class SAML_API Assertion : public virtual RootObject
{
public:
- virtual ~Assertion() {}
+ virtual ~Assertion();
protected:
- Assertion() {}
+ Assertion();
};
};
/**
* @file saml/RootObject.h
*
- * Base class for SAML objects at the root of core schemas
+ * Base class for SAML objects at the root of core schemas.
*/
#ifndef __saml_root_h__
class SAML_API RootObject : public SignableObject
{
public:
- virtual ~RootObject() {}
+ virtual ~RootObject();
/**
* Returns the unique SAML ID of the object.
virtual time_t getIssueInstantEpoch() const=0;
protected:
- RootObject() {}
+ RootObject();
};
};
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAMLConfig.cpp
*
- * Library configuration
+ * Library configuration.
*/
#include "internal.h"
return g_config;
}
+SAMLConfig::SAMLConfig() : m_artifactMap(NULL)
+{
+}
+
+SAMLConfig::~SAMLConfig()
+{
+}
+
+ArtifactMap* SAMLConfig::getArtifactMap() const
+{
+ return m_artifactMap;
+}
+
void SAMLConfig::setArtifactMap(ArtifactMap* artifactMap)
{
delete m_artifactMap;
throw XMLSecurityException("Unable to generate SHA-1 hash.");
}
+SignableObject::SignableObject()
+{
+}
+
+SignableObject::~SignableObject()
+{
+}
+
+RootObject::RootObject()
+{
+}
+
+RootObject::~RootObject()
+{
+}
+
+Assertion::Assertion()
+{
+}
+
+Assertion::~Assertion()
+{
+}
+
using namespace saml2p;
using namespace saml2md;
{
MAKE_NONCOPYABLE(SAMLConfig);
public:
- virtual ~SAMLConfig() {}
+ virtual ~SAMLConfig();
/**
* Returns the global configuration object for the library.
*
* @return global ArtifactMap or NULL
*/
- ArtifactMap* getArtifactMap() const {
- return m_artifactMap;
- }
+ ArtifactMap* getArtifactMap() const;
/**
* Generate random information using the underlying security library
xmltooling::PluginManager<saml2md::MetadataFilter,std::string,const xercesc::DOMElement*> MetadataFilterManager;
protected:
- SAMLConfig() : m_artifactMap(NULL) {}
+ SAMLConfig();
/** Global ArtifactMap instance for use by artifact-related functions. */
ArtifactMap* m_artifactMap;
#include <saml/base.h>
+#include <string>
+#include <xercesc/dom/DOM.hpp>
+
namespace xmltooling {
class XMLTOOL_API StorageService;
class XMLTOOL_API XMLObject;
{
MAKE_NONCOPYABLE(MessageDecoder);
public:
- virtual ~MessageDecoder() {}
+ virtual ~MessageDecoder();
/**
* Indicates whether a web browser or similar user agent delivered the message.
class SAML_API ArtifactResolver {
MAKE_NONCOPYABLE(ArtifactResolver);
protected:
- ArtifactResolver() {}
+ ArtifactResolver();
public:
- virtual ~ArtifactResolver() {}
+ virtual ~ArtifactResolver();
/**
* Resolves one or more SAML 1.x artifacts into a response containing a set of
*
* @param artifactResolver an ArtifactResolver implementation to use
*/
- void setArtifactResolver(const ArtifactResolver* artifactResolver) {
- m_artifactResolver = artifactResolver;
- }
+ void setArtifactResolver(const ArtifactResolver* artifactResolver);
/**
* Decodes a transport request into a SAML protocol message, and evaluates it
) const=0;
protected:
- MessageDecoder() : m_artifactResolver(NULL) {}
+ MessageDecoder();
/** Pointer to an ArtifactResolver implementation. */
const ArtifactResolver* m_artifactResolver;
{
MAKE_NONCOPYABLE(MessageEncoder);
public:
- virtual ~MessageEncoder() {}
+ virtual ~MessageEncoder();
/**
* Indicates whether the encoding format requires that messages be as compact as possible.
class SAML_API ArtifactGenerator {
MAKE_NONCOPYABLE(ArtifactGenerator);
protected:
- ArtifactGenerator() {}
+ ArtifactGenerator();
public:
- virtual ~ArtifactGenerator() {}
+ virtual ~ArtifactGenerator();
/**
* Generate a SAML 1.x artifact suitable for consumption by the relying party.
