2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
24 * Interface to a Shibboleth Application instance.
28 #include "Application.h"
29 #include "SPRequest.h"
30 #include "ServiceProvider.h"
31 #include "attribute/Attribute.h"
32 #include "remoting/ListenerService.h"
35 #include <boost/bind.hpp>
36 #include <xmltooling/util/Threads.h>
38 using namespace shibsp;
39 using namespace xmltooling;
40 using namespace boost;
43 Application::Application(const ServiceProvider* sp) : m_sp(sp), m_lock(RWLock::create())
47 Application::~Application()
52 const ServiceProvider& Application::getServiceProvider() const
57 const char* Application::getId() const
59 pair<bool,const char*> ret = getString("id");
60 return ret.first ? ret.second : "default";
63 pair<string,const char*> Application::getCookieNameProps(const char* prefix, time_t* lifetime) const
65 static const char* defProps="; path=/; HttpOnly";
66 static const char* sslProps="; path=/; secure; HttpOnly";
72 const PropertySet* props = getPropertySet("Sessions");
75 pair<bool,unsigned int> lt = props->getUnsignedInt("cookieLifetime");
77 *lifetime = lt.second;
79 pair<bool,const char*> p = props->getString("cookieProps");
80 if (!p.first || !strcmp(p.second, "http"))
82 else if (!strcmp(p.second, "https"))
84 pair<bool,const char*> p2 = props->getString("cookieName");
86 return make_pair(string(prefix) + p2.second, p.second);
87 return make_pair(string(prefix) + getHash(), p.second);
90 // Shouldn't happen, but just in case..
91 return pair<string,const char*>(prefix, defProps);
94 void Application::clearHeader(SPRequest& request, const char* rawname, const char* cginame) const
96 request.clearHeader(rawname, cginame);
99 void Application::setHeader(SPRequest& request, const char* name, const char* value) const
101 request.setHeader(name, value);
104 string Application::getSecureHeader(const SPRequest& request, const char* name) const
106 return request.getSecureHeader(name);
109 void Application::clearAttributeHeaders(SPRequest& request) const
111 if (SPConfig::getConfig().isEnabled(SPConfig::OutOfProcess)) {
113 m_unsetHeaders.begin(), m_unsetHeaders.end(),
115 &SPRequest::clearHeader,
117 boost::bind(&string::c_str, boost::bind(&pair<string,string>::first, _1)),
118 boost::bind(&string::c_str, boost::bind(&pair<string,string>::second, _1))
125 if (m_unsetHeaders.empty()) {
126 // No headers yet, so we have to request them from the remote half.
129 if (m_unsetHeaders.empty()) {
130 SharedLock wrlock(m_lock, false);
131 string addr=string(getId()) + "::getHeaders::Application";
132 DDF out,in = DDF(addr.c_str());
133 DDFJanitor jin(in),jout(out);
134 out = getServiceProvider().getListenerService()->send(in);
136 DDF header = out.first();
137 while (header.name() && header.isstring()) {
138 m_unsetHeaders.push_back(pair<string,string>(header.name(),header.string()));
149 // Now holding read lock.
150 SharedLock unsetLock(m_lock, false);
152 m_unsetHeaders.begin(), m_unsetHeaders.end(),
154 &SPRequest::clearHeader,
156 boost::bind(&string::c_str, boost::bind(&pair<string,string>::first, _1)),
157 boost::bind(&string::c_str, boost::bind(&pair<string,string>::second, _1))
162 const Handler* Application::getAssertionConsumerServiceByProtocol(const XMLCh* protocol, const char* binding) const
164 auto_ptr_XMLCh b(binding);
165 const vector<const Handler*>& handlers = getAssertionConsumerServicesByBinding(b.get());
166 return handlers.empty() ? nullptr : handlers.front();
169 void Application::limitRedirect(const GenericRequest& request, const char* url) const