Allow message-only policy rules, basic SAML SOAP client.

[shibboleth/cpp-opensaml.git] / saml / binding / SecurityPolicyRule.h

diff --git a/saml/binding/SecurityPolicyRule.h b/saml/binding/SecurityPolicyRule.h
index 14e0352..ed31d7c 100644 (file)
--- a/saml/binding/SecurityPolicyRule.h
+++ b/saml/binding/SecurityPolicyRule.h
@@ -25,10 +25,9 @@
 
 #include <saml/binding/GenericRequest.h>
 #include <xmltooling/XMLObject.h>
+#include <xmltooling/security/TrustEngine.h>
 
 namespace opensaml {
-    class SAML_API TrustEngine;
-    
     namespace saml2 {
         class SAML_API Issuer;
     };
@@ -52,33 +51,12 @@ namespace opensaml {
     public:
         virtual ~SecurityPolicyRule() {}
 
-        /** Allows override of code for extracting saml2:Issuer and protocol information. */
-        class SAML_API MessageExtractor {
-            MAKE_NONCOPYABLE(MessageExtractor);
-        public:
-            MessageExtractor() {}
-            virtual ~MessageExtractor() {}
-            
-            /**
-             * Examines the message and/or its contents and extracts the issuer's claimed
-             * identity along with a protocol identifier. Conventions may be needed
-             * to properly encode non-SAML2 issuer information into a compatible form. 
-             * 
-             * <p>The caller is responsible for freeing the Issuer object.
-             * 
-             * @param message       message to examine
-             * @return  a pair consisting of a SAML 2.0 Issuer object and a protocol constant.
-             * @throws std::bad_cast thrown if the message is not of an expected type
-             */
-            virtual std::pair<saml2::Issuer*,const XMLCh*> getIssuerAndProtocol(const xmltooling::XMLObject& message) const;
-        };
-
         /**
          * Evaluates the rule against the given request and message. If an Issuer is
          * returned, the caller is responsible for freeing the Issuer object.
          * 
-         * @param request           the protocol request
          * @param message           the incoming message
+         * @param request           the protocol request
          * @param metadataProvider  locked MetadataProvider instance to authenticate the message
          * @param role              identifies the role (generally IdP or SP) of the peer who issued the message 
          * @param trustEngine       TrustEngine to authenticate the message
@@ -88,12 +66,11 @@ namespace opensaml {
          * @throws BindingException thrown if the request/message do not meet the requirements of this rule
          */
         virtual std::pair<saml2::Issuer*,const saml2md::RoleDescriptor*> evaluate(
-            const GenericRequest& request,
             const xmltooling::XMLObject& message,
+            const GenericRequest* request,
             const saml2md::MetadataProvider* metadataProvider,
             const xmltooling::QName* role,
-            const TrustEngine* trustEngine,
-            const MessageExtractor& extractor
+            const xmltooling::TrustEngine* trustEngine
             ) const=0;
     };