) const=0;
protected:
- MessageEncoder() {}
+ MessageEncoder();
};
/**
#include <saml/base.h>
#include <string>
+#include <xmltooling/exceptions.h>
namespace opensaml {
{
SAMLArtifact& operator=(const SAMLArtifact& src);
public:
- virtual ~SAMLArtifact() {}
+ virtual ~SAMLArtifact();
/**
* Returns artifact encoded into null-terminated base64 for transmission.
static std::string toHex(const std::string& s);
protected:
- SAMLArtifact() {}
+ SAMLArtifact();
/**
* Decodes a base64-encoded artifact into its raw form.
*/
SAMLArtifact(const char* s);
- SAMLArtifact(const SAMLArtifact& src) : m_raw(src.m_raw) {}
+ SAMLArtifact(const SAMLArtifact& src);
/** Raw binary data that makes up an artifact. */
std::string m_raw;
#ifndef __saml_soap11client_h__
#define __saml_soap11client_h__
-#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
+#include <saml/base.h>
#include <xmltooling/soap/SOAPClient.h>
namespace opensaml {
class SAML_API SecurityPolicy;
+ namespace saml2md {
+ class SAML_API MetadataCredentialCriteria;
+ };
/**
* Specialized SOAPClient for SAML SOAP bindings.
*/
SOAPClient(SecurityPolicy& policy);
- virtual ~SOAPClient() {}
+ virtual ~SOAPClient();
/**
* Controls whether to force transport/peer authentication via an X509TrustEngine.
*
* @param force true iff the client should refuse to communicate without this protection
*/
- void forceTransportAuthentication(bool force=true) {
- m_force = force;
- }
+ void forceTransportAuthentication(bool force=true);
using soap11::SOAPClient::send;
*
* @return the associated SecurityPolicy
*/
- SecurityPolicy& getPolicy() const {
- return m_policy;
- }
+ SecurityPolicy& getPolicy() const;
protected:
/**
*
* @return the supplied MetadataProvider or NULL
*/
- const saml2md::MetadataProvider* getMetadataProvider() const {
- return m_metadata;
- }
+ const saml2md::MetadataProvider* getMetadataProvider() const;
/**
* Returns a reference to a MetadataProvider::Criteria instance suitable for use with the
*
* @return the peer role element/type, or an empty QName
*/
- const xmltooling::QName* getRole() const {
- return m_role;
- }
+ const xmltooling::QName* getRole() const;
/**
* Returns the TrustEngine supplied to the policy.
*
* @return the supplied TrustEngine or NULL
*/
- const xmltooling::TrustEngine* getTrustEngine() const {
- return m_trust;
- }
+ const xmltooling::TrustEngine* getTrustEngine() const;
/**
* Returns XML message validation setting.
*
* @return validation flag
*/
- bool getValidating() const {
- return m_validate;
- }
+ bool getValidating() const;
/**
* Returns flag controlling non-entity issuer support.
*
* @return flag controlling non-entity issuer support
*/
- bool requireEntityIssuer() const {
- return m_entityOnly;
- }
+ bool requireEntityIssuer() const;
/**
* Returns the SAML audiences that represent the receiving peer.
*
* @return audience values of the peer processing the message
*/
- const std::vector<xmltooling::xstring>& getAudiences() const {
- return m_audiences;
- }
+ const std::vector<xmltooling::xstring>& getAudiences() const;
/**
* Returns the SAML audiences that represent the receiving peer.
