When checking if a synchronous http method can be used for sending a
request to the SingleSignOnService we must check if the response can
received by the AssertionConsumerService with a synchronous binding not
the SingleSignOnService.
The first argument must be the iterator, the second is the iterable.
Also add a non-regression test with Googleapps metadata and and a
typical authn request.
The new way of storing endpoints allows to keep ordering between
endpoints with respect to the order of the index and isDefault field for
indexed endpoint type, and to the XML node orders for other endpoints.
It also simplifies the code.
* remove warning for descriptors supporting non SAML 2.0 protocols
* checks that at least one descriptor was loaded and that it was for
our assigned role.
* if no default_assertion_consumer value is set after traversing the
list of endpoint, try to find the first one without isDefault="false"
and finally take the first one.
* server.c,serverprivate.h: add new private method
lasso_server_get_firs_providerID_by_role(server, role)w
* defederation.c: use new private method
lasso_server_get_first_providerID_by_role for find providerID
when the argument remote_providerID is null in
lasso_defederation_init_notification.
* lasso/id-ff/login.c (lasso_login_init_authn_request): use new private
method lasso_server_get_first_providerID_by_role.
* provider.h: add thre new provider role (authn,pdp,attribute) and
four new services (authn,assertionid,attribute,authz) and also
a ROLE_ANY value (-1) for catchall purpose and a ROLE_LAST for
array sizing.
* provider.h: add a LAST member to LassoMdProtocolType enum.
* providerprivate.h,provider.c:
- removes separate hashtable for descriptors depending on provider role,
use only one table named Descriptors.
- use the LAST members of enumerations to dimention static string arrays.
* provider.h: add a LAST member to the e
* lasso/saml-2.0/login.c: check that the URL is know before using it
* lasso/saml-2.0/provider.c lasso/saml-2.0/providerprivate.h:
add a function to check that an URL corresponds to a know
AssertionConsumer of the given provider.
* lasso/saml-2.0/Makefile.am:
add new header provider.h
* lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
add new function lasso_provider_saml2_node_encrypt to encrypt nodes
and encapslutate the XML Enc datas in a LassoSaml2EncryptedElement
node.
* docs/reference/lasso/lasso-sections.txt:
add function to saml2_utils section
- lasso/id-ff/provider.c lasso/id-ff/provider.h:
change return type of lasso_provider_get_metadata_list from GList* to
const GList*.
- lasso/id-ff/logout.c lasso/saml-2.0/logout.c
lasso/saml-2.0/provider.c:
change consumers of the API
* nearly all C files: change includes for relative paths.
* lasso/id-wsf/id_wsf.h, lasso/id-wsf-2.0/id_wsf_2.h: add top level
public include files for ID-WSF 1.0 and ID-WSF 2.0.
* lasso/id-ff/server.*, lasso/id-ff/session.*, lasso/id-ff/identity.*:
remove most of the code related to ID-WSF and push into
lasso/id-wsf/id_ff_extensions.* and lasso/id-wsf-2.0/identity.c,
lasso/id-wsf-2.0/server.c, lasso/id-wsf-2.0/session.c.
* lasso/id-wsf-2.0/saml2_login.c,
lasso/id-wsf-2.0/saml2_login_private.h: same change but for ID-WSF
2.0 support in SAML2 SSO profile.
* lasso/saml-2.0/login.c:
* lasso/saml-2.0/logout.c:
* lasso/saml-2.0/name_id_management.c:
* lasso/saml-2.0/profile.c:
* lasso/saml-2.0/provider.c:
do not mix g_malloc strings with libxml strings, use the
string/gobject handling macros as much as possible, be a good memory
citizen, don't put your elbows on the table.
- remove unused parameter from private function signatures
- remove unused variable
- initialize variable potentially accessed uninitialized
- add G_GNUC_UNUSED if function is public or adhering to an interface, and a
parameter is unused.
- if ID-WSF is not compiled in, define stubs with G_GNUC_UNUSED on parameters.
The goal is to compile with -Werror.
Benjamin Dauvergne
Jérôme Schneider
Frédéric Péters
Damien Laniel