Add hooks for protecting headers and redirects.

[shibboleth/cpp-sp.git] / fastcgi / shibauthorizer.cpp

diff --git a/fastcgi/shibauthorizer.cpp b/fastcgi/shibauthorizer.cpp
index cf26edd..4d9a4e5 100644 (file)
--- a/fastcgi/shibauthorizer.cpp
+++ b/fastcgi/shibauthorizer.cpp
@@ -1,5 +1,5 @@
 /*\r
- *  Copyright 2001-2007 Internet2\r
+ *  Copyright 2001-2009 Internet2\r
  *\r
  * Licensed under the Apache License, Version 2.0 (the "License");\r
  * you may not use this file except in compliance with the License.\r
@@ -115,6 +115,9 @@ public:
         return s ? atol(s) : 0;\r
     }\r
     string getRemoteAddr() const {\r
+        string ret = AbstractSPRequest::getRemoteAddr();\r
+        if (!ret.empty())\r
+            return ret;\r
         const char* s = FCGX_GetParam("REMOTE_ADDR", m_req->envp);\r
         return s ? s : "";\r
     }\r
@@ -172,7 +175,25 @@ public:
         }\r
         return "";\r
     }\r
+    void setAuthType(const char* authtype) {\r
+        if (authtype)\r
+            m_request_headers["AUTH_TYPE"] = authtype;\r
+        else\r
+            m_request_headers.erase("AUTH_TYPE");\r
+    }\r
+    string getAuthType() const {\r
+        map<string,string>::const_iterator i = m_request_headers.find("AUTH_TYPE");\r
+        if (i != m_request_headers.end())\r
+            return i->second;\r
+        else {\r
+            char* auth_type = FCGX_GetParam("AUTH_TYPE", m_req->envp);\r
+            if (auth_type)\r
+                return auth_type;\r
+        }\r
+        return "";\r
+    }\r
     void setResponseHeader(const char* name, const char* value) {\r
+        AbstractSPRequest::setResponseHeader(name, value);\r
         // Set for later.\r
         if (value)\r
             m_response_headers.insert(make_pair(name,value));\r
@@ -209,6 +230,7 @@ public:
     }\r
 \r
     long sendRedirect(const char* url) {\r
+        AbstractSPRequest::sendRedirect(url);\r
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"\r
           "Content-Type: text/html\r\n"\r
           "Content-Length: 40\r\n"\r
@@ -268,7 +290,7 @@ int main(void)
 \r
     try {\r
         if (!g_Config->instantiate(NULL, true))\r
-            throw exception("unknown error");\r
+            throw runtime_error("unknown error");\r
     }\r
     catch (exception& ex) {\r
         g_Config->term();\r
@@ -317,9 +339,7 @@ int main(void)
 \r
             pair<bool,long> res = sta.getServiceProvider().doAuthentication(sta);\r
             if (res.first) {\r
-#ifdef _DEBUG\r
-                cerr << "shib: doAuthentication handled the request" << endl;\r
-#endif\r
+                sta.log(SPRequest::SPDebug, "shib: doAuthentication handled the request");\r
                 switch(res.second) {\r
                     case SHIB_RETURN_OK:\r
                         print_ok(sta.m_request_headers);\r
@@ -341,9 +361,7 @@ int main(void)
 \r
             res = sta.getServiceProvider().doExport(sta);\r
             if (res.first) {\r
-#ifdef _DEBUG\r
-                cerr << "shib: doExport handled request" << endl;\r
-#endif\r
+                sta.log(SPRequest::SPDebug, "shib: doExport handled request");\r
                 switch(res.second) {\r
                     case SHIB_RETURN_OK:\r
                         print_ok(sta.m_request_headers);\r
@@ -365,9 +383,7 @@ int main(void)
 \r
             res = sta.getServiceProvider().doAuthorization(sta);\r
             if (res.first) {\r
-#ifdef _DEBUG\r
-                cerr << "shib: doAuthorization handled request" << endl;\r
-#endif\r
+                sta.log(SPRequest::SPDebug, "shib: doAuthorization handled request");\r
                 switch(res.second) {\r
                     case SHIB_RETURN_OK:\r
                         print_ok(sta.m_request_headers);\r