-/*\r
- * Copyright 2001-2007 Internet2\r
- * \r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- *\r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- *\r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- */\r
-\r
-/**\r
- * resolvertest.cpp\r
- * \r
- * Tool to exercise SP attribute subsystems.\r
- */\r
-\r
-#if defined (_MSC_VER) || defined(__BORLANDC__)\r
-# include "config_win32.h"\r
-#else\r
-# include "config.h"\r
-#endif\r
-\r
-#ifdef WIN32\r
-# define _CRT_NONSTDC_NO_DEPRECATE 1\r
-# define _CRT_SECURE_NO_DEPRECATE 1\r
-#endif\r
-\r
-#include <shibsp/Application.h>\r
-#include <shibsp/exceptions.h>\r
-#include <shibsp/SPConfig.h>\r
-#include <shibsp/ServiceProvider.h>\r
+/*
+ * Copyright 2001-2007 Internet2
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * resolvertest.cpp
+ *
+ * Tool to exercise SP attribute subsystems.
+ */
+
+#if defined (_MSC_VER) || defined(__BORLANDC__)
+# include "config_win32.h"
+#else
+# include "config.h"
+#endif
+
+#ifdef WIN32
+# define _CRT_NONSTDC_NO_DEPRECATE 1
+# define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+#include <shibsp/Application.h>
+#include <shibsp/exceptions.h>
+#include <shibsp/SPConfig.h>
+#include <shibsp/ServiceProvider.h>
#include <shibsp/attribute/Attribute.h>
#include <shibsp/attribute/resolver/ResolutionContext.h>
#include <shibsp/handler/AssertionConsumerService.h>
-#include <shibsp/util/SPConstants.h>\r
-\r
-#include <saml/saml1/core/Assertions.h>\r
-#include <saml/saml2/core/Assertions.h>\r
-#include <saml/saml2/metadata/Metadata.h>\r
-#include <xercesc/util/XMLUniDefs.hpp>\r
-#include <xmltooling/XMLToolingConfig.h>\r
-#include <xmltooling/util/XMLHelper.h>\r
-\r
-using namespace shibsp;\r
-using namespace opensaml::saml2md;\r
-using namespace opensaml;\r
-using namespace xmltooling::logging;\r
-using namespace xmltooling;\r
-using namespace xercesc;\r
-using namespace std;\r
-\r
+#include <shibsp/util/SPConstants.h>
+
+#include <saml/saml1/core/Assertions.h>
+#include <saml/saml2/core/Assertions.h>
+#include <saml/saml2/metadata/Metadata.h>
+#include <xercesc/util/XMLUniDefs.hpp>
+#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/util/XMLHelper.h>
+
+using namespace shibsp;
+using namespace opensaml::saml2md;
+using namespace opensaml;
+using namespace xmltooling::logging;
+using namespace xmltooling;
+using namespace xercesc;
+using namespace std;
+
#if defined (_MSC_VER)
#pragma warning( push )
#pragma warning( disable : 4250 )
#endif
-\r
+
class ResolverTest : public shibsp::AssertionConsumerService
{
public:
}
private:
- string implementProtocol(
+ void implementProtocol(
const Application& application,
const HTTPRequest& httpRequest,
+ HTTPResponse& httpResponse,
SecurityPolicy& policy,
const PropertySet* settings,
const XMLObject& xmlObject
throw FatalProfileException("Should never be called.");
}
};
-\r
+
#if defined (_MSC_VER)
#pragma warning( pop )
#endif
-\r
-void usage()\r
-{\r
- cerr << "usage: resolvertest -n <name> -i <IdP> -p <protocol> [-f <format URI> -a <application id>]" << endl;\r
- cerr << " resolvertest [-a <application id>] < assertion.xml" << endl;\r
-}\r
-\r
-int main(int argc,char* argv[])\r
-{\r
- char* a_param=NULL;\r
- char* n_param=NULL;\r
- char* f_param=NULL;\r
