X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=util_shib.cpp;h=a37329fe822e81ec203740112f838afd05e355e3;hb=15c93f06ee6ddefa7e7b095351f6e66698c7cc9e;hp=a374ac55016c51ad2747b4a8a44072bd9d0fa3fa;hpb=96fff17e024b6b99db34c6c945b5de5301b13754;p=mech_eap.git

diff --git a/util_shib.cpp b/util_shib.cpp
index a374ac5..a37329f 100644
--- a/util_shib.cpp
+++ b/util_shib.cpp
@@ -31,7 +31,7 @@
  */
 /*
  * Copyright 2001-2009 Internet2
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -45,35 +45,20 @@
  * limitations under the License.
  */
 
-#include "gssapiP_eap.h"
-
-#include <shibsp/Application.h>
 #include <shibsp/exceptions.h>
-#include <shibsp/SPConfig.h>
-#include <shibsp/ServiceProvider.h>
-#include <shibsp/attribute/Attribute.h>
 #include <shibsp/attribute/SimpleAttribute.h>
-#include <shibsp/attribute/resolver/ResolutionContext.h>
-#include <shibsp/handler/AssertionConsumerService.h>
-#include <shibsp/metadata/MetadataProviderCriteria.h>
-#include <shibsp/util/SPConstants.h>
 
-#include <saml/saml1/core/Assertions.h>
-#include <saml/saml2/core/Assertions.h>
-#include <saml/saml2/metadata/Metadata.h>
-#include <xercesc/util/XMLUniDefs.hpp>
-#include <xmltooling/XMLToolingConfig.h>
-#include <xmltooling/util/XMLHelper.h>
+#include <shibresolver/resolver.h>
 
-#include "resolver.h"
+#include <sstream>
+
+#include "gssapiP_eap.h"
 
 using namespace shibsp;
 using namespace shibresolver;
 using namespace opensaml::saml2md;
 using namespace opensaml;
-using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace xercesc;
 using namespace std;
 
 gss_eap_shib_attr_provider::gss_eap_shib_attr_provider(void)
@@ -165,19 +150,21 @@ gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *manager,
     const gss_eap_saml_assertion_provider *saml;
     const gss_eap_radius_attr_provider *radius;
     gss_buffer_desc nameBuf = GSS_C_EMPTY_BUFFER;
-    ShibbolethResolver *resolver = NULL;
+    ShibbolethResolver *resolver;
     OM_uint32 minor;
 
     if (!gss_eap_attr_provider::initFromGssContext(manager, gssCred, gssCtx))
         return false;
 
     saml = static_cast<const gss_eap_saml_assertion_provider *>
-        (manager->getProvider(ATTR_TYPE_SAML_ASSERTION));
+        (m_manager->getProvider(ATTR_TYPE_SAML_ASSERTION));
     radius = static_cast<const gss_eap_radius_attr_provider *>
-        (manager->getProvider(ATTR_TYPE_RADIUS));
+        (m_manager->getProvider(ATTR_TYPE_RADIUS));
+
+    resolver = ShibbolethResolver::create();
 
     if (gssCred != GSS_C_NO_CREDENTIAL &&
-        gss_display_name(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE)
+        gssEapDisplayName(&minor, gssCred->name, &nameBuf, NULL) == GSS_S_COMPLETE)
         resolver->setApplicationID((const char *)nameBuf.value);
 
     m_authenticated = false;
@@ -193,20 +180,15 @@ gss_eap_shib_attr_provider::initFromGssContext(const gss_eap_attr_ctx *manager,
             m_authenticated = saml->authenticated();
     }
 
-    resolver->resolveAttributes(m_attributes);
+    resolver->resolve();
+
+    m_attributes = resolver->getResolvedAttributes();
+    resolver->getResolvedAttributes().clear();
 
     gss_release_buffer(&minor, &nameBuf);
 
     delete resolver;
 
-#ifdef GSSEAP_DEBUG
-    gss_buffer_desc testattr = {
-        sizeof("urn:greet:greeting") - 1, (void *)"urn:greet:greeting" };
-    gss_buffer_desc testval =
-        { sizeof("Hello, GSS EAP.") - 1, (void *)"Hello, GSS EAP." };
-    setAttribute(true, &testattr, &testval);
-#endif /* GSSEAP_DEBUG */
-
     return true;
 }
 
@@ -244,7 +226,7 @@ gss_eap_shib_attr_provider::setAttribute(int complete,
     if (value->length != 0) {
         string valueStr((char *)value->value, value->length);
 
-        a->getValues().push_back(valueStr);        
+        a->getValues().push_back(valueStr);
     }
 
     m_attributes.push_back(a);
@@ -344,7 +326,7 @@ gss_eap_shib_attr_provider::getAttribute(const gss_buffer_t attr,
             duplicateBuffer(buf, display_value);
     }
 
-    if (authenticated != NULL) 
+    if (authenticated != NULL)
         *authenticated = m_authenticated;
     if (complete != NULL)
         *complete = false;
@@ -361,6 +343,9 @@ gss_eap_shib_attr_provider::mapToAny(int authenticated,
 {
     gss_any_t output;
 
+    if (authenticated && !m_authenticated)
+        return (gss_any_t)NULL;
+
     vector <Attribute *>v = duplicateAttributes(m_attributes);
 
     output = (gss_any_t)new vector <Attribute *>(v);
@@ -444,25 +429,8 @@ gss_eap_shib_attr_provider::initFromBuffer(const gss_eap_attr_ctx *ctx,
 bool
 gss_eap_shib_attr_provider::init(void)
 {
-#if 1
-    SPConfig& conf=SPConfig::getConfig();
-    conf.setFeatures(
-        SPConfig::Metadata |
-        SPConfig::Trust |
-        SPConfig::AttributeResolution |
-        SPConfig::Credentials |
-        SPConfig::OutOfProcess
-        );
-    if (!conf.init())
-        return false;
-    if (!conf.instantiate()) {
-        conf.term();
-        return false;
-    }
-#else
     if (!ShibbolethResolver::init())
         return false;
-#endif
 
     gss_eap_attr_ctx::registerProvider(ATTR_TYPE_LOCAL,
                                        NULL,
@@ -474,8 +442,8 @@ gss_eap_shib_attr_provider::init(void)
 void
 gss_eap_shib_attr_provider::finalize(void)
 {
-    ShibbolethResolver::term();
     gss_eap_attr_ctx::unregisterProvider(ATTR_TYPE_LOCAL);
+    ShibbolethResolver::term();
 }
 
 gss_eap_attr_provider *
@@ -506,3 +474,20 @@ gss_eap_shib_attr_provider::duplicateAttributes(const vector <Attribute *>src)
 
     return dst;
 }
+
+OM_uint32
+gssEapLocalAttrProviderInit(OM_uint32 *minor)
+{
+    if (!gss_eap_shib_attr_provider::init()) {
+        *minor = GSSEAP_SHIB_INIT_FAILURE;
+        return GSS_S_FAILURE;
+    }
+    return GSS_S_COMPLETE;
+}
+
+OM_uint32
+gssEapLocalAttrProviderFinalize(OM_uint32 *minor)
+{
+    gss_eap_shib_attr_provider::finalize();
+    return GSS_S_COMPLETE;
+}