entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity

lasso_identity_get_federation() & lasso_identity_add_federation() methods 

make now a copy of the federation object.
This commit is contained in:
Valery Febvre 2004-08-05 01:10:23 +00:00
parent 12c0f0c478
commit 33ebd74c07
6 changed files with 68 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lasso/id-ff/federation_termination.c
View File

@ -153,7 +153,8 @@ lasso_federation_termination_init_notification(LassoFederationTermination *defed
default:
message(G_LOG_LEVEL_CRITICAL, "Invalid provider type\n");
}
lasso_federation_destroy(federation);
if(!nameIdentifier) {
message(G_LOG_LEVEL_CRITICAL, "Name identifier not found for %s\n", profile->remote_providerID);
codeError = -1;
@ -272,6 +273,7 @@ lasso_federation_termination_process_notification(LassoFederationTermination *de
message(G_LOG_LEVEL_WARNING, "No name identifier for %s\n", profile->remote_providerID);
return(-1);
}
lasso_federation_destroy(federation);
/* remove federation of the remote provider */
lasso_identity_remove_federation(profile->identity, profile->remote_providerID);

25
lasso/id-ff/identity.c
View File

@ -80,18 +80,18 @@ lasso_identity_add_federation(LassoIdentity *identity,
gboolean found = FALSE;
int i;
g_return_val_if_fail(identity != NULL, -1);
g_return_val_if_fail(LASSO_IS_IDENTITY(identity), -1);
g_return_val_if_fail(remote_providerID != NULL, -2);
g_return_val_if_fail(federation != NULL, -3);
g_return_val_if_fail(LASSO_IS_FEDERATION(federation), -3);
/* add the remote provider id if not already saved */
for(i = 0; i<identity->providerIDs->len; i++) {
for (i = 0; i<identity->providerIDs->len; i++) {
if(xmlStrEqual(remote_providerID, g_ptr_array_index(identity->providerIDs, i))) {
found = TRUE;
break;
}
}
if(found == TRUE) {
if (found == TRUE) {
debug("A federation existed already for this providerID, it was replaced by the new one.\n");
}
else {
@ -99,7 +99,8 @@ lasso_identity_add_federation(LassoIdentity *identity,
}
/* add the federation, replace if one already exists */
g_hash_table_insert(identity->federations, g_strdup(remote_providerID), federation);
g_hash_table_insert(identity->federations, g_strdup(remote_providerID),
lasso_federation_copy(federation));
identity->is_dirty = TRUE;
@ -185,10 +186,10 @@ lasso_identity_get_federation(LassoIdentity *identity,
remote_providerID);
if (federation == NULL) {
debug("No Federation found with remote ProviderID = %s\n", remote_providerID);
return (NULL);
}
/* FIXME: federation should be a copy (fix lasso_identity_add_federation too) */
return(federation);
return(lasso_federation_copy(federation));
}
gchar*
@ -198,7 +199,7 @@ lasso_identity_get_next_federation_remote_providerID(LassoIdentity *identity)
g_return_val_if_fail(identity!=NULL, NULL);
if(identity->providerIDs->len == 0) {
if (identity->providerIDs->len == 0) {
return(NULL);
}
@ -221,14 +222,15 @@ lasso_identity_remove_federation(LassoIdentity *identity,
federation = lasso_identity_get_federation(identity, remote_providerID);
if (federation != NULL) {
g_hash_table_remove(identity->federations, remote_providerID);
lasso_federation_destroy(federation);
}
else {
debug("Failed to remove federation for remote Provider %s\n", remote_providerID);
}
/* remove the federation remote provider id */
for(i = 0; i<identity->providerIDs->len; i++) {
if(xmlStrEqual(remote_providerID, g_ptr_array_index(identity->providerIDs, i))) {
for (i = 0; i<identity->providerIDs->len; i++) {
if (xmlStrEqual(remote_providerID, g_ptr_array_index(identity->providerIDs, i))) {
debug("Remove federation of %s\n", remote_providerID);
g_ptr_array_remove_index(identity->providerIDs, i);
break;
@ -388,7 +390,7 @@ lasso_identity_new_from_dump(gchar *dump)
federation_node = lasso_node_new_from_xmlNode(federation_xmlNode);
remote_providerID = lasso_node_get_attr_value(federation_node,
LASSO_FEDERATION_REMOTE_PROVIDERID_NODE, &err);
if(remote_providerID==NULL){
if (remote_providerID == NULL) {
message(G_LOG_LEVEL_WARNING, err->message);
g_error_free(err);
lasso_node_destroy(federation_node);
@ -466,6 +468,7 @@ lasso_identity_new_from_dump(gchar *dump)
xmlFree(remote_providerID);
lasso_node_destroy(federation_node);
lasso_federation_destroy(federation);
}
federation_xmlNode = federation_xmlNode->next;

