X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fbinding%2Fimpl%2FSAML2RedirectEncoder.cpp;h=616d98f727ed9fc5b57867a46a71ca68da3a1fe8;hb=5e62d2c1fb43763b3d627e641a310a79992b01c0;hp=147271d10941963579be141622091d35e79b8769;hpb=f3a43f14f9dd53428f9e879bb489d6a4cf2674a8;p=shibboleth%2Fcpp-opensaml.git diff --git a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp index 147271d..616d98f 100644 --- a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp +++ b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2010 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,28 +17,33 @@ /** * SAML2RedirectEncoder.cpp * - * SAML 2.0 HTTP-POST binding message encoder + * SAML 2.0 HTTP-POST binding message encoder. */ #include "internal.h" #include "exceptions.h" -#include "binding/HTTPResponse.h" #include "binding/MessageEncoder.h" #include "saml2/binding/SAML2Redirect.h" #include "saml2/core/Protocols.h" #include #include -#include #include +#include +#include +#include +#include +#include +#include #include #include using namespace opensaml::saml2p; +using namespace opensaml::saml2md; using namespace opensaml; using namespace xmlsignature; +using namespace xmltooling::logging; using namespace xmltooling; -using namespace log4cpp; using namespace std; namespace opensaml { @@ -46,24 +51,33 @@ namespace opensaml { class SAML_DLLLOCAL SAML2RedirectEncoder : public MessageEncoder { public: - SAML2RedirectEncoder(const DOMElement* e) {} + SAML2RedirectEncoder() {} virtual ~SAML2RedirectEncoder() {} - + + bool isCompact() const { + return true; + } + + const XMLCh* getProtocolFamily() const { + return samlconstants::SAML20P_NS; + } + long encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID=NULL, - const char* relayState=NULL, - const Credential* credential=NULL, - const XMLCh* signatureAlg=NULL, - const XMLCh* digestAlg=NULL + const EntityDescriptor* recipient=nullptr, + const char* relayState=nullptr, + const ArtifactGenerator* artifactGenerator=nullptr, + const Credential* credential=nullptr, + const XMLCh* signatureAlg=nullptr, + const XMLCh* digestAlg=nullptr ) const; }; - MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const DOMElement* const & e) + MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const pair& p) { - return new SAML2RedirectEncoder(e); + return new SAML2RedirectEncoder(); } }; }; @@ -72,8 +86,9 @@ long SAML2RedirectEncoder::encode( GenericResponse& genericResponse, XMLObject* xmlObject, const char* destination, - const char* recipientID, + const EntityDescriptor* recipient, const char* relayState, + const ArtifactGenerator* artifactGenerator, const Credential* credential, const XMLCh* signatureAlg, const XMLCh* digestAlg @@ -91,7 +106,7 @@ long SAML2RedirectEncoder::encode( if (xmlObject->getParent()) throw BindingException("Cannot encode XML content with parent."); - StatusResponseType* response = NULL; + StatusResponseType* response = nullptr; RequestAbstractType* request = dynamic_cast(xmlObject); if (!request) { response = dynamic_cast(xmlObject); @@ -102,20 +117,22 @@ long SAML2RedirectEncoder::encode( // Check for XML signature. if (request ? request->getSignature() : response->getSignature()) { log.debug("message already signed, removing native signature due to size considerations"); - request ? request->setSignature(NULL) : response->setSignature(NULL); + request ? request->setSignature(nullptr) : response->setSignature(nullptr); } log.debug("marshalling, deflating, base64-encoding the message"); DOMElement* rootElement = xmlObject->marshall(); string xmlbuf; XMLHelper::serialize(rootElement, xmlbuf); + log.debug("marshalled message:\n%s", xmlbuf.c_str()); unsigned int len; char* deflated = deflate(const_cast(xmlbuf.c_str()), xmlbuf.length(), &len); if (!deflated) throw BindingException("Failed to deflate message."); - XMLByte* encoded=Base64::encode(reinterpret_cast(deflated),len,&len); + xsecsize_t xlen; + XMLByte* encoded=Base64::encode(reinterpret_cast(deflated), len, &xlen); delete[] deflated; if (!encoded) throw BindingException("Base64 encoding of XML failed."); @@ -123,12 +140,20 @@ long SAML2RedirectEncoder::encode( // Create beginnings of redirect query string. const URLEncoder* escaper = XMLToolingConfig::getConfig().getURLEncoder(); xmlbuf.erase(); - xmlbuf.append(reinterpret_cast(encoded),len); + xmlbuf.append(reinterpret_cast(encoded), xlen); +#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE + XMLString::release(&encoded); +#else + XMLString::release((char**)&encoded); +#endif + xmlbuf = (request ? "SAMLRequest=" : "SAMLResponse=") + escaper->encode(xmlbuf.c_str()); - if (relayState) + if (relayState && *relayState) xmlbuf = xmlbuf + "&RelayState=" + escaper->encode(relayState); if (credential) { + log.debug("signing the message"); + // Sign the query string after adding the algorithm. if (!signatureAlg) signatureAlg = DSIGConstants::s_unicodeStrURIRSA_SHA1; @@ -143,7 +168,7 @@ long SAML2RedirectEncoder::encode( // Generate redirect. log.debug("message encoded, sending redirect to client"); - xmlbuf.insert(0,1,(strchr(destination,'?') ? '&' : '?')); + xmlbuf.insert((string::size_type)0,(string::size_type)1,(strchr(destination,'?') ? '&' : '?')); xmlbuf.insert(0,destination); long ret = httpResponse->sendRedirect(xmlbuf.c_str());