X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2FSAMLConfig.cpp;h=fdf3b9b61db982f7da73350576297adebcd2a9d2;hb=refs%2Fheads%2Fmaster;hp=fbe109fa3774fdc97a0b0571f45ab155fa514d49;hpb=f1208cd2f514700244816377443c4951dc22c848;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/SAMLConfig.cpp b/saml/SAMLConfig.cpp
index fbe109f..fdf3b9b 100644
--- a/saml/SAMLConfig.cpp
+++ b/saml/SAMLConfig.cpp
@@ -48,6 +48,7 @@
 #include "saml1/core/Assertions.h"
 #include "saml1/core/Protocols.h"
 #include "saml2/core/Protocols.h"
+#include "saml2/metadata/EntityMatcher.h"
 #include "saml2/metadata/Metadata.h"
 #include "saml2/metadata/MetadataFilter.h"
 #include "saml2/metadata/MetadataProvider.h"
@@ -61,14 +62,21 @@
 #include <xmltooling/util/PathResolver.h>
 #include <xmltooling/util/Threads.h>
 
+#include <boost/lambda/bind.hpp>
+#include <boost/lambda/casts.hpp>
+#include <boost/lambda/lambda.hpp>
+
 #include <xsec/enc/XSECCryptoException.hpp>
 #include <xsec/enc/XSECCryptoProvider.hpp>
 #include <xsec/utils/XSECPlatformUtils.hpp>
+#include <xercesc/util/XMLStringTokenizer.hpp>
 
 using namespace opensaml;
 using namespace xmlsignature;
 using namespace xmltooling::logging;
 using namespace xmltooling;
+using namespace boost::lambda;
+using namespace boost;
 using namespace std;
 
 // Expose entry points when used as an extension library
@@ -114,6 +122,7 @@ SAMLConfig::SAMLConfig() : m_artifactMap(nullptr)
 
 SAMLConfig::~SAMLConfig()
 {
+    delete m_artifactMap;
 }
 
 ArtifactMap* SAMLConfig::getArtifactMap() const
@@ -133,7 +142,6 @@ SAMLInternalConfig::SAMLInternalConfig() : m_initCount(0), m_lock(Mutex::create(
 
 SAMLInternalConfig::~SAMLInternalConfig()
 {
-    delete m_lock;
 }
 
 bool SAMLInternalConfig::init(bool initXMLTooling)
@@ -141,7 +149,7 @@ bool SAMLInternalConfig::init(bool initXMLTooling)
 #ifdef _DEBUG
     xmltooling::NDC ndc("init");
 #endif
-    Category& log=Category::getInstance(SAML_LOGCAT".Config");
+    Category& log=Category::getInstance(SAML_LOGCAT ".Config");
 
     Lock initLock(m_lock);
 
@@ -179,11 +187,15 @@ bool SAMLInternalConfig::init(bool initXMLTooling)
     saml2md::registerMetadataClasses();
     saml2md::registerMetadataProviders();
     saml2md::registerMetadataFilters();
+    saml2md::registerEntityMatchers();
     registerSAMLArtifacts();
     registerMessageEncoders();
     registerMessageDecoders();
     registerSecurityPolicyRules();
 
+    m_contactPriority.push_back(saml2md::ContactPerson::CONTACT_SUPPORT);
+    m_contactPriority.push_back(saml2md::ContactPerson::CONTACT_TECHNICAL);
+
     log.info("%s library initialization complete", PACKAGE_STRING);
     ++m_initCount;
     return true;
@@ -197,7 +209,7 @@ void SAMLInternalConfig::term(bool termXMLTooling)
 
     Lock initLock(m_lock);
     if (m_initCount == 0) {
-        Category::getInstance(SAML_LOGCAT".Config").crit("term without corresponding init");
+        Category::getInstance(SAML_LOGCAT ".Config").crit("term without corresponding init");
         return;
     }
     else if (--m_initCount > 0) {
@@ -208,6 +220,7 @@ void SAMLInternalConfig::term(bool termXMLTooling)
     MessageEncoderManager.deregisterFactories();
     SecurityPolicyRuleManager.deregisterFactories();
     SAMLArtifactManager.deregisterFactories();
+    EntityMatcherManager.deregisterFactories();
     MetadataFilterManager.deregisterFactories();
     MetadataProviderManager.deregisterFactories();
 
