Next integration phase, metadata and trust conversion.

[shibboleth/cpp-sp.git] / shib-target / shib-target.h

diff --git a/shib-target/shib-target.h b/shib-target/shib-target.h
index 08e1e1c..808f7ef 100644 (file)
--- a/shib-target/shib-target.h
+++ b/shib-target/shib-target.h
@@ -26,8 +26,11 @@
 #define SHIB_TARGET_H
 
 // New headers
-#include <saml/base.h>
+#include <shibsp/base.h>
 #include <shibsp/ListenerService.h>
+#include <shibsp/PropertySet.h>
+#include <saml/saml2/metadata/MetadataProvider.h>
+#include <xmltooling/security/TrustEngine.h>
 
 // Old headers
 #include <saml/saml.h>
@@ -46,27 +49,8 @@
 
 namespace shibtarget {
   
-    DECLARE_SAML_EXCEPTION(SHIBTARGET_EXPORTS,ListenerException,SAMLException);
-    DECLARE_SAML_EXCEPTION(SHIBTARGET_EXPORTS,ConfigurationException,SAMLException);
-
     // Abstract APIs for access to configuration information
     
-    /**
-     * Interface to a generic set of typed properties or a DOM container of additional
-     * data.
-     */
-    struct SHIBTARGET_EXPORTS IPropertySet
-    {
-        virtual std::pair<bool,bool> getBool(const char* name, const char* ns=NULL) const=0;
-        virtual std::pair<bool,const char*> getString(const char* name, const char* ns=NULL) const=0;
-        virtual std::pair<bool,const XMLCh*> getXMLString(const char* name, const char* ns=NULL) const=0;
-        virtual std::pair<bool,unsigned int> getUnsignedInt(const char* name, const char* ns=NULL) const=0;
-        virtual std::pair<bool,int> getInt(const char* name, const char* ns=NULL) const=0;
-        virtual const IPropertySet* getPropertySet(const char* name, const char* ns="urn:mace:shibboleth:target:config:1.0") const=0;
-        virtual const DOMElement* getElement() const=0;
-        virtual ~IPropertySet() {}
-    };
-
     // Forward declaration
     class SHIBTARGET_EXPORTS ShibTarget;
 
@@ -80,11 +64,11 @@ namespace shibtarget {
     {
         IHandler() : m_props(NULL) {}
         virtual ~IHandler() {}
-        virtual const IPropertySet* getProperties() const { return m_props; }
-        virtual void setProperties(const IPropertySet* properties) { m_props=properties; }
+        virtual const shibsp::PropertySet* getProperties() const { return m_props; }
+        virtual void setProperties(const shibsp::PropertySet* properties) { m_props=properties; }
         virtual std::pair<bool,void*> run(ShibTarget* st, bool isHandler=true) const=0;
     private:
-        const IPropertySet* m_props;
+        const shibsp::PropertySet* m_props;
     };
     
     /**
@@ -98,7 +82,7 @@ namespace shibtarget {
      * Application. Implementations should always expose an application named "default"
      * as a last resort.
      */
-    struct SHIBTARGET_EXPORTS IApplication : public virtual IPropertySet,
+    struct SHIBTARGET_EXPORTS IApplication : public virtual shibsp::PropertySet,
         public virtual shibboleth::ShibBrowserProfile::ITokenValidator
     {
         virtual const char* getId() const=0;
@@ -106,10 +90,10 @@ namespace shibtarget {
         
         virtual saml::Iterator<saml::SAMLAttributeDesignator*> getAttributeDesignators() const=0;
         virtual saml::Iterator<shibboleth::IAAP*> getAAPProviders() const=0;
-        virtual saml::Iterator<shibboleth::IMetadata*> getMetadataProviders() const=0;
-        virtual saml::Iterator<shibboleth::ITrust*> getTrustProviders() const=0;
+        virtual opensaml::saml2md::MetadataProvider* getMetadataProvider() const=0;
+        virtual xmltooling::TrustEngine* getTrustEngine() const=0;
         virtual saml::Iterator<const XMLCh*> getAudiences() const=0;
-        virtual const IPropertySet* getCredentialUse(const shibboleth::IEntityDescriptor* provider) const=0;
+        virtual const shibsp::PropertySet* getCredentialUse(const opensaml::saml2md::EntityDescriptor* provider) const=0;
 
