* lasso/id-wsf-2.0/profile.c lasso/id-wsf-2.0/profile.h:
- lasso_idwsf2_profile_get_name_identifier returns the NameID found
in an assertion used as a WS-Security token when security mechanism
Bearer or SAML are used.
- complete the function lasso_id_wsf2_profile_build_soap_envelope
with construction of the Sender element which is used to transmit
the providerID of the message sender by the SOAP binding ID-WSF 2.0
specification.
- remove useless instance_init function in profile object
- reset some profile fields in process_soap_request_msg (response,
body, nameIdentifier). use
lasso_saml20_profile_name_identifier_decryption for handling NameID
from WS-Security mechanism assertion.
- add private_data
- change signature of lasso_idwsf2_profile_init_soap_request to use
and EPR and a security mechanism specifier when building the SOAP
request.
- change signature of lasso_idwsf2_profile_process_soap_request to
verify security_mech_id of received messages.
* docs/reference/lasso/lasso-sections.txt:
add the function to the documentation.
* lasso/id-wsf-2.0/discovery.{c,h}:
- use utils.h macros instead of g_return_val_if_fail because it
removes useless warning, since it returns an error code. release
acquired resources.
- in lasso_idwsf2_discovery_metadata_register_self, return error code
instead of identifier string for the new service, use an out
parmeter to return the identifier, use utils.h macros.
- in lasso_idwsf2_discovery_init_metadata_register, use utils.h
macros, check return code of lasso_idwsf2_profile_init_soap_request.
- change signature of lasso_idwsf2_discovery_init_metadata_register
to support security_mech_id, try to get URL from an existing
Discovery service EPR (from Session object).
- change signature of
lasso_idwsf2_discovery_process_metadata_register_msg,
lasso_idwsf2_discovery_init_metadata_association_add,
lasso_idwsf2_discovery_process_metadata_association_add_msg,
lasso_idwsf2_discovery_init_query,
lasso_idwsf2_discovery_process_query_msg, to support security
mechanism.
- improve lasso_idwsf2_discovery_build_query_response_eprs.
- add lasso_idwsf2_discovery_get_nth_data_service to acces returned
services.
* lasso/id-wsf-2.0/data_service.{c,h}:
- redo all the API
- add LASSO_DST_ERROR_EMPTY_REQUEST
- add LASSO_WSF_PROFILE_ERROR_SECURITY_MECHANISM_CHECK_FAILED
- add new errors codes for generic profiles and disco service
standards
- add status code for ID-WSF 2.0 DST
- add token usage identifiers
- conform security mechanism identifiers to ID-WSF 2.0 Liberty Sech
Mech specification
- add Discovery Service status codes
- add Soap Binding status codes
- add disco result type and user interaction hint strings
* lasso/id-wsf-2.0/idwsf2_helper.c lasso/id-wsf-2.0/idwsf2_helper.h:
add new functions
lasso_wsa_endpoint_reference_get_idwsf2_service_type,
lasso_wsa_endpoint_reference_get_idwsf2_provider_id,
lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism,
lasso_wsa_endpoint_reference_get_token_by_usage,
lasso_wsa_endpoint_reference_get_security_token,lasso_wsa_endpoint_reference_get_target_identity_token,
lasso_wsa_endpoint_reference_new_for_idwsf2_service,
and lasso_wsa_endpoint_reference_add_security_token.
* lasso/id-wsf-2.0/idwsf2_helper.h:
declare new functions.
* lasso/id-wsf-2.0/Makefile.am:
add new files to source list
* lasso/id-wsf-2.0/Makefile.am
- reference new source files in Makefile.am
* lasso/id-wsf-2.0/soap_binding.c
* lasso/id-wsf-2.0/soap_binding.h:
- add extraction functions lasso_soap_envelope_sb2_get_provider_id,
lasso_soap_envelope_sb2_get_redirect_request_url,
lasso_soap_envelope_sb2_get_target_identity_header,
lasso_soap_envelope_add_action and lasso_soap_envelope_get_action.
- add SOAP security headers accessors
- add lasso_soap_envelope_get_saml2_security_token which simplify
retrieving a SAML 2.0 assertion used as a WS-Security token.
complete documentation of other functions.
* docs/reference/lasso/lasso-sections.txt:
- reference the new functions in a new section soap_binding2
* docs/reference/lasso/lasso-docs.sgml:
- add new section soap_binding2
ID-WSF 2.0: in soap_binding.{c,h}: add function
* lasso/id-wsf/discovery.c:
- add annotations to lasso_discovery_init_query,
lasso_discovery_init_modify, lasso_discovery_process_request_msg.
- initialize response in lasso_discovery_process_query_mesg and
lasso_discovery_process_modify_msg, so that modifications of the
response can be done between _process_ and _build_ calls.
* lasso/id-wsf/data_service.c lasso/id-wsf/data_service.h:
- in lasso_data_service_apply_modifications, dst_modification
initialization is missing.
