2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * AttributeValueRegexFunctor.cpp
24 * A match function that evaluates an attribute's value against the provided
29 #include "exceptions.h"
30 #include "attribute/Attribute.h"
31 #include "attribute/filtering/FilteringContext.h"
32 #include "attribute/filtering/FilterPolicyContext.h"
33 #include "attribute/filtering/MatchFunctor.h"
35 #include <boost/scoped_ptr.hpp>
36 #include <xmltooling/util/XMLHelper.h>
37 #include <xercesc/util/regx/RegularExpression.hpp>
39 using namespace shibsp;
40 using namespace xmltooling;
41 using namespace boost;
46 static const XMLCh attributeID[] = UNICODE_LITERAL_11(a,t,t,r,i,b,u,t,e,I,D);
47 static const XMLCh options[] = UNICODE_LITERAL_7(o,p,t,i,o,n,s);
48 static const XMLCh regex[] = UNICODE_LITERAL_5(r,e,g,e,x);
51 * A match function that evaluates an attribute's value against the provided regular expression.
53 class SHIBSP_DLLLOCAL AttributeValueRegexFunctor : public MatchFunctor
56 scoped_ptr<RegularExpression> m_regex;
58 bool hasValue(const FilteringContext& filterContext) const;
59 bool matches(const Attribute& attribute, size_t index) const;
62 AttributeValueRegexFunctor(const DOMElement* e)
63 : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)) {
64 const XMLCh* r = e ? e->getAttributeNS(nullptr, regex) : nullptr;
66 throw ConfigurationException("AttributeValueRegex MatchFunctor requires non-empty regex attribute.");
68 m_regex.reset(new RegularExpression(r, e->getAttributeNS(nullptr, options)));
70 catch (XMLException& ex) {
71 xmltooling::auto_ptr_char temp(ex.getMessage());
72 throw ConfigurationException(temp.get());
76 virtual ~AttributeValueRegexFunctor() {}
78 bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
79 if (m_attributeID.empty())
80 throw AttributeFilteringException("No attributeID specified.");
81 return hasValue(filterContext);
84 bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
85 if (m_attributeID.empty() || m_attributeID == attribute.getId())
86 return matches(attribute, index);
87 return hasValue(filterContext);
91 MatchFunctor* SHIBSP_DLLLOCAL AttributeValueRegexFactory(const pair<const FilterPolicyContext*,const DOMElement*>& p)
93 return new AttributeValueRegexFunctor(p.second);
98 bool AttributeValueRegexFunctor::hasValue(const FilteringContext& filterContext) const
101 pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
102 filterContext.getAttributes().equal_range(m_attributeID);
103 for (; attrs.first != attrs.second; ++attrs.first) {
104 count = attrs.first->second->valueCount();
105 for (size_t index = 0; index < count; ++index) {
106 if (matches(*(attrs.first->second), index))
113 bool AttributeValueRegexFunctor::matches(const Attribute& attribute, size_t index) const
115 const char* val = attribute.getString(index);
118 auto_arrayptr<XMLCh> temp(fromUTF8(val));
119 return m_regex->matches(temp.get());