Major revamp of credential and trust handling code, PKIX engine still needs work.

[shibboleth/cpp-opensaml.git] / saml / saml2 / binding / impl / SAML2RedirectEncoder.cpp

diff --git a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
index 38bf52c..9e2b3d1 100644 (file)
--- a/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
+++ b/saml/saml2/binding/impl/SAML2RedirectEncoder.cpp
@@ -23,9 +23,8 @@
 #include "internal.h"
 #include "exceptions.h"
 #include "binding/HTTPResponse.h"
-#include "binding/URLEncoder.h"
+#include "binding/MessageEncoder.h"
 #include "saml2/binding/SAML2Redirect.h"
-#include "saml2/binding/SAML2RedirectEncoder.h"
 #include "saml2/core/Protocols.h"
 
 #include <fstream>
@@ -33,6 +32,7 @@
 #include <log4cpp/Category.hh>
 #include <xercesc/util/Base64.hpp>
 #include <xmltooling/util/NDC.h>
+#include <xmltooling/util/URLEncoder.h>
 
 using namespace opensaml::saml2p;
 using namespace opensaml;
@@ -43,6 +43,23 @@ using namespace std;
 
 namespace opensaml {
     namespace saml2p {              
+        class SAML_DLLLOCAL SAML2RedirectEncoder : public MessageEncoder
+        {
+        public:
+            SAML2RedirectEncoder(const DOMElement* e) {}
+            virtual ~SAML2RedirectEncoder() {}
+            
+            long encode(
+                GenericResponse& genericResponse,
+                XMLObject* xmlObject,
+                const char* destination,
+                const char* recipientID=NULL,
+                const char* relayState=NULL,
+                const Credential* credential=NULL,
+                const XMLCh* sigAlgorithm=NULL
+                ) const;
+        };
+
         MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const DOMElement* const & e)
         {
             return new SAML2RedirectEncoder(e);
@@ -56,7 +73,7 @@ long SAML2RedirectEncoder::encode(
     const char* destination,
     const char* recipientID,
     const char* relayState,
-    const CredentialResolver* credResolver,
+    const Credential* credential,
     const XMLCh* sigAlgorithm
     ) const
 {
@@ -102,14 +119,14 @@ long SAML2RedirectEncoder::encode(
         throw BindingException("Base64 encoding of XML failed.");
     
     // Create beginnings of redirect query string.
-    URLEncoder* escaper = SAMLConfig::getConfig().getURLEncoder();
+    const URLEncoder* escaper = XMLToolingConfig::getConfig().getURLEncoder();
     xmlbuf.erase();
     xmlbuf.append(reinterpret_cast<char*>(encoded),len);
     xmlbuf = (request ? "SAMLRequest=" : "SAMLResponse=") + escaper->encode(xmlbuf.c_str()); 
     if (relayState)
         xmlbuf = xmlbuf + "&RelayState=" + escaper->encode(relayState);
   
-    if (credResolver) {
+    if (credential) {
         // Sign the query string after adding the algorithm.
         if (!sigAlgorithm)
             sigAlgorithm = DSIGConstants::s_unicodeStrURIRSA_SHA1;
@@ -118,8 +135,7 @@ long SAML2RedirectEncoder::encode(
 
         char sigbuf[1024];
         memset(sigbuf,0,sizeof(sigbuf));
-        auto_ptr<XSECCryptoKey> key(credResolver->getKey());
-        Signature::createRawSignature(key.get(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
+        Signature::createRawSignature(credential->getPrivateKey(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
         xmlbuf = xmlbuf + "&Signature=" + escaper->encode(sigbuf);
     }