2 * The Shibboleth License, Version 1.
4 * University Corporation for Advanced Internet Development, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * Redistributions of source code must retain the above copyright notice, this
12 * list of conditions and the following disclaimer.
14 * Redistributions in binary form must reproduce the above copyright notice,
15 * this list of conditions and the following disclaimer in the documentation
16 * and/or other materials provided with the distribution, if any, must include
17 * the following acknowledgment: "This product includes software developed by
18 * the University Corporation for Advanced Internet Development
19 * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
20 * may appear in the software itself, if and wherever such third-party
21 * acknowledgments normally appear.
23 * Neither the name of Shibboleth nor the names of its contributors, nor
24 * Internet2, nor the University Corporation for Advanced Internet Development,
25 * Inc., nor UCAID may be used to endorse or promote products derived from this
26 * software without specific prior written permission. For written permission,
27 * please contact shibboleth@shibboleth.org
29 * Products derived from this software may not be called Shibboleth, Internet2,
30 * UCAID, or the University Corporation for Advanced Internet Development, nor
31 * may Shibboleth appear in their name, without prior written permission of the
32 * University Corporation for Advanced Internet Development.
35 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
36 * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
38 * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
39 * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
40 * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
41 * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
42 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
43 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
46 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
47 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
51 /* ScopedAttribute.cpp - eduPerson scoped attribute base class
60 #include <xercesc/util/regx/RegularExpression.hpp>
61 #include <log4cpp/Category.hh>
63 using namespace shibboleth;
65 using namespace log4cpp;
69 ScopedAttribute::ScopedAttribute(const XMLCh* name, const XMLCh* ns, long lifetime,
70 const saml::Iterator<const XMLCh*>& scopes,
71 const saml::Iterator<const XMLCh*>& values)
72 : SimpleAttribute(name,ns,lifetime,values)
74 if (scopes.size()!=values.size())
75 throw MalformedException(SAMLException::RESPONDER,"ScopedAttribute() requires the number of scopes to equal the number of values");
77 while (scopes.hasNext())
78 m_values.push_back(scopes.next());
81 ScopedAttribute::ScopedAttribute(DOMElement* e) : SimpleAttribute(e) {}
83 ScopedAttribute::~ScopedAttribute() {}
85 bool ScopedAttribute::addValue(DOMElement* e)
87 static XMLCh empty[] = {chNull};
88 if (SAMLAttribute::addValue(e))
90 DOMAttr* scope=e->getAttributeNodeNS(NULL,Scope);
91 m_scopes.push_back(scope ? scope->getNodeValue() : empty);
97 bool ScopedAttribute::accept(DOMElement* e) const
99 OriginSiteMapper mapper;
100 Iterator<pair<xstring,bool> > domains=mapper.getSecurityDomains(m_originSite.c_str());
101 const XMLCh* this_scope=NULL;
102 DOMAttr* scope=e->getAttributeNodeNS(NULL,Scope);
104 this_scope=scope->getNodeValue();
105 if (!this_scope || !*this_scope)
106 this_scope=m_originSite.c_str();
108 while (domains.hasNext())
110 const pair<xstring,bool>& p=domains.next();
115 RegularExpression re(p.first.c_str());
116 if (re.matches(this_scope))
119 catch (XMLException& ex)
121 auto_ptr<char> tmp(XMLString::transcode(ex.getMessage()));
123 Category& log=Category::getInstance(SHIB_LOGCAT".ScopedAttribute");
124 log.errorStream() << "caught exception while parsing regular expression: " << tmp.get()
125 << CategoryStream::ENDLINE;
129 else if (p.first==this_scope)
134 Category& log=Category::getInstance(SHIB_LOGCAT".ScopedAttribute");
135 if (log.isWarnEnabled())
137 auto_ptr<char> tmp(XMLString::transcode(this_scope));
138 log.warn("rejecting value with scope of %s",tmp.get());
143 Iterator<xstring> ScopedAttribute::getValues() const
145 if (m_scopedValues.empty())
147 vector<xstring>::const_iterator j=m_scopes.begin();
148 for (vector<xstring>::const_iterator i=m_values.begin(); i!=m_values.end(); i++, j++)
149 m_scopedValues.push_back((*i) + chAt + (!j->empty() ? (*j) : m_originSite));
151 return Iterator<xstring>(m_scopedValues);
154 Iterator<string> ScopedAttribute::getSingleByteValues() const
157 if (m_sbValues.empty())
159 for (vector<xstring>::const_iterator i=m_scopedValues.begin(); i!=m_scopedValues.end(); i++)
161 auto_ptr<char> temp(XMLString::transcode(i->c_str()));
163 m_sbValues.push_back(temp.get());
166 return Iterator<string>(m_sbValues);
169 SAMLObject* ScopedAttribute::clone() const
171 ScopedAttribute* dest=new ScopedAttribute(m_name,m_namespace,m_lifetime);
172 dest->m_values.assign(m_values.begin(),m_values.end());
173 dest->m_scopes.assign(m_scopes.begin(),m_scopes.end());
177 DOMNode* ScopedAttribute::toDOM(DOMDocument* doc,bool xmlns) const
179 SimpleAttribute::toDOM(doc,xmlns);
182 DOMNode* n=m_root->getFirstChild();
185 if (n->getNodeType()==DOMNode::ELEMENT_NODE)
187 static_cast<DOMElement*>(n)->setAttributeNS(NULL,Scope,
188 (!m_scopes[i].empty() ? m_scopes[i].c_str() : m_originSite.c_str()));
191 n=n->getNextSibling();
197 const XMLCh ScopedAttribute::Scope[] = { chLatin_S, chLatin_c, chLatin_o, chLatin_p, chLatin_e, chNull };