@@ -217,7 +230,7 @@ void SAMLInternalConfig::term(bool termXMLTooling)
     if (termXMLTooling)
         XMLToolingConfig::getConfig().term();
     
-    Category::getInstance(SAML_LOGCAT".Config").info("%s library shutdown complete", PACKAGE_STRING);
+    Category::getInstance(SAML_LOGCAT ".Config").info("%s library shutdown complete", PACKAGE_STRING);
 }
 
 void SAMLInternalConfig::generateRandomBytes(void* buf, unsigned int len)
@@ -234,8 +247,8 @@ void SAMLInternalConfig::generateRandomBytes(void* buf, unsigned int len)
 void SAMLInternalConfig::generateRandomBytes(std::string& buf, unsigned int len)
 {
     buf.erase();
-    auto_ptr<unsigned char> hold(new unsigned char[len]);
-    generateRandomBytes(hold.get(),len);
+    auto_arrayptr<unsigned char> hold(new unsigned char[len]);
+    generateRandomBytes(const_cast<unsigned char*>(hold.get()), len);
     for (unsigned int i=0; i<len; i++)
         buf+=(hold.get())[i];
 }
@@ -258,6 +271,40 @@ string SAMLInternalConfig::hashSHA1(const char* s, bool toHex)
     return SecurityHelper::doHash("SHA1", s, strlen(s), toHex);
 }
 
+void SAMLInternalConfig::setContactPriority(const XMLCh* contactTypes)
+{
+    const XMLCh* ctype;
+    m_contactPriority.clear();
+    XMLStringTokenizer tokens(contactTypes);
+    while (tokens.hasMoreTokens()) {
+        ctype = tokens.nextToken();
+        if (ctype && *ctype)
+            m_contactPriority.push_back(ctype);
+    }
+}
+
+using namespace saml2md;
+
+const ContactPerson* SAMLInternalConfig::getContactPerson(const EntityDescriptor& entity) const
+{
+    for (vector<xstring>::const_iterator ctype = m_contactPriority.begin(); ctype != m_contactPriority.end(); ++ctype) {
+        const ContactPerson* cp = find_if(entity.getContactPersons(), *ctype == lambda::bind(&ContactPerson::getContactType, _1));
+        if (cp)
+            return cp;
+    }
+    return nullptr;
+}
+
+const ContactPerson* SAMLInternalConfig::getContactPerson(const RoleDescriptor& role) const
+{
+    for (vector<xstring>::const_iterator ctype = m_contactPriority.begin(); ctype != m_contactPriority.end(); ++ctype) {
+        const ContactPerson* cp = find_if(role.getContactPersons(), *ctype == lambda::bind(&ContactPerson::getContactType, _1));
+        if (cp)
+            return cp;
+    }
+    return getContactPerson(*(dynamic_cast<const EntityDescriptor*>(role.getParent())));
+}
+
 SignableObject::SignableObject()
 {
 }
@@ -282,20 +329,30 @@ Assertion::~Assertion()
 {
 }
 
-using namespace saml2p;
-using namespace saml2md;
+Status::Status()
+{
+}
+
+Status::~Status()
+{
+}
 
 void opensaml::annotateException(XMLToolingException* e, const EntityDescriptor* entity, const Status* status, bool rethrow)
 {
+    time_t now = time(nullptr);
     const RoleDescriptor* role = nullptr;
+    static bool (TimeBoundSAMLObject::* isValid)(time_t) const = &TimeBoundSAMLObject::isValid;
+
     if (entity) {
-        const list<XMLObject*>& roles=entity->getOrderedChildren();
-        for (list<XMLObject*>::const_iterator child=roles.begin(); !role && child!=roles.end(); ++child) {
-            role=dynamic_cast<RoleDescriptor*>(*child);
-            if (role && !role->isValid())
-                role = nullptr;
-        }
+        const XMLObject* r = find_if(
+            entity->getOrderedChildren(),
+            (ll_dynamic_cast<const RoleDescriptor*>(_1) != ((const RoleDescriptor*)nullptr) &&
+                    lambda::bind(isValid, ll_dynamic_cast<const TimeBoundSAMLObject*>(_1), now))
+            );
+        if (r)
+            role = dynamic_cast<const RoleDescriptor*>(r);
     }
+
     annotateException(e, role, status, rethrow);
 }
 
