 17:16:29 +00:00
Nicolas Clapies 211ee2fb2a Moved SOAP value as last element in lists. 2006-11-20 15:13:37 +00:00
Frédéric Péters fb131f73c5 process_authn_response_msg for saml2; this is similar to id-ff even if the 
underlying messages are different
 2006-11-15 23:58:28 +00:00
Frédéric Péters 42d3e91a21 correctly looks up assertionconsumerservice url, even with just the binding 2006-11-15 23:31:29 +00:00
Frédéric Péters da904e0bb3 binding for SAML2 binding uri; and fixed SAML20 to SAML2 for coherence 2006-11-15 18:58:26 +00:00
Nicolas Clapies 9c6d34b930 Added ECP profile (client, SP and IDP parts). 2006-11-14 14:11:59 +00:00
Damien Laniel e06981428f moved encryption key loading from id-ff to saml-2.0 2006-11-09 17:41:09 +00:00
Frédéric Péters a6e12c181f correctly clean memory 2006-10-29 18:05:40 +00:00
Frédéric Péters 9833e37aa9 saml-2.0 more POST support 2006-10-29 14:22:16 +00:00
Frédéric Péters 42f573a9fc started support for AssertionConsumerServiceIndex (as alternative to 
ProtocolBinding) (used by zxid)
 2006-10-29 12:27:36 +00:00
Frédéric Péters 80f104f73a accept PAOS binding 2006-10-29 11:32:20 +00:00
Frédéric Péters 853f46fd93 starting SAML 2 logout 2005-11-21 18:51:52 +00:00
Frédéric Péters ebb9f7dffc SAML 2.0 support (only web-sso for the moment) 2005-11-20 15:38:19 +00:00