projects
/
shibboleth
/
cpp-opensaml.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Settable digest algorithm, enhanced prefix handling in signatures, pending xmlsec...
[shibboleth/cpp-opensaml.git]
/
saml
/
saml1
/
binding
/
impl
/
SAML1POSTEncoder.cpp
diff --git
a/saml/saml1/binding/impl/SAML1POSTEncoder.cpp
b/saml/saml1/binding/impl/SAML1POSTEncoder.cpp
index
de3b377
..
6b4a7d4
100644
(file)
--- a/
saml/saml1/binding/impl/SAML1POSTEncoder.cpp
+++ b/
saml/saml1/binding/impl/SAML1POSTEncoder.cpp
@@
-23,6
+23,7
@@
#include "internal.h"
#include "exceptions.h"
#include "binding/MessageEncoder.h"
#include "internal.h"
#include "exceptions.h"
#include "binding/MessageEncoder.h"
+#include "signature/ContentReference.h"
#include "saml1/core/Protocols.h"
#include <fstream>
#include "saml1/core/Protocols.h"
#include <fstream>
@@
-49,17
+50,18
@@
namespace opensaml {
long encode(
GenericResponse& genericResponse,
long encode(
GenericResponse& genericResponse,
-
xmltooling::
XMLObject* xmlObject,
+ XMLObject* xmlObject,
const char* destination,
const char* recipientID=NULL,
const char* relayState=NULL,
const char* destination,
const char* recipientID=NULL,
const char* relayState=NULL,
- const xmltooling::CredentialResolver* credResolver=NULL,
- const XMLCh* sigAlgorithm=NULL
+ const Credential* credential=NULL,
+ const XMLCh* signatureAlg=NULL,
+ const XMLCh* digestAlg=NULL
) const;
protected:
/** Pathname of HTML template for transmission of message via POST. */
) const;
protected:
/** Pathname of HTML template for transmission of message via POST. */
- st
d::st
ring m_template;
+ string m_template;
};
MessageEncoder* SAML_DLLLOCAL SAML1POSTEncoderFactory(const DOMElement* const & e)
};
MessageEncoder* SAML_DLLLOCAL SAML1POSTEncoderFactory(const DOMElement* const & e)
@@
-88,8
+90,9
@@
long SAML1POSTEncoder::encode(
const char* destination,
const char* recipientID,
const char* relayState,
const char* destination,
const char* recipientID,
const char* relayState,
- const CredentialResolver* credResolver,
- const XMLCh* sigAlgorithm
+ const Credential* credential,
+ const XMLCh* signatureAlg,
+ const XMLCh* digestAlg
) const
{
#ifdef _DEBUG
) const
{
#ifdef _DEBUG
@@
-107,7
+110,7
@@
long SAML1POSTEncoder::encode(
throw BindingException("SAML 1.x POST Encoder requires relay state (TARGET) value.");
DOMElement* rootElement = NULL;
throw BindingException("SAML 1.x POST Encoder requires relay state (TARGET) value.");
DOMElement* rootElement = NULL;
- if (cred
Resolver
) {
+ if (cred
ential
) {
// Signature based on native XML signing.
if (response->getSignature()) {
log.debug("response already signed, skipping signature operation");
// Signature based on native XML signing.
if (response->getSignature()) {
log.debug("response already signed, skipping signature operation");
@@
-116,12
+119,19
@@
long SAML1POSTEncoder::encode(
log.debug("signing and marshalling the response");
// Build a Signature.
log.debug("signing and marshalling the response");
// Build a Signature.
- Signature* sig =
buildSignature(credResolver, sigAlgorithm
);
+ Signature* sig =
SignatureBuilder::buildSignature(
);
response->setSignature(sig);
response->setSignature(sig);
+ if (signatureAlg)
+ sig->setSignatureAlgorithm(signatureAlg);
+ if (digestAlg) {
+ opensaml::ContentReference* cr = dynamic_cast<opensaml::ContentReference*>(sig->getContentReference());
+ if (cr)
+ cr->setDigestAlgorithm(digestAlg);
+ }
// Sign response while marshalling.
vector<Signature*> sigs(1,sig);
// Sign response while marshalling.
vector<Signature*> sigs(1,sig);
- rootElement = response->marshall((DOMDocument*)NULL,&sigs);
+ rootElement = response->marshall((DOMDocument*)NULL,&sigs
,credential
);
}
}
else {
}
}
else {