#include "internal.h"
#include "exceptions.h"
-#include "saml/binding/ReplayCache.h"
#include "saml2/binding/SAML2POSTDecoder.h"
#include "saml2/core/Protocols.h"
#include "saml2/metadata/Metadata.h"
#include <log4cpp/Category.hh>
#include <xercesc/util/Base64.hpp>
#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/ReplayCache.h>
+#include <xmltooling/validation/ValidatorSuite.h>
using namespace opensaml::saml2md;
using namespace opensaml::saml2p;
const HTTPRequest& httpRequest,
const MetadataProvider* metadataProvider,
const QName* role,
- const X509TrustEngine* trustEngine
+ const opensaml::TrustEngine* trustEngine
) const
{
#ifdef _DEBUG
throw BindingException("Detected expired POST binding message.");
// Check replay.
- ReplayCache* replayCache = SAMLConfig::getConfig().getReplayCache();
+ ReplayCache* replayCache = XMLToolingConfig::getConfig().getReplayCache();
if (replayCache) {
auto_ptr_char id(xmlObject->getXMLID());
if (!replayCache->check("SAML2POST", id.get(), response->getIssueInstant()->getEpoch() + (2*XMLToolingConfig::getConfig().clock_skew_secs))) {
provider=metadataProvider ? metadataProvider->getEntityDescriptor(claimedIssuer->getName()) : NULL;
if (provider) {
log.debug("matched assertion issuer against metadata, searching for applicable role...");
- issuer=provider->getRoleDescriptor(*role, SAMLConstants::SAML20P_NS);
+ issuer=provider->getRoleDescriptor(*role, samlconstants::SAML20P_NS);
if (issuer) {
if (trustEngine && signature) {
- issuerTrusted = static_cast<const TrustEngine*>(trustEngine)->validate(
- *signature, *issuer, metadataProvider->getKeyResolver()
- );
+ issuerTrusted = trustEngine->validate(*signature, *issuer, metadataProvider->getKeyResolver());
if (!issuerTrusted) {
log.error("unable to verify signature on message with supplied trust engine");
throw BindingException("Message signature failed verification.");
}
}
if (!issuer)
- issuer=provider->getRoleDescriptor(*role, SAMLConstants::SAML20P_NS);
+ issuer=provider->getRoleDescriptor(*role, samlconstants::SAML20P_NS);
if (issuer) annotateException(&ex,issuer); // throws it
annotateException(&ex,provider); // throws it
}