#define SHIB_TARGET_H
// New headers
-#include <saml/base.h>
+#include <shibsp/base.h>
#include <shibsp/ListenerService.h>
+#include <shibsp/PropertySet.h>
+#include <saml/saml2/metadata/MetadataProvider.h>
+#include <xmltooling/security/TrustEngine.h>
// Old headers
#include <saml/saml.h>
namespace shibtarget {
- DECLARE_SAML_EXCEPTION(SHIBTARGET_EXPORTS,ListenerException,SAMLException);
- DECLARE_SAML_EXCEPTION(SHIBTARGET_EXPORTS,ConfigurationException,SAMLException);
-
// Abstract APIs for access to configuration information
- /**
- * Interface to a generic set of typed properties or a DOM container of additional
- * data.
- */
- struct SHIBTARGET_EXPORTS IPropertySet
- {
- virtual std::pair<bool,bool> getBool(const char* name, const char* ns=NULL) const=0;
- virtual std::pair<bool,const char*> getString(const char* name, const char* ns=NULL) const=0;
- virtual std::pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const=0;
- virtual std::pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const=0;
- virtual std::pair<bool,int> getInt(const char* name, const char* ns=NULL) const=0;
- virtual const IPropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:target:config:1.0") const=0;
- virtual const DOMElement* getElement() const=0;
- virtual ~IPropertySet() {}
- };
-
// Forward declaration
class SHIBTARGET_EXPORTS ShibTarget;
{
IHandler() : m_props(NULL) {}
virtual ~IHandler() {}
- virtual const IPropertySet* getProperties() const { return m_props; }
- virtual void setProperties(const IPropertySet* properties) { m_props=properties; }
+ virtual const shibsp::PropertySet* getProperties() const { return m_props; }
+ virtual void setProperties(const shibsp::PropertySet* properties) { m_props=properties; }
virtual std::pair<bool,void*> run(ShibTarget* st, bool isHandler=true) const=0;
private:
- const IPropertySet* m_props;
+ const shibsp::PropertySet* m_props;
};
/**
* Application. Implementations should always expose an application named "default"
* as a last resort.
*/
- struct SHIBTARGET_EXPORTS IApplication : public virtual IPropertySet,
+ struct SHIBTARGET_EXPORTS IApplication : public virtual shibsp::PropertySet,
public virtual shibboleth::ShibBrowserProfile::ITokenValidator
{
virtual const char* getId() const=0;
virtual saml::Iterator<saml::SAMLAttributeDesignator*> getAttributeDesignators() const=0;
virtual saml::Iterator<shibboleth::IAAP*> getAAPProviders() const=0;
- virtual saml::Iterator<shibboleth::IMetadata*> getMetadataProviders() const=0;
- virtual saml::Iterator<shibboleth::ITrust*> getTrustProviders() const=0;
+ virtual opensaml::saml2md::MetadataProvider* getMetadataProvider() const=0;
+ virtual xmltooling::TrustEngine* getTrustEngine() const=0;
virtual saml::Iterator<const XMLCh*> getAudiences() const=0;
- virtual const IPropertySet* getCredentialUse(const shibboleth::IEntityDescriptor* provider) const=0;
+ virtual const shibsp::PropertySet* getCredentialUse(const opensaml::saml2md::EntityDescriptor* provider) const=0;
// caller is borrowing object, must use within scope of config lock
virtual const saml::SAMLBrowserProfile* getBrowserProfile() const=0;
virtual void validateToken(
saml::SAMLAssertion* token,
time_t t=0,
- const shibboleth::IRoleDescriptor* role=NULL,
- const saml::Iterator<shibboleth::ITrust*>& trusts=EMPTY(shibboleth::ITrust*)
+ const opensaml::saml2md::RoleDescriptor* role=NULL,
+ const xmltooling::TrustEngine* trust=NULL
) const=0;
// Used to locate a default or designated session initiator for automatic sessions
class ShibHTTPHook : virtual public saml::SAMLSOAPHTTPBinding::HTTPHook
{
public:
- ShibHTTPHook(const saml::Iterator<shibboleth::ITrust*>& trusts, const saml::Iterator<shibboleth::ICredentials*>& creds)
- : m_trusts(trusts), m_creds(creds) {}
+ ShibHTTPHook(const xmltooling::TrustEngine* trust, const saml::Iterator<shibboleth::ICredentials*>& creds)
+ : m_trust(trust), m_creds(creds) {}
virtual ~ShibHTTPHook() {}
// Only hook we need here is for outgoing connection to server.
// Client declares a context object and pass as callCtx to send() method.
class ShibHTTPHookCallContext {
public:
- ShibHTTPHookCallContext(const IPropertySet* credUse, const shibboleth::IRoleDescriptor* role)
+ ShibHTTPHookCallContext(const shibsp::PropertySet* credUse, const opensaml::saml2md::RoleDescriptor* role)
: m_credUse(credUse), m_role(role), m_hook(NULL), m_authenticated(false) {}
const ShibHTTPHook* getHook() {return m_hook;}
- const IPropertySet* getCredentialUse() {return m_credUse;}
- const shibboleth::IRoleDescriptor* getRoleDescriptor() {return m_role;}
+ const shibsp::PropertySet* getCredentialUse() {return m_credUse;}
+ const opensaml::saml2md::RoleDescriptor* getRoleDescriptor() {return m_role;}
bool isAuthenticated() const {return m_authenticated;}
void setAuthenticated() {m_authenticated=true;}
private:
- const IPropertySet* m_credUse;
- const shibboleth::IRoleDescriptor* m_role;
+ const shibsp::PropertySet* m_credUse;
+ const opensaml::saml2md::RoleDescriptor* m_role;
ShibHTTPHook* m_hook;
bool m_authenticated;
friend class ShibHTTPHook;
};
- const saml::Iterator<shibboleth::ITrust*>& getTrustProviders() const {return m_trusts;}
+ const xmltooling::TrustEngine* getTrustEngine() const {return m_trust;}
const saml::Iterator<shibboleth::ICredentials*>& getCredentialProviders() const {return m_creds;}
private:
- saml::Iterator<shibboleth::ITrust*> m_trusts;
+ const xmltooling::TrustEngine* m_trust;
saml::Iterator<shibboleth::ICredentials*> m_creds;
};
{
virtual std::string insert(
const IApplication* application,
- const shibboleth::IEntityDescriptor* source,
+ const opensaml::saml2md::RoleDescriptor* source,
const char* client_addr,
const saml::SAMLSubject* subject,
const char* authnContext,
*/
struct SHIBTARGET_EXPORTS IRequestMapper : public virtual saml::ILockable, public virtual saml::IPlugIn
{
- typedef std::pair<const IPropertySet*,IAccessControl*> Settings;
+ typedef std::pair<const shibsp::PropertySet*,IAccessControl*> Settings;
virtual Settings getSettings(ShibTarget* st) const=0;
virtual ~IRequestMapper() {}
};
- struct SHIBTARGET_EXPORTS IConfig : public virtual saml::ILockable, public virtual IPropertySet, public virtual saml::IPlugIn
+ struct SHIBTARGET_EXPORTS IConfig : public virtual saml::ILockable, public virtual shibsp::PropertySet, public virtual saml::IPlugIn
{
// loads initial configuration
virtual void init()=0;