*
* @return audience values of the peer processing the message
*/
- std::vector<xmltooling::xstring>& getAudiences() {
- return m_audiences;
- }
+ std::vector<xmltooling::xstring>& getAudiences();
/**
* Gets the effective time of message processing.
*
* @return the time at which the message is being processed
*/
- time_t getTime() const {
- if (m_ts == 0)
- return m_ts = time(NULL);
- return m_ts;
- }
+ time_t getTime() const;
/**
* Returns the message identifier to which the message being evaluated
*
* @return correlated message identifier
*/
- const XMLCh* getCorrelationID() const {
- return m_correlationID.c_str();
- }
+ const XMLCh* getCorrelationID() const;
/**
* Gets a mutable array of installed policy rules.
*
* @return mutable array of rules
*/
- std::vector<const SecurityPolicyRule*>& getRules() {
- return m_rules;
- }
+ std::vector<const SecurityPolicyRule*>& getRules();
/**
* Sets a locked MetadataProvider for the policy.
*
* @param metadata a locked MetadataProvider or NULL
*/
- void setMetadataProvider(const saml2md::MetadataProvider* metadata) {
- m_metadata = metadata;
- }
+ void setMetadataProvider(const saml2md::MetadataProvider* metadata);
/**
* Sets a MetadataProvider::Criteria instance suitable for use with the
*
* @param trust a TrustEngine or NULL
*/
- void setTrustEngine(const xmltooling::TrustEngine* trust) {
- m_trust = trust;
- }
+ void setTrustEngine(const xmltooling::TrustEngine* trust);
/**
* Controls schema validation of incoming XML messages.
*
* @param validate validation setting
*/
- void setValidating(bool validate=true) {
- m_validate = validate;
- }
+ void setValidating(bool validate=true);
/**
* Sets flag controlling non-entity issuer support.
*
* @param entityOnly require that Issuer be in entity format
*/
- void requireEntityIssuer(bool entityOnly=true) {
- m_entityOnly = entityOnly;
- }
+ void requireEntityIssuer(bool entityOnly=true);
/**
* Sets effective time of message processing.
*
* @param ts the time at which the message is being processed
*/
- void setTime(time_t ts) {
- m_ts = ts;
- }
+ void setTime(time_t ts);
/**
* Sets the message identifier to which the message being evaluated
*
* @param correlationID correlated message identifier
*/
- void setCorrelationID(const XMLCh* correlationID) {
- m_correlationID.erase();
- if (correlationID)
- m_correlationID = correlationID;
- }
+ void setCorrelationID(const XMLCh* correlationID);
/**
* Evaluates the policy against the given request and message,
*
* @return message identifier as determined by the registered policies
*/
- const XMLCh* getMessageID() const {
- return m_messageID.c_str();
- }
+ const XMLCh* getMessageID() const;
/**
* Returns the message timestamp as determined by the registered policies.
*
* @return message timestamp as determined by the registered policies
*/
- time_t getIssueInstant() const {
- return m_issueInstant;
- }
+ time_t getIssueInstant() const;
/**
* Gets the issuer of the message as determined by the registered policies.
*
* @return issuer of the message as determined by the registered policies
*/
- const saml2::Issuer* getIssuer() const {
- return m_issuer;
- }
+ const saml2::Issuer* getIssuer() const;
/**
* Gets the metadata for the role the issuer is operating in.
*
* @return metadata for the role the issuer is operating in
*/
- const saml2md::RoleDescriptor* getIssuerMetadata() const {
- return m_issuerRole;
- }
+ const saml2md::RoleDescriptor* getIssuerMetadata() const;
/**
* Returns the authentication status of the message as determined by the registered policies.
*
* @return true iff a SecurityPolicyRule has indicated the issuer/message has been authenticated
*/
- bool isAuthenticated() const {
- return m_authenticated;
- }
+ bool isAuthenticated() const;
/**
* Sets the message identifier as determined by the registered policies.