- char* i_param=NULL;\r
- char* prot = NULL;\r
- const XMLCh* protocol = NULL;\r
- char* path=NULL;\r
- char* config=NULL;\r
-\r
- for (int i=1; i<argc; i++) {\r
- if (!strcmp(argv[i],"-n") && i+1<argc)\r
- n_param=argv[++i];\r
- else if (!strcmp(argv[i],"-f") && i+1<argc)\r
- f_param=argv[++i];\r
- else if (!strcmp(argv[i],"-i") && i+1<argc)\r
- i_param=argv[++i];\r
- else if (!strcmp(argv[i],"-p") && i+1<argc)\r
- prot=argv[++i];\r
- else if (!strcmp(argv[i],"-saml10"))\r
- protocol=samlconstants::SAML10_PROTOCOL_ENUM;\r
- else if (!strcmp(argv[i],"-saml11"))\r
- protocol=samlconstants::SAML11_PROTOCOL_ENUM;\r
- else if (!strcmp(argv[i],"-saml2"))\r
- protocol=samlconstants::SAML20P_NS;\r
- else if (!strcmp(argv[i],"-a") && i+1<argc)\r
- a_param=argv[++i];\r
- }\r
-\r
- if (n_param && !i_param) {\r
- usage();\r
- exit(-10);\r
- }\r
-\r
- path=getenv("SHIBSP_SCHEMAS");\r
- if (!path)\r
- path=SHIBSP_SCHEMAS;\r
- config=getenv("SHIBSP_CONFIG");\r
- if (!config)\r
- config=SHIBSP_CONFIG;\r
- if (!a_param)\r
- a_param="default";\r
-\r
- XMLToolingConfig::getConfig().log_config(getenv("SHIBSP_LOGGING") ? getenv("SHIBSP_LOGGING") : SHIBSP_LOGGING);\r
-\r
- SPConfig& conf=SPConfig::getConfig();\r
- conf.setFeatures(\r
- SPConfig::Metadata |\r
- SPConfig::Trust |\r
- SPConfig::AttributeResolution |\r
- SPConfig::Credentials |\r
- SPConfig::OutOfProcess\r
- );\r
- if (!conf.init(path))\r
- return -1;\r
-\r
- if (n_param) {\r
- if (!protocol) {\r
- if (prot)\r
- protocol = XMLString::transcode(prot);\r
- }\r
- if (!protocol) {\r
- conf.term();\r
- usage();\r
- exit(-10);\r
- }\r
- }\r
- \r
- try {\r
- static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);\r
- static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);\r
- xercesc::DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();\r
- XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);\r
- xercesc::DOMElement* dummy = dummydoc->createElementNS(NULL,path);\r
- auto_ptr_XMLCh src(config);\r
- dummy->setAttributeNS(NULL,path,src.get());\r
- dummy->setAttributeNS(NULL,validate,xmlconstants::XML_ONE);\r
-\r
- conf.setServiceProvider(conf.ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));\r
- conf.getServiceProvider()->init();\r
- }\r
- catch (exception&) {\r
- conf.term();\r
- return -2;\r
- }\r
-\r
- ServiceProvider* sp=conf.getServiceProvider();\r
- sp->lock();\r
-\r
- Category& log = Category::getInstance(SHIBSP_LOGCAT".Utility.ResolverTest");\r
-\r
- const Application* app = sp->getApplication(a_param);\r
- if (!app) {\r
- log.error("unknown application ID (%s)", a_param);\r
- sp->unlock();\r
- conf.term();\r
- return -3;\r
- }\r
-\r
- try {\r
- ResolutionContext* ctx;\r
-\r
- if (n_param) {\r
- auto_ptr_XMLCh issuer(i_param);\r
- auto_ptr_XMLCh name(n_param);\r
- auto_ptr_XMLCh format(f_param);\r
-\r
- MetadataProvider* m=app->getMetadataProvider();\r
- xmltooling::Locker mlocker(m);\r
- const EntityDescriptor* site=m->getEntityDescriptor(issuer.get());\r
- if (!site)\r
- throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,i_param));\r
-\r
- // Build NameID(s).\r
- auto_ptr<saml2::NameID> v2name(saml2::NameIDBuilder::buildNameID());\r
+
+void usage()
+{
