/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2010 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAML1POSTEncoder.cpp
*
- * SAML 1.x POST binding/profile message encoder
+ * SAML 1.x POST binding/profile message encoder.
*/
#include "internal.h"
#include <fstream>
#include <sstream>
#include <xercesc/util/Base64.hpp>
+#include <xsec/framework/XSECDefs.hpp>
+#include <xmltooling/io/HTTPResponse.h>
#include <xmltooling/logging.h>
+#include <xmltooling/XMLToolingConfig.h>
+#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/PathResolver.h>
#include <xmltooling/util/TemplateEngine.h>
using namespace opensaml::saml1p;
public:
SAML1POSTEncoder(const DOMElement* e, const XMLCh* ns);
virtual ~SAML1POSTEncoder() {}
-
+
+ const XMLCh* getProtocolFamily() const {
+ return samlconstants::SAML11_PROTOCOL_ENUM;
+ }
+
+ const char* getShortName() const {
+ return "POST";
+ }
+
long encode(
GenericResponse& genericResponse,
XMLObject* xmlObject,
const char* destination,
- const EntityDescriptor* recipient=NULL,
- const char* relayState=NULL,
- const ArtifactGenerator* artifactGenerator=NULL,
- const Credential* credential=NULL,
- const XMLCh* signatureAlg=NULL,
- const XMLCh* digestAlg=NULL
+ const EntityDescriptor* recipient=nullptr,
+ const char* relayState=nullptr,
+ const ArtifactGenerator* artifactGenerator=nullptr,
+ const Credential* credential=nullptr,
+ const XMLCh* signatureAlg=nullptr,
+ const XMLCh* digestAlg=nullptr
) const;
protected:
static const XMLCh _template[] = UNICODE_LITERAL_8(t,e,m,p,l,a,t,e);
SAML1POSTEncoder::SAML1POSTEncoder(const DOMElement* e, const XMLCh* ns)
+ : m_template(XMLHelper::getAttrString(e, "bindingTemplate.html", _template, ns))
{
- if (e) {
- auto_ptr_char t(e->getAttributeNS(ns, _template));
- if (t.get() && *t.get())
- m_template = t.get();
- }
if (m_template.empty())
throw XMLToolingException("SAML1POSTEncoder requires template XML attribute.");
+ XMLToolingConfig::getConfig().getPathResolver()->resolve(m_template, PathResolver::XMLTOOLING_CFG_FILE);
}
long SAML1POSTEncoder::encode(
xmltooling::NDC ndc("encode");
#endif
Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML1POST");
+ log.debug("validating input");
TemplateEngine* engine = XMLToolingConfig::getConfig().getTemplateEngine();
- if (!engine)
- throw BindingException("Encoding response using POST requires a TemplateEngine instance.");
-
- log.debug("validating input");
+ if (!engine || !destination)
+ throw BindingException("Encoding response using POST requires a TemplateEngine instance and a destination.");
+ HTTPResponse::sanitizeURL(destination);
if (xmlObject->getParent())
throw BindingException("Cannot encode XML content with parent.");
Response* response = dynamic_cast<Response*>(xmlObject);
if (!relayState)
throw BindingException("SAML 1.x POST Encoder requires relay state (TARGET) value.");
- DOMElement* rootElement = NULL;
+ DOMElement* rootElement = nullptr;
if (credential) {
// Signature based on native XML signing.
if (response->getSignature()) {
// Sign response while marshalling.
vector<Signature*> sigs(1,sig);
- rootElement = response->marshall((DOMDocument*)NULL,&sigs,credential);
+ rootElement = response->marshall((DOMDocument*)nullptr,&sigs,credential);
}
}
else {
log.debug("marshalled response:\n%s", xmlbuf.c_str());
// Replace with base-64 encoded version.
- unsigned int len=0;
+ xsecsize_t len=0;
XMLByte* out=Base64::encode(reinterpret_cast<const XMLByte*>(xmlbuf.data()),xmlbuf.size(),&len);
if (out) {
xmlbuf.erase();
xmlbuf.append(reinterpret_cast<char*>(out),len);
+#ifdef OPENSAML_XERCESC_HAS_XMLBYTE_RELEASE
XMLString::release(&out);
+#else
+ XMLString::release((char**)&out);
+#endif
}
else {
throw BindingException("Base64 encoding of XML failed.");
stringstream s;
engine->run(infile, s, pmap);
genericResponse.setContentType("text/html");
+ HTTPResponse* httpResponse = dynamic_cast<HTTPResponse*>(&genericResponse);
+ if (httpResponse) {
+ httpResponse->setResponseHeader("Expires", "01-Jan-1997 12:00:00 GMT");
+ httpResponse->setResponseHeader("Cache-Control", "no-cache, no-store, must-revalidate, private");
+ httpResponse->setResponseHeader("Pragma", "no-cache");
+ }
long ret = genericResponse.sendResponse(s);
// Cleanup by destroying XML.