2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * ChainingAttributeResolver.cpp
20 * Chains together multiple AttributeResolver plugins.
24 #include "Application.h"
25 #include "ServiceProvider.h"
26 #include "attribute/Attribute.h"
27 #include "attribute/resolver/AttributeResolver.h"
28 #include "attribute/resolver/ResolutionContext.h"
30 #include <saml/Assertion.h>
31 #include <xercesc/util/XMLUniDefs.hpp>
32 #include <xmltooling/util/XMLHelper.h>
34 using namespace shibsp;
35 using namespace opensaml::saml2;
36 using namespace opensaml::saml2md;
37 using namespace xmltooling;
42 struct SHIBSP_DLLLOCAL ChainingContext : public ResolutionContext
45 const Application& application,
46 const EntityDescriptor* issuer,
47 const XMLCh* protocol,
49 const XMLCh* authncontext_class,
50 const XMLCh* authncontext_decl,
51 const vector<const opensaml::Assertion*>* tokens,
52 const vector<shibsp::Attribute*>* attributes
53 ) : m_app(application), m_issuer(issuer), m_protocol(protocol), m_nameid(nameid), m_authclass(authncontext_class), m_authdecl(authncontext_decl), m_session(NULL) {
55 m_tokens.assign(tokens->begin(), tokens->end());
57 m_attributes.assign(attributes->begin(), attributes->end());
60 ChainingContext(const Application& application, const Session& session) : m_app(application), m_session(&session) {
64 for_each(m_ownedAttributes.begin(), m_ownedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
65 for_each(m_ownedAssertions.begin(), m_ownedAssertions.end(), xmltooling::cleanup<opensaml::Assertion>());
68 vector<shibsp::Attribute*>& getResolvedAttributes() {
69 return m_ownedAttributes;
71 vector<opensaml::Assertion*>& getResolvedAssertions() {
72 return m_ownedAssertions;
75 vector<shibsp::Attribute*> m_ownedAttributes;
76 vector<opensaml::Assertion*> m_ownedAssertions;
78 const Application& m_app;
79 const EntityDescriptor* m_issuer;
80 const XMLCh* m_protocol;
81 const NameID* m_nameid;
82 const XMLCh* m_authclass;
83 const XMLCh* m_authdecl;
84 vector<const opensaml::Assertion*> m_tokens;
85 vector<shibsp::Attribute*> m_attributes;
87 const Session* m_session;
90 class SHIBSP_DLLLOCAL ChainingAttributeResolver : public AttributeResolver
93 ChainingAttributeResolver(const DOMElement* e);
94 virtual ~ChainingAttributeResolver() {
95 for_each(m_resolvers.begin(), m_resolvers.end(), xmltooling::cleanup<AttributeResolver>());
104 ResolutionContext* createResolutionContext(
105 const Application& application,
106 const EntityDescriptor* issuer,
107 const XMLCh* protocol,
108 const NameID* nameid=NULL,
109 const XMLCh* authncontext_class=NULL,
110 const XMLCh* authncontext_decl=NULL,
111 const vector<const opensaml::Assertion*>* tokens=NULL,
112 const vector<shibsp::Attribute*>* attributes=NULL
114 return new ChainingContext(application, issuer, protocol, nameid, authncontext_class, authncontext_decl, tokens, attributes);
117 ResolutionContext* createResolutionContext(const Application& application, const Session& session) const {
118 return new ChainingContext(application, session);
121 void resolveAttributes(ResolutionContext& ctx) const;
123 void getAttributeIds(vector<string>& attributes) const {
124 for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i) {
126 (*i)->getAttributeIds(attributes);
131 vector<AttributeResolver*> m_resolvers;
134 static const XMLCh _AttributeResolver[] = UNICODE_LITERAL_17(A,t,t,r,i,b,u,t,e,R,e,s,o,l,v,e,r);
135 static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e);
137 SHIBSP_DLLLOCAL PluginManager<AttributeResolver,string,const DOMElement*>::Factory QueryResolverFactory;
138 SHIBSP_DLLLOCAL PluginManager<AttributeResolver,string,const DOMElement*>::Factory SimpleAggregationResolverFactory;
140 AttributeResolver* SHIBSP_DLLLOCAL ChainingResolverFactory(const DOMElement* const & e)
142 return new ChainingAttributeResolver(e);
146 void SHIBSP_API shibsp::registerAttributeResolvers()
148 SPConfig::getConfig().AttributeResolverManager.registerFactory(QUERY_ATTRIBUTE_RESOLVER, QueryResolverFactory);
149 SPConfig::getConfig().AttributeResolverManager.registerFactory(SIMPLEAGGREGATION_ATTRIBUTE_RESOLVER, SimpleAggregationResolverFactory);
150 SPConfig::getConfig().AttributeResolverManager.registerFactory(CHAINING_ATTRIBUTE_RESOLVER, ChainingResolverFactory);
153 ResolutionContext::ResolutionContext()
157 ResolutionContext::~ResolutionContext()
161 AttributeResolver::AttributeResolver()
165 AttributeResolver::~AttributeResolver()
169 ChainingAttributeResolver::ChainingAttributeResolver(const DOMElement* e)
171 SPConfig& conf = SPConfig::getConfig();
173 // Load up the chain of handlers.
174 e = e ? XMLHelper::getFirstChildElement(e, _AttributeResolver) : NULL;
176 auto_ptr_char type(e->getAttributeNS(NULL,_type));
177 if (type.get() && *(type.get())) {
179 m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(type.get(),e));
181 catch (exception& ex) {
182 Category::getInstance(SHIBSP_LOGCAT".AttributeResolver.Chaining").error(
183 "caught exception processing embedded AttributeResolver element: %s", ex.what()
187 e = XMLHelper::getNextSiblingElement(e, _AttributeResolver);
191 void ChainingAttributeResolver::resolveAttributes(ResolutionContext& ctx) const
193 ChainingContext& chain = dynamic_cast<ChainingContext&>(ctx);
194 for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i) {
196 auto_ptr<ResolutionContext> context(
198 (*i)->createResolutionContext(chain.m_app, *chain.m_session) :
199 (*i)->createResolutionContext(
200 chain.m_app, chain.m_issuer, chain.m_protocol, chain.m_nameid, chain.m_authclass, chain.m_authdecl, &chain.m_tokens, &chain.m_attributes
204 (*i)->resolveAttributes(*context.get());
206 chain.m_attributes.insert(chain.m_attributes.end(), context->getResolvedAttributes().begin(), context->getResolvedAttributes().end());
207 chain.m_ownedAttributes.insert(chain.m_ownedAttributes.end(), context->getResolvedAttributes().begin(), context->getResolvedAttributes().end());
208 context->getResolvedAttributes().clear();
210 chain.m_tokens.insert(chain.m_tokens.end(), context->getResolvedAssertions().begin(), context->getResolvedAssertions().end());
211 chain.m_ownedAssertions.insert(chain.m_ownedAssertions.end(), context->getResolvedAssertions().begin(), context->getResolvedAssertions().end());
212 context->getResolvedAssertions().clear();