Initialize AuthnRequest with asked AuthnContextClassRef if needed

Thanks to Benjamin Dauvergne for implementing this. git-svn-id: https://modmellon.googlecode.com/svn/trunk/mod_mellon2@142 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-12-07 10:19:44 +00:00 · 2011-12-07 10:19:44 +00:00 · 5a9e2ef0ce
parent f5852c98ce
commit 5a9e2ef0ce
1 changed files with 24 additions and 0 deletions
--- a/auth_mellon_handler.c
+++ b/auth_mellon_handler.c
@ -2418,6 +2418,9 @@ static int am_send_authn_request(request_rec *r, const char *idp,
    LassoSamlp2AuthnRequest *request;
    gint ret;
    char *redirect_to;
+    am_dir_cfg_rec *dir_cfg;
+
+    dir_cfg = am_get_dir_cfg(r);

    /* Add cookie for cookie test. We know that we should have
     * a valid cookie when we return from the IdP after SP-initiated
@ -2465,6 +2468,27 @@ static int am_send_authn_request(request_rec *r, const char *idp,
    LASSO_SAMLP2_REQUEST_ABSTRACT(request)->Consent
      = g_strdup(LASSO_SAML2_CONSENT_IMPLICIT);

+    /* Add AuthnContextClassRef */
+    if (dir_cfg->authn_context_class_ref->nelts) {
+        apr_array_header_t *refs = dir_cfg->authn_context_class_ref;
+        int i = 0;
+        LassoSamlp2RequestedAuthnContext *req_authn_context;
+
+        req_authn_context = (LassoSamlp2RequestedAuthnContext*)
+            lasso_samlp2_requested_authn_context_new();
+
+        request->RequestedAuthnContext = req_authn_context;
+
+        for (i = 0; i < refs->nelts; i++) {
+            const char *ref = ((char **)refs->elts)[i];
+            req_authn_context->AuthnContextClassRef =
+                    g_list_append(req_authn_context->AuthnContextClassRef,
+                                    g_strdup(ref));
+            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+                          "adding AuthnContextClassRef %s to the "
+                          "AuthnRequest", ref);
+        }
+    }

    /*
     * Make sure the Destination attribute is set to the IdP