#include "internal.h"
+#include <algorithm>
#include <sys/types.h>
#include <sys/stat.h>
#include <xsec/framework/XSECException.hpp>
#include <xsec/framework/XSECProvider.hpp>
+#include <shibsp/SPConstants.h>
+
using namespace shibboleth;
using namespace saml;
using namespace log4cpp;
vector<const XMLCh*> m_formats;
};
- class ScopedRole : public virtual IScopedRoleDescriptor
- {
- public:
- ScopedRole(const DOMElement* e);
- saml::Iterator<std::pair<const XMLCh*,bool> > getScopes() const {return m_scopes;}
-
- private:
- vector<pair<const XMLCh*,bool> > m_scopes;
- };
-
- class IDPRole : public SSORole, public ScopedRole, public virtual IIDPSSODescriptor
+ class IDPRole : public SSORole, public virtual IIDPSSODescriptor
{
public:
IDPRole(const EntityDescriptor* provider, time_t validUntil, const DOMElement* e);
friend class EntityDescriptor;
};
- class AARole : public Role, public ScopedRole, public virtual IAttributeAuthorityDescriptor
+ class AARole : public Role, public virtual IAttributeAuthorityDescriptor
{
public:
AARole(const EntityDescriptor* provider, time_t validUntil, const DOMElement* e);
Iterator<pair<const XMLCh*,const XMLCh*> > getAdditionalMetadataLocations() const {return m_locs;}
const IEntitiesDescriptor* getEntitiesDescriptor() const {return m_parent;}
Iterator<const IKeyAuthority*> getKeyAuthorities() const {return m_keyauths;}
+ saml::Iterator<std::pair<const XMLCh*,bool> > getScopes() const {return m_scopes;}
const DOMElement* getElement() const {return m_root;}
// Used internally
vector<const IRoleDescriptor*> m_roles;
vector<pair<const XMLCh*,const XMLCh*> > m_locs;
vector<const IKeyAuthority*> m_keyauths;
+ vector<pair<const XMLCh*,bool> > m_scopes;
time_t m_validUntil;
};
XMLMetadataImpl::KeyDescriptor::~KeyDescriptor()
{
- for (vector<const XENCEncryptionMethod*>::iterator i=m_methods.begin(); i!=m_methods.end(); i++)
- delete const_cast<XENCEncryptionMethod*>(*i);
+ for_each(m_methods.begin(),m_methods.end(),xmltooling::cleanup<XENCEncryptionMethod>());
delete m_klist;
}
XMLMetadataImpl::KeyAuthority::~KeyAuthority()
{
- for (vector<DSIGKeyInfoList*>::iterator i=m_klists.begin(); i!=m_klists.end(); i++)
- delete (*i);
+ for_each(m_klists.begin(),m_klists.end(),xmltooling::cleanup<DSIGKeyInfoList>());
}
XMLMetadataImpl::Role::Role(const EntityDescriptor* provider, time_t validUntil, const DOMElement* e)
delete m_org;
delete m_errorURL;
if (m_protocolEnumCopy) XMLString::release(&m_protocolEnumCopy);
- for (vector<const IKeyDescriptor*>::iterator i=m_keys.begin(); i!=m_keys.end(); i++)
- delete const_cast<IKeyDescriptor*>(*i);
- for (vector<const IContactPerson*>::iterator j=m_contacts.begin(); j!=m_contacts.end(); j++)
- delete const_cast<IContactPerson*>(*j);
+ for_each(m_keys.begin(),m_keys.end(),xmltooling::cleanup<IKeyDescriptor>());
+ for_each(m_contacts.begin(),m_contacts.end(),xmltooling::cleanup<IContactPerson>());
}
bool XMLMetadataImpl::Role::hasSupport(const XMLCh* protocol) const
else {
// For old style, we just do SAML 1.1 compatibility with Shib handles.
m_protocolEnum.push_back(saml::XML::SAML11_PROTOCOL_ENUM);
- m_formats.push_back(shibboleth::Constants::SHIB_NAMEID_FORMAT_URI);
- }
-}
-
-XMLMetadataImpl::ScopedRole::ScopedRole(const DOMElement* e)
-{
- // Check the root element namespace. If SAML2, assume it's the std schema.
