X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=mech_eap%2Futil_shib.cpp;h=f8c702bb180bed7a56c03a133dcc0874c31ee54b;hb=49c65b803b43e159e38f6a16505bad54de153916;hp=ba83762d2d9b9fce9c0792f610e878216b316b67;hpb=b194c3fd8eb95b0583e31586437d9897f8599c1d;p=mech_eap.orig diff --git a/mech_eap/util_shib.cpp b/mech_eap/util_shib.cpp index ba83762..f8c702b 100644 --- a/mech_eap/util_shib.cpp +++ b/mech_eap/util_shib.cpp @@ -49,25 +49,34 @@ * Local attribute provider implementation. */ +#include "gssapiP_eap.h" + #include +#ifndef HAVE_OPENSAML +#include +#include +#endif #include #include -#include #include +#include +#include #include #include -#include "gssapiP_eap.h" - using namespace shibsp; using namespace shibresolver; -using namespace opensaml::saml2md; -using namespace opensaml; using namespace xmltooling; using namespace std; +#ifdef HAVE_OPENSAML +using namespace opensaml::saml2md; +using namespace opensaml; +#else +using namespace xercesc; +#endif gss_eap_shib_attr_provider::gss_eap_shib_attr_provider(void) { @@ -142,12 +151,33 @@ gss_eap_shib_attr_provider::initWithGssContext(const gss_eap_attr_ctx *manager, gss_release_buffer(&minor, &mechName); } +#ifdef HAVE_OPENSAML const gss_eap_saml_assertion_provider *saml; saml = static_cast (m_manager->getProvider(ATTR_TYPE_SAML_ASSERTION)); if (saml != NULL && saml->getAssertion() != NULL) { resolver->addToken(saml->getAssertion()); } +#else + /* If no OpenSAML, parse the XML assertion explicitly */ + const gss_eap_radius_attr_provider *radius; + int authenticated, complete; + gss_buffer_desc value = GSS_C_EMPTY_BUFFER; + + radius = static_cast + (m_manager->getProvider(ATTR_TYPE_RADIUS)); + if (radius != NULL && + radius->getFragmentedAttribute(PW_SAML_AAA_ASSERTION, + VENDORPEC_UKERNA, + &authenticated, &complete, &value)) { + string str((char *)value.value, value.length); + istringstream istream(str); + DOMDocument *doc = XMLToolingConfig::getConfig().getParser().parse(istream); + const XMLObjectBuilder *b = XMLObjectBuilder::getBuilder(doc->getDocumentElement()); + resolver->addToken(b->buildFromDocument(doc)); + gss_release_buffer(&minor, &value); + } +#endif /* HAVE_OPENSAML */ try { resolver->resolve(); @@ -168,7 +198,7 @@ gss_eap_shib_attr_provider::getAttributeIndex(const gss_buffer_t attr) const { int i = 0; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -196,7 +226,7 @@ gss_eap_shib_attr_provider::setAttribute(int complete GSSEAP_UNUSED, vector ids(1, attrStr); BinaryAttribute *a = new BinaryAttribute(ids); - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); if (value->length != 0) { string valueStr((char *)value->value, value->length); @@ -215,7 +245,7 @@ gss_eap_shib_attr_provider::deleteAttribute(const gss_buffer_t attr) { int i; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); i = getAttributeIndex(attr); if (i >= 0) @@ -230,7 +260,7 @@ bool gss_eap_shib_attr_provider::getAttributeTypes(gss_eap_attr_enumeration_cb addAttribute, void *data) const { - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -253,7 +283,7 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr) const { const Attribute *ret = NULL; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); for (vector::const_iterator a = m_attributes.begin(); a != m_attributes.end(); @@ -284,11 +314,12 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr, int *more) const { const Attribute *shibAttr = NULL; + const BinaryAttribute *binaryAttr; gss_buffer_desc valueBuf = GSS_C_EMPTY_BUFFER; gss_buffer_desc displayValueBuf = GSS_C_EMPTY_BUFFER; int nvalues, i = *more; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); *more = 0; @@ -303,9 +334,8 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr, if (i >= nvalues) return false; - if (typeid(*shibAttr) == typeid(BinaryAttribute)) { - const BinaryAttribute *binaryAttr = - dynamic_cast(shibAttr); + binaryAttr = dynamic_cast(shibAttr); + if (binaryAttr != NULL) { std::string str = binaryAttr->getValues()[*more]; valueBuf.value = (void *)str.data(); @@ -316,7 +346,12 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr, valueBuf.value = (void *)str.c_str(); valueBuf.length = str.length(); - displayValueBuf = valueBuf; + const SimpleAttribute *simpleAttr = + dynamic_cast(shibAttr); + const ScopedAttribute *scopedAttr = + dynamic_cast(shibAttr); + if (simpleAttr != NULL || scopedAttr != NULL) + displayValueBuf = valueBuf; } if (authenticated != NULL) @@ -339,7 +374,7 @@ gss_eap_shib_attr_provider::mapToAny(int authenticated, { gss_any_t output; - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); if (authenticated && !m_authenticated) return (gss_any_t)NULL; @@ -355,7 +390,7 @@ void gss_eap_shib_attr_provider::releaseAnyNameMapping(gss_buffer_t type_id GSSEAP_UNUSED, gss_any_t input) const { - assert(m_initialized); + GSSEAP_ASSERT(m_initialized); vector *v = ((vector *)input); delete v; @@ -404,8 +439,8 @@ gss_eap_shib_attr_provider::initWithJsonObject(const gss_eap_attr_ctx *ctx, if (!gss_eap_attr_provider::initWithJsonObject(ctx, obj)) return false; - assert(m_authenticated == false); - assert(m_attributes.size() == 0); + GSSEAP_ASSERT(m_authenticated == false); + GSSEAP_ASSERT(m_attributes.size() == 0); JSONObject jattrs = obj["attributes"]; size_t nelems = jattrs.size(); @@ -430,8 +465,7 @@ gss_eap_shib_attr_provider::init(void) bool ret = false; try { - if (SPConfig::getConfig().getFeatures() == 0) - ret = ShibbolethResolver::init(); + ret = ShibbolethResolver::init(); } catch (exception &e) { }