X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fbinding%2Fimpl%2FSAML2POSTEncoder.cpp;h=848988844d4f247efff709724580b913e4c43ad5;hb=40fdf576ed07e3cf8f88d9bf0441e55ea4fc3d05;hp=8f122e01c6c829d9769e7e9a61a167bab39e255a;hpb=b5b26ae562b0317264119a51aa9de40674af1dea;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
index 8f122e0..8489888 100644
--- a/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2POSTEncoder.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,7 @@
 /**
  * SAML2POSTEncoder.cpp
  * 
- * SAML 2.0 HTTP-POST binding message encoder
+ * SAML 2.0 HTTP-POST binding message encoder.
  */
 
 #include "internal.h"
@@ -29,7 +29,13 @@
 #include <fstream>
 #include <sstream>
 #include <xercesc/util/Base64.hpp>
+#include <xsec/dsig/DSIGConstants.hpp>
 #include <xmltooling/logging.h>
+#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/io/HTTPResponse.h>
+#include <xmltooling/security/Credential.h>
+#include <xmltooling/signature/KeyInfo.h>
+#include <xmltooling/signature/Signature.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/PathResolver.h>
 #include <xmltooling/util/TemplateEngine.h>
@@ -49,17 +55,25 @@ namespace opensaml {
         public:
             SAML2POSTEncoder(const DOMElement* e, const XMLCh* ns, bool simple=false);
             virtual ~SAML2POSTEncoder() {}
-            
+
+            const XMLCh* getProtocolFamily() const {
+                return samlconstants::SAML20P_NS;
+            }
+
+            const char* getShortName() const {
+                return m_simple ? "POST-SimpleSign" : "POST";
+            }
+
             long encode(
                 GenericResponse& genericResponse,
                 XMLObject* xmlObject,
                 const char* destination,
-                const EntityDescriptor* recipient=NULL,
-                const char* relayState=NULL,
-                const ArtifactGenerator* artifactGenerator=NULL,
-                const Credential* credential=NULL,
-                const XMLCh* signatureAlg=NULL,
-                const XMLCh* digestAlg=NULL
+                const EntityDescriptor* recipient=nullptr,
+                const char* relayState=nullptr,
+                const ArtifactGenerator* artifactGenerator=nullptr,
+                const Credential* credential=nullptr,
+                const XMLCh* signatureAlg=nullptr,
+                const XMLCh* digestAlg=nullptr
                 ) const;
 
         private:        
@@ -81,13 +95,9 @@ namespace opensaml {
 
 static const XMLCh _template[] = UNICODE_LITERAL_8(t,e,m,p,l,a,t,e);
 
-SAML2POSTEncoder::SAML2POSTEncoder(const DOMElement* e, const XMLCh* ns, bool simple) : m_simple(simple)
+SAML2POSTEncoder::SAML2POSTEncoder(const DOMElement* e, const XMLCh* ns, bool simple)
+    : m_template(XMLHelper::getAttrString(e, "bindingTemplate.html", _template, ns)), m_simple(simple)
 {
-    if (e) {
-        auto_ptr_char t(e->getAttributeNS(ns, _template));
-        if (t.get() && *t.get())
-            m_template = t.get();
-    }
     if (m_template.empty())
         throw XMLToolingException("SAML2POSTEncoder requires template XML attribute.");
     XMLToolingConfig::getConfig().getPathResolver()->resolve(m_template, PathResolver::XMLTOOLING_CFG_FILE);
@@ -109,16 +119,16 @@ long SAML2POSTEncoder::encode(
     xmltooling::NDC ndc("encode");
 #endif
     Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML2POST");
+    log.debug("validating input");
 
     TemplateEngine* engine = XMLToolingConfig::getConfig().getTemplateEngine();
-    if (!engine)
-        throw BindingException("Encoding message using POST requires a TemplateEngine instance.");
-    
-    log.debug("validating input");
+    if (!engine || !destination)
+        throw BindingException("Encoding message using POST requires a TemplateEngine instance and a destination.");
+    HTTPResponse::sanitizeURL(destination);
     if (xmlObject->getParent())
         throw BindingException("Cannot encode XML content with parent.");
     
-    StatusResponseType* response = NULL;
+    StatusResponseType* response = nullptr;
     RequestAbstractType* request = dynamic_cast<RequestAbstractType*>(xmlObject);
     if (!request) {
         response = dynamic_cast<StatusResponseType*>(xmlObject);
@@ -126,7 +136,7 @@ long SAML2POSTEncoder::encode(
             throw BindingException("XML content for SAML 2.0 HTTP-POST Encoder must be a SAML 2.0 protocol message.");
     }
     
-    DOMElement* rootElement = NULL;
+    DOMElement* rootElement = nullptr;
     if (credential && !m_simple) {
         // Signature based on native XML signing.
         if (request ? request->getSignature() : response->getSignature()) {
@@ -148,12 +158,12 @@ long SAML2POSTEncoder::encode(
             
             // Sign response while marshalling.
             vector<Signature*> sigs(1,sig);
-            rootElement = xmlObject->marshall((DOMDocument*)NULL,&sigs,credential);
+            rootElement = xmlObject->marshall((DOMDocument*)nullptr,&sigs,credential);
         }
     }
     else {
         log.debug("marshalling the message");
-        rootElement = xmlObject->marshall((DOMDocument*)NULL);
+        rootElement = xmlObject->marshall((DOMDocument*)nullptr);
     }
     
     // Serialize the message.
@@ -182,25 +192,33 @@ long SAML2POSTEncoder::encode(
         auto_ptr<KeyInfo> keyInfo(credential->getKeyInfo());
         if (keyInfo.get()) {
             string& kstring = pmap.m_map["KeyInfo"];
-            XMLHelper::serialize(keyInfo->marshall((DOMDocument*)NULL), kstring);
-            unsigned int len=0;
+            XMLHelper::serialize(keyInfo->marshall((DOMDocument*)nullptr), kstring);
+            xsecsize_t len=0;
             XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(kstring.data()),kstring.size(),&len);
             if (!out)
                 throw BindingException("Base64 encoding of XML failed.");
             kstring.erase();
             kstring.append(reinterpret_cast<char*>(out),len);
+#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE
             XMLString::release(&out);
+#else
+            XMLString::release((char**)&out);
+#endif
         }
     }
     
     // Base64 the message.
-    unsigned int len=0;
+    xsecsize_t len=0;
     XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(msg.data()),msg.size(),&len);
     if (!out)
         throw BindingException("Base64 encoding of XML failed.");
     msg.erase();
     msg.append(reinterpret_cast<char*>(out),len);
+#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE
     XMLString::release(&out);
+#else
+    XMLString::release((char**)&out);
+#endif
     
     // Push the rest of it into template and send result to client.
     log.debug("message encoded, sending HTML form template to client");
@@ -213,6 +231,12 @@ long SAML2POSTEncoder::encode(
     stringstream s;
     engine->run(infile, s, pmap);
     genericResponse.setContentType("text/html");
+    HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
+    if (httpResponse) {
+        httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
+        httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
+        httpResponse->setResponseHeader("Pragma", "no-cache");
+    }
     long ret = genericResponse.sendResponse(s);
 
     // Cleanup by destroying XML.