63
lasso/id-ff/login.c
View File

@ -227,6 +227,7 @@ lasso_login_process_federation(LassoLogin *login)
}
done:
lasso_federation_destroy(federation);
xmlFree(nameIDPolicy);
xmlFree(consent);
@ -335,7 +336,7 @@ lasso_login_accept_sso(LassoLogin *login)
assertion = lasso_node_get_child(LASSO_PROFILE(login)->response,
"Assertion", lassoLibHRef, NULL);
if (assertion == NULL) {
message(G_LOG_LEVEL_ERROR, "Assertion element not found in response.\n");
message(G_LOG_LEVEL_CRITICAL, "Assertion element not found in response.\n");
ret = -2;
goto done;
}
@ -349,7 +350,7 @@ lasso_login_accept_sso(LassoLogin *login)
nameIdentifier = lasso_node_get_child(assertion, "NameIdentifier",
lassoSamlAssertionHRef, NULL);
if (nameIdentifier == NULL) {
message(G_LOG_LEVEL_ERROR, "NameIdentifier element not found in assertion.\n");
message(G_LOG_LEVEL_CRITICAL, "NameIdentifier element not found in assertion.\n");
ret = -3;
goto done;
}
@ -357,7 +358,7 @@ lasso_login_accept_sso(LassoLogin *login)
idpProvidedNameIdentifier = lasso_node_get_child(assertion, "IDPProvidedNameIdentifier",
lassoLibHRef, NULL);
if (idpProvidedNameIdentifier == NULL) {
message(G_LOG_LEVEL_ERROR, "IDPProvidedNameIdentifier element not found in assertion.\n");
message(G_LOG_LEVEL_CRITICAL, "IDPProvidedNameIdentifier element not found in assertion.\n");
ret = -4;
goto done;
}
@ -376,9 +377,10 @@ lasso_login_accept_sso(LassoLogin *login)
lasso_identity_add_federation(LASSO_PROFILE(login)->identity,
LASSO_PROFILE(login)->remote_providerID,
federation);
lasso_federation_destroy(federation);
}
else {
message(G_LOG_LEVEL_ERROR, "response attribute is empty.\n");
message(G_LOG_LEVEL_CRITICAL, "response attribute is empty.\n");
}
done:
@ -406,13 +408,13 @@ lasso_login_build_artifact_msg(LassoLogin *login,
g_return_val_if_fail(authenticationMethod != NULL && reauthenticateOnOrAfter != NULL, -1);
if (method != lassoHttpMethodRedirect && method != lassoHttpMethodPost) {
message(G_LOG_LEVEL_ERROR, "Invalid HTTP method, it could be REDIRECT or POST\n.");
message(G_LOG_LEVEL_CRITICAL, "Invalid HTTP method, it could be REDIRECT or POST\n.");
return (-2);
}
/* ProtocolProfile must be BrwsArt */
if (login->protocolProfile != lassoLoginProtocolProfileBrwsArt) {
message(G_LOG_LEVEL_ERROR, "Failed to build artifact message, an AuthnResponse is required by ProtocolProfile.\n");
message(G_LOG_LEVEL_CRITICAL, "Failed to build artifact message, an AuthnResponse is required by ProtocolProfile.\n");
return (-3);
}
@ -431,6 +433,7 @@ lasso_login_build_artifact_msg(LassoLogin *login,
federation,
authenticationMethod,
reauthenticateOnOrAfter);
lasso_federation_destroy(federation);
}
}
/* save response dump */
@ -586,7 +589,7 @@ lasso_login_build_authn_response_msg(LassoLogin *login,
/* ProtocolProfile must be BrwsPost */
if (login->protocolProfile != lassoLoginProtocolProfileBrwsPost) {
message(G_LOG_LEVEL_ERROR, "Failed to build AuthnResponse message, an Artifact is required by ProtocolProfile.\n");
message(G_LOG_LEVEL_CRITICAL, "Failed to build AuthnResponse message, an Artifact is required by ProtocolProfile.\n");
return (-1);
}
@ -605,6 +608,7 @@ lasso_login_build_authn_response_msg(LassoLogin *login,
federation,
authenticationMethod,
reauthenticateOnOrAfter);
lasso_federation_destroy(federation);
}
}
@ -700,7 +704,7 @@ lasso_login_init_from_authn_request_msg(LassoLogin *login,
if (authn_request_method != lassoHttpMethodRedirect && \
authn_request_method != lassoHttpMethodPost && \
authn_request_method != lassoHttpMethodSoap) {
message(G_LOG_LEVEL_ERROR, "Invalid HTTP method, it could be REDIRECT, POST or SOAP (LECP)\n.");
message(G_LOG_LEVEL_CRITICAL, "Invalid HTTP method, it could be REDIRECT, POST or SOAP (LECP)\n.");
return (-1);
}
@ -815,10 +819,15 @@ lasso_login_init_request(LassoLogin *login,
{
LassoNode *response = NULL;
xmlChar *artifact, *identityProviderSuccinctID;
gint ret = 0;
GError *err = NULL;
g_return_val_if_fail(LASSO_IS_LOGIN(login), -1);
g_return_val_if_fail(response_msg != NULL, -1);
if (response_method != lassoHttpMethodRedirect && \
response_method != lassoHttpMethodPost) {
message(G_LOG_LEVEL_ERROR, "Invalid HTTP method, it could be REDIRECT or POST\n.");
message(G_LOG_LEVEL_CRITICAL, "Invalid HTTP method, it could be REDIRECT or POST\n.");
return (-1);
}
@ -834,21 +843,35 @@ lasso_login_init_request(LassoLogin *login,
break;
}
LASSO_PROFILE(login)->response = response;
/* get remote identityProviderSuccinctID */
identityProviderSuccinctID = lasso_artifact_get_identityProviderSuccinctID(LASSO_ARTIFACT(response));
LASSO_PROFILE(login)->remote_providerID = lasso_server_get_providerID_from_hash(LASSO_PROFILE(login)->server,
identityProviderSuccinctID);
xmlFree(identityProviderSuccinctID);
LASSO_PROFILE(login)->response_type = lassoMessageTypeArtifact;
/* get remote identityProviderSuccinctID */
identityProviderSuccinctID = lasso_artifact_get_identityProviderSuccinctID(LASSO_ARTIFACT(response), &err);
if (identityProviderSuccinctID != NULL) {
LASSO_PROFILE(login)->remote_providerID = lasso_server_get_providerID_from_hash(LASSO_PROFILE(login)->server,
identityProviderSuccinctID);
xmlFree(identityProviderSuccinctID);
}
else {
message(G_LOG_LEVEL_CRITICAL, err->message);
ret = err->code;
g_clear_error(&err);
}
/* create SamlpRequest */
artifact = lasso_artifact_get_samlArt(LASSO_ARTIFACT(LASSO_PROFILE(login)->response));
LASSO_PROFILE(login)->request = lasso_request_new(artifact);
LASSO_PROFILE(login)->request_type = lassoMessageTypeRequest;
xmlFree(artifact);
artifact = lasso_artifact_get_samlArt(LASSO_ARTIFACT(LASSO_PROFILE(login)->response), &err);
if (artifact != NULL) {
LASSO_PROFILE(login)->request = lasso_request_new(artifact);
LASSO_PROFILE(login)->request_type = lassoMessageTypeRequest;
xmlFree(artifact);
}
else {
message(G_LOG_LEVEL_CRITICAL, err->message);
ret = err->code;
g_clear_error(&err);
}
return (0);
return (ret);
}
gboolean

