projects / shibboleth / cpp-sp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Refactor assertion extraction into handlers.
[shibboleth/cpp-sp.git] / shibsp / handler / impl / SAML1Consumer.cpp
diff --git a/shibsp/handler/impl/SAML1Consumer.cpp b/shibsp/handler/impl/SAML1Consumer.cpp
index 1e06560..d9cb975 100644 (file)
--- a/shibsp/handler/impl/SAML1Consumer.cpp
+++ b/shibsp/handler/impl/SAML1Consumer.cpp
@@ -110,15 +110,15 @@ string SAML1Consumer::implementProtocol(
     // the focus here is on the assertion content. For SAML 1.x POST,
     // all the security comes from the protocol layer, and signing
     // the assertion isn't sufficient. So we can check the policy
-    // object now and bail if it's not a secure message.
-    if (m_post && !policy.isSecure()) {
+    // object now and bail if it's not a secured message.
+    if (m_post && !policy.isAuthenticated()) {
         if (policy.getIssuer() && !policy.getIssuerMetadata())
             throw MetadataException("Security of SAML 1.x SSO POST response not established.");
         throw SecurityPolicyException("Security of SAML 1.x SSO POST response not established.");
     }
         
     // Remember whether we already established trust.
-    bool alreadySecured = policy.isSecure();
+    bool alreadySecured = policy.isAuthenticated();
 
     const Response* response = dynamic_cast<const Response*>(&xmlObject);
     if (!response)
@@ -128,6 +128,8 @@ string SAML1Consumer::implementProtocol(
     if (assertions.empty())
         throw FatalProfileException("Incoming message contained no SAML assertions.");
 
+    pair<bool,int> minor = response->getMinorVersion();
+
     // Maintain list of "legit" tokens to feed to SP subsystems.
     const AuthenticationStatement* ssoStatement=NULL;
     vector<const opensaml::Assertion*> tokens;
@@ -153,14 +155,20 @@ string SAML1Consumer::implementProtocol(
 
         try {
             // We clear the security flag, so we can tell whether the token was secured on its own.
-            policy.setSecure(false);
-            
-            // Run the policy over the assertion. Handles issuer consistency, replay, freshness,
-            // and signature verification, assuming the relevant rules are configured.
+            policy.setAuthenticated(false);
+            policy.reset(true);
+
+            // Extract message bits and re-verify Issuer information.
+            extractMessageDetails(
+                *(*a), (minor.first && minor.second==0) ? samlconstants::SAML10_PROTOCOL_ENUM : samlconstants::SAML11_PROTOCOL_ENUM, policy
+                );
+
+            // Run the policy over the assertion. Handles replay, freshness, and
+            // signature verification, assuming the relevant rules are configured.
             policy.evaluate(*(*a));
             
             // If no security is in place now, we kick it.
-            if (!alreadySecured && !policy.isSecure()) {
+            if (!alreadySecured && !policy.isAuthenticated()) {
                 m_log.warn("unable to establish security of assertion");
                 badtokens.push_back(*a);
                 continue;
Unnamed repository; edit this file 'description' to name the repository.