/*
- * Copyright 2001-2006 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "internal.h"
#include "exceptions.h"
-#include "saml2/binding/SAML2SOAPDecoder.h"
+#include "saml2/binding/SAML2MessageDecoder.h"
+#include "saml2/core/Protocols.h"
-#include <log4cpp/Category.hh>
+#include <xmltooling/logging.h>
#include <xmltooling/soap/SOAP.h>
#include <xmltooling/util/NDC.h>
#include <xmltooling/validation/ValidatorSuite.h>
using namespace opensaml::saml2p;
using namespace opensaml;
using namespace soap11;
+using namespace xmltooling::logging;
using namespace xmltooling;
-using namespace log4cpp;
using namespace std;
namespace opensaml {
namespace saml2p {
- MessageDecoder* SAML_DLLLOCAL SAML2SOAPDecoderFactory(const DOMElement* const & e)
+ class SAML_DLLLOCAL SAML2SOAPDecoder : public SAML2MessageDecoder
{
- return new SAML2SOAPDecoder(e);
+ public:
+ SAML2SOAPDecoder() {}
+ virtual ~SAML2SOAPDecoder() {}
+
+ bool isUserAgentPresent() const {
+ return false;
+ }
+
+ xmltooling::XMLObject* decode(
+ std::string& relayState,
+ const GenericRequest& genericRequest,
+ SecurityPolicy& policy
+ ) const;
+ };
+
+ MessageDecoder* SAML_DLLLOCAL SAML2SOAPDecoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
+ {
+ return new SAML2SOAPDecoder();
}
};
};
-SAML2SOAPDecoder::SAML2SOAPDecoder(const DOMElement* e) {}
-
XMLObject* SAML2SOAPDecoder::decode(
string& relayState,
const GenericRequest& genericRequest,
log.debug("validating input");
string s = genericRequest.getContentType();
- if (s != "text/xml") {
- log.warn("ignoring incorrect Content Type (%s)", s.c_str() ? s.c_str() : "none");
- return NULL;
+ if (s.find("text/xml") == string::npos) {
+ log.warn("ignoring incorrect content type (%s)", s.c_str() ? s.c_str() : "none");
+ throw BindingException("Invalid content type for SOAP message.");
}
const char* data = genericRequest.getRequestBody();
- if (!data) {
- log.warn("empty request body");
- return NULL;
- }
+ if (!data)
+ throw BindingException("SOAP message had an empty request body.");
+ log.debug("received message:\n%s", data);
istringstream is(data);
// Parse and bind the document into an XMLObject.
- DOMDocument* doc = (m_validate ? XMLToolingConfig::getConfig().getValidatingParser()
+ DOMDocument* doc = (policy.getValidating() ? XMLToolingConfig::getConfig().getValidatingParser()
: XMLToolingConfig::getConfig().getParser()).parse(is);
XercesJanitor<DOMDocument> janitor(doc);
auto_ptr<XMLObject> xmlObject(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(), true));
if (!env)
throw BindingException("Decoded message was not a SOAP 1.1 Envelope.");
- if (!m_validate)
- SchemaValidators.validate(env);
+ SchemaValidators.validate(env);
Body* body = env->getBody();
if (body && body->hasChildren()) {
RequestAbstractType* request = dynamic_cast<RequestAbstractType*>(body->getUnknownXMLObjects().front());
if (request) {
// Run through the policy at two layers.
+ extractMessageDetails(*env, genericRequest, samlconstants::SAML20P_NS, policy);
policy.evaluate(*env, &genericRequest);
+ policy.reset(true);
+ extractMessageDetails(*request, genericRequest, samlconstants::SAML20P_NS, policy);
policy.evaluate(*request, &genericRequest);
xmlObject.release();
body->detach(); // frees Envelope
projects / shibboleth / cpp-opensaml.git / blobdiff