2 * Copyright 2001-2010 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * NameIDAttributeDecoder.cpp
20 * Decodes SAML into NameIDAttributes.
24 #include "attribute/AttributeDecoder.h"
25 #include "attribute/NameIDAttribute.h"
27 #include <saml/saml1/core/Assertions.h>
28 #include <saml/saml2/core/Assertions.h>
30 using namespace shibsp;
31 using namespace opensaml::saml1;
32 using namespace opensaml::saml2;
33 using namespace xmltooling;
37 static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
38 static const XMLCh defaultQualifiers[] = UNICODE_LITERAL_17(d,e,f,a,u,l,t,Q,u,a,l,i,f,i,e,r,s);
40 class SHIBSP_DLLLOCAL NameIDAttributeDecoder : virtual public AttributeDecoder
43 NameIDAttributeDecoder(const DOMElement* e)
44 : AttributeDecoder(e),
45 m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)),
46 m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) {
48 ~NameIDAttributeDecoder() {}
50 shibsp::Attribute* decode(
51 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=nullptr, const char* relyingParty=nullptr
56 const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
59 const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
62 bool m_defaultQualifiers;
65 AttributeDecoder* SHIBSP_DLLLOCAL NameIDAttributeDecoderFactory(const DOMElement* const & e)
67 return new NameIDAttributeDecoder(e);
71 shibsp::Attribute* NameIDAttributeDecoder::decode(
72 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
75 auto_ptr<NameIDAttribute> nameid(
76 new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
78 vector<NameIDAttribute::Value>& dest = nameid->getValues();
79 vector<XMLObject*>::const_iterator v,stop;
81 Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.NameID");
83 if (xmlObject && XMLString::equals(opensaml::saml1::Attribute::LOCAL_NAME,xmlObject->getElementQName().getLocalPart())) {
84 const opensaml::saml2::Attribute* saml2attr = dynamic_cast<const opensaml::saml2::Attribute*>(xmlObject);
86 const vector<XMLObject*>& values = saml2attr->getAttributeValues();
89 if (log.isDebugEnabled()) {
90 auto_ptr_char n(saml2attr->getName());
92 "decoding NameIDAttribute (%s) from SAML 2 Attribute (%s) with %lu value(s)",
93 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
98 const opensaml::saml1::Attribute* saml1attr = dynamic_cast<const opensaml::saml1::Attribute*>(xmlObject);
100 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
103 if (log.isDebugEnabled()) {
104 auto_ptr_char n(saml1attr->getAttributeName());
106 "decoding NameIDAttribute (%s) from SAML 1 Attribute (%s) with %lu value(s)",
107 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
112 log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
117 for (; v!=stop; ++v) {
118 const NameIDType* n2 = dynamic_cast<const NameIDType*>(*v);
120 log.debug("decoding AttributeValue element of saml2:NameIDType type");
121 extract(n2, dest, assertingParty, relyingParty);
124 const NameIdentifier* n1=dynamic_cast<const NameIdentifier*>(*v);
126 log.debug("decoding AttributeValue element of saml1:NameIdentifier type");
127 extract(n1, dest, assertingParty, relyingParty);
129 else if ((*v)->hasChildren()) {
130 const list<XMLObject*>& values = (*v)->getOrderedChildren();
131 for (list<XMLObject*>::const_iterator vv = values.begin(); vv!=values.end(); ++vv) {
132 if (n2=dynamic_cast<const NameIDType*>(*vv)) {
133 log.debug("decoding saml2:NameID child element of AttributeValue");
134 extract(n2, dest, assertingParty, relyingParty);
136 else if (n1=dynamic_cast<const NameIdentifier*>(*vv)) {
137 log.debug("decoding saml1:NameIdentifier child element of AttributeValue");
138 extract(n1, dest, assertingParty, relyingParty);
141 log.warn("skipping AttributeValue child element not recognizable as NameID/NameIdentifier");
146 log.warn("AttributeValue was not of a supported type and contains no child elements");
151 return dest.empty() ? nullptr : _decode(nameid.release());
154 const NameIDType* saml2name = dynamic_cast<const NameIDType*>(xmlObject);
156 if (log.isDebugEnabled()) {
157 auto_ptr_char f(saml2name->getFormat());
158 log.debug("decoding NameIDAttribute (%s) from SAML 2 NameID with Format (%s)", ids.front().c_str(), f.get() ? f.get() : "unspecified");
160 extract(saml2name, dest, assertingParty, relyingParty);
163 const NameIdentifier* saml1name = dynamic_cast<const NameIdentifier*>(xmlObject);
165 if (log.isDebugEnabled()) {
166 auto_ptr_char f(saml1name->getFormat());
168 "decoding NameIDAttribute (%s) from SAML 1 NameIdentifier with Format (%s)",
169 ids.front().c_str(), f.get() ? f.get() : "unspecified"
172 extract(saml1name, dest, assertingParty, relyingParty);
175 log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
180 return dest.empty() ? nullptr : _decode(nameid.release());
183 void NameIDAttributeDecoder::extract(
184 const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
187 auto_arrayptr<char> name(toUTF8(n->getName()));
188 if (name.get() && *name.get()) {
189 dest.push_back(NameIDAttribute::Value());
190 NameIDAttribute::Value& val = dest.back();
191 val.m_Name = name.get();
192 char* str = toUTF8(n->getFormat());
198 str = toUTF8(n->getNameQualifier());
200 val.m_NameQualifier = str;
201 else if (m_defaultQualifiers && assertingParty)
202 val.m_NameQualifier = assertingParty;
205 str = toUTF8(n->getSPNameQualifier());
207 val.m_SPNameQualifier = str;
208 else if (m_defaultQualifiers && relyingParty)
209 val.m_SPNameQualifier = relyingParty;
212 str = toUTF8(n->getSPProvidedID());
214 val.m_SPProvidedID = str;
220 void NameIDAttributeDecoder::extract(
221 const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
224 auto_arrayptr<char> name(toUTF8(n->getName()));
225 if (name.get() && *name.get()) {
226 dest.push_back(NameIDAttribute::Value());
227 NameIDAttribute::Value& val = dest.back();
228 val.m_Name = name.get();
229 char* str = toUTF8(n->getFormat());
235 str = toUTF8(n->getNameQualifier());
237 val.m_NameQualifier = str;
238 else if (m_defaultQualifiers && assertingParty)
239 val.m_NameQualifier = assertingParty;
242 if (m_defaultQualifiers && relyingParty)
243 val.m_SPNameQualifier = relyingParty;