- remove lasso_data_service_get_redirect_request_url
- change LASSO_DATA_SERVICE_CANNOT_ADD_ITEM to
LASSO_DATA_SERVICE_ERROR_CANNOT_ADD_ITEM
- in lasso_data_service_init_query, complete documentation, fix mem
leak
- factorize code between lasso_data_service_build_modify_response_msg
and lasso_data_service_build_query_response_msg, create
lasso_data_service_build_response_msg
- in lasso_data_service_get_answer, add out annotation to output
parameter
- simplify API, simplify code path for query and modification
processing
- add lasso_data_service_process_request_msg,
lasso_data_service_build_modify_response_msg,
lasso_data_service_validate_request.
- remove lasso_data_service_process_query_msg and
lasso_data_service_process_modify_msg from public API.
- in lasso_data_service_process_query_msg and
lasso_data_service_process_modify_msg add arg checks, make them
static and move preprocessing of the request in
lasso_data_service_process_request_msg.
- in lasso_data_service_get_answer, fix request/response mismatch.
- add accessors lasso_data_service_set_resource_data and
lasso_data_service_get_resource_data.
- add securit_mech_id arg to data_service_init_modify, export
resource_data accessor methods
- remove lasso_data_service_get_redirect_request_url
- fix missing intializations and leaks
* tests/basic_tests.c:
when testing functionality of lasso registries which map namespace
elements to lasso objects, do not use liberty namespace because it
interacts with other tests -- deserialization of lib:Assertion node
was broken by this test -- when running them in CK_FORK=no mode.
Changed namespace LASSO_LIB_HREF, for "coin" which is less dangerous.
* wsa_attributed_uri.c:
- constify first argument of
lasso_wsa_attributed_uri_new_with_string.
- add add direct mappings from wsa:Action,wsa:To to
LassoWsAddrAttributedURI and from wsa:From,wsa:ReplyTo,wsa:FaultTo
to LassoWsAddrEndpointReference
* lasso/id-ff/provider.c lasso/id-ff/provider.h:
add a new function to check an enclosed single signature on a
LassoNode, given that the LassoNode retained its original xml node
content.
* docs/reference/lasso/lasso-sections.txt:
declare new function
* lasso/id-ff/login.c lasso/id-ff/login.h:
add new function lasso_login_get_assertion.
* lasso/saml-2.0/login.c:
store created assertions
* lasso/id-ff/login.h:
make assertion field private for bindings.
* lasso/saml-2.0/saml2_helper.c lasso/saml-2.0/saml2_helper.h:
- add lasso_server_saml2_assertion_setup_signature, to help in
defining signature upon saml2:Assertion nodes.
- add new symbols LASSO_DURATION_MINUTE, LASSO_DURATION_HOUR,
LASSO_DURATION_DAY, LASSO_DURATION_WEEK.
- add method lasso_saml2_assertion_add_attribute_with_node
* docs/reference/lasso/lasso-sections.txt:
declare new functions in saml2_helper section.
* lasso/xml/saml-2.0/saml2_encrypted_element.c:
add registry mapping from EncryptedID, EncryptedAssertion,
EncryptedAttribute and NewEncryptedID element to
saml2:EncryptedElement
* lasso/saml-2.0/Makefile.am:
add new header provider.h
* lasso/saml-2.0/provider.c lasso/saml-2.0/provider.h:
add new function lasso_provider_saml2_node_encrypt to encrypt nodes
and encapslutate the XML Enc datas in a LassoSaml2EncryptedElement
node.
* docs/reference/lasso/lasso-sections.txt:
add function to saml2_utils section
* lasso/xml/xml.c lasso/xml/xml.h:
- fix signature of lasso_node_set_original_xmlnode, fix signature in
documentation of lasso_node_set_original_xmlnode;
- add a new API lasso_node_set_custom_nodename to specify the exact
element name to use when serializing a LassoNode to XML.
- rename internal structure _CustomNamespace to _CustomElement, add a
nodename field to it.
- rework internal functions around _CustomElement to be aware of an
existing attached _CustomElement and re-use if needed.
- move application of _CustomElement hints after the serialization of
the node, so that the normal behaviour of the serialization is kept
-- i.e. do not play with the list of parent classes.
- use the full xsi:type content to find a LassoNode subclass when
de-serializaing XML content, factorize QName->GObject class mapping
for the three executions paths inside
_type_name_from_href_and_nodename:
- element QName,
- xsi:type QName,
- element name with xsi:type namespace
- add a long comment expliciting the way the mapping is done.
- remove direct mapping of EncryptedAssertion element, the registry
declaration on the class LassoSaml2EncryptedElement shoud be
enough.
* lasso/utils.h:
- add macro lasso_ref(object), if object is not null, call
g_object_ref on it, and return the value, otherwise do nothing and
return NULL.
- make a better reporting of bad object release
- change format type for __LINE__ and dest arguments in
lasso_release_gobject warning display.
- add a lasso_check_non_empty_string macro
- add new macro to extract a specific node type from a list of
GObject objects.
- use xmlStrdup not g_strdup for lasso_assign_xml_string
- add lasso_list_add_gstrv and lasso_check_good_rc
- add macro lasso_list_get_first_child
- add inline function to test empty string
- change macro lasso_check_non_empty_string to use the new inline
function and go to cleanup
- fix lasso_check_non_empty_string macro
* lasso/utils.c:
- add lasso_gobject_is_of_type returns 0 if first parameters is a
gobject whose GType is equal to the second parameter, and 1
otherwise.
Benjamin Dauvergne