X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2FAbstractSPRequest.cpp;h=fe0de146bbd26bbe96c43db044f00c8e36214065;hb=HEAD;hp=c18d826ec347a2d02cad638ceb4d0bc3c2fc67b9;hpb=00624ba87e3c67323b4077e201a9cbdc67a7c9b2;p=shibboleth%2Fcpp-sp.git diff --git a/shibsp/AbstractSPRequest.cpp b/shibsp/AbstractSPRequest.cpp index c18d826..fe0de14 100644 --- a/shibsp/AbstractSPRequest.cpp +++ b/shibsp/AbstractSPRequest.cpp @@ -1,41 +1,82 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** * AbstractSPRequest.cpp * - * Abstract base for SPRequest implementations + * Abstract base for SPRequest implementations. */ #include "internal.h" +#include "exceptions.h" #include "AbstractSPRequest.h" #include "Application.h" +#include "GSSRequest.h" #include "ServiceProvider.h" #include "SessionCache.h" +#include "util/CGIParser.h" + +#include using namespace shibsp; using namespace opensaml; using namespace xmltooling; using namespace std; +SPRequest::SPRequest() +{ +} + +SPRequest::~SPRequest() +{ +} + +string SPRequest::getSecureHeader(const char* name) const +{ + return getHeader(name); +} + +void SPRequest::setAuthType(const char* authtype) +{ +} + +#ifdef SHIBSP_HAVE_GSSAPI +GSSRequest::GSSRequest() +{ +} + +GSSRequest::~GSSRequest() +{ +} + +gss_name_t GSSRequest::getGSSName() const +{ + return GSS_C_NO_NAME; +} +#endif + AbstractSPRequest::AbstractSPRequest(const char* category) - : m_sp(NULL), m_mapper(NULL), m_app(NULL), m_sessionTried(false), m_session(NULL), - m_log(&Category::getInstance(category)), m_parser(NULL) + : m_sp(SPConfig::getConfig().getServiceProvider()), + m_mapper(nullptr), m_app(nullptr), m_sessionTried(false), m_session(nullptr), + m_log(&Category::getInstance(category)) { - m_sp=SPConfig::getConfig().getServiceProvider(); m_sp->lock(); } @@ -47,14 +88,18 @@ AbstractSPRequest::~AbstractSPRequest() m_mapper->unlock(); if (m_sp) m_sp->unlock(); - delete m_parser; +} + +const ServiceProvider& AbstractSPRequest::getServiceProvider() const +{ + return *m_sp; } RequestMapper::Settings AbstractSPRequest::getRequestSettings() const { if (!m_mapper) { // Map request to application and content settings. - m_mapper=m_sp->getRequestMapper(); + m_mapper = m_sp->getRequestMapper(); m_mapper->lock(); m_settings = m_mapper->getSettings(*this); @@ -71,9 +116,9 @@ const Application& AbstractSPRequest::getApplication() const { if (!m_app) { // Now find the application from the URL settings - m_app=m_sp->getApplication(getRequestSettings().first->getString("applicationId").second); + m_app = m_sp->getApplication(getRequestSettings().first->getString("applicationId").second); if (!m_app) - throw ConfigurationException("Unable to map request to ApplicationOverride settings, check configuration."); + throw ConfigurationException("Unable to map non-default applicationId to an ApplicationOverride, check configuration."); } return *m_app; } @@ -87,24 +132,24 @@ Session* AbstractSPRequest::getSession(bool checkTimeout, bool ignoreAddress, bo m_sessionTried = true; // Need address checking and timeout settings. - time_t timeout=3600; + time_t timeout = 3600; if (checkTimeout || !ignoreAddress) { - const PropertySet* props=getApplication().getPropertySet("Sessions"); + const PropertySet* props = getApplication().getPropertySet("Sessions"); if (props) { if (checkTimeout) { - pair p=props->getUnsignedInt("timeout"); + pair p = props->getUnsignedInt("timeout"); if (p.first) timeout = p.second; } - pair pcheck=props->getBool("consistentAddress"); + pair pcheck = props->getBool("consistentAddress"); if (pcheck.first) ignoreAddress = !pcheck.second; } } - // The cache will either silently pass a session or NULL back, or throw an exception out. + // The cache will either silently pass a session or nullptr back, or throw an exception out. Session* session = getServiceProvider().getSessionCache()->find( - getApplication(), *this, ignoreAddress ? NULL : getRemoteAddr().c_str(), checkTimeout ? &timeout : NULL + getApplication(), *this, (ignoreAddress ? nullptr : getRemoteAddr().c_str()), (checkTimeout ? &timeout : nullptr) ); if (cache) m_session = session; @@ -147,6 +192,11 @@ void AbstractSPRequest::setRequestURI(const char* uri) } } +const char* AbstractSPRequest::getRequestURI() const +{ + return m_uri.c_str(); +} + const char* AbstractSPRequest::getRequestURL() const { if (m_url.empty()) { @@ -154,11 +204,8 @@ const char* AbstractSPRequest::getRequestURL() const int port = getPort(); const char* scheme = getScheme(); m_url = string(scheme) + "://" + getHostname(); - if ((!strcmp(scheme,"http") && port!