+ cerr << "usage: resolvertest -n <name> -i <IdP> -p <protocol> [-f <format URI> -a <application id>]" << endl;
+ cerr << " resolvertest [-a <application id>] < assertion.xml" << endl;
+}
+
+int main(int argc,char* argv[])
+{
+ char* a_param=NULL;
+ char* n_param=NULL;
+ char* f_param=NULL;
+ char* i_param=NULL;
+ char* prot = NULL;
+ const XMLCh* protocol = NULL;
+ char* path=NULL;
+ char* config=NULL;
+
+ for (int i=1; i<argc; i++) {
+ if (!strcmp(argv[i],"-n") && i+1<argc)
+ n_param=argv[++i];
+ else if (!strcmp(argv[i],"-f") && i+1<argc)
+ f_param=argv[++i];
+ else if (!strcmp(argv[i],"-i") && i+1<argc)
+ i_param=argv[++i];
+ else if (!strcmp(argv[i],"-p") && i+1<argc)
+ prot=argv[++i];
+ else if (!strcmp(argv[i],"-saml10"))
+ protocol=samlconstants::SAML10_PROTOCOL_ENUM;
+ else if (!strcmp(argv[i],"-saml11"))
+ protocol=samlconstants::SAML11_PROTOCOL_ENUM;
+ else if (!strcmp(argv[i],"-saml2"))
+ protocol=samlconstants::SAML20P_NS;
+ else if (!strcmp(argv[i],"-a") && i+1<argc)
+ a_param=argv[++i];
+ }
+
+ if (n_param && !i_param) {
+ usage();
+ exit(-10);
+ }
+
+ path=getenv("SHIBSP_SCHEMAS");
+ if (!path)
+ path=SHIBSP_SCHEMAS;
+ config=getenv("SHIBSP_CONFIG");
+ if (!config)
+ config=SHIBSP_CONFIG;
+ if (!a_param)
+ a_param="default";
+
+ XMLToolingConfig::getConfig().log_config(getenv("SHIBSP_LOGGING") ? getenv("SHIBSP_LOGGING") : SHIBSP_LOGGING);
+
+ SPConfig& conf=SPConfig::getConfig();
+ conf.setFeatures(
+ SPConfig::Metadata |
+ SPConfig::Trust |
+ SPConfig::AttributeResolution |
+ SPConfig::Credentials |
+ SPConfig::OutOfProcess
+ );
+ if (!conf.init(path))
+ return -1;
+
+ if (n_param) {
+ if (!protocol) {
+ if (prot)
+ protocol = XMLString::transcode(prot);
+ }
+ if (!protocol) {
+ conf.term();
+ usage();
+ exit(-10);
+ }
+ }
+
+ try {
+ static const XMLCh path[] = UNICODE_LITERAL_4(p,a,t,h);
+ static const XMLCh validate[] = UNICODE_LITERAL_8(v,a,l,i,d,a,t,e);
+ xercesc::DOMDocument* dummydoc=XMLToolingConfig::getConfig().getParser().newDocument();
+ XercesJanitor<xercesc::DOMDocument> docjanitor(dummydoc);
+ xercesc::DOMElement* dummy = dummydoc->createElementNS(NULL,path);
+ auto_ptr_XMLCh src(config);
+ dummy->setAttributeNS(NULL,path,src.get());
+ dummy->setAttributeNS(NULL,validate,xmlconstants::XML_ONE);
+
+ conf.setServiceProvider(conf.ServiceProviderManager.newPlugin(XML_SERVICE_PROVIDER,dummy));
+ conf.getServiceProvider()->init();
+ }
+ catch (exception&) {
+ conf.term();
+ return -2;
+ }
+
+ ServiceProvider* sp=conf.getServiceProvider();
+ sp->lock();
+
+ Category& log = Category::getInstance(SHIBSP_LOGCAT".Utility.ResolverTest");
+
+ const Application* app = sp->getApplication(a_param);
+ if (!app) {
+ log.error("unknown application ID (%s)", a_param);
+ sp->unlock();
+ conf.term();
+ return -3;
+ }
+
+ try {
+ ResolutionContext* ctx;
+
+ if (n_param) {
+ auto_ptr_XMLCh issuer(i_param);
+ auto_ptr_XMLCh name(n_param);
+ auto_ptr_XMLCh format(f_param);
+
+ MetadataProvider* m=app->getMetadataProvider();
+ xmltooling::Locker mlocker(m);
+ MetadataProvider::Criteria mc(i_param, &IDPSSODescriptor::ELEMENT_QNAME, protocol);
+ pair<const EntityDescriptor*,const RoleDescriptor*> site=m->getEntityDescriptor(mc);
+ if (!site.first)
+ throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,i_param));
+
+ // Build NameID(s).
