Initial decryption and schema support for encrypted SAML.

[shibboleth/opensaml2.git] / saml / saml1 / core / impl / AssertionsImpl.cpp

diff --git a/saml/saml1/core/impl/AssertionsImpl.cpp b/saml/saml1/core/impl/AssertionsImpl.cpp
index faf6978..07ce6e1 100644 (file)
--- a/saml/saml1/core/impl/AssertionsImpl.cpp
+++ b/saml/saml1/core/impl/AssertionsImpl.cpp
@@ -55,7 +55,7 @@ namespace opensaml {
         DECL_XMLOBJECTIMPL_SIMPLE(SAML_DLLLOCAL,Audience);
         DECL_XMLOBJECTIMPL_SIMPLE(SAML_DLLLOCAL,ConfirmationMethod);
         
-        class XMLTOOL_DLLLOCAL AudienceRestrictionConditionImpl : public virtual AudienceRestrictionCondition,
+        class SAML_DLLLOCAL AudienceRestrictionConditionImpl : public virtual AudienceRestrictionCondition,
             public AbstractComplexElement,
             public AbstractDOMCachingXMLObject,
             public AbstractValidatingXMLObject,
@@ -92,7 +92,7 @@ namespace opensaml {
             }
         };
 
-        class XMLTOOL_DLLLOCAL DoNotCacheConditionImpl : public virtual DoNotCacheCondition,
+        class SAML_DLLLOCAL DoNotCacheConditionImpl : public virtual DoNotCacheCondition,
             public AbstractChildlessElement,
             public AbstractDOMCachingXMLObject,
             public AbstractValidatingXMLObject,
@@ -248,7 +248,7 @@ namespace opensaml {
             virtual ~SubjectConfirmationDataImpl() {}
     
             SubjectConfirmationDataImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
-                : AnyElementImpl(nsURI, localName, prefix, schemaType) {
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
                 
             SubjectConfirmationDataImpl(const SubjectConfirmationDataImpl& src)
@@ -372,6 +372,15 @@ namespace opensaml {
             public AbstractXMLObjectMarshaller,
             public AbstractXMLObjectUnmarshaller
         {
+            void init() {
+                m_Subject=NULL;
+                m_children.push_back(NULL);
+                m_pos_Subject=m_children.begin();
+            }
+        protected:
+            SubjectStatementImpl() {
+                init();
+            }
         public:
             virtual ~SubjectStatementImpl() {}
     
@@ -389,12 +398,6 @@ namespace opensaml {
                     setSubject(src.getSubject()->cloneSubject());
             }
             
-            void init() {
-                m_Subject=NULL;
-                m_children.push_back(NULL);
-                m_pos_Subject=m_children.begin();
-            }
-
             IMPL_TYPED_CHILD(Subject);
     
         protected:
@@ -509,11 +512,12 @@ namespace opensaml {
             }
     
             AuthenticationStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
-                : SubjectStatementImpl(nsURI, localName, prefix, schemaType) {
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
                 
-            AuthenticationStatementImpl(const AuthenticationStatementImpl& src) : SubjectStatementImpl(src) {
+            AuthenticationStatementImpl(const AuthenticationStatementImpl& src)
+                    : AbstractXMLObject(src), SubjectStatementImpl(src) {
                 init();
                 setAuthenticationMethod(src.getAuthenticationMethod());
                 setAuthenticationInstant(src.getAuthenticationInstant());
@@ -528,13 +532,12 @@ namespace opensaml {
             }
             
             void init() {
-                SubjectStatementImpl::init();
                 m_AuthenticationMethod=NULL;
                 m_AuthenticationInstant=NULL;
                 m_SubjectLocality=NULL;
                 m_children.push_back(NULL);
                 m_pos_SubjectLocality=m_pos_Subject;
-                m_pos_SubjectLocality++;
+                ++m_pos_SubjectLocality;
             }
             
             IMPL_XMLOBJECT_CLONE(AuthenticationStatement);
@@ -664,11 +667,12 @@ namespace opensaml {
             }
     
             AuthorizationDecisionStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
-                : SubjectStatementImpl(nsURI, localName, prefix, schemaType) {
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
                 init();
             }
                 
-            AuthorizationDecisionStatementImpl(const AuthorizationDecisionStatementImpl& src) : SubjectStatementImpl(src) {
+            AuthorizationDecisionStatementImpl(const AuthorizationDecisionStatementImpl& src)
+                    : AbstractXMLObject(src), SubjectStatementImpl(src) {
                 init();
                 setResource(src.getResource());
                 setDecision(src.getDecision());
@@ -683,13 +687,12 @@ namespace opensaml {
             }
             
             void init() {
-                SubjectStatementImpl::init();
                 m_Resource=NULL;
                 m_Decision=NULL;
                 m_Evidence=NULL;
                 m_children.push_back(NULL);
                 m_pos_Evidence=m_pos_Subject;
-                m_pos_Evidence++;
+                ++m_pos_Evidence;
             }
             
             IMPL_XMLOBJECT_CLONE(AuthorizationDecisionStatement);
@@ -835,7 +838,7 @@ namespace opensaml {
             virtual ~AttributeValueImpl() {}
     
             AttributeValueImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
-                : AnyElementImpl(nsURI, localName, prefix, schemaType) {
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
                 
             AttributeValueImpl(const AttributeValueImpl& src) : AnyElementImpl(src), AbstractValidatingXMLObject(src) {}
@@ -849,11 +852,11 @@ namespace opensaml {
             virtual ~AttributeStatementImpl() {}
     
             AttributeStatementImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType)
-                : SubjectStatementImpl(nsURI, localName, prefix, schemaType) {
-                init();
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {
             }
                 
-            AttributeStatementImpl(const AttributeStatementImpl& src) : SubjectStatementImpl(src) {
+            AttributeStatementImpl(const AttributeStatementImpl& src)
+                    : AbstractXMLObject(src), SubjectStatementImpl(src) {
                 VectorOf(Attribute) v=getAttributes();
                 for (vector<Attribute*>::const_iterator i=src.m_Attributes.begin(); i!=src.m_Attributes.end(); i++) {
                     if (*i) {
@@ -928,8 +931,10 @@ namespace opensaml {
                 
                 // Unknown child.
                 const XMLCh* nsURI=root->getNamespaceURI();
-                if (!XMLString::equals(nsURI,SAMLConstants::SAML1_NS) && nsURI && *nsURI)
+                if (!XMLString::equals(nsURI,SAMLConstants::SAML1_NS) && nsURI && *nsURI) {
                     getOthers().push_back(childXMLObject);
+                    return;
+                }
                 
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
             }
@@ -942,6 +947,23 @@ namespace opensaml {
             public AbstractXMLObjectMarshaller,
             public AbstractXMLObjectUnmarshaller
         {
+            void init() {
+                m_MinorVersion=1;
+                m_AssertionID=NULL;
+                m_Issuer=NULL;
+                m_IssueInstant=NULL;
+                m_children.push_back(NULL);
+                m_children.push_back(NULL);
+                m_children.push_back(NULL);
+                m_Conditions=NULL;
+                m_Advice=NULL;
+                m_Signature=NULL;
+                m_pos_Conditions=m_children.begin();
+                m_pos_Advice=m_pos_Conditions;
+                ++m_pos_Advice;
+                m_pos_Signature=m_pos_Advice;
+                ++m_pos_Signature;
+            }
         public:
             virtual ~AssertionImpl() {
                 XMLString::release(&m_AssertionID);
@@ -976,6 +998,18 @@ namespace opensaml {
                             getAuthenticationStatements().push_back(authst->cloneAuthenticationStatement());
                             continue;
                         }
+
+                        AttributeStatement* attst=dynamic_cast<AttributeStatement*>(*i);
+                        if (attst) {
+                            getAttributeStatements().push_back(attst->cloneAttributeStatement());
+                            continue;
+                        }
+
+                        AuthorizationDecisionStatement* authzst=dynamic_cast<AuthorizationDecisionStatement*>(*i);
+                        if (authzst) {
+                            getAuthorizationDecisionStatements().push_back(authzst->cloneAuthorizationDecisionStatement());
+                            continue;
+                        }
     
                         SubjectStatement* subst=dynamic_cast<SubjectStatement*>(*i);
                         if (subst) {
@@ -992,22 +1026,26 @@ namespace opensaml {
                 }
             }
             
-            void init() {
-                m_MinorVersion=1;
-                m_AssertionID=NULL;
-                m_Issuer=NULL;
-                m_IssueInstant=NULL;
-                m_children.push_back(NULL);
-                m_children.push_back(NULL);
-                m_children.push_back(NULL);
-                m_Conditions=NULL;
-                m_Advice=NULL;
-                m_Signature=NULL;
-                m_pos_Conditions=m_children.begin();
-                m_pos_Advice=m_pos_Conditions;
-                m_pos_Advice++;
-                m_pos_Signature=m_pos_Advice;
-                m_pos_Signature++;
+            const XMLCh* getId() const {
+                return getAssertionID();
+            }
+
+            //IMPL_TYPED_CHILD(Signature);
+            // Need customized setter.
+        protected:
+            Signature* m_Signature;
+            list<XMLObject*>::iterator m_pos_Signature;
+        public:
+            Signature* getSignature() const {
+                return m_Signature;
+            }
+            
+            void setSignature(Signature* sig) {
+                prepareForAssignment(m_Signature,sig);
+                *m_pos_Signature=m_Signature=sig;
+                // Sync content reference back up.
+                if (m_Signature)
+                    m_Signature->setContentReference(new opensaml::ContentReference(*this));
             }
             
             IMPL_XMLOBJECT_CLONE(Assertion);
@@ -1017,10 +1055,11 @@ namespace opensaml {
             IMPL_DATETIME_ATTRIB(IssueInstant);
             IMPL_TYPED_CHILD(Conditions);
             IMPL_TYPED_CHILD(Advice);
-            IMPL_TYPED_CHILD(Signature);
             IMPL_TYPED_CHILDREN(Statement, m_pos_Signature);
             IMPL_TYPED_CHILDREN(SubjectStatement, m_pos_Signature);
             IMPL_TYPED_CHILDREN(AuthenticationStatement, m_pos_Signature);
+            IMPL_TYPED_CHILDREN(AttributeStatement, m_pos_Signature);
+            IMPL_TYPED_CHILDREN(AuthorizationDecisionStatement, m_pos_Signature);
     
         protected:
             void marshallAttributes(DOMElement* domElement) const {
@@ -1042,6 +1081,8 @@ namespace opensaml {
                 PROC_TYPED_CHILD(Advice,SAMLConstants::SAML1_NS,false);
                 PROC_TYPED_CHILD(Signature,XMLConstants::XMLSIG_NS,false);
                 PROC_TYPED_CHILDREN(AuthenticationStatement,SAMLConstants::SAML1_NS,false);
+                PROC_TYPED_CHILDREN(AttributeStatement,SAMLConstants::SAML1_NS,false);
+                PROC_TYPED_CHILDREN(AuthorizationDecisionStatement,SAMLConstants::SAML1_NS,false);
                 PROC_TYPED_CHILDREN(SubjectStatement,SAMLConstants::SAML1_NS,true);
                 PROC_TYPED_CHILDREN(Statement,SAMLConstants::SAML1_NS,true);
                 AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root);
@@ -1157,6 +1198,7 @@ const XMLCh SubjectLocality::LOCAL_NAME[] =         UNICODE_LITERAL_15(S,u,b,j,e
 const XMLCh SubjectLocality::TYPE_NAME[] =          UNICODE_LITERAL_19(S,u,b,j,e,c,t,L,o,c,a,l,i,t,y,T,y,p,e);
 const XMLCh SubjectLocality::IPADDRESS_ATTRIB_NAME[] =      UNICODE_LITERAL_9(I,P,A,d,d,r,e,s,s);
 const XMLCh SubjectLocality::DNSADDRESS_ATTRIB_NAME[] =     UNICODE_LITERAL_10(D,N,S,A,d,d,r,e,s,s);
+const XMLCh SubjectStatement::LOCAL_NAME[] =        UNICODE_LITERAL_16(S,u,b,j,e,c,t,S,t,a,t,e,m,e,n,t);
 
 #define XCH(ch) chLatin_##ch
 #define XNUM(d) chDigit_##d