2 * The Shibboleth License, Version 1.
4 * University Corporation for Advanced Internet Development, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * Redistributions of source code must retain the above copyright notice, this
12 * list of conditions and the following disclaimer.
14 * Redistributions in binary form must reproduce the above copyright notice,
15 * this list of conditions and the following disclaimer in the documentation
16 * and/or other materials provided with the distribution, if any, must include
17 * the following acknowledgment: "This product includes software developed by
18 * the University Corporation for Advanced Internet Development
19 * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
20 * may appear in the software itself, if and wherever such third-party
21 * acknowledgments normally appear.
23 * Neither the name of Shibboleth nor the names of its contributors, nor
24 * Internet2, nor the University Corporation for Advanced Internet Development,
25 * Inc., nor UCAID may be used to endorse or promote products derived from this
26 * software without specific prior written permission. For written permission,
27 * please contact shibboleth@shibboleth.org
29 * Products derived from this software may not be called Shibboleth, Internet2,
30 * UCAID, or the University Corporation for Advanced Internet Development, nor
31 * may Shibboleth appear in their name, without prior written permission of the
32 * University Corporation for Advanced Internet Development.
35 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
36 * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
38 * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
39 * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
40 * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
41 * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
42 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
43 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
46 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
47 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
51 * shib-target.h -- top-level header file for the SHIB Common Target Library
53 * Created by: Derek Atkins <derek@ihtfp.com>
62 # include <saml/saml.h>
63 # include <shib/shib.h>
67 # ifndef SHIBTARGET_EXPORTS
68 # define SHIBTARGET_EXPORTS __declspec(dllimport)
71 # define SHIBTARGET_EXPORTS
74 #include <shib-target/shibrpc.h>
83 typedef SOCKET ShibSocket;
84 typedef const char* ShibSockName;
85 #define SHIB_SHAR_SOCKET "127.0.0.1:12345" /* TCP host:port */
89 typedef int ShibSocket;
90 typedef const char* ShibSockName;
91 #define SHIB_SHAR_SOCKET "/tmp/shar-socket" /* Unix domain socket */
97 /* Create an RPC Client handle for the _connected_ socket sock, attaching
98 * the RPC program and version.
100 * returns a CLIENT on success, or NULL on error. The caller can
101 * call clnt_pcreateerror ("<string>") to output an error message from
104 SHIBTARGET_EXPORTS CLIENT * shibrpc_client_create (ShibSocket sock, u_long program, u_long version);
108 /* Create a new socket and put it into sock.
110 * Returns 0 on success, non-zero on error
112 SHIBTARGET_EXPORTS int shib_sock_create (ShibSocket *sock);
115 * bind the socket s to the "port" name.
117 * Returns 0 on success; non-zero on error.
119 * SIDE EFFECT: On error, the socket is closed!
121 SHIBTARGET_EXPORTS int shib_sock_bind (ShibSocket s, ShibSockName name);
124 * connect the socket s to the "port" name on the local host.
126 * Returns 0 on success; non-zero on error.
128 SHIBTARGET_EXPORTS int shib_sock_connect (ShibSocket s, ShibSockName name);
131 * accept a connection. Returns 0 on success, non-zero on failure.
