#include "binding/SAMLArtifact.h"
#include "saml2/metadata/Metadata.h"
#include "saml2/metadata/AbstractMetadataProvider.h"
+#include "saml2/metadata/MetadataCredentialContext.h"
#include "saml2/metadata/MetadataCredentialCriteria.h"
#include <xercesc/util/XMLUniDefs.hpp>
AbstractMetadataProvider::~AbstractMetadataProvider()
{
for (credmap_t::iterator c = m_credentialMap.begin(); c!=m_credentialMap.end(); ++c)
- for_each(c->second.begin(), c->second.end(), cleanup_pair<const XMLCh*,Credential>());
+ for_each(c->second.begin(), c->second.end(), xmltooling::cleanup<Credential>());
delete m_credentialLock;
delete m_resolver;
}
-void AbstractMetadataProvider::emitChangeEvent()
+void AbstractMetadataProvider::emitChangeEvent() const
{
for (credmap_t::iterator c = m_credentialMap.begin(); c!=m_credentialMap.end(); ++c)
- for_each(c->second.begin(), c->second.end(), cleanup_pair<const XMLCh*,Credential>());
+ for_each(c->second.begin(), c->second.end(), xmltooling::cleanup<Credential>());
m_credentialMap.clear();
ObservableMetadataProvider::emitChangeEvent();
}
const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
for (credmap_t::mapped_type::const_iterator c = creds.begin(); c!=creds.end(); ++c)
- if (matches(*c,criteria))
- return c->second;
+ if (metacrit->matches(*(*c)))
+ return *c;
return NULL;
}
const credmap_t::mapped_type& creds = resolveCredentials(metacrit->getRole());
for (credmap_t::mapped_type::const_iterator c = creds.begin(); c!=creds.end(); ++c)
- if (matches(*c,criteria))
- results.push_back(c->second);
+ if (metacrit->matches(*(*c)))
+ results.push_back(*c);
return results.size();
}
AbstractMetadataProvider::credmap_t::mapped_type& resolved = m_credentialMap[&role];
for (vector<KeyDescriptor*>::const_iterator k = keys.begin(); k!=keys.end(); ++k) {
if ((*k)->getKeyInfo()) {
- Credential* c = resolver->resolve((*k)->getKeyInfo());
- resolved.push_back(make_pair((*k)->getUse(), c));
+ auto_ptr<MetadataCredentialContext> mcc(new MetadataCredentialContext(*(*k)));
+ Credential* c = resolver->resolve(mcc.get());
+ mcc.release();
+ resolved.push_back(c);
}
}
return resolved;
}
-
-bool AbstractMetadataProvider::matches(const pair<const XMLCh*,Credential*>& cred, const CredentialCriteria* criteria) const
-{
- if (criteria) {
- // Check for a usage mismatch.
- if ((criteria->getUsage()==CredentialCriteria::SIGNING_CREDENTIAL || criteria->getUsage()==CredentialCriteria::TLS_CREDENTIAL) &&
- XMLString::equals(cred.first,KeyDescriptor::KEYTYPE_ENCRYPTION))
- return false;
- else if (criteria->getUsage()==CredentialCriteria::ENCRYPTION_CREDENTIAL && XMLString::equals(cred.first,KeyDescriptor::KEYTYPE_SIGNING))
- return false;
-
- if (cred.second->getPublicKey()) {
- // See if we have to match a specific key.
- auto_ptr<Credential> critcred(
- XMLToolingConfig::getConfig().getKeyInfoResolver()->resolve(*criteria,Credential::RESOLVE_KEYS)
- );
- if (critcred.get())
- if (!critcred->isEqual(*(cred.second->getPublicKey())))
- return false;
- }
- }
- return true;
-}
projects / shibboleth / cpp-opensaml.git / blobdiff