-/*
- * Copyright 2001-2009 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
/**
#include <saml/saml2/metadata/Metadata.h>
#include <saml/saml2/metadata/MetadataProvider.h>
#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <saml/signature/ContentReference.h>
#include <saml/signature/SignatureProfileValidator.h>
#include <saml/util/SAMLConstants.h>
#include <xmltooling/logging.h>
#include <xmltooling/security/SignatureTrustEngine.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/signature/SignatureValidator.h>
+#include <xmltooling/util/ParserPool.h>
#include <xmltooling/util/XMLHelper.h>
#include <fstream>
XercesJanitor<DOMDocument> janitor(doc);
static const XMLCh _type[] = UNICODE_LITERAL_4(t,y,p,e);
- auto_ptr_char type(doc->getDocumentElement()->getAttributeNS(NULL,_type));
+ auto_ptr_char type(doc->getDocumentElement()->getAttributeNS(nullptr,_type));
if (type.get() && *type.get())
return mgr.newPlugin(type.get(), doc->getDocumentElement());
throw XMLToolingException("Missing type in plugin configuration.");
DOMDocument* doc = XMLToolingConfig::getConfig().getParser().newDocument();
XercesJanitor<DOMDocument> janitor(doc);
- DOMElement* root = doc->createElementNS(NULL, _CredentialResolver);
+ DOMElement* root = doc->createElementNS(nullptr, _CredentialResolver);
if (key) {
auto_ptr_XMLCh widenit(key);
- root->setAttributeNS(NULL, _key, widenit.get());
+ root->setAttributeNS(nullptr, _key, widenit.get());
}
if (cert) {
auto_ptr_XMLCh widenit(cert);
- root->setAttributeNS(NULL, _certificate, widenit.get());
+ root->setAttributeNS(nullptr, _certificate, widenit.get());
}
return XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(FILESYSTEM_CREDENTIAL_RESOLVER, root);
Lockable* lock() {return this;}
void unlock() {}
- const Credential* resolve(const CredentialCriteria* criteria=NULL) const {return NULL;}
+ const Credential* resolve(const CredentialCriteria* criteria=nullptr) const {return nullptr;}
vector<const Credential*>::size_type resolve(
- vector<const Credential*>& results, const CredentialCriteria* criteria=NULL
+ vector<const Credential*>& results, const CredentialCriteria* criteria=nullptr
) const {return 0;}
};
int main(int argc,char* argv[])
{
- bool verify=true;
- char* url_param=NULL;
- char* path_param=NULL;
- char* key_param=NULL;
- char* cert_param=NULL;
- char* cr_param=NULL;
- char* t_param=NULL;
- char* id_param=NULL;
+ bool verify=true,validate=false;
+ char* url_param=nullptr;
+ char* path_param=nullptr;
+ char* key_param=nullptr;
+ char* cert_param=nullptr;
+ char* cr_param=nullptr;
+ char* t_param=nullptr;
+ char* id_param=nullptr;
+ char* alg_param=nullptr;
+ char* dig_param=nullptr;
// metadata lookup options
- char* m_param=NULL;
- char* issuer=NULL;
- char* prot = NULL;
- const XMLCh* protocol = NULL;
- char* rname = NULL;
- char* rns = NULL;
+ char* m_param=nullptr;
+ char* issuer=nullptr;
+ char* prot = nullptr;
+ const XMLCh* protocol = nullptr;
+ const char* rname = nullptr;
+ char* rns = nullptr;
for (int i=1; i<argc; i++) {
if (!strcmp(argv[i],"-u") && i+1<argc)
prot=argv[++i];
else if (!strcmp(argv[i],"-r") && i+1<argc)
rname=argv[++i];
+ else if (!strcmp(argv[i],"-V"))
+ validate = true;
else if (!strcmp(argv[i],"-ns") && i+1<argc)
rns=argv[++i];
+ else if (!strcmp(argv[i],"-alg") && i+1<argc)
+ alg_param=argv[++i];
+ else if (!strcmp(argv[i],"-dig") && i+1<argc)
+ dig_param=argv[++i];
else if (!strcmp(argv[i],"-saml10"))
protocol=samlconstants::SAML10_PROTOCOL_ENUM;
else if (!strcmp(argv[i],"-saml11"))
}
XMLToolingConfig& xmlconf = XMLToolingConfig::getConfig();
- xmlconf.log_config();
+ xmlconf.log_config(getenv("OPENSAML_LOG_CONFIG"));
+ if (getenv("OPENSAML_SCHEMAS"))
+ xmlconf.catalog_path = getenv("OPENSAML_SCHEMAS");
SAMLConfig& conf=SAMLConfig::getConfig();
if (!conf.init())
return -2;
try {
// Parse the specified document.
- DOMDocument* doc=NULL;
+ DOMDocument* doc=nullptr;
if (url_param) {
auto_ptr_XMLCh wideurl(url_param);
URLInputSource src(wideurl.get());
Wrapper4InputSource dsrc(&src,false);
- doc=xmlconf.getParser().parse(dsrc);
+ if (validate)
+ doc = xmlconf.getValidatingParser().parse(dsrc);
+ else
+ doc = xmlconf.getParser().parse(dsrc);
}
else if (path_param) {
auto_ptr_XMLCh widenit(path_param);
LocalFileInputSource src(widenit.get());
Wrapper4InputSource dsrc(&src,false);
- doc=xmlconf.getParser().parse(dsrc);
+ if (validate)
+ doc = xmlconf.getValidatingParser().parse(dsrc);
+ else
+ doc = xmlconf.getParser().parse(dsrc);
}
else {
StdInInputSource src;
Wrapper4InputSource dsrc(&src,false);
- doc=xmlconf.getParser().parse(dsrc);
+ if (validate)
+ doc = xmlconf.getValidatingParser().parse(dsrc);
+ else
+ doc = xmlconf.getParser().parse(dsrc);
}
// Unmarshall it.
if (cert_param || cr_param) {
// Build a resolver to supply trusted credentials.
auto_ptr<CredentialResolver> cr(
- cr_param ? buildPlugin(cr_param, xmlconf.CredentialResolverManager) : buildSimpleResolver(NULL, cert_param)
+ cr_param ? buildPlugin(cr_param, xmlconf.CredentialResolverManager) : buildSimpleResolver(nullptr, cert_param)
);
Locker locker(cr.get());
// Attach new signature.
Signature* sig = SignatureBuilder::buildSignature();
signable->setSignature(sig);
+ auto_ptr_XMLCh alg(alg_param);
+ if (alg.get()) {
+ sig->setSignatureAlgorithm(alg.get());
+ }
+ auto_ptr_XMLCh dig(dig_param);
+ if (dig.get()) {
+ dynamic_cast<opensaml::ContentReference*>(sig->getContentReference())->setDigestAlgorithm(dig.get());
+ }
// Sign response while re-marshalling.
vector<Signature*> sigs(1,sig);
- XMLHelper::serialize(signable->marshall((DOMDocument*)NULL,&sigs,cred), cout);
+ XMLHelper::serialize(signable->marshall((DOMDocument*)nullptr,&sigs,cred), cout);
}
}
catch(exception& e) {
projects / shibboleth / cpp-opensaml.git / blobdiff