*
* @param id message identifier
*/
- void setMessageID(const XMLCh* id) {
- m_messageID.erase();
- if (id)
- m_messageID = id;
- }
+ void setMessageID(const XMLCh* id);
/**
* Sets the message timestamp as determined by the registered policies.
*
* @param issueInstant message timestamp
*/
- void setIssueInstant(time_t issueInstant) {
- m_issueInstant = issueInstant;
- }
+ void setIssueInstant(time_t issueInstant);
/**
* Sets the issuer of the message as determined by the registered policies.
*
* @param auth indicates whether the issuer/message has been authenticated
*/
- void setAuthenticated(bool auth) {
- m_authenticated = auth;
- }
+ void setAuthenticated(bool auth);
/** Allows override of rules for comparing saml2:Issuer information. */
class SAML_API IssuerMatchingPolicy {
MAKE_NONCOPYABLE(IssuerMatchingPolicy);
public:
- IssuerMatchingPolicy() {}
- virtual ~IssuerMatchingPolicy() {}
+ IssuerMatchingPolicy();
+ virtual ~IssuerMatchingPolicy();
/**
* Returns true iff the two operands "match". Applications can override this method to
*
* @return the effective IssuerMatchingPolicy
*/
- const IssuerMatchingPolicy& getIssuerMatchingPolicy() const {
- return m_matchingPolicy ? *m_matchingPolicy : m_defaultMatching;
- }
+ const IssuerMatchingPolicy& getIssuerMatchingPolicy() const;
/**
* Sets the IssuerMatchingPolicy in effect. Setting no policy will
*
* @param matchingPolicy the IssuerMatchingPolicy to use
*/
- void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy) {
- delete m_matchingPolicy;
- m_matchingPolicy = matchingPolicy;
- }
+ void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy);
protected:
/** A shared matching object that just supports the default matching rules. */
{
MAKE_NONCOPYABLE(SecurityPolicyRule);
protected:
- SecurityPolicyRule() {}
+ SecurityPolicyRule();
public:
- virtual ~SecurityPolicyRule() {}
+ virtual ~SecurityPolicyRule();
/**
* Returns the rule's class/type.
XMLObjectBuilder::registerBuilder(xmltooling::QName(samlconstants::SAML20ECP_NS, RelayState), new AnyElementBuilder());
}
+MessageDecoder::MessageDecoder() : m_artifactResolver(NULL)
+{
+}
+
+MessageDecoder::~MessageDecoder()
+{
+}
+
bool MessageDecoder::isUserAgentPresent() const
{
return true;
}
+void MessageDecoder::setArtifactResolver(const ArtifactResolver* artifactResolver)
+{
+ m_artifactResolver = artifactResolver;
+}
+
+MessageDecoder::ArtifactResolver::ArtifactResolver()
+{
+}
+
+MessageDecoder::ArtifactResolver::~ArtifactResolver()
+{
+}
+
bool MessageDecoder::ArtifactResolver::isSupported(const SSODescriptorType& ssoDescriptor) const
{
EndpointManager<ArtifactResolutionService> mgr(ssoDescriptor.getArtifactResolutionServices());
conf.MessageEncoderManager.registerFactory(samlconstants::SAML20_BINDING_PAOS, saml2p::SAML2ECPEncoderFactory);
}
+MessageEncoder::MessageEncoder()
+{
+}
+
+MessageEncoder::~MessageEncoder()
+{
+}
+
bool MessageEncoder::isCompact() const
{
return false;
{
return true;
}
+
+MessageEncoder::ArtifactGenerator::ArtifactGenerator()
+{
+}
+
+MessageEncoder::ArtifactGenerator::~ArtifactGenerator()
+{
+}
const unsigned int SAMLArtifact::TYPECODE_LENGTH = 2;
+SAMLArtifact::SAMLArtifact()
+{
+}
+
+SAMLArtifact::~SAMLArtifact()
+{
+}
+
+SAMLArtifact::SAMLArtifact(const SAMLArtifact& src) : m_raw(src.m_raw)
+{
+}
+
// Basic constructor just decodes the string and saves it off.