4
lasso/id-ff/logout.c
View File

@ -256,7 +256,8 @@ lasso_logout_init_request(LassoLogout *logout,
message(G_LOG_LEVEL_CRITICAL, "Invalid provider type\n");
return(-4);
}
lasso_federation_destroy(federation);
if(nameIdentifier == NULL) {
message(G_LOG_LEVEL_CRITICAL, "Name identifier not found for %s\n",
profile->remote_providerID);
@ -418,6 +419,7 @@ lasso_logout_validate_request(LassoLogout *logout)
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
return(-10);
}
lasso_federation_destroy(federation);
/* verification is ok, save name identifier in logout object */
lasso_session_remove_assertion(profile->session, profile->remote_providerID);

4
lasso/id-ff/name_identifier_mapping.c
View File

@ -181,7 +181,8 @@ lasso_name_identifier_mapping_init_request(LassoNameIdentifierMapping *mapping,
message(G_LOG_LEVEL_ERROR, "Unknown provider type\n");
return(-4);
}
lasso_federation_destroy(federation);
if(nameIdentifier == NULL) {
message(G_LOG_LEVEL_ERROR, "Name identifier not found\n");
return(-5);
@ -272,6 +273,7 @@ lasso_name_identifier_mapping_process_request_msg(LassoNameIdentifierMapping *ma
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
return(-7);
}
lasso_federation_destroy(federation);
return(0);
}

2
lasso/id-ff/register_name_identifier.c
View File

@ -243,6 +243,7 @@ lasso_register_name_identifier_init_request(LassoRegisterNameIdentifier *registe
message(G_LOG_LEVEL_CRITICAL, "Invalid provider type (%d)\n", profile->provider_type);
return(-5);
}
lasso_federation_destroy(federation);
debug("old name identifier : %s, old name qualifier : %s, old format : %s\n", oldNameIdentifier, oldNameQualifier, oldFormat);
debug("sp name identifier : %s, sp name qualifier : %s, sp format : %s\n", spNameIdentifier, spNameQualifier, spFormat);
@ -367,6 +368,7 @@ lasso_register_name_identifier_process_request(LassoRegisterNameIdentifier *regi
statusCode_class->set_prop(statusCode, "Value", lassoLibStatusCodeFederationDoesNotExist);
return(-8);
}
lasso_federation_destroy(federation);
/* verify authentication (if ok, delete assertion) */
assertion = lasso_session_get_assertion(profile->session, remote_providerID);