+ auto_ptr<saml2::NameID> v2name(saml2::NameIDBuilder::buildNameID());
v2name->setName(name.get());
v2name->setFormat(format.get());
- saml1::NameIdentifier* v1name = NULL;\r
+ saml1::NameIdentifier* v1name = NULL;
if (!XMLString::equals(protocol, samlconstants::SAML20P_NS)) {
v1name = saml1::NameIdentifierBuilder::buildNameIdentifier();
v1name->setName(name.get());
v1name->setFormat(format.get());
v1name->setNameQualifier(issuer.get());
}
-\r
- ResolverTest rt(NULL, a_param);\r
- try {\r
- ctx = rt.resolveAttributes(*app, site->getIDPSSODescriptor(protocol), protocol, v1name, v2name.get(), NULL, NULL, NULL);\r
- }\r
- catch (...) {\r
- delete v1name;\r
- throw;\r
- }\r
- }\r
- else {\r
- // Try and load assertion from stdin.\r
- DOMDocument* doc = XMLToolingConfig::getConfig().getParser().parse(cin);\r
- XercesJanitor<DOMDocument> docjan(doc);\r
- auto_ptr<XMLObject> token(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));\r
- docjan.release();\r
-\r
- // Get the issuer and protocol and NameIDs.\r
- const XMLCh* issuer = NULL;\r
- const saml1::NameIdentifier* v1name = NULL;\r
- saml2::NameID* v2name = NULL;\r
- saml2::Assertion* a2 = dynamic_cast<saml2::Assertion*>(token.get());\r
- saml1::Assertion* a1 = dynamic_cast<saml1::Assertion*>(token.get());\r
- if (a2) {\r
- const saml2::Issuer* iss = a2->getIssuer();\r
- issuer = iss ? iss->getName() : NULL;\r
- protocol = samlconstants::SAML20P_NS;\r
- v2name = a2->getSubject() ? a2->getSubject()->getNameID() : NULL;\r
- }\r
- else if (a1) {\r
- issuer = a1->getIssuer();\r
- if (a1->getMinorVersion().first && a1->getMinorVersion().second == 0)\r
- protocol = samlconstants::SAML10_PROTOCOL_ENUM;\r
- else\r
- protocol = samlconstants::SAML11_PROTOCOL_ENUM;\r
- v1name = a1->getAuthenticationStatements().size() ?\r
- a1->getAuthenticationStatements().front()->getSubject()->getNameIdentifier() : NULL;\r
+
+ ResolverTest rt(NULL, a_param);
+ try {
+ ctx = rt.resolveAttributes(*app, site.second, protocol, v1name, v2name.get(), NULL, NULL, NULL);
+ }
+ catch (...) {
+ delete v1name;
+ throw;
+ }
+ }
+ else {
+ // Try and load assertion from stdin.
+ DOMDocument* doc = XMLToolingConfig::getConfig().getParser().parse(cin);
+ XercesJanitor<DOMDocument> docjan(doc);
+ auto_ptr<XMLObject> token(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));
+ docjan.release();
+
+ // Get the issuer and protocol and NameIDs.
+ const XMLCh* issuer = NULL;
+ const saml1::NameIdentifier* v1name = NULL;
+ saml2::NameID* v2name = NULL;
+ saml2::Assertion* a2 = dynamic_cast<saml2::Assertion*>(token.get());
+ saml1::Assertion* a1 = dynamic_cast<saml1::Assertion*>(token.get());
+ if (a2) {
+ const saml2::Issuer* iss = a2->getIssuer();
+ issuer = iss ? iss->getName() : NULL;
+ protocol = samlconstants::SAML20P_NS;
+ v2name = a2->getSubject() ? a2->getSubject()->getNameID() : NULL;
+ }
+ else if (a1) {
+ issuer = a1->getIssuer();
+ if (a1->getMinorVersion().first && a1->getMinorVersion().second == 0)
+ protocol = samlconstants::SAML10_PROTOCOL_ENUM;
+ else
+ protocol = samlconstants::SAML11_PROTOCOL_ENUM;
+ v1name = a1->getAuthenticationStatements().size() ?
