X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2Futil_shib.cpp;h=ab241a75bda4dfdbbee6436e60881fb2e2907353;hb=refs%2Fheads%2Fddf-name;hp=04ef90f682735a5a6c4bbc3631a44fa0c7a22c2e;hpb=754fb92e5ac6ad34aaa44a64c9bfa9a2583179f2;p=moonshot.git diff --git a/mech_eap/util_shib.cpp b/mech_eap/util_shib.cpp index 04ef90f..ab241a7 100644 --- a/mech_eap/util_shib.cpp +++ b/mech_eap/util_shib.cpp @@ -156,10 +156,10 @@ gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *manager, { const gss_eap_saml_assertion_provider *saml; const gss_eap_radius_attr_provider *radius; +#if 0 gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER; - ShibbolethResolver *resolver; OM_uint32 minor; - +#endif if (!gss_eap_attr_provider::initFromGssContext(manager, gssCred, gssCtx)) return false; @@ -168,13 +168,21 @@ gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *manager, radius = static_cast (m_manager->getProvider(ATTR_TYPE_RADIUS)); - resolver = ShibbolethResolver::create(); + auto_ptr resolver(ShibbolethResolver::create()); + /* + * For now, leave ApplicationID defaulted. + * Later on, we could allow this via config option to the mechanism + * or rely on an SPRequest interface to pass in a URI identifying the + * acceptor. + */ +#if 0 if (gssCred != GSS_C_NO_CREDENTIAL && gssEapDisplayName(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE) { resolver->setApplicationID((const char *)nameBuf.value); gss_release_buffer(&minor, &nameBuf); } +#endif m_authenticated = false; @@ -194,13 +202,9 @@ gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *manager, m_attributes = resolver->getResolvedAttributes(); resolver->getResolvedAttributes().clear(); } catch (exception &e) { -#if 0 - delete resolver; - throw e; -#endif + //fprintf(stderr, "%s", e.what()); } - delete resolver; return true; } @@ -331,7 +335,7 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr, else if (i >= nvalues) return false; - buf.value = (void *)shibAttr->getString(*more); + buf.value = (void *)shibAttr->getSerializedValues()[*more].c_str(); buf.length = strlen((char *)buf.value); if (buf.length != 0) { @@ -377,56 +381,39 @@ gss_eap_shib_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UN delete v; } -void -gss_eap_shib_attr_provider::exportToBuffer(gss_buffer_t buffer) const +const char * +gss_eap_shib_attr_provider::marshallingKey(void) const { - DDF obj(NULL); - DDF attrs(NULL); + return "local"; +} - buffer->length = 0; - buffer->value = NULL; +DDF +gss_eap_shib_attr_provider::marshall(void) const +{ + DDF obj(NULL); - obj.addmember("version").integer(1); obj.addmember("authenticated").integer(m_authenticated); - attrs = obj.addmember("attributes").list(); + DDF attrs = obj.addmember("attributes").list(); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); ++a) { DDF attr = (*a)->marshall(); attrs.add(attr); } - ostringstream sink; - sink << attrs; - string str = sink.str(); - - duplicateBuffer(str, buffer); - - attrs.destroy(); + return obj; } bool -gss_eap_shib_attr_provider::initFromBuffer(const gss_eap_attr_ctx *ctx, - const gss_buffer_t buffer) +gss_eap_shib_attr_provider::unmarshallAndInit(const gss_eap_attr_ctx *ctx, + DDF &obj) { - if (!gss_eap_attr_provider::initFromBuffer(ctx, buffer)) + if (!gss_eap_attr_provider::unmarshallAndInit(ctx, obj)) return false; - if (buffer->length == 0) - return true; - assert(m_authenticated == false); assert(m_attributes.size() == 0); - DDF obj(NULL); - string str((const char *)buffer->value, buffer->length); - istringstream source(str); - - source >> obj; - - if (obj["version"].integer() != 1) - return false; - m_authenticated = (obj["authenticated"].integer() != 0); DDF attrs = obj["attributes"]; @@ -437,8 +424,6 @@ gss_eap_shib_attr_provider::initFromBuffer(const gss_eap_attr_ctx *ctx, attr = attrs.next(); } - attrs.destroy(); - return true; }