-/*
- * Copyright 2001-2009 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
- const saml2md::MetadataProvider* metadataProvider=NULL,
- const xmltooling::QName* role=NULL,
- const xmltooling::TrustEngine* trustEngine=NULL,
+ const saml2md::MetadataProvider* metadataProvider=nullptr,
+ const xmltooling::QName* role=nullptr,
+ const xmltooling::TrustEngine* trustEngine=nullptr,
/**
* Returns flag controlling non-entity issuer support.
*
* @return flag controlling non-entity issuer support
*/
/**
* Returns flag controlling non-entity issuer support.
*
* @return flag controlling non-entity issuer support
*/
- bool requireEntityIssuer() const {
- return m_entityOnly;
- }
+ bool requireEntityIssuer() const;
+
+ /**
+ * Returns the SAML audiences that represent the receiving peer.
+ *
+ * @return audience values of the peer processing the message
+ */
+ const std::vector<xmltooling::xstring>& getAudiences() const;
/**
* Gets the effective time of message processing.
*
* @return the time at which the message is being processed
*/
/**
* Gets the effective time of message processing.
*
* @return the time at which the message is being processed
*/
- time_t getTime() {
- if (m_ts == 0)
- return m_ts = time(NULL);
- return m_ts;
- }
+ time_t getTime() const;
+
+ /**
+ * Returns the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @return correlated message identifier
+ */
+ const XMLCh* getCorrelationID() const;
*/
void setMetadataProviderCriteria(saml2md::MetadataProvider::Criteria* criteria);
/**
* Sets a peer role element/type for to the policy.
*
*/
void setMetadataProviderCriteria(saml2md::MetadataProvider::Criteria* criteria);
/**
* Sets a peer role element/type for to the policy.
*
/**
* Sets flag controlling non-entity issuer support.
*
* @param entityOnly require that Issuer be in entity format
*/
/**
* Sets flag controlling non-entity issuer support.
*
* @param entityOnly require that Issuer be in entity format
*/
- void requireEntityIssuer(bool entityOnly=true) {
- m_entityOnly = entityOnly;
- }
-
- /**
- * Sets entityID of receiving entity.
- *
- * @param recipient the entityID of the peer processing the message
- */
- void setRecipient(const XMLCh* recipient) {
- m_recipient = recipient;
- }
+ void requireEntityIssuer(bool entityOnly=true);
- void setTime(time_t ts) {
- m_ts = ts;
- }
+ void setTime(time_t ts);
+
+ /**
+ * Sets the message identifier to which the message being evaluated
+ * is a response.
+ *
+ * @param correlationID correlated message identifier
+ */
+ void setCorrelationID(const XMLCh* correlationID);
/**
* Returns the message timestamp as determined by the registered policies.
*
* @return message timestamp as determined by the registered policies
*/
/**
* Returns the message timestamp as determined by the registered policies.
*
* @return message timestamp as determined by the registered policies
*/
/**
* Gets the issuer of the message as determined by the registered policies.
*
* @return issuer of the message as determined by the registered policies
*/
/**
* Gets the issuer of the message as determined by the registered policies.
*
* @return issuer of the message as determined by the registered policies
*/
/**
* Gets the metadata for the role the issuer is operating in.
*
* @return metadata for the role the issuer is operating in
*/
/**
* Gets the metadata for the role the issuer is operating in.
*
* @return metadata for the role the issuer is operating in
*/
/**
* Returns the authentication status of the message as determined by the registered policies.
*
* @return true iff a SecurityPolicyRule has indicated the issuer/message has been authenticated
*/
/**
* Returns the authentication status of the message as determined by the registered policies.
*
* @return true iff a SecurityPolicyRule has indicated the issuer/message has been authenticated
*/
/**
* Sets the message identifier as determined by the registered policies.
*
* @param id message identifier
*/
/**
* Sets the message identifier as determined by the registered policies.
*
* @param id message identifier
*/
/**
* Sets the message timestamp as determined by the registered policies.
*
* @param issueInstant message timestamp
*/
/**
* Sets the message timestamp as determined by the registered policies.
*
* @param issueInstant message timestamp
*/
/** Allows override of rules for comparing saml2:Issuer information. */
class SAML_API IssuerMatchingPolicy {
MAKE_NONCOPYABLE(IssuerMatchingPolicy);
public:
/** Allows override of rules for comparing saml2:Issuer information. */
class SAML_API IssuerMatchingPolicy {
MAKE_NONCOPYABLE(IssuerMatchingPolicy);
public:
- void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy) {
- delete m_matchingPolicy;
- m_matchingPolicy = matchingPolicy;
- }
+ void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy);