Move Shib constants to new lib, fixed symbol conflicts.

[shibboleth/cpp-sp.git] / shib / shib.h

diff --git a/shib/shib.h b/shib/shib.h
index cb338d4..8e93490 100644 (file)
--- a/shib/shib.h
+++ b/shib/shib.h
@@ -25,8 +25,9 @@
 #ifndef __shib_h__
 #define __shib_h__
 
+#include <xmltooling/util/Threads.h>
+
 #include <saml/saml.h>
-#include <shib/shib-threads.h>
 #include <xsec/xenc/XENCEncryptionMethod.hpp>
 
 #ifdef WIN32
@@ -225,14 +226,7 @@ namespace shibboleth
         virtual ~IEntitiesDescriptor() {}
     };
     
-    // Supports Shib role extension describing attribute scoping rules
-    struct SHIB_EXPORTS IScopedRoleDescriptor : public virtual IRoleDescriptor
-    {
-        virtual saml::Iterator<std::pair<const XMLCh*,bool> > getScopes() const=0;
-        virtual ~IScopedRoleDescriptor() {}
-    };
-    
-    // Shib extension interfaces to key authority data
+    // Shib extension interfaces
     struct SHIB_EXPORTS IKeyAuthority
     {
         virtual int getVerifyDepth() const=0;
@@ -243,6 +237,7 @@ namespace shibboleth
     struct SHIB_EXPORTS IExtendedEntityDescriptor : public virtual IEntityDescriptor
     {
         virtual saml::Iterator<const IKeyAuthority*> getKeyAuthorities() const=0;
+        virtual saml::Iterator<std::pair<const XMLCh*,bool> > getScopes() const=0;
         virtual ~IExtendedEntityDescriptor() {}
     };
 
@@ -316,7 +311,7 @@ namespace shibboleth
         virtual const char* getAlias() const=0;
         virtual const char* getHeader() const=0;
         virtual bool getCaseSensitive() const=0;
-        virtual void apply(saml::SAMLAttribute& attribute, const IRoleDescriptor* role=NULL) const=0;
+        virtual void apply(saml::SAMLAttribute& attribute, const IEntityDescriptor* source=NULL) const=0;
         virtual ~IAttributeRule() {}
     };
     
@@ -357,18 +352,6 @@ namespace shibboleth
     template class SHIB_EXPORTS saml::ArrayIterator<IAAP*>;
 #endif
 
-    struct SHIB_EXPORTS Constants
-    {
-        static const XMLCh SHIB_ATTRIBUTE_NAMESPACE_URI[];
-        static const XMLCh SHIB_NAMEID_FORMAT_URI[];
-        static const XMLCh SHIB_AUTHNREQUEST_PROFILE_URI[];
-        static const XMLCh SHIB_LEGACY_AUTHNREQUEST_PROFILE_URI[];
-        static const XMLCh SHIB_SESSIONINIT_PROFILE_URI[];
-        static const XMLCh SHIB_LOGOUT_PROFILE_URI[];
-        static const XMLCh SHIB_NS[];
-        static const XMLCh InvalidHandle[];
-    };
-
     // Glue classes between abstract metadata and concrete providers
     
     class SHIB_EXPORTS Metadata
@@ -433,7 +416,7 @@ namespace shibboleth
         const IAttributeRule* operator->() const {return m_rule;}
         operator const IAttributeRule*() const {return m_rule;}
         
-        static void apply(const saml::Iterator<IAAP*>& aaps, saml::SAMLAssertion& assertion, const IRoleDescriptor* role=NULL);
+        static void apply(const saml::Iterator<IAAP*>& aaps, saml::SAMLAssertion& assertion, const IEntityDescriptor* source=NULL);
         
     private:
         AAP(const AAP&);
@@ -447,7 +430,18 @@ namespace shibboleth
     class SHIB_EXPORTS ShibBrowserProfile : virtual public saml::SAMLBrowserProfile
     {
     public:
+        struct SHIB_EXPORTS ITokenValidator {
+            virtual void validateToken(
+                saml::SAMLAssertion* token,
+                time_t=0,
+                const IRoleDescriptor* role=NULL,
+                const saml::Iterator<ITrust*>& trusts=EMPTY(ITrust*)
+                ) const=0;
+            virtual ~ITokenValidator() {}
+        };
+
         ShibBrowserProfile(
+            const ITokenValidator* validator,
             const saml::Iterator<IMetadata*>& metadatas=EMPTY(IMetadata*),
             const saml::Iterator<ITrust*>& trusts=EMPTY(ITrust*)
             );
@@ -473,6 +467,7 @@ namespace shibboleth
         saml::SAMLBrowserProfile* m_profile;
         saml::Iterator<IMetadata*> m_metadatas;
         saml::Iterator<ITrust*> m_trusts;
+        const ITokenValidator* m_validator;
     };
 
     class SHIB_EXPORTS ShibConfig
@@ -532,7 +527,7 @@ namespace shibboleth
         const DOMElement* m_root;
         std::string m_source;
         time_t m_filestamp;
-        RWLock* m_lock;
+        xmltooling::RWLock* m_lock;
     };
 
     /* These helpers attach metadata-derived information as exception properties and then