2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * Base64AttributeDecoder.cpp
24 * Decodes SAML containing base64-encoded values into SimpleAttributes.
28 #include "attribute/AttributeDecoder.h"
29 #include "attribute/SimpleAttribute.h"
31 #include <saml/saml1/core/Assertions.h>
32 #include <saml/saml2/core/Assertions.h>
34 #include <xercesc/util/Base64.hpp>
36 using namespace shibsp;
37 using namespace opensaml::saml1;
38 using namespace opensaml::saml2;
39 using namespace xmltooling::logging;
40 using namespace xmltooling;
44 class SHIBSP_DLLLOCAL Base64AttributeDecoder : virtual public AttributeDecoder
47 Base64AttributeDecoder(const DOMElement* e) : AttributeDecoder(e) {}
48 ~Base64AttributeDecoder() {}
50 shibsp::Attribute* decode(
51 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=nullptr, const char* relyingParty=nullptr
55 AttributeDecoder* SHIBSP_DLLLOCAL Base64AttributeDecoderFactory(const DOMElement* const & e)
57 return new Base64AttributeDecoder(e);
61 shibsp::Attribute* Base64AttributeDecoder::decode(
62 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
65 auto_ptr<SimpleAttribute> simple(new SimpleAttribute(ids));
66 vector<string>& dest = simple->getValues();
67 vector<XMLObject*>::const_iterator v,stop;
69 Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.Base64");
71 if (xmlObject && XMLString::equals(opensaml::saml1::Attribute::LOCAL_NAME,xmlObject->getElementQName().getLocalPart())) {
72 const opensaml::saml2::Attribute* saml2attr = dynamic_cast<const opensaml::saml2::Attribute*>(xmlObject);
74 const vector<XMLObject*>& values = saml2attr->getAttributeValues();
77 if (log.isDebugEnabled()) {
78 auto_ptr_char n(saml2attr->getName());
80 "decoding SimpleAttribute (%s) from SAML 2 Attribute (%s) with %lu base64-encoded value(s)",
81 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
86 const opensaml::saml1::Attribute* saml1attr = dynamic_cast<const opensaml::saml1::Attribute*>(xmlObject);
88 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
91 if (log.isDebugEnabled()) {
92 auto_ptr_char n(saml1attr->getAttributeName());
94 "decoding SimpleAttribute (%s) from SAML 1 Attribute (%s) with %lu base64-encoded value(s)",
95 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
100 log.warn("XMLObject type not recognized by Base64AttributeDecoder, no values returned");
105 for (; v!=stop; ++v) {
106 if (!(*v)->hasChildren()) {
107 auto_ptr_char val((*v)->getTextContent());
108 if (val.get() && *val.get()) {
110 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
112 dest.push_back(reinterpret_cast<char*>(decoded));
113 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
114 XMLString::release(&decoded);
116 XMLString::release((char**)&decoded);
120 log.warn("skipping AttributeValue, unable to base64-decode");
124 log.warn("skipping empty AttributeValue");
127 log.warn("skipping complex AttributeValue");
131 return dest.empty() ? nullptr : _decode(simple.release());
134 const NameID* saml2name = dynamic_cast<const NameID*>(xmlObject);
136 if (log.isDebugEnabled()) {
137 auto_ptr_char f(saml2name->getFormat());
138 log.debug("decoding SimpleAttribute (%s) from SAML 2 NameID with Format (%s)", ids.front().c_str(), f.get() ? f.get() : "unspecified");
140 auto_ptr_char val(saml2name->getName());
141 if (val.get() && *val.get()) {
143 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
145 dest.push_back(reinterpret_cast<char*>(decoded));
146 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
147 XMLString::release(&decoded);
149 XMLString::release((char**)&decoded);
153 log.warn("ignoring NameID, unable to base64-decode");
157 log.warn("ignoring empty NameID");
160 const NameIdentifier* saml1name = dynamic_cast<const NameIdentifier*>(xmlObject);
162 if (log.isDebugEnabled()) {
163 auto_ptr_char f(saml1name->getFormat());
165 "decoding SimpleAttribute (%s) from SAML 1 NameIdentifier with Format (%s)",
166 ids.front().c_str(), f.get() ? f.get() : "unspecified"
169 auto_ptr_char val(saml1name->getName());
170 if (val.get() && *val.get()) {
172 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
174 dest.push_back(reinterpret_cast<char*>(decoded));
175 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
176 XMLString::release(&decoded);
178 XMLString::release((char**)&decoded);
182 log.warn("ignoring NameIdentifier, unable to base64-decode");
186 log.warn("ignoring empty NameIdentifier");
189 log.warn("XMLObject type not recognized by Base64AttributeDecoder, no values returned");
194 return dest.empty() ? nullptr : _decode(simple.release());