X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml1%2Fbinding%2Fimpl%2FSAML1SOAPEncoder.cpp;h=b41f19668dff1347188af48e542e6f3876efed5c;hb=e9554c255ad3c91c7c4976e7a1a54905903e66a2;hp=df00a95c0cdf188e1ae7078a93eff8ab49bfde36;hpb=0f6286d0ffd9371c187ecb1775cbd199ed051af5;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
index df00a95..b41f196 100644
--- a/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
+++ b/saml/saml1/binding/impl/SAML1SOAPEncoder.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,7 @@
 /**
  * SAML1SOAPEncoder.cpp
  * 
- * SAML 1.x SOAP binding message encoder
+ * SAML 1.x SOAP binding message encoder.
  */
 
 #include "internal.h"
@@ -29,6 +29,7 @@
 #include <sstream>
 #include <xmltooling/logging.h>
 #include <xmltooling/io/HTTPResponse.h>
+#include <xmltooling/signature/Signature.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/soap/SOAP.h>
 
@@ -57,12 +58,12 @@ namespace opensaml {
                 GenericResponse& genericResponse,
                 XMLObject* xmlObject,
                 const char* destination,
-                const EntityDescriptor* recipient=NULL,
-                const char* relayState=NULL,
-                const ArtifactGenerator* artifactGenerator=NULL,
-                const Credential* credential=NULL,
-                const XMLCh* signatureAlg=NULL,
-                const XMLCh* digestAlg=NULL
+                const EntityDescriptor* recipient=nullptr,
+                const char* relayState=nullptr,
+                const ArtifactGenerator* artifactGenerator=nullptr,
+                const Credential* credential=nullptr,
+                const XMLCh* signatureAlg=nullptr,
+                const XMLCh* digestAlg=nullptr
                 ) const;
         };
 
@@ -97,25 +98,42 @@ long SAML1SOAPEncoder::encode(
     genericResponse.setContentType("text/xml");
     HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
     if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
         httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
         httpResponse->setResponseHeader("Pragma", "no-cache");
     }
 
-    DOMElement* rootElement = NULL;
+    bool detachOnFailure = false;
+    DOMElement* rootElement = nullptr;
+    
+    // Check for a naked Response.
     Response* response = dynamic_cast<Response*>(xmlObject);
     if (response) {
+        // Wrap it in a SOAP envelope and point xmlObject at that.
+        detachOnFailure = true;
+        Envelope* env = EnvelopeBuilder::buildEnvelope();
+        Body* body = BodyBuilder::buildBody();
+        env->setBody(body);
+        body->getUnknownXMLObjects().push_back(response);
+        xmlObject = env;
+    }
+
+    // Now check for a full Envelope (which might have just been created).
+    Envelope* env = dynamic_cast<Envelope*>(xmlObject);
+    if (env) {
+        if (!response) {
+            response = (env->getBody() && env->getBody()->hasChildren()) ?
+                dynamic_cast<Response*>(env->getBody()->getUnknownXMLObjects().front()) : nullptr;
+        }
         try {
-            Envelope* env = EnvelopeBuilder::buildEnvelope();
-            Body* body = BodyBuilder::buildBody();
-            env->setBody(body);
-            body->getUnknownXMLObjects().push_back(response);
-            if (credential) {
+            // Now check for signing requirements.
+            if (response && credential) {
                 if (response->getSignature()) {
                     log.debug("response already signed, skipping signature operation");
                     rootElement = env->marshall();
                 }
                 else {
-                    log.debug("signing and marshalling the response");
+                    log.debug("signing the response and marshalling the envelope");
         
                     // Build a Signature.
                     Signature* sig = SignatureBuilder::buildSignature();
@@ -128,31 +146,39 @@ long SAML1SOAPEncoder::encode(
                             cr->setDigestAlgorithm(digestAlg);
                     }
             
-                    // Sign response while marshalling.
+                    // Sign message while marshalling.
                     vector<Signature*> sigs(1,sig);
-                    rootElement = env->marshall((DOMDocument*)NULL,&sigs,credential);
+                    rootElement = env->marshall((DOMDocument*)nullptr,&sigs,credential);
                 }
             }
             else {
-                log.debug("marshalling the response");
+                log.debug("marshalling the envelope");
                 rootElement = env->marshall();
             }
-            
+
             stringstream s;
             s << *rootElement;
-            log.debug("sending serialized response");
-            long ret = genericResponse.sendResponse(s);
+            
+            if (log.isDebugEnabled())
+                log.debug("marshalled envelope:\n%s", s.str().c_str());
+            
+            log.debug("sending serialized envelope");
+            bool error = (!response && env->getBody() && env->getBody()->hasChildren() &&
+                dynamic_cast<Fault*>(env->getBody()->getUnknownXMLObjects().front()));
+            long ret = error ? genericResponse.sendError(s) : genericResponse.sendResponse(s);
         
             // Cleanup by destroying XML.
             delete env;
             return ret;
         }
         catch (XMLToolingException&) {
-            // A bit weird...we have to "revert" things so that the response is isolated
-            // so the caller can free it.
-            if (response->getParent()) {
-                response->getParent()->detach();
-                response->detach();
+            if (response && detachOnFailure) {
+                // A bit weird...we have to "revert" things so that the response is isolated
+                // so the caller can free it.
+                if (response->getParent()) {
+                    response->getParent()->detach();
+                    response->detach();
+                }
             }
             throw;
         }
@@ -161,17 +187,20 @@ long SAML1SOAPEncoder::encode(
     Fault* fault = dynamic_cast<Fault*>(xmlObject);
     if (fault) {
         try {
-            log.debug("building Envelope and marshalling Fault");
+            log.debug("building envelope and marshalling fault");
             Envelope* env = EnvelopeBuilder::buildEnvelope();
             Body* body = BodyBuilder::buildBody();
             env->setBody(body);
             body->getUnknownXMLObjects().push_back(fault);
             rootElement = env->marshall();
-    
-            string xmlbuf;
-            XMLHelper::serialize(rootElement, xmlbuf);
-            istringstream s(xmlbuf);
-            log.debug("sending serialized fault");
+
+            stringstream s;
+            s << *rootElement;
+            
+            if (log.isDebugEnabled())
+                log.debug("marshalled envelope:\n%s", s.str().c_str());
+            
+            log.debug("sending serialized envelope");
             long ret = genericResponse.sendError(s);
         
             // Cleanup by destroying XML.
@@ -188,27 +217,6 @@ long SAML1SOAPEncoder::encode(
             throw;
         }
     }
-
-    Envelope* env = dynamic_cast<Envelope*>(xmlObject);
-    if (env) {
-        log.debug("marshalling envelope");
-        rootElement = env->marshall();
-
-        bool error =
-            (env->getBody() &&
-                env->getBody()->hasChildren() &&
-                    dynamic_cast<Fault*>(env->getBody()->getUnknownXMLObjects().front()));
-
-        string xmlbuf;
-        XMLHelper::serialize(rootElement, xmlbuf);
-        istringstream s(xmlbuf);
-        log.debug("sending serialized envelope");
-        long ret = error ? genericResponse.sendError(s) : genericResponse.sendResponse(s);
     
-        // Cleanup by destroying XML.
-        delete env;
-        return ret;
-    }
-
     throw BindingException("XML content for SAML 1.x SOAP Encoder must be a SAML 1.x <Response> or SOAP Fault/Envelope.");
 }