         // caller is borrowing object, must use within scope of config lock
         virtual const saml::SAMLBrowserProfile* getBrowserProfile() const=0;
@@ -122,8 +106,8 @@ namespace shibtarget {
         virtual void validateToken(
             saml::SAMLAssertion* token,
             time_t t=0,
-            const shibboleth::IRoleDescriptor* role=NULL,
-            const saml::Iterator<shibboleth::ITrust*>& trusts=EMPTY(shibboleth::ITrust*)
+            const opensaml::saml2md::RoleDescriptor* role=NULL,
+            const xmltooling::TrustEngine* trust=NULL
             ) const=0;
 
         // Used to locate a default or designated session initiator for automatic sessions
@@ -152,8 +136,8 @@ namespace shibtarget {
     class ShibHTTPHook : virtual public saml::SAMLSOAPHTTPBinding::HTTPHook
     {
     public:
-        ShibHTTPHook(const saml::Iterator<shibboleth::ITrust*>& trusts, const saml::Iterator<shibboleth::ICredentials*>& creds)
-            : m_trusts(trusts), m_creds(creds) {}
+        ShibHTTPHook(const xmltooling::TrustEngine* trust, const saml::Iterator<shibboleth::ICredentials*>& creds)
+            : m_trust(trust), m_creds(creds) {}
         virtual ~ShibHTTPHook() {}
         
         // Only hook we need here is for outgoing connection to server.
@@ -162,26 +146,26 @@ namespace shibtarget {
         // Client declares a context object and pass as callCtx to send() method.
         class ShibHTTPHookCallContext {
         public:
-            ShibHTTPHookCallContext(const IPropertySet* credUse, const shibboleth::IRoleDescriptor* role)
+            ShibHTTPHookCallContext(const shibsp::PropertySet* credUse, const opensaml::saml2md::RoleDescriptor* role)
                 : m_credUse(credUse), m_role(role), m_hook(NULL), m_authenticated(false) {}
             const ShibHTTPHook* getHook() {return m_hook;}
-            const IPropertySet* getCredentialUse() {return m_credUse;}
-            const shibboleth::IRoleDescriptor* getRoleDescriptor() {return m_role;}
+            const shibsp::PropertySet* getCredentialUse() {return m_credUse;}
+            const opensaml::saml2md::RoleDescriptor* getRoleDescriptor() {return m_role;}
             bool isAuthenticated() const {return m_authenticated;}
             void setAuthenticated() {m_authenticated=true;}
             
         private:
-            const IPropertySet* m_credUse;
-            const shibboleth::IRoleDescriptor* m_role;
+            const shibsp::PropertySet* m_credUse;
+            const opensaml::saml2md::RoleDescriptor* m_role;
             ShibHTTPHook* m_hook;
             bool m_authenticated;
             friend class ShibHTTPHook;
         };
         
-        const saml::Iterator<shibboleth::ITrust*>& getTrustProviders() const {return m_trusts;}
+        const xmltooling::TrustEngine* getTrustEngine() const {return m_trust;}
         const saml::Iterator<shibboleth::ICredentials*>& getCredentialProviders() const {return m_creds;}
     private:
-        saml::Iterator<shibboleth::ITrust*> m_trusts;
+        const xmltooling::TrustEngine* m_trust;
         saml::Iterator<shibboleth::ICredentials*> m_creds;
     };
 
@@ -253,7 +237,7 @@ namespace shibtarget {
     {
         virtual std::string insert(
             const IApplication* application,
-            const shibboleth::IEntityDescriptor* source,
+            const opensaml::saml2md::RoleDescriptor* source,
             const char* client_addr,
             const saml::SAMLSubject* subject,
             const char* authnContext,
@@ -291,12 +275,12 @@ namespace shibtarget {
      */
     struct SHIBTARGET_EXPORTS IRequestMapper : public virtual saml::ILockable, public virtual saml::IPlugIn
     {
-        typedef std::pair<const IPropertySet*,IAccessControl*> Settings;
+        typedef std::pair<const shibsp::PropertySet*,IAccessControl*> Settings;
         virtual Settings getSettings(ShibTarget* st) const=0;
         virtual ~IRequestMapper() {}
     };
     
-    struct SHIBTARGET_EXPORTS IConfig : public virtual saml::ILockable, public virtual IPropertySet, public virtual saml::IPlugIn
+    struct SHIBTARGET_EXPORTS IConfig : public virtual saml::ILockable, public virtual shibsp::PropertySet, public virtual saml::IPlugIn
     {
         // loads initial configuration
         virtual void init()=0;