@@ -305,30 +362,32 @@ void opensaml::annotateException(XMLToolingException* e, const RoleDescriptor* r
         auto_ptr_char id(dynamic_cast<EntityDescriptor*>(role->getParent())->getEntityID());
         e->addProperty("entityID",id.get());
 
-        const vector<ContactPerson*>& contacts=role->getContactPersons();
-        for (vector<ContactPerson*>::const_iterator c=contacts.begin(); c!=contacts.end(); ++c) {
-            const XMLCh* ctype=(*c)->getContactType();
-            if (ctype && (XMLString::equals(ctype,ContactPerson::CONTACT_SUPPORT)
-                    || XMLString::equals(ctype,ContactPerson::CONTACT_TECHNICAL))) {
-                GivenName* fname=(*c)->getGivenName();
-                SurName* lname=(*c)->getSurName();
-                auto_ptr_char first(fname ? fname->getName() : nullptr);
-                auto_ptr_char last(lname ? lname->getName() : nullptr);
-                if (first.get() && last.get()) {
-                    string contact=string(first.get()) + ' ' + last.get();
-                    e->addProperty("contactName",contact.c_str());
-                }
-                else if (first.get())
-                    e->addProperty("contactName",first.get());
-                else if (last.get())
-                    e->addProperty("contactName",last.get());
-                const vector<EmailAddress*>& emails=const_cast<const ContactPerson*>(*c)->getEmailAddresss();
-                if (!emails.empty()) {
-                    auto_ptr_char email(emails.front()->getAddress());
-                    if (email.get())
-                        e->addProperty("contactEmail",email.get());
+        const ContactPerson* cp = SAMLConfig::getConfig().getContactPerson(*role);
+        if (cp) {
+            GivenName* fname = cp->getGivenName();
+            SurName* lname = cp->getSurName();
+            auto_ptr_char first(fname ? fname->getName() : nullptr);
+            auto_ptr_char last(lname ? lname->getName() : nullptr);
+            if (first.get() && last.get()) {
+                string contact=string(first.get()) + ' ' + last.get();
+                e->addProperty("contactName", contact.c_str());
+            }
+            else if (first.get())
+                e->addProperty("contactName", first.get());
+            else if (last.get())
+                e->addProperty("contactName", last.get());
+            const vector<EmailAddress*>& emails=cp->getEmailAddresss();
+            if (!emails.empty()) {
+                auto_ptr_char email(emails.front()->getAddress());
+                if (email.get()) {
+                    if (strstr(email.get(), "mailto:") == email.get()) {
+                        e->addProperty("contactEmail", email.get());
+                    }
+                    else {
+                        string addr = string("mailto:") + email.get();
+                        e->addProperty("contactEmail", addr.c_str());
+                    }
                 }
-                break;
             }
         }
 
@@ -337,18 +396,18 @@ void opensaml::annotateException(XMLToolingException* e, const RoleDescriptor* r
             e->addProperty("errorURL",eurl.get());
         }
     }
-    
+
     if (status) {
-        auto_ptr_char sc(status->getStatusCode() ? status->getStatusCode()->getValue() : nullptr);
+        auto_ptr_char sc(status->getTopStatus());
         if (sc.get() && *sc.get())
             e->addProperty("statusCode", sc.get());
-        if (status->getStatusCode()->getStatusCode()) {
-            auto_ptr_char sc2(status->getStatusCode()->getStatusCode()->getValue());
+        if (status->getSubStatus()) {
+            auto_ptr_char sc2(status->getSubStatus());
             if (sc2.get() && *sc.get())
                 e->addProperty("statusCode2", sc2.get());
         }
-        if (status->getStatusMessage()) {
-            auto_ptr_char msg(status->getStatusMessage()->getMessage());
+        if (status->getMessage()) {
+            auto_ptr_char msg(status->getMessage());
             if (msg.get() && *msg.get())
                 e->addProperty("statusMessage", msg.get());
         }