133 SHIBTARGET_EXPORTS int shib_sock_accept (ShibSocket listener, ShibSocket* s);
138 SHIBTARGET_EXPORTS void shib_sock_close (ShibSocket s, ShibSockName name);
140 /* shib-target.cpp */
142 /* application names */
143 #define SHIBTARGET_GENERAL "general"
144 #define SHIBTARGET_SHAR "shar"
145 #define SHIBTARGET_SHIRE "shire"
146 #define SHIBTARGET_RM "rm"
147 #define SHIBTARGET_POLICIES "policies"
149 /* configuration tags */
150 #define SHIBTARGET_TAG_LOGGER "logger"
151 #define SHIBTARGET_TAG_SCHEMAS "schemadir"
152 #define SHIBTARGET_TAG_CERTFILE "certfile"
153 #define SHIBTARGET_TAG_KEYFILE "keyfile"
154 #define SHIBTARGET_TAG_KEYPASS "keypass"
155 #define SHIBTARGET_TAG_CALIST "calist"
157 #define SHIBTARGET_TAG_AATIMEOUT "AATimeout"
158 #define SHIBTARGET_TAG_AACONNECTTO "AAConnectTimeout"
159 #define SHIBTARGET_TAG_SAMLCOMPAT "SAMLCompat"
161 #define SHIBTARGET_TAG_METADATA "metadata"
163 #define SHIBTARGET_TAG_DEFAULTLIFE "defaultLife"
165 #define SHIBTARGET_TAG_CACHETYPE "cacheType"
166 #define SHIBTARGET_TAG_CACHECLEAN "cacheClean"
167 #define SHIBTARGET_TAG_CACHETIMEOUT "cacheTimeout"
169 #define SHIBTARGET_TAG_REQATTRS "requestAttributes"
171 /* initialize and finalize the target library (return 0 on success, 1 on failure) */
172 SHIBTARGET_EXPORTS int shib_target_initialize (const char* application, const char* ini_file);
173 SHIBTARGET_EXPORTS void shib_target_finalize (void);
175 /* access socket specifics from C code */
176 SHIBTARGET_EXPORTS ShibSockName shib_target_sockname(void);
177 SHIBTARGET_EXPORTS ShibSockName shib_target_sockacl(unsigned int index);
183 namespace shibtarget {
185 class SHIBTARGET_EXPORTS Resource
188 Resource(const char* resource_url);
189 Resource(std::string resource_url);
192 const char* getResource() const;
193 const char* getURL() const;
194 bool equals(Resource*) const;
195 saml::Iterator<saml::SAMLAttribute*> getDesignators() const;
198 ResourcePriv *m_priv;
201 class RPCHandleInternal;
202 class SHIBTARGET_EXPORTS RPCHandle
205 RPCHandle(ShibSockName shar, u_long program, u_long version);
208 CLIENT * connect(void); /* locks the HANDLE and returns the CLIENT */
209 void release(void); /* unlocks the HANDLE */
210 void disconnect(void); /* disconnects */
213 RPCHandleInternal *m_priv;
216 class SHIBTARGET_EXPORTS ShibTargetException : public std::exception
219 explicit ShibTargetException() { m_code = SHIBRPC_OK; }
220 explicit ShibTargetException(ShibRpcStatus code, const char* msg,
221 const XMLCh* origin = NULL)
222 { m_code = code; if (msg) m_msg=msg; if (origin) m_origin = origin; }
223 explicit ShibTargetException(ShibRpcStatus code, const std::string& msg,
224 const XMLCh* origin = NULL) : m_msg(msg)
225 { m_code=code; if(origin) m_origin = origin; }
226 virtual ~ShibTargetException() throw () {}
227 virtual const char* what() const throw () { return (m_msg.c_str()); }
228 virtual ShibRpcStatus which() const throw () { return (m_code); }
229 virtual const XMLCh* where() const throw () { return m_origin.c_str(); }
232 ShibRpcStatus m_code;
234 saml::xstring m_origin;
238 class SHIBTARGET_EXPORTS RPCError
241 RPCError() { init(0, "", NULL); }
242 RPCError(ShibRpcError* error);
243 RPCError(int s, char const* st, const XMLCh* orig = NULL) { init (s,st,orig); }
244 RPCError(ShibTargetException &exp) { init(exp.which(), exp.what(), exp.where()); }
250 // Return a set of strings that corresponds to the type, text, and desc
251 const char* getType();
252 const char* getText();
253 const char* getDesc();
254 std::string getOriginErrorURL();
255 std::string getOriginContactName();
256 std::string getOriginContactEmail();
260 void init(int stat, char const* msg, const XMLCh* origin);
261 RPCErrorPriv* m_priv;
264 class SHIBTARGET_EXPORTS SHIREConfig
273 class SHIBTARGET_EXPORTS SHIRE
276 SHIRE(RPCHandle *rpc, SHIREConfig config, std::string shire_url);
279 RPCError* sessionIsValid(const char* cookie, const char* ip, const char* url);
280 RPCError* sessionCreate(const char* post, const char* ip,
281 std::string &cookie);
