#include <xmltooling/util/DateTime.h>
#include <saml/exceptions.h>
+#include <saml/SAMLConfig.h>
#include <saml/saml1/core/Assertions.h>
#include <saml/saml2/core/Assertions.h>
#include <saml/saml2/metadata/Metadata.h>
/* Then we may be creating from an existing attribute context */
const gss_eap_saml_assertion_provider *saml;
- assert(m_assertion == NULL);
+ GSSEAP_ASSERT(m_assertion == NULL);
if (!gss_eap_attr_provider::initWithExistingContext(manager, ctx))
return false;
gss_buffer_desc value = GSS_C_EMPTY_BUFFER;
int authenticated, complete;
OM_uint32 minor;
+ gss_eap_attrid attrid(VENDORPEC_UKERNA, PW_SAML_AAA_ASSERTION);
- assert(m_assertion == NULL);
+ GSSEAP_ASSERT(m_assertion == NULL);
if (!gss_eap_attr_provider::initWithGssContext(manager, gssCred, gssCtx))
return false;
radius = static_cast<const gss_eap_radius_attr_provider *>
(m_manager->getProvider(ATTR_TYPE_RADIUS));
if (radius != NULL &&
- radius->getFragmentedAttribute(PW_SAML_AAA_ASSERTION,
- VENDORPEC_UKERNA,
- &authenticated, &complete, &value)) {
+ radius->getFragmentedAttribute(attrid, &authenticated, &complete, &value)) {
setAssertion(&value, authenticated);
gss_release_buffer(&minor, &value);
} else {
const char *
gss_eap_saml_assertion_provider::prefix(void) const
{
- return "urn:ietf:params:gss-eap:saml-aaa-assertion";
+ return "urn:ietf:params:gss:federated-saml-assertion";
}
bool
gss_eap_saml_assertion_provider::init(void)
{
- gss_eap_attr_ctx::registerProvider(ATTR_TYPE_SAML_ASSERTION, createAttrContext);
- return true;
+ bool ret = false;
+
+ try {
+ ret = SAMLConfig::getConfig().init();
+ } catch (exception &e) {
+ }
+
+ if (ret)
+ gss_eap_attr_ctx::registerProvider(ATTR_TYPE_SAML_ASSERTION, createAttrContext);
+
+ return ret;
}
void
if (pAssertion != NULL)
*pAssertion = NULL;
- saml = static_cast<const gss_eap_saml_assertion_provider *>
+ saml = static_cast<gss_eap_saml_assertion_provider *>
(m_manager->getProvider(ATTR_TYPE_SAML_ASSERTION));
if (saml == NULL)
return false;
* Each attribute carried in the assertion SHOULD also be a GSS name
* attribute. The name of this attribute has three parts, all separated
* by an ASCII space character. The first part is
- * urn:ietf:params:gss-eap:saml-attr. The second part is the URI for
+ * urn:ietf:params:gss:federated-saml-attribute. The second part is the URI for
* the SAML attribute name format. The final part is the name of the
* SAML attribute. If the mechanism performs an additional attribute
* query, the retrieved attributes SHOULD be GSS-API name attributes
attribute->getAttributeValues().push_back(attributeValue);
- assert(attributeStatement != NULL);
+ GSSEAP_ASSERT(attributeStatement != NULL);
attributeStatement->getAttributes().push_back(attribute);
delete components;
}
if (display_value != NULL && base64Encoded == false) {
display_value->value = toUTF8(av->getTextContent(), true);
- display_value->length = strlen((char *)value->value);
+ display_value->length = strlen((char *)display_value->value);
}
}
const char *
gss_eap_saml_attr_provider::prefix(void) const
{
- return "urn:ietf:params:gss-eap:saml-attr";
+ return "urn:ietf:params:gss:federated-saml-attribute";
}
bool