2 * Copyright 2009 Internet2
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
18 * KeyInfoAttributeDecoder.cpp
\r
20 * Decodes KeyInfo information into a SimpleAttribute.
\r
23 #include "internal.h"
\r
24 #include "attribute/AttributeDecoder.h"
\r
25 #include "attribute/SimpleAttribute.h"
\r
27 #include <saml/saml1/core/Assertions.h>
\r
28 #include <saml/saml2/core/Assertions.h>
\r
29 #include <xmltooling/security/SecurityHelper.h>
\r
30 #include <xmltooling/signature/KeyInfo.h>
\r
32 using namespace shibsp;
\r
33 using namespace opensaml;
\r
34 using namespace xmlsignature;
\r
35 using namespace xmltooling;
\r
36 using namespace std;
\r
39 class SHIBSP_DLLLOCAL KeyInfoAttributeDecoder : virtual public AttributeDecoder
\r
42 KeyInfoAttributeDecoder(const DOMElement* e);
\r
43 ~KeyInfoAttributeDecoder() {
\r
44 delete m_keyInfoResolver;
\r
48 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=NULL, const char* relyingParty=NULL
\r
52 void extract(const KeyInfo* k, vector<string>& dest) const {
\r
53 auto_ptr<Credential> cred (getKeyInfoResolver()->resolve(k, Credential::RESOLVE_KEYS));
\r
55 dest.push_back(string());
\r
56 dest.back() = SecurityHelper::getDEREncoding(*cred.get(), m_hash);
\r
57 if (dest.back().empty())
\r
62 const KeyInfoResolver* getKeyInfoResolver() const {
\r
63 return m_keyInfoResolver ? m_keyInfoResolver : XMLToolingConfig::getConfig().getKeyInfoResolver();
\r
67 KeyInfoResolver* m_keyInfoResolver;
\r
70 AttributeDecoder* SHIBSP_DLLLOCAL KeyInfoAttributeDecoderFactory(const DOMElement* const & e)
\r
72 return new KeyInfoAttributeDecoder(e);
\r
75 static const XMLCh _KeyInfoResolver[] = UNICODE_LITERAL_15(K,e,y,I,n,f,o,R,e,s,o,l,v,e,r);
\r
76 static const XMLCh _hash[] = UNICODE_LITERAL_4(h,a,s,h);
\r
77 static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e);
\r
80 KeyInfoAttributeDecoder::KeyInfoAttributeDecoder(const DOMElement* e) : AttributeDecoder(e), m_hash(false), m_keyInfoResolver(NULL) {
\r
81 const XMLCh* flag = e ? e->getAttributeNS(NULL, _hash) : NULL;
\r
82 m_hash = (flag && (*flag == chLatin_t || *flag == chDigit_1));
\r
83 e = e ? XMLHelper::getFirstChildElement(e,_KeyInfoResolver) : NULL;
\r
85 auto_ptr_char t(e->getAttributeNS(NULL, _type));
\r
86 if (t.get() && *t.get())
\r
87 m_keyInfoResolver = XMLToolingConfig::getConfig().KeyInfoResolverManager.newPlugin(t.get(), e);
\r
89 throw UnknownExtensionException("<KeyInfoResolver> element found with no type attribute");
\r
93 Attribute* KeyInfoAttributeDecoder::decode(
\r
94 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
\r
97 Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.KeyInfo");
\r
99 if (!xmlObject || !XMLString::equals(saml1::Attribute::LOCAL_NAME, xmlObject->getElementQName().getLocalPart())) {
\r
100 log.warn("XMLObject type not recognized by KeyInfoAttributeDecoder, no values returned");
\r
104 auto_ptr<SimpleAttribute> attr(new SimpleAttribute(ids));
\r
105 vector<string>& dest = attr->getValues();
\r
106 vector<XMLObject*>::const_iterator v,stop;
\r
108 const saml2::Attribute* saml2attr = dynamic_cast<const saml2::Attribute*>(xmlObject);
\r
110 const vector<XMLObject*>& values = saml2attr->getAttributeValues();
\r
111 v = values.begin();
\r
112 stop = values.end();
\r
113 if (log.isDebugEnabled()) {
\r
114 auto_ptr_char n(saml2attr->getName());
\r
116 "decoding KeyInfo information (%s) from SAML 2 Attribute (%s) with %lu value(s)",
\r
117 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
\r
122 const saml1::Attribute* saml1attr = dynamic_cast<const saml1::Attribute*>(xmlObject);
\r
124 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
\r
125 v = values.begin();
\r
126 stop = values.end();
\r
127 if (log.isDebugEnabled()) {
\r
128 auto_ptr_char n(saml1attr->getAttributeName());
\r
130 "decoding KeyInfo information (%s) from SAML 1 Attribute (%s) with %lu value(s)",
\r
131 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
\r
136 log.warn("XMLObject type not recognized by KeyInfoAttributeDecoder, no values returned");
\r
141 for (; v!=stop; ++v) {
\r
142 const KeyInfo* k = dynamic_cast<const KeyInfo*>(*v);
\r
145 else if ((*v)->hasChildren()) {
\r
146 const list<XMLObject*>& children = (*v)->getOrderedChildren();
\r
147 for (list<XMLObject*>::const_iterator vv = children.begin(); vv!=children.end(); ++vv) {
\r
148 if (k=dynamic_cast<const KeyInfo*>(*vv))
\r
151 log.warn("skipping AttributeValue without a recognizable KeyInfo");
\r
156 return dest.empty() ? NULL : _decode(attr.release());
\r