Convert from NULL macro to nullptr, remove unused zlib code.

[shibboleth/cpp-opensaml.git] / saml / saml1 / binding / impl / SAML1SOAPClient.cpp

diff --git a/saml/saml1/binding/impl/SAML1SOAPClient.cpp b/saml/saml1/binding/impl/SAML1SOAPClient.cpp
index 3760a17..d3f19af 100644 (file)
--- a/saml/saml1/binding/impl/SAML1SOAPClient.cpp
+++ b/saml/saml1/binding/impl/SAML1SOAPClient.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,54 +22,78 @@
 
 #include "internal.h"
 #include "exceptions.h"
+#include "binding/SecurityPolicy.h"
+#include "binding/SOAPClient.h"
 #include "saml1/binding/SAML1SOAPClient.h"
 #include "saml1/core/Protocols.h"
 #include "saml2/metadata/Metadata.h"
 
-#include <log4cpp/Category.hh>
+#include <xmltooling/logging.h>
 #include <xmltooling/soap/SOAP.h>
 
 using namespace opensaml::saml1p;
 using namespace opensaml::saml2md;
 using namespace opensaml;
 using namespace soap11;
+using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace log4cpp;
 using namespace std;
 
-void SAML1SOAPClient::sendSAML(Request* request, const RoleDescriptor& peer, const char* endpoint)
+SAML1SOAPClient::SAML1SOAPClient(opensaml::SOAPClient& soaper, bool fatalSAMLErrors) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(nullptr)
+{
+}
+
+SAML1SOAPClient::~SAML1SOAPClient()
+{
+    XMLString::release(&m_correlate);
+}
+
+void SAML1SOAPClient::sendSAML(Request* request, const char* from, MetadataCredentialCriteria& to, const char* endpoint)
 {
     auto_ptr<Envelope> env(EnvelopeBuilder::buildEnvelope());
     Body* body = BodyBuilder::buildBody();
     env->setBody(body);
     body->getUnknownXMLObjects().push_back(request);
-    send(*env.get(), peer, endpoint);
+    m_soaper.send(*env.get(), from, to, endpoint);
     m_correlate = XMLString::replicate(request->getRequestID());
 }
 
 Response* SAML1SOAPClient::receiveSAML()
 {
-    auto_ptr<Envelope> env(receive());
+    auto_ptr<Envelope> env(m_soaper.receive());
     if (env.get()) {
         Body* body = env->getBody();
         if (body && body->hasChildren()) {
             // Check for SAML Response.
             Response* response = dynamic_cast<Response*>(body->getUnknownXMLObjects().front());
             if (response) {
-                
+
                 // Check InResponseTo.
-                if (m_correlate && !XMLString::equals(m_correlate, response->getInResponseTo()))
-                    throw BindingException("InResponseTo attribute did not correlate with the Request ID.");
+                if (m_correlate && response->getInResponseTo() && !XMLString::equals(m_correlate, response->getInResponseTo()))
+                    throw SecurityPolicyException("InResponseTo attribute did not correlate with the Request ID.");
+                
+                m_soaper.getPolicy().reset(true);
+
+                // Extract Response details and run policy against it.
+                // We don't pull Issuer out of any assertions because some profiles may permit
+                // alternate issuers at that layer.
+                m_soaper.getPolicy().setMessageID(response->getResponseID());
+                m_soaper.getPolicy().setIssueInstant(response->getIssueInstantEpoch());
+                m_soaper.getPolicy().evaluate(*response);
                 
                 // Check Status.
                 Status* status = response->getStatus();
                 if (status) {
-                    const QName* code = status->getStatusCode() ? status->getStatusCode()->getValue() : NULL;
-                    if (code && *code != StatusCode::SUCCESS && handleError(*status))
-                        throw BindingException("SAML Response contained an error.");
+                    const xmltooling::QName* code = status->getStatusCode() ? status->getStatusCode()->getValue() : nullptr;
+                    if (code && *code != StatusCode::SUCCESS && handleError(*status)) {
+                        BindingException ex("SAML Response contained an error.");
+                        if (m_soaper.getPolicy().getIssuerMetadata())
+                            annotateException(&ex, m_soaper.getPolicy().getIssuerMetadata());   // throws it
+                        else
+                            ex.raise();
+                    }
                 }
                 
-                m_policy.evaluate(*response);
                 env.release();
                 body->detach(); // frees Envelope
                 response->detach();   // frees Body
@@ -77,19 +101,23 @@ Response* SAML1SOAPClient::receiveSAML()
             }
         }
         
-        throw BindingException("SOAP Envelope did not contain a SAML Response or a Fault.");
+        BindingException ex("SOAP Envelope did not contain a SAML Response or a Fault.");
+        if (m_soaper.getPolicy().getIssuerMetadata())
+            annotateException(&ex, m_soaper.getPolicy().getIssuerMetadata());   // throws it
+        else
+            ex.raise();
     }
-    return NULL;
+    return nullptr;
 }
 
 bool SAML1SOAPClient::handleError(const Status& status)
 {
-    const QName* code = status.getStatusCode() ? status.getStatusCode()->getValue() : NULL;
-    auto_ptr_char str((status.getStatusMessage() ? status.getStatusMessage()->getMessage() : NULL));
+    const xmltooling::QName* code = status.getStatusCode() ? status.getStatusCode()->getValue() : nullptr;
+    auto_ptr_char str((status.getStatusMessage() ? status.getStatusMessage()->getMessage() : nullptr));
     Category::getInstance(SAML_LOGCAT".SOAPClient").error(
         "SOAP client detected a SAML error: (%s) (%s)",
         (code ? code->toString().c_str() : "no code"),
         (str.get() ? str.get() : "no message")
         );
-    return true;
+    return m_fatal;
 }