=80) || (!strcmp(scheme,"https") && port!=443)) { - ostringstream portstr; - portstr << port; - m_url += ":" + portstr.str(); - } + if (!isDefaultPort()) + m_url += ":" + boost::lexical_cast(port); m_url += m_uri; } return m_url.c_str(); @@ -172,20 +219,20 @@ string AbstractSPRequest::getRemoteAddr() const const char* AbstractSPRequest::getParameter(const char* name) const { - if (!m_parser) - m_parser=new CGIParser(*this); + if (!m_parser.get()) + m_parser.reset(new CGIParser(*this)); - pair bounds=m_parser->getParameters(name); - return (bounds.first==bounds.second) ? NULL : bounds.first->second; + pair bounds = m_parser->getParameters(name); + return (bounds.first==bounds.second) ? nullptr : bounds.first->second; } vector::size_type AbstractSPRequest::getParameters(const char* name, vector& values) const { - if (!m_parser) - m_parser=new CGIParser(*this); + if (!m_parser.get()) + m_parser.reset(new CGIParser(*this)); - pair bounds=m_parser->getParameters(name); - while (bounds.first!=bounds.second) { + pair bounds = m_parser->getParameters(name); + while (bounds.first != bounds.second) { values.push_back(bounds.first->second); ++bounds.first; } @@ -197,9 +244,22 @@ const char* AbstractSPRequest::getHandlerURL(const char* resource) const if (!resource) resource = getRequestURL(); - if (!m_handlerURL.empty() && resource && !strcmp(getRequestURL(),resource)) + if (!m_handlerURL.empty() && resource && !strcmp(getRequestURL(), resource)) return m_handlerURL.c_str(); + // Check for relative URL. + string stackresource; + if (resource && *resource == '/') { + // Compute a URL to the root of the site and point resource at constructed string. + int port = getPort(); + const char* scheme = getScheme(); + stackresource = string(scheme) + "://" + getHostname(); + if (!isDefaultPort()) + stackresource += ":" + boost::lexical_cast(port); + stackresource += resource; + resource = stackresource.c_str(); + } + #ifdef HAVE_STRCASECMP if (!resource || (strncasecmp(resource,"http://",7) && strncasecmp(resource,"https://",8))) #else @@ -207,24 +267,27 @@ const char* AbstractSPRequest::getHandlerURL(const char* resource) const #endif throw ConfigurationException("Target resource was not an absolute URL."); - bool ssl_only=true; - const char* handler=NULL; - const PropertySet* props=getApplication().getPropertySet("Sessions"); + bool ssl_only = true; + const char* handler = nullptr; + const PropertySet* props = getApplication().getPropertySet("Sessions"); if (props) { - pair p=props->getBool("handlerSSL"); + pair p = props->getBool("handlerSSL"); if (p.first) - ssl_only=p.second; - pair p2=props->getString("handlerURL"); + ssl_only = p.second; + pair p2 = props->getString("handlerURL"); if (p2.first) - handler=p2.second; + handler = p2.second; } - // Should never happen... - if (!handler || (*handler!='/' && strncmp(handler,"http:",5) && strncmp(handler,"https:",6))) + if (!handler) { + handler = "/Shibboleth.sso"; + } + else if (*handler!='/' && strncmp(handler,"http:",5) && strncmp(handler,"https:",6)) { throw ConfigurationException( "Invalid handlerURL property ($1) in element for Application ($2)", params(2, handler ? handler : "null", m_app->getId()) ); + } // The "handlerURL" property can be in one of three formats: // @@ -239,7 +302,7 @@ const char* AbstractSPRequest::getHandlerURL(const char* resource) const // // note: if ssl_only is true, make sure the protocol is https - const char* path = NULL; + const char* path = nullptr; // Decide whether to use the handler or the resource for the "protocol" const char* prot; @@ -252,9 +315,9 @@ const char* AbstractSPRequest::getHandlerURL(const char* resource) const } // break apart the "protocol" string into protocol, host, and "the rest" - const char* colon=strchr(prot,':'); + const char* colon = strchr(prot, ':'); colon += 3; - const char* slash=strchr(colon,'/'); + const char* slash = strchr(colon, '/'); if (!path) path = slash;