login: complete document of lasso_login_process_authn_response_msg on expectable error codes

This commit is contained in:
Benjamin Dauvergne 2014-05-21 14:07:06 +02:00
parent 6012c05951
commit 7362567411
1 changed files with 32 additions and 1 deletions

View File

@ -2127,7 +2127,38 @@ lasso_login_process_authn_request_msg(LassoLogin *login, const char *authn_reque
*
* Processes received authentication response.
*
* Return value: 0 on success; or a negative value otherwise.
* Return value: 0 on success; or
* <itemizedlist>
* <listitem><para>#LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ if login is not a #LassoLogin
* object,</para></listitem>
* <listitem><para>#LASSO_PARAM_ERROR_INVALID_VALUE if authn_response_msg is NULL,</para></listitem>
* <listitem><para>#LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND, if the issuing
* provider of the assertion is not registered in the #LassoServer object,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_MISSING_ISSUER if the parsed samlp2:AuthnRequest does not
* have a proper Issuer element, </para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_MISSING_STATUS_CODE if the reponse is missing a
* <literal>StatusCode</literal> element,</para></listitem>
* <listitem><para>#LASSO_PROFILE_STATUS_NOT_SUCCESS_ERROR if the identity provider returned a
* failure response,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_REQUEST_DENIED</para> if the identity provider returned the
* specific status code <literal>RequestDenied</literal>,</listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_INVALID_MSG if the message is not a #LassoSamlpResponse
* (ID-FF 1.2) or a #LassoSamlp2ResponseMsg (SAML 2.0),</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE, if the received message format does not
* correspond to a binding supported by this function, the only supported binding by this function
* is HTTP POST,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_MISSING_SERVER the server object is needed to sign a message
* and it is missing,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE if the validation of the signature
* of the message failed, a specific error code is available in
* <literal>login->parent.signature_status</literal></para></listitem>
* <listitem><para>#LASSO_LOGIN_ERROR_ASSERTION_DOES_NOT_MATCH_REQUEST_ID if the received response
* does not match the saved AuthenticationRequest ID,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_INVALID_ISSUER if the assertion issuer does not match the
* AuthenticationResponse issuer,</para></listitem>
* <listitem><para>#LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND if not NameID could be found or
* decoded,</para></listitem>
* </itemizedlist>
**/
gint
lasso_login_process_authn_response_msg(LassoLogin *login, gchar *authn_response_msg)