- DOMNodeList* nlist=NULL;
- if (!XMLString::compareString(e->getNamespaceURI(),::XML::SAML2META_NS)) {
- e=saml::XML::getFirstChildElement(e,::XML::SAML2META_NS,SHIB_L(Extensions));
- if (e) nlist=e->getElementsByTagNameNS(::XML::SHIBMETA_NS,SHIB_L(Scope));
- }
- else {
- nlist=e->getElementsByTagNameNS(::XML::SHIB_NS,SHIB_L(Domain));
- }
-
- for (unsigned int i=0; nlist && i < nlist->getLength(); i++) {
- const XMLCh* dom=(nlist->item(i)->hasChildNodes()) ? nlist->item(i)->getFirstChild()->getNodeValue() : NULL;
- if (dom && *dom) {
- const XMLCh* regexp=static_cast<DOMElement*>(nlist->item(i))->getAttributeNS(NULL,SHIB_L(regexp));
- m_scopes.push_back(
- pair<const XMLCh*,bool>(dom,(regexp && (*regexp==chLatin_t || *regexp==chDigit_1)))
- );
- }
+ m_formats.push_back(shibspconstants::SHIB1_NAMEID_FORMAT_URI);
}
}
XMLMetadataImpl::IDPRole::IDPRole(const EntityDescriptor* provider, time_t validUntil, const DOMElement* e)
- : SSORole(provider,validUntil,e), ScopedRole(e), m_wantAuthnRequestsSigned(false), m_sourceId(NULL)
+ : SSORole(provider,validUntil,e), m_wantAuthnRequestsSigned(false), m_sourceId(NULL)
{
// Check the root element namespace. If SAML2, assume it's the std schema.
if (!XMLString::compareString(e->getNamespaceURI(),::XML::SAML2META_NS)) {
}
}
else {
- m_protocolEnum.push_back(Constants::SHIB_NS);
- m_attrprofs.push_back(Constants::SHIB_ATTRIBUTE_NAMESPACE_URI);
+ m_protocolEnum.push_back(::XML::SHIB_NS);
+ m_attrprofs.push_back(shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI);
unsigned int i;
DOMNodeList* nlist=e->getElementsByTagNameNS(::XML::SHIB_NS,SHIB_L(HandleService));
for (i=0; nlist && i<nlist->getLength(); i++) {
// Manufacture an endpoint for the "Shib" binding.
m_sso.add(
- new Endpoint(Constants::SHIB_AUTHNREQUEST_PROFILE_URI,static_cast<DOMElement*>(nlist->item(i))->getAttributeNS(NULL,L(Location)))
+ new Endpoint(shibspconstants::SHIB1_AUTHNREQUEST_PROFILE_URI,static_cast<DOMElement*>(nlist->item(i))->getAttributeNS(NULL,L(Location)))
);
// We're going to "mock up" a KeyDescriptor that contains the specified Name as a ds:KeyName.
XMLMetadataImpl::IDPRole::~IDPRole()
{
- for (vector<const SAMLAttribute*>::iterator i=m_attrs.begin(); i!=m_attrs.end(); i++)
- delete const_cast<SAMLAttribute*>(*i);
+ for_each(m_attrs.begin(),m_attrs.end(),xmltooling::cleanup<SAMLAttribute>());
}
XMLMetadataImpl::AARole::AARole(const EntityDescriptor* provider, time_t validUntil, const DOMElement* e)
- : Role(provider,validUntil,e), ScopedRole(e)
+ : Role(provider,validUntil,e)
{
// Check the root element namespace. If SAML2, assume it's the std schema.
if (!XMLString::compareString(e->getNamespaceURI(),::XML::SAML2META_NS)) {
else {
// For old style, we just do SAML 1.1 compatibility with Shib handles.
