-/*
- * Initialise SAML attribute context in initiator name. RADIUS context
- * must have been previously initialised.
- */
-OM_uint32
-samlCreateAttrContext(OM_uint32 *minor,
- gss_cred_id_t acceptorCred,
- gss_name_t initiatorName,
- time_t *pExpiryTime)
-{
- OM_uint32 major, tmpMinor;
- gss_buffer_desc nameBuf;
- gss_eap_saml_attr_ctx *ctx = NULL;
- ShibbolethResolver *resolver = NULL;
- gss_eap_saml_attr_args args;
-
- assert(initiatorName != GSS_C_NO_NAME);
-
- if (initiatorName->radiusCtx == NULL)
- return GSS_S_UNAVAILABLE;
-
- nameBuf.length = 0;
- nameBuf.value = NULL;
-
- resolver = ShibbolethResolver::create();
- if (resolver == NULL)
- return GSS_S_FAILURE;
-
- args.resolver = resolver;
-
- if (acceptorCred != GSS_C_NO_CREDENTIAL) {
- major = gss_display_name(minor, acceptorCred->name, &nameBuf, NULL);
- if (GSS_ERROR(major))
- goto cleanup;
- }
-
- try {
- const saml2::Assertion *assertion;
- vector <Attribute *> attrs;
-
- ctx = new gss_eap_saml_attr_ctx();
-
- major = samlAddRadiusAssertion(minor, initiatorName, ctx);
- if (GSS_ERROR(major))
- goto cleanup;
-
- assertion = ctx->getAssertion();
-
- if (assertion != NULL) {
- if (assertion->getConditions()) {
- *pExpiryTime =
- assertion->getConditions()->getNotOnOrAfter()->getEpoch();
- }
-
- resolver->addToken(assertion);
- }
-
- if (initiatorName->radiusCtx != NULL)
- samlAddRadiusAttributes(minor, initiatorName, &args);
- resolver->resolveAttributes(attrs);
- ctx->setAttributes(attrs);
- } catch (exception &ex) {
- major = mapException(minor, ex);
- goto cleanup;
- }
-
- *minor = 0;
- major = GSS_S_COMPLETE;
-
- initiatorName->samlCtx = ctx;
-
-cleanup:
- for_each(args.attrs.begin(), args.attrs.end(), xmltooling::cleanup<Attribute>());
- gss_release_buffer(&tmpMinor, &nameBuf);
- if (GSS_ERROR(major))
- delete ctx;
- delete resolver;
-
- return major;
-}
-
-OM_uint32
-samlGetAttributeTypes(OM_uint32 *minor,
- gss_name_t name,
- enum gss_eap_attribute_type type,
- gss_eap_add_attr_cb addAttribute,
- void *data)