X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2FSessionCache.h;h=7b7a6d6f226d4750b8f702f78a5670dd40c56848;hb=HEAD;hp=38fa126922738796d36655da80fafe6e59cdf79d;hpb=40ba37a1dc92307cb1983cc13034ea878ee9522d;p=shibboleth%2Fcpp-sp.git diff --git a/shibsp/SessionCache.h b/shibsp/SessionCache.h index 38fa126..7b7a6d6 100644 --- a/shibsp/SessionCache.h +++ b/shibsp/SessionCache.h @@ -1,17 +1,21 @@ -/* - * Copyright 2001-2009 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** @@ -30,6 +34,7 @@ #include #include #include +#include #include namespace xmltooling { @@ -44,6 +49,9 @@ namespace opensaml { namespace saml2 { class SAML_API NameID; }; + namespace saml2md { + class SAML_API EntityDescriptor; + }; }; #endif @@ -192,7 +200,7 @@ namespace shibsp { * Returns an assertion cached by the session. * * @param id identifier of the assertion to retrieve - * @return pointer to assertion, or NULL + * @return pointer to assertion, or nullptr */ virtual const opensaml::Assertion* getAssertion(const char* id) const=0; @@ -224,6 +232,7 @@ namespace shibsp { #ifndef SHIBSP_LITE /** + * @deprecated * Inserts a new session into the cache and binds the session to the outgoing * client response. * @@ -248,18 +257,58 @@ namespace shibsp { const xmltooling::HTTPRequest& httpRequest, xmltooling::HTTPResponse& httpResponse, time_t expires, - const opensaml::saml2md::EntityDescriptor* issuer=NULL, - const XMLCh* protocol=NULL, - const opensaml::saml2::NameID* nameid=NULL, - const XMLCh* authn_instant=NULL, - const XMLCh* session_index=NULL, - const XMLCh* authncontext_class=NULL, - const XMLCh* authncontext_decl=NULL, - const std::vector* tokens=NULL, - const std::vector* attributes=NULL + const opensaml::saml2md::EntityDescriptor* issuer=nullptr, + const XMLCh* protocol=nullptr, + const opensaml::saml2::NameID* nameid=nullptr, + const XMLCh* authn_instant=nullptr, + const XMLCh* session_index=nullptr, + const XMLCh* authncontext_class=nullptr, + const XMLCh* authncontext_decl=nullptr, + const std::vector* tokens=nullptr, + const std::vector* attributes=nullptr )=0; /** + * Inserts a new session into the cache and binds the session to the outgoing + * client response. + * + *

The newly created session ID is placed into the first parameter. + * + *

The SSO tokens and Attributes remain owned by the caller and are copied by the cache. + * + * @param sessionID reference to string to capture newly inserted session ID + * @param application reference to Application that owns the Session + * @param httpRequest request that initiated session + * @param httpResponse current response to client + * @param expires expiration time of session + * @param issuer issuing metadata of assertion issuer, if known + * @param protocol protocol family used to initiate the session + * @param nameid principal identifier, normalized to SAML 2, if any + * @param authn_instant UTC timestamp of authentication at IdP, if known + * @param session_index index of session between principal and IdP, if any + * @param authncontext_class method/category of authentication event, if known + * @param authncontext_decl specifics of authentication event, if known + * @param tokens assertions to cache with session, if any + * @param attributes optional array of resolved Attributes to cache with session + */ + virtual void insert( + std::string& sessionID, + const Application& application, + const xmltooling::HTTPRequest& httpRequest, + xmltooling::HTTPResponse& httpResponse, + time_t expires, + const opensaml::saml2md::EntityDescriptor* issuer=nullptr, + const XMLCh* protocol=nullptr, + const opensaml::saml2::NameID* nameid=nullptr, + const XMLCh* authn_instant=nullptr, + const XMLCh* session_index=nullptr, + const XMLCh* authncontext_class=nullptr, + const XMLCh* authncontext_decl=nullptr, + const std::vector* tokens=nullptr, + const std::vector* attributes=nullptr + ); + + /** * Determines whether the Session bound to a client request matches a set of input criteria. * * @param application reference to Application that owns the Session @@ -301,14 +350,14 @@ namespace shibsp { * @param application reference to Application that owns the Session * @param request request from client bound to session * @param client_addr network address of client (if known) - * @param timeout inactivity timeout to enforce (0 for none, NULL to bypass check/update of last access) - * @return pointer to locked Session, or NULL + * @param timeout inactivity timeout to enforce (0 for none, nullptr to bypass check/update of last access) + * @return pointer to locked Session, or nullptr */ virtual Session* find( const Application& application, const xmltooling::HTTPRequest& request, - const char* client_addr=NULL, - time_t* timeout=NULL + const char* client_addr=nullptr, + time_t* timeout=nullptr )=0; /** @@ -323,14 +372,14 @@ namespace shibsp { * @param application reference to Application that owns the Session * @param request request from client bound to session * @param client_addr network address of client (if known) - * @param timeout inactivity timeout to enforce (0 for none, NULL to bypass check/update of last access) - * @return pointer to locked Session, or NULL + * @param timeout inactivity timeout to enforce (0 for none, nullptr to bypass check/update of last access) + * @return pointer to locked Session, or nullptr */ virtual Session* find( const Application& application, xmltooling::HTTPRequest& request, - const char* client_addr=NULL, - time_t* timeout=NULL + const char* client_addr=nullptr, + time_t* timeout=nullptr ); /** @@ -340,7 +389,7 @@ namespace shibsp { * @param request request from client containing session, or a reference to it * @param response optional response to client enabling removal of session or reference */ - virtual void remove(const Application& application, const xmltooling::HTTPRequest& request, xmltooling::HTTPResponse* response=NULL)=0; + virtual void remove(const Application& application, const xmltooling::HTTPRequest& request, xmltooling::HTTPResponse* response=nullptr)=0; }; /** SessionCache implementation backed by a StorageService. */