m_protocolEnum.push_back(saml::XML::SAML11_PROTOCOL_ENUM);
- m_formats.push_back(Constants::SHIB_NAMEID_FORMAT_URI);
- m_attrprofs.push_back(Constants::SHIB_ATTRIBUTE_NAMESPACE_URI);
+ m_formats.push_back(shibspconstants::SHIB1_NAMEID_FORMAT_URI);
+ m_attrprofs.push_back(shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI);
unsigned int i;
DOMNodeList* nlist=e->getElementsByTagNameNS(::XML::SHIB_NS,SHIB_L(AttributeAuthority));
for (i=0; nlist && i<nlist->getLength(); i++) {
XMLMetadataImpl::AARole::~AARole()
{
- for (vector<const SAMLAttribute*>::iterator i=m_attrs.begin(); i!=m_attrs.end(); i++)
- delete const_cast<SAMLAttribute*>(*i);
+ for_each(m_attrs.begin(),m_attrs.end(),xmltooling::cleanup<SAMLAttribute>());
}
XMLMetadataImpl::EntityDescriptor::EntityDescriptor(
) : m_root(e), m_parent(parent), m_org(NULL), m_validUntil(validUntil)
{
// Check the root element namespace. If SAML2, assume it's the std schema.
+ DOMNodeList* scopes=NULL;
if (!XMLString::compareString(e->getNamespaceURI(),::XML::SAML2META_NS)) {
m_id=e->getAttributeNS(NULL,SHIB_L(entityID));
}
child = saml::XML::getNextSiblingElement(child);
}
+
+ // Grab all the shibmd:Scope elements here and at the role level.
+ scopes=e->getElementsByTagNameNS(::XML::SHIBMETA_NS,SHIB_L(Scope));
}
else {
m_id=e->getAttributeNS(NULL,SHIB_L(Name));
}
child = saml::XML::getNextSiblingElement(child);
}
+
+ // Grab all the shib:Domain elements.
+ scopes=e->getElementsByTagNameNS(::XML::SHIB_NS,SHIB_L(Domain));
+ }
+
+ // Process scopes.
+ for (unsigned int i=0; scopes && i < scopes->getLength(); i++) {
+ const XMLCh* dom=(scopes->item(i)->hasChildNodes()) ? scopes->item(i)->getFirstChild()->getNodeValue() : NULL;
+ if (dom && *dom) {
+ const XMLCh* regexp=static_cast<DOMElement*>(scopes->item(i))->getAttributeNS(NULL,SHIB_L(regexp));
+ m_scopes.push_back(
+ pair<const XMLCh*,bool>(dom,(regexp && (*regexp==chLatin_t || *regexp==chDigit_1)))
+ );
+ }
}
auto_ptr_char id(m_id);
XMLMetadataImpl::EntityDescriptor::~EntityDescriptor()
{
delete m_org;
- for (vector<const IContactPerson*>::iterator i=m_contacts.begin(); i!=m_contacts.end(); i++)
- delete const_cast<IContactPerson*>(*i);
- for (vector<const IRoleDescriptor*>::iterator j=m_roles.begin(); j!=m_roles.end(); j++)
- delete const_cast<IRoleDescriptor*>(*j);
- for (vector<const IKeyAuthority*>::iterator k=m_keyauths.begin(); k!=m_keyauths.end(); k++)
- delete const_cast<IKeyAuthority*>(*k);
+ for_each(m_contacts.begin(),m_contacts.end(),xmltooling::cleanup<IContactPerson>());
+ for_each(m_roles.begin(),m_roles.end(),xmltooling::cleanup<IRoleDescriptor>());
+ for_each(m_keyauths.begin(),m_keyauths.end(),xmltooling::cleanup<IKeyAuthority>());
}
XMLMetadataImpl::EntitiesDescriptor::EntitiesDescriptor(
XMLMetadataImpl::EntitiesDescriptor::~EntitiesDescriptor()
{
- for (vector<const IEntityDescriptor*>::iterator i=m_providers.begin(); i!=m_providers.end(); i++)
- delete const_cast<IEntityDescriptor*>(*i);
- for (vector<const IEntitiesDescriptor*>::iterator j=m_groups.begin(); j!=m_groups.end(); j++)
- delete const_cast<IEntitiesDescriptor*>(*j);
- for (vector<const IKeyAuthority*>::iterator k=m_keyauths.begin(); k!=m_keyauths.end(); k++)
- delete const_cast<IKeyAuthority*>(*k);
+ for_each(m_providers.begin(),m_providers.end(),xmltooling::cleanup<IEntityDescriptor>());
+ for_each(m_groups.begin(),m_groups.end(),xmltooling::cleanup<IEntitiesDescriptor>());
+ for_each(m_keyauths.begin(),m_keyauths.end(),xmltooling::cleanup<IKeyAuthority>());
}
void XMLMetadataImpl::init()