X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fbinding%2Fimpl%2FSAML2RedirectEncoder.cpp;h=006185e797f4e09148f22ecd32ec8064dddfd5cc;hb=52a4b6e644370ea071381676df5fb497e8832980;hp=82308f9e9d4118f376e1335e81840a3bba499a68;hpb=197bcbae7339bc779bc5780882d11fdeb45f8223;p=shibboleth%2Fcpp-opensaml.git

diff --git a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
index 82308f9..006185e 100644
--- a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
@@ -22,23 +22,24 @@
 
 #include "internal.h"
 #include "exceptions.h"
-#include "binding/HTTPResponse.h"
 #include "binding/MessageEncoder.h"
 #include "saml2/binding/SAML2Redirect.h"
 #include "saml2/core/Protocols.h"
 
 #include <fstream>
 #include <sstream>
-#include <log4cpp/Category.hh>
 #include <xercesc/util/Base64.hpp>
+#include <xmltooling/logging.h>
+#include <xmltooling/io/HTTPResponse.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/URLEncoder.h>
 
 using namespace opensaml::saml2p;
+using namespace opensaml::saml2md;
 using namespace opensaml;
 using namespace xmlsignature;
+using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace log4cpp;
 using namespace std;
 
 namespace opensaml {
@@ -46,23 +47,29 @@ namespace opensaml {
         class SAML_DLLLOCAL SAML2RedirectEncoder : public MessageEncoder
         {
         public:
-            SAML2RedirectEncoder(const DOMElement* e) {}
+            SAML2RedirectEncoder() {}
             virtual ~SAML2RedirectEncoder() {}
+
+            bool isCompact() const {
+                return true;
+            }
             
             long encode(
                 GenericResponse& genericResponse,
-                xmltooling::XMLObject* xmlObject,
+                XMLObject* xmlObject,
                 const char* destination,
-                const char* recipientID=NULL,
+                const EntityDescriptor* recipient=NULL,
                 const char* relayState=NULL,
-                const xmltooling::CredentialResolver* credResolver=NULL,
-                const XMLCh* sigAlgorithm=NULL
+                const ArtifactGenerator* artifactGenerator=NULL,
+                const Credential* credential=NULL,
+                const XMLCh* signatureAlg=NULL,
+                const XMLCh* digestAlg=NULL
                 ) const;
         };
 
-        MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const DOMElement* const & e)
+        MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
         {
-            return new SAML2RedirectEncoder(e);
+            return new SAML2RedirectEncoder();
         }
     };
 };
@@ -71,10 +78,12 @@ long SAML2RedirectEncoder::encode(
     GenericResponse& genericResponse,
     XMLObject* xmlObject,
     const char* destination,
-    const char* recipientID,
+    const EntityDescriptor* recipient,
     const char* relayState,
-    const CredentialResolver* credResolver,
-    const XMLCh* sigAlgorithm
+    const ArtifactGenerator* artifactGenerator,
+    const Credential* credential,
+    const XMLCh* signatureAlg,
+    const XMLCh* digestAlg
     ) const
 {
 #ifdef _DEBUG
@@ -107,13 +116,15 @@ long SAML2RedirectEncoder::encode(
     DOMElement* rootElement = xmlObject->marshall();
     string xmlbuf;
     XMLHelper::serialize(rootElement, xmlbuf);
+    log.debug("marshalled message:\n%s", xmlbuf.c_str());
     
     unsigned int len;
     char* deflated = deflate(const_cast<char*>(xmlbuf.c_str()), xmlbuf.length(), &len);
     if (!deflated)
         throw BindingException("Failed to deflate message.");
     
-    XMLByte* encoded=Base64::encode(reinterpret_cast<XMLByte*>(deflated),len,&len);
+    xsecsize_t xlen;
+    XMLByte* encoded=Base64::encode(reinterpret_cast<XMLByte*>(deflated), len, &xlen);
     delete[] deflated;
     if (!encoded)
         throw BindingException("Base64 encoding of XML failed.");
@@ -121,28 +132,35 @@ long SAML2RedirectEncoder::encode(
     // Create beginnings of redirect query string.
     const URLEncoder* escaper = XMLToolingConfig::getConfig().getURLEncoder();
     xmlbuf.erase();
-    xmlbuf.append(reinterpret_cast<char*>(encoded),len);
+    xmlbuf.append(reinterpret_cast<char*>(encoded), xlen);
+#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE
+    XMLString::release(&encoded);
+#else
+    XMLString::release((char**)&encoded);
+#endif
+    
     xmlbuf = (request ? "SAMLRequest=" : "SAMLResponse=") + escaper->encode(xmlbuf.c_str()); 
-    if (relayState)
+    if (relayState && *relayState)
         xmlbuf = xmlbuf + "&RelayState=" + escaper->encode(relayState);
   
-    if (credResolver) {
+    if (credential) {
+        log.debug("signing the message");
+        
         // Sign the query string after adding the algorithm.
-        if (!sigAlgorithm)
-            sigAlgorithm = DSIGConstants::s_unicodeStrURIRSA_SHA1;
-        auto_ptr_char alg(sigAlgorithm);
+        if (!signatureAlg)
+            signatureAlg = DSIGConstants::s_unicodeStrURIRSA_SHA1;
+        auto_ptr_char alg(signatureAlg);
         xmlbuf = xmlbuf + "&SigAlg=" + escaper->encode(alg.get());
 
         char sigbuf[1024];
         memset(sigbuf,0,sizeof(sigbuf));
-        auto_ptr<XSECCryptoKey> key(credResolver->getKey());
-        Signature::createRawSignature(key.get(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
+        Signature::createRawSignature(credential->getPrivateKey(), signatureAlg, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
         xmlbuf = xmlbuf + "&Signature=" + escaper->encode(sigbuf);
     }
     
     // Generate redirect.
     log.debug("message encoded, sending redirect to client");
-    xmlbuf.insert(0,1,(strchr(destination,'?') ? '&' : '?'));
+    xmlbuf.insert((string::size_type)0,(string::size_type)1,(strchr(destination,'?') ? '&' : '?'));
     xmlbuf.insert(0,destination);
     long ret = httpResponse->sendRedirect(xmlbuf.c_str());