X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=shibsp%2Fattribute%2Fresolver%2Fimpl%2FXMLAttributeExtractor.cpp;h=f5f1cf2b707f37872df731bded26f12c59cd021f;hb=3ccda9caa12c4e6e38b1f565f53e1057876fb2d6;hp=e7915c472b38effc45f90d4f29f759e7ade614e4;hpb=ab611786d6ab9b900e60dc1d0b3a240004b81380;p=shibboleth%2Fsp.git

diff --git a/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp b/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp
index e7915c4..f5f1cf2 100644
--- a/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp
+++ b/shibsp/attribute/resolver/impl/XMLAttributeExtractor.cpp
@@ -78,6 +78,9 @@ namespace shibsp {
         void extractAttributes(
             const Application& application, const char* assertingParty, const saml2::Attribute& attr, vector<Attribute*>& attributes
             ) const;
+        void extractAttributes(
+            const Application& application, const char* assertingParty, const Extensions& ext, vector<Attribute*>& attributes
+            ) const;
 
         void getAttributeIds(vector<string>& attributes) const {
             attributes.insert(attributes.end(), m_attributeIds.begin(), m_attributeIds.end());
@@ -138,11 +141,6 @@ namespace shibsp {
     static const XMLCh nameFormat[] =           UNICODE_LITERAL_10(n,a,m,e,F,o,r,m,a,t);
 };
 
-void SHIBSP_API shibsp::registerAttributeExtractors()
-{
-    SPConfig::getConfig().AttributeExtractorManager.registerFactory(XML_ATTRIBUTE_EXTRACTOR, XMLAttributeExtractorFactory);
-}
-
 XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) : m_log(log), m_document(NULL)
 {
 #ifdef _DEBUG
@@ -202,11 +200,11 @@ XMLExtractorImpl::XMLExtractorImpl(const DOMElement* e, Category& log) : m_log(l
 
         // Fetch/create the map entry and see if it's a duplicate rule.
 #ifdef HAVE_GOOD_STL
-        pair< AttributeDecoder*,vector<string> >& decl = m_attrMap[make_pair(name,format)];
+        pair< AttributeDecoder*,vector<string> >& decl = m_attrMap[pair<xstring,xstring>(name,format)];
 #else
         auto_ptr_char n(name);
         auto_ptr_char f(format);
-        pair< AttributeDecoder*,vector<string> >& decl = m_attrMap[make_pair(n.get(),f.get())];
+        pair< AttributeDecoder*,vector<string> >& decl = m_attrMap[pair<string,string>(n.get(),f.get())];
 #endif
         if (decl.first) {
             m_log.warn("skipping duplicate Attribute mapping (same name and nameFormat)");
@@ -269,15 +267,21 @@ void XMLExtractorImpl::extractAttributes(
     if (!format || !*format)
         format = NameIdentifier::UNSPECIFIED;
 #ifdef HAVE_GOOD_STL
-    if ((rule=m_attrMap.find(make_pair(format,xstring()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<xstring,xstring>(format,xstring()))) != m_attrMap.end()) {
 #else
     auto_ptr_char temp(format);
-    if ((rule=m_attrMap.find(make_pair(temp.get(),string()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<string,string>(temp.get(),string()))) != m_attrMap.end()) {
 #endif
         Attribute* a = rule->second.first->decode(rule->second.second, &nameid, assertingParty, application.getString("entityID").second);
         if (a)
             attributes.push_back(a);
     }
+    else if (m_log.isDebugEnabled()) {
+#ifdef HAVE_GOOD_STL
+        auto_ptr_char temp(format);
+#endif
+        m_log.debug("skipping unmapped NameIdentifier with format (%s)", temp.get());
+    }
 }
 
 void XMLExtractorImpl::extractAttributes(
@@ -294,15 +298,21 @@ void XMLExtractorImpl::extractAttributes(
     if (!format || !*format)
         format = NameID::UNSPECIFIED;
 #ifdef HAVE_GOOD_STL
-    if ((rule=m_attrMap.find(make_pair(format,xstring()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<xstring,xstring>(format,xstring()))) != m_attrMap.end()) {
 #else
     auto_ptr_char temp(format);
-    if ((rule=m_attrMap.find(make_pair(temp.get(),string()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<string,string>(temp.get(),string()))) != m_attrMap.end()) {
 #endif
         Attribute* a = rule->second.first->decode(rule->second.second, &nameid, assertingParty, application.getString("entityID").second);
         if (a)
             attributes.push_back(a);
     }
+    else if (m_log.isDebugEnabled()) {
+#ifdef HAVE_GOOD_STL
+        auto_ptr_char temp(format);
+#endif
+        m_log.debug("skipping unmapped NameID with format (%s)", temp.get());
+    }
 }
 