286 class SHIBTARGET_EXPORTS RMConfig
293 class SHIBTARGET_EXPORTS RM
296 RM(RPCHandle *rpc, RMConfig config);
299 RPCError* getAssertions(const char* cookie, const char* ip,
301 std::vector<saml::SAMLAssertion*> &assertions,
302 saml::SAMLAuthenticationStatement **statement = NULL);
303 static void serialize(saml::SAMLAssertion &assertion, std::string &result);
304 static saml::Iterator<saml::SAMLAttribute*> getAttributes(saml::SAMLAssertion &assertion);
310 class SHIBTARGET_EXPORTS ShibINI {
312 ShibINI (std::string& file, bool case_sensitive = true) { init(file,case_sensitive); }
313 ShibINI (const char *file, bool case_sensitive = true) {
314 std::string f = file;
315 init(f, case_sensitive);
321 const std::string get (const std::string& header, const std::string& tag);
322 const std::string get (const char* header, const char* tag) {
323 std::string h = header, t = tag;
327 const std::string operator() (const std::string& header, const std::string& tag) {
328 return get(header,tag);
330 const std::string operator() (const char* header, const char* tag) {
331 std::string h = header, t = tag;
335 bool exists(const std::string& header);
336 bool exists(const std::string& header, const std::string& tag);
338 bool exists(const char* header) {
339 std::string s = header;
342 bool exists(const char* header, const char* tag) {
343 std::string h = header, t = tag;
347 // Special method to look for a tag in one header and maybe in the
348 // 'SHIBTARGET_GENERAL' header
349 bool get_tag(std::string& header, std::string& tag, bool try_general,
350 std::string* result);
352 bool get_tag(std::string& header, const char* tag, bool try_general,
353 std::string* result) {
355 return get_tag (header,t,try_general,result);
358 bool get_tag(const char* header, const char* tag, bool try_general,
359 std::string* result) {
360 std::string h = header, t = tag;
361 return get_tag (h,t,try_general,result);
364 // Dump out the inifile to the output stream
365 void dump(std::ostream& os);
369 // The begin() functions reset the iterator and return the first element
370 // (or 0 if there are no elements.)
371 // The next() functions return the next element, or 0 if there are no
375 // for (const foo* current = begin(); current; current = next()) {
379 // NOTE: Holding an Iterator will lock the INI file and cause it to
380 // stop updating itself. You should destroy the iterator as soon as
381 // you are done with it.
383 // ALSO NOTE: the string* returned from the Iterator is only valid
384 // while you hold the iterator. You should copy the de-reference
385 // of the pointer to your own copy if you want to keep the string.
387 class SHIBTARGET_EXPORTS Iterator {
389 virtual ~Iterator() {}
390 virtual const std::string* begin() = 0;
391 virtual const std::string* next() = 0;
394 Iterator* header_iterator();
395 Iterator* tag_iterator(const std::string& header);
397 static bool boolean(std::string& value);
401 void init(std::string& file, bool case_sensitive);
405 class SHIBTARGET_EXPORTS ShibMLP {
410 void insert (const std::string& key, const std::string& value);
411 void insert (const std::string& key, const char* value) {
412 std::string v = value;
415 void insert (const char* key, const std::string& value) {
419 void insert (const char* key, const char* value) {
420 std::string k = key, v = value;
423 void insert (RPCError& e);
425 void clear () { m_map.clear(); }
427 std::string run (std::istream& s) const;
428 std::string run (const std::string& input) const;
429 std::string run (const char* input) const {
430 std::string i = input;
436 std::map<std::string,std::string> m_map;
439 class SHIBTARGET_EXPORTS ShibTargetConfig
442 static void preinit();
443 static ShibTargetConfig& init(const char* app_name, const char* inifile);
444 static ShibTargetConfig& getConfig();
445 virtual void init() = 0;
446 virtual void shutdown() = 0;
447 virtual ~ShibTargetConfig() {}
448 virtual ShibINI& getINI() = 0;
449 virtual saml::Iterator<const XMLCh*> getPolicies() = 0;
455 #endif /* SHIB_TARGET_H */