+ a1->getAuthenticationStatements().front()->getSubject()->getNameIdentifier() : NULL;
// Normalize the SAML 1.x NameIdentifier...
v2name = saml2::NameIDBuilder::buildNameID();
v2name->setName(v1name->getName());
v2name->setFormat(v1name->getFormat());
v2name->setNameQualifier(v1name->getNameQualifier());
- }\r
- else {\r
- throw FatalProfileException("Unknown assertion type.");\r
- }\r
-\r
- if (!issuer) {\r
- if (v1name)\r
- delete v2name;\r
- throw FatalProfileException("Unable to determine issuer.");\r
- }\r
-\r
- MetadataProvider* m=app->getMetadataProvider();\r
- xmltooling::Locker mlocker(m);\r
- const EntityDescriptor* site=m->getEntityDescriptor(issuer);\r
- if (!site) {\r
- auto_ptr_char temp(issuer);\r
- throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,temp.get()));\r
- }\r
- \r
- vector<const Assertion*> tokens(1, dynamic_cast<Assertion*>(token.get()));\r
- ResolverTest rt(NULL, a_param);\r
- try {\r
- ctx = rt.resolveAttributes(*app, site->getIDPSSODescriptor(protocol), protocol, v1name, v2name, NULL, NULL, &tokens);\r
- }\r
- catch (...) {\r
- if (v1name)\r
- delete v2name;\r
- throw;\r
- }\r
- }\r
-\r
- auto_ptr<ResolutionContext> wrapper(ctx);\r
- for (vector<Attribute*>::const_iterator a = ctx->getResolvedAttributes().begin(); a != ctx->getResolvedAttributes().end(); ++a) {\r
- cout << endl;\r
- for (vector<string>::const_iterator s = (*a)->getAliases().begin(); s != (*a)->getAliases().end(); ++s)\r
- cout << "ID: " << *s << endl;\r
- for (vector<string>::const_iterator s = (*a)->getSerializedValues().begin(); s != (*a)->getSerializedValues().end(); ++s)\r
- cout << "Value: " << *s << endl;\r
- }\r
- cout << endl;\r
- }\r
- catch(exception& ex) {\r
- log.error(ex.what());\r
- sp->unlock();\r
- conf.term();\r
- return -10;\r
- }\r
-\r
- sp->unlock();\r
- conf.term();\r
- return 0;\r
-}\r
+ }
+ else {
+ throw FatalProfileException("Unknown assertion type.");
+ }
+
+ if (!issuer) {
+ if (v1name)
+ delete v2name;
+ throw FatalProfileException("Unable to determine issuer.");
+ }
+
+ MetadataProvider* m=app->getMetadataProvider();
+ xmltooling::Locker mlocker(m);
+ MetadataProvider::Criteria mc(issuer, &IDPSSODescriptor::ELEMENT_QNAME, protocol);
+ pair<const EntityDescriptor*,const RoleDescriptor*> site=m->getEntityDescriptor(mc);
+ if (!site.first) {
+ auto_ptr_char temp(issuer);
+ throw MetadataException("Unable to locate metadata for IdP ($1).", params(1,temp.get()));
+ }
+
+ vector<const Assertion*> tokens(1, dynamic_cast<Assertion*>(token.get()));
+ ResolverTest rt(NULL, a_param);
+ try {
+ ctx = rt.resolveAttributes(*app, site.second, protocol, v1name, v2name, NULL, NULL, &tokens);
+ }
+ catch (...) {
+ if (v1name)
+ delete v2name;
+ throw;
+ }
+ }
+
+ auto_ptr<ResolutionContext> wrapper(ctx);
+ for (vector<Attribute*>::const_iterator a = ctx->getResolvedAttributes().begin(); a != ctx->getResolvedAttributes().end(); ++a) {
+ cout << endl;
+ for (vector<string>::const_iterator s = (*a)->getAliases().begin(); s != (*a)->getAliases().end(); ++s)
+ cout << "ID: " << *s << endl;
+ for (vector<string>::const_iterator s = (*a)->getSerializedValues().begin(); s != (*a)->getSerializedValues().end(); ++s)
+ cout << "Value: " << *s << endl;
+ }
+ cout << endl;
+ }
+ catch(exception& ex) {
+ log.error(ex.what());
+ sp->unlock();
+ conf.term();
+ return -10;
+ }
+
+ sp->unlock();
+ conf.term();
+ return 0;
+}