Change audience handling and validators to separate out entityID.
Make entityID overridable by relying party.
bool found = false;
const vector<Audience*>& auds1 = ac->getAudiences();
for (vector<Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {
- for (vector<const XMLCh*>::const_iterator a2 = m_audiences.begin(); !found && a2!=m_audiences.end(); ++a2) {
- found = XMLString::equals((*a)->getAudienceURI(), *a2);
+ if (XMLString::equals(m_recipient, (*a)->getAudienceURI())) {
+ found = true;
+ }
+ else if (m_audiences) {
+ for (vector<const XMLCh*>::const_iterator a2 = m_audiences->begin(); !found && a2!=m_audiences->end(); ++a2) {
+ found = XMLString::equals((*a)->getAudienceURI(), *a2);
+ }
}
}
/**
* Constructor
*
- * @param audiences set of audience values representing recipient
+ * @param recipient name of assertion recipient (implicit audience)
+ * @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- AssertionValidator(const std::vector<const XMLCh*>& audiences, time_t ts=0) : m_audiences(audiences), m_ts(ts) {}
+ AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
+ : m_recipient(recipient), m_audiences(audiences), m_ts(ts) {
+ }
virtual ~AssertionValidator() {}
virtual void validateCondition(const Condition* condition) const;
protected:
- /** Set of audience values representing recipient. */
- const std::vector<const XMLCh*>& m_audiences;
+ /** Name of recipient (implicit audience). */
+ const XMLCh* m_recipient;
+
+ /** Additional audience values. */
+ const std::vector<const XMLCh*>* m_audiences;
/** Timestamp to evaluate assertion conditions. */
time_t m_ts;
/**
* Constructor
*
- * @param audiences set of audience values representing recipient
+ * @recipient name of assertion recipient (implicit audience)
+ * @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- BrowserSSOProfileValidator(const std::vector<const XMLCh*>& audiences, time_t ts=0)
- : AssertionValidator(audiences, ts) {
+ BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
+ : AssertionValidator(recipient, audiences, ts) {
}
virtual ~BrowserSSOProfileValidator() {}
bool found = false;
const vector<Audience*>& auds1 = ac->getAudiences();
for (vector<Audience*>::const_iterator a = auds1.begin(); !found && a!=auds1.end(); ++a) {
- for (vector<const XMLCh*>::const_iterator a2 = m_audiences.begin(); !found && a2!=m_audiences.end(); ++a2) {
- found = XMLString::equals((*a)->getAudienceURI(), *a2);
+ if (XMLString::equals(m_recipient, (*a)->getAudienceURI())) {
+ found = true;
+ }
+ else if (m_audiences) {
+ for (vector<const XMLCh*>::const_iterator a2 = m_audiences->begin(); !found && a2!=m_audiences->end(); ++a2) {
+ found = XMLString::equals((*a)->getAudienceURI(), *a2);
+ }
}
}
/**
* Constructor
*
- * @param audiences set of audience values representing recipient
+ * @param recipient name of assertion recipient (implicit audience)
+ * @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- AssertionValidator(const std::vector<const XMLCh*>& audiences, time_t ts=0) : m_audiences(audiences), m_ts(ts) {}
+ AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
+ : m_recipient(recipient), m_audiences(audiences), m_ts(ts) {
+ }
virtual ~AssertionValidator() {}
virtual void validateCondition(const Condition* condition) const;
protected:
- /** Set of audience values representing recipient. */
- const std::vector<const XMLCh*>& m_audiences;
+ /** Name of recipient (implicit audience). */
+ const XMLCh* m_recipient;
+
+ /** Additional audience values. */
+ const std::vector<const XMLCh*>* m_audiences;
/** Timestamp to evaluate assertion conditions. */
time_t m_ts;
/**
* Constructor
*
- * @param audiences set of audience values representing recipient
+ * @param recipient name of assertion recipient (implicit audience)
+ * @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
* @param destination server location to which assertion was delivered, or 0 to bypass check
* @param requestID ID of request that resulted in assertion, or NULL if unsolicited
*/
BrowserSSOProfileValidator(
- const std::vector<const XMLCh*>& audiences,
+ const XMLCh* recipient,
+ const std::vector<const XMLCh*>* audiences=NULL,
time_t ts=0,
const char* destination=NULL,
const char* requestID=NULL
- ) : AssertionValidator(audiences, ts), m_destination(destination), m_requestID(requestID) {
+ ) : AssertionValidator(recipient, audiences, ts), m_destination(destination), m_requestID(requestID) {
}
virtual ~BrowserSSOProfileValidator() {}
projects / shibboleth / cpp-opensaml.git / commitdiff