 void XMLExtractorImpl::extractAttributes(
@@ -322,16 +332,23 @@ void XMLExtractorImpl::extractAttributes(
     if (!format || XMLString::equals(format, shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI))
         format = &chNull;
 #ifdef HAVE_GOOD_STL
-    if ((rule=m_attrMap.find(make_pair(name,format))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<xstring,xstring>(name,format))) != m_attrMap.end()) {
 #else
     auto_ptr_char temp1(name);
     auto_ptr_char temp2(format);
-    if ((rule=m_attrMap.find(make_pair(temp1.get(),temp2.get()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<string,string>(temp1.get(),temp2.get()))) != m_attrMap.end()) {
 #endif
         Attribute* a = rule->second.first->decode(rule->second.second, &attr, assertingParty, application.getString("entityID").second);
         if (a)
             attributes.push_back(a);
     }
+    else if (m_log.isInfoEnabled()) {
+#ifdef HAVE_GOOD_STL
+        auto_ptr_char temp1(name);
+        auto_ptr_char temp2(format);
+#endif
+        m_log.info("skipping unmapped SAML 1.x Attribute with Name: %s%s%s", temp1.get(), *temp2.get() ? ", Namespace:" : "", temp2.get());
+    }
 }
 
 void XMLExtractorImpl::extractAttributes(
@@ -353,16 +370,35 @@ void XMLExtractorImpl::extractAttributes(
     else if (XMLString::equals(format, saml2::Attribute::URI_REFERENCE))
         format = &chNull;
 #ifdef HAVE_GOOD_STL
-    if ((rule=m_attrMap.find(make_pair(name,format))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<xstring,xstring>(name,format))) != m_attrMap.end()) {
 #else
     auto_ptr_char temp1(name);
     auto_ptr_char temp2(format);
-    if ((rule=m_attrMap.find(make_pair(temp1.get(),temp2.get()))) != m_attrMap.end()) {
+    if ((rule=m_attrMap.find(pair<string,string>(temp1.get(),temp2.get()))) != m_attrMap.end()) {
 #endif
         Attribute* a = rule->second.first->decode(rule->second.second, &attr, assertingParty, application.getString("entityID").second);
         if (a)
             attributes.push_back(a);
     }
+    else if (m_log.isInfoEnabled()) {
+#ifdef HAVE_GOOD_STL
+        auto_ptr_char temp1(name);
+        auto_ptr_char temp2(format);
+#endif
+        m_log.info("skipping unmapped SAML 2.0 Attribute with Name: %s%s%s", temp1.get(), *temp2.get() ? ", Format:" : "", temp2.get());
+    }
+}
+
+void XMLExtractorImpl::extractAttributes(
+    const Application& application, const char* assertingParty, const Extensions& ext, vector<Attribute*>& attributes
+    ) const
+{
+    const vector<XMLObject*> exts = ext.getUnknownXMLObjects();
+    for (vector<XMLObject*>::const_iterator i = exts.begin(); i!=exts.end(); ++i) {
+        const saml2::Attribute* attr = dynamic_cast<const saml2::Attribute*>(*i);
+        if (attr)
+            extractAttributes(application, assertingParty, *attr, attributes);
+    }
 }
 
 void XMLExtractor::extractAttributes(
@@ -405,6 +441,25 @@ void XMLExtractor::extractAttributes(
         throw AttributeExtractionException("Unable to extract attributes, unknown object type.");
     }
 
+    // Check for metadata.
+    if (XMLString::equals(xmlObject.getElementQName().getNamespaceURI(), samlconstants::SAML20MD_NS)) {
+        const EntityDescriptor* entity = dynamic_cast<const EntityDescriptor*>(&xmlObject);
+        if (!entity)
+            throw AttributeExtractionException("Unable to extract attributes, unknown metadata object type.");
+        auto_ptr_char assertingParty(issuer ? dynamic_cast<const EntityDescriptor*>(issuer->getParent())->getEntityID() : NULL);
+        const Extensions* ext = entity->getExtensions();
+        if (ext)
+            m_impl->extractAttributes(application, assertingParty.get(), *ext, attributes);
+        const EntitiesDescriptor* group = dynamic_cast<const EntitiesDescriptor*>(entity->getParent());
+        while (group) {
+            ext = group->getExtensions();
+            if (ext)
+                m_impl->extractAttributes(application, assertingParty.get(), *ext, attributes);
+            group = dynamic_cast<const EntitiesDescriptor*>(group->getParent());
+        }
+        return;
+    }
+
     // Check for attributes.
     if (XMLString::equals(xmlObject.getElementQName().getLocalPart(), saml1::Attribute::LOCAL_NAME)) {
         auto_ptr_char assertingParty(issuer ? dynamic_cast<const EntityDescriptor*>(issuer->getParent())->getEntityID() : NULL);
@@ -435,10 +490,14 @@ void XMLExtractor::extractAttributes(
                 if (issuer) {
                     MetadataCredentialCriteria mcc(*issuer);
                     auto_ptr<XMLObject> decrypted(encattr->decrypt(*cr, recipient, &mcc));
+                    if (m_log.isDebugEnabled())
+                        m_log.debugStream() << "decrypted Attribute: " << *(decrypted.get()) << logging::eol;
                     return extractAttributes(application, issuer, *(decrypted.get()), attributes);
                 }
                 else {
                     auto_ptr<XMLObject> decrypted(encattr->decrypt(*cr, recipient));
+                    if (m_log.isDebugEnabled())
+                        m_log.debugStream() << "decrypted Attribute: " << *(decrypted.get()) << logging::eol;
                     return extractAttributes(application, issuer, *(decrypted.get()), attributes);
                 }
             }