2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * NameIDAttributeDecoder.cpp
24 * Decodes SAML into NameIDAttributes.
28 #include "attribute/AttributeDecoder.h"
29 #include "attribute/NameIDAttribute.h"
31 #include <saml/saml1/core/Assertions.h>
32 #include <saml/saml2/core/Assertions.h>
34 using namespace shibsp;
35 using namespace opensaml::saml1;
36 using namespace opensaml::saml2;
37 using namespace xmltooling;
41 static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
42 static const XMLCh defaultQualifiers[] = UNICODE_LITERAL_17(d,e,f,a,u,l,t,Q,u,a,l,i,f,i,e,r,s);
44 class SHIBSP_DLLLOCAL NameIDAttributeDecoder : virtual public AttributeDecoder
47 NameIDAttributeDecoder(const DOMElement* e)
48 : AttributeDecoder(e),
49 m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)),
50 m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) {
52 ~NameIDAttributeDecoder() {}
55 shibsp::Attribute* decode(
56 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=nullptr, const char* relyingParty=nullptr
58 return decode(nullptr, ids, xmlObject, assertingParty, relyingParty);
61 shibsp::Attribute* decode(
62 const GenericRequest*, const vector<string>&, const XMLObject*, const char* assertingParty=nullptr, const char* relyingParty=nullptr
67 const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
70 const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
73 bool m_defaultQualifiers;
76 AttributeDecoder* SHIBSP_DLLLOCAL NameIDAttributeDecoderFactory(const DOMElement* const & e)
78 return new NameIDAttributeDecoder(e);
82 shibsp::Attribute* NameIDAttributeDecoder::decode(
83 const GenericRequest*, const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
86 auto_ptr<NameIDAttribute> nameid(
87 new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER, m_hashAlg.c_str())
89 vector<NameIDAttribute::Value>& dest = nameid->getValues();
90 vector<XMLObject*>::const_iterator v,stop;
92 Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.NameID");
94 if (xmlObject && XMLString::equals(opensaml::saml1::Attribute::LOCAL_NAME,xmlObject->getElementQName().getLocalPart())) {
95 const opensaml::saml2::Attribute* saml2attr = dynamic_cast<const opensaml::saml2::Attribute*>(xmlObject);
97 const vector<XMLObject*>& values = saml2attr->getAttributeValues();
100 if (log.isDebugEnabled()) {
101 auto_ptr_char n(saml2attr->getName());
103 "decoding NameIDAttribute (%s) from SAML 2 Attribute (%s) with %lu value(s)",
104 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
109 const opensaml::saml1::Attribute* saml1attr = dynamic_cast<const opensaml::saml1::Attribute*>(xmlObject);
111 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
114 if (log.isDebugEnabled()) {
115 auto_ptr_char n(saml1attr->getAttributeName());
117 "decoding NameIDAttribute (%s) from SAML 1 Attribute (%s) with %lu value(s)",
118 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
123 log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
128 for (; v != stop; ++v) {
129 const NameIDType* n2 = dynamic_cast<const NameIDType*>(*v);
131 log.debug("decoding AttributeValue element of saml2:NameIDType type");
132 extract(n2, dest, assertingParty, relyingParty);
135 const NameIdentifier* n1=dynamic_cast<const NameIdentifier*>(*v);
137 log.debug("decoding AttributeValue element of saml1:NameIdentifier type");
138 extract(n1, dest, assertingParty, relyingParty);
140 else if ((*v)->hasChildren()) {
141 const list<XMLObject*>& values = (*v)->getOrderedChildren();
142 for (list<XMLObject*>::const_iterator vv = values.begin(); vv!=values.end(); ++vv) {
143 if (n2=dynamic_cast<const NameIDType*>(*vv)) {
144 log.debug("decoding saml2:NameID child element of AttributeValue");
145 extract(n2, dest, assertingParty, relyingParty);
147 else if (n1=dynamic_cast<const NameIdentifier*>(*vv)) {
148 log.debug("decoding saml1:NameIdentifier child element of AttributeValue");
149 extract(n1, dest, assertingParty, relyingParty);
152 log.warn("skipping AttributeValue child element not recognizable as NameID/NameIdentifier");
157 log.warn("AttributeValue was not of a supported type and contains no child elements");
162 return dest.empty() ? nullptr : nameid.release();
165 const NameIDType* saml2name = dynamic_cast<const NameIDType*>(xmlObject);
167 if (log.isDebugEnabled()) {
168 auto_ptr_char f(saml2name->getFormat());
169 log.debug("decoding NameIDAttribute (%s) from SAML 2 NameID with Format (%s)", ids.front().c_str(), f.get() ? f.get() : "unspecified");
171 extract(saml2name, dest, assertingParty, relyingParty);
174 const NameIdentifier* saml1name = dynamic_cast<const NameIdentifier*>(xmlObject);
176 if (log.isDebugEnabled()) {
177 auto_ptr_char f(saml1name->getFormat());
179 "decoding NameIDAttribute (%s) from SAML 1 NameIdentifier with Format (%s)",
180 ids.front().c_str(), f.get() ? f.get() : "unspecified"
183 extract(saml1name, dest, assertingParty, relyingParty);
186 log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
191 return dest.empty() ? nullptr : nameid.release();
194 void NameIDAttributeDecoder::extract(
195 const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
198 auto_arrayptr<char> name(toUTF8(n->getName()));
199 if (name.get() && *name.get()) {
200 dest.push_back(NameIDAttribute::Value());
201 NameIDAttribute::Value& val = dest.back();
202 val.m_Name = name.get();
204 auto_arrayptr<char> format(toUTF8(n->getFormat()));
206 val.m_Format = format.get();
208 auto_arrayptr<char> nameQualifier(toUTF8(n->getNameQualifier()));
209 if (nameQualifier.get() && *nameQualifier.get())
210 val.m_NameQualifier = nameQualifier.get();
211 else if (m_defaultQualifiers && assertingParty)
212 val.m_NameQualifier = assertingParty;
214 auto_arrayptr<char> spNameQualifier(toUTF8(n->getSPNameQualifier()));
215 if (spNameQualifier.get() && *spNameQualifier.get())
216 val.m_SPNameQualifier = spNameQualifier.get();
217 else if (m_defaultQualifiers && relyingParty)
218 val.m_SPNameQualifier = relyingParty;
220 auto_arrayptr<char> spProvidedID(toUTF8(n->getSPProvidedID()));
221 if (spProvidedID.get())
222 val.m_SPProvidedID = spProvidedID.get();
226 void NameIDAttributeDecoder::extract(
227 const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
230 auto_arrayptr<char> name(toUTF8(n->getName()));
231 if (name.get() && *name.get()) {
232 dest.push_back(NameIDAttribute::Value());
233 NameIDAttribute::Value& val = dest.back();
234 val.m_Name = name.get();
236 auto_arrayptr<char> format(toUTF8(n->getFormat()));
238 val.m_Format = format.get();
240 auto_arrayptr<char> nameQualifier(toUTF8(n->getNameQualifier()));
241 if (nameQualifier.get() && *nameQualifier.get())
242 val.m_NameQualifier = nameQualifier.get();
243 else if (m_defaultQualifiers && assertingParty)
244 val.m_NameQualifier = assertingParty;
246 if (m_defaultQualifiers && relyingParty)
247 val.m_SPNameQualifier = relyingParty;