/*
- * Copyright 2001-2006 Internet2
+ * Copyright 2001-2007 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "internal.h"
#include "exceptions.h"
#include "binding/HTTPResponse.h"
-#include "binding/URLEncoder.h"
+#include "binding/MessageEncoder.h"
#include "saml2/binding/SAML2Redirect.h"
-#include "saml2/binding/SAML2RedirectEncoder.h"
#include "saml2/core/Protocols.h"
#include <fstream>
#include <sstream>
#include <log4cpp/Category.hh>
#include <xercesc/util/Base64.hpp>
-#include <xsec/enc/XSECCryptoException.hpp>
-#include <xsec/enc/XSECCryptoProvider.hpp>
-#include <xsec/framework/XSECException.hpp>
#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/URLEncoder.h>
using namespace opensaml::saml2p;
using namespace opensaml;
namespace opensaml {
namespace saml2p {
+ class SAML_DLLLOCAL SAML2RedirectEncoder : public MessageEncoder
+ {
+ public:
+ SAML2RedirectEncoder(const DOMElement* e) {}
+ virtual ~SAML2RedirectEncoder() {}
+
+ long encode(
+ GenericResponse& genericResponse,
+ XMLObject* xmlObject,
+ const char* destination,
+ const char* recipientID=NULL,
+ const char* relayState=NULL,
+ const Credential* credential=NULL,
+ const XMLCh* sigAlgorithm=NULL
+ ) const;
+ };
+
MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const DOMElement* const & e)
{
return new SAML2RedirectEncoder(e);
const char* destination,
const char* recipientID,
const char* relayState,
- const CredentialResolver* credResolver,
+ const Credential* credential,
const XMLCh* sigAlgorithm
) const
{
#ifdef _DEBUG
xmltooling::NDC ndc("encode");
#endif
- Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML2POST");
+ Category& log = Category::getInstance(SAML_LOGCAT".MessageEncoder.SAML2Redirect");
log.debug("validating input");
HTTPResponse* httpResponse=dynamic_cast<HTTPResponse*>(&genericResponse);
if (!request) {
response = dynamic_cast<StatusResponseType*>(xmlObject);
if (!response)
- throw BindingException("XML content for SAML 2.0 HTTP-POST Encoder must be a SAML 2.0 protocol message.");
+ throw BindingException("XML content for SAML 2.0 HTTP-Redirect Encoder must be a SAML 2.0 protocol message.");
}
// Check for XML signature.
throw BindingException("Base64 encoding of XML failed.");
// Create beginnings of redirect query string.
- URLEncoder* escaper = SAMLConfig::getConfig().getURLEncoder();
+ const URLEncoder* escaper = XMLToolingConfig::getConfig().getURLEncoder();
xmlbuf.erase();
xmlbuf.append(reinterpret_cast<char*>(encoded),len);
xmlbuf = (request ? "SAMLRequest=" : "SAMLResponse=") + escaper->encode(xmlbuf.c_str());
if (relayState)
xmlbuf = xmlbuf + "&RelayState=" + escaper->encode(relayState);
- if (credResolver) {
+ if (credential) {
// Sign the query string after adding the algorithm.
if (!sigAlgorithm)
sigAlgorithm = DSIGConstants::s_unicodeStrURIRSA_SHA1;
auto_ptr_char alg(sigAlgorithm);
xmlbuf = xmlbuf + "&SigAlg=" + escaper->encode(alg.get());
- try {
- char sigbuf[1024];
- memset(sigbuf,0,sizeof(sigbuf));
- auto_ptr<XSECCryptoKey> key(credResolver->getKey());
- Signature::createRawSignature(key.get(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
- xmlbuf = xmlbuf + "&Signature=" + escaper->encode(sigbuf);
- }
- catch(XSECException& e) {
- auto_ptr_char temp(e.getMsg());
- throw SignatureException(string("Caught an XMLSecurity exception while signing: ") + temp.get());
- }
- catch(XSECCryptoException& e) {
- throw SignatureException(string("Caught an XMLSecurity exception while signing: ") + e.getMsg());
- }
+ char sigbuf[1024];
+ memset(sigbuf,0,sizeof(sigbuf));
+ Signature::createRawSignature(credential->getPrivateKey(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
+ xmlbuf = xmlbuf + "&Signature=" + escaper->encode(sigbuf);
}
// Generate redirect.
projects / shibboleth / cpp-opensaml.git / blobdiff