// Subclasses will handle pulling it apart.
#include "binding/SecurityPolicy.h"
#include "binding/SOAPClient.h"
#include "saml2/metadata/Metadata.h"
+#include "saml2/metadata/MetadataCredentialCriteria.h"
#include "saml2/metadata/MetadataProvider.h"
#include <xmltooling/security/X509TrustEngine.h>
{
}
+SOAPClient::~SOAPClient()
+{
+}
+
+void SOAPClient::forceTransportAuthentication(bool force)
+{
+ m_force = force;
+}
+
void SOAPClient::send(const soap11::Envelope& env, const char* from, MetadataCredentialCriteria& to, const char* endpoint)
{
// Clear policy.
soap11::SOAPClient::reset();
m_policy.reset();
}
+
+SecurityPolicy& SOAPClient::getPolicy() const
+{
+ return m_policy;
+}
conf.SecurityPolicyRuleManager.registerFactory(DELEGATION_POLICY_RULE, saml2::DelegationRestrictionRuleFactory);
}
-SecurityPolicy::IssuerMatchingPolicy SecurityPolicy::m_defaultMatching;
+SecurityPolicyRule::SecurityPolicyRule()
+{
+}
+
+SecurityPolicyRule::~SecurityPolicyRule()
+{
+}
SecurityPolicy::SecurityPolicy(
const saml2md::MetadataProvider* metadataProvider,
delete m_issuer;
}
+const MetadataProvider* SecurityPolicy::getMetadataProvider() const
+{
+ return m_metadata;
+}
+
+MetadataProvider::Criteria& SecurityPolicy::getMetadataProviderCriteria() const
+{
+ if (!m_metadataCriteria)
+ m_metadataCriteria=new MetadataProvider::Criteria();
+ else
+ m_metadataCriteria->reset();
+ return *m_metadataCriteria;
+}
+
+const xmltooling::QName* SecurityPolicy::getRole() const
+{
+ return m_role;
+}
+
+const TrustEngine* SecurityPolicy::getTrustEngine() const
+{
+ return m_trust;
+}
+
+bool SecurityPolicy::getValidating() const
+{
+ return m_validate;
+}
+
+bool SecurityPolicy::requireEntityIssuer() const
+{
+ return m_entityOnly;
+}
+
+const vector<xstring>& SecurityPolicy::getAudiences() const
+{
+ return m_audiences;
+}
+
+vector<xstring>& SecurityPolicy::getAudiences()
+{
+ return m_audiences;
+}
+
+time_t SecurityPolicy::getTime() const
+{
+ if (m_ts == 0)
+ return m_ts = time(NULL);
+ return m_ts;
+}
+
+const XMLCh* SecurityPolicy::getCorrelationID() const
+{
+ return m_correlationID.c_str();
+}
+
+vector<const SecurityPolicyRule*>& SecurityPolicy::getRules()
+{
+ return m_rules;
+}
+
+void SecurityPolicy::setMetadataProvider(const MetadataProvider* metadata)
+{
+ m_metadata = metadata;
+}
+
+void SecurityPolicy::setMetadataProviderCriteria(MetadataProvider::Criteria* criteria)
+{
+ if (m_metadataCriteria)
+ delete m_metadataCriteria;
+ m_metadataCriteria=criteria;
+}
+
+void SecurityPolicy::setRole(const xmltooling::QName* role)
+{
+ delete m_role;
+ m_role = role ? new xmltooling::QName(*role) : NULL;
+}
+
+void SecurityPolicy::setTrustEngine(const TrustEngine* trust)
+{
+ m_trust = trust;
+}
+
+void SecurityPolicy::setValidating(bool validate)
+{
+ m_validate = validate;
+}
+
+void SecurityPolicy::requireEntityIssuer(bool entityOnly)
+{
+ m_entityOnly = entityOnly;
+}
+
+void SecurityPolicy::setTime(time_t ts)
+{
+ m_ts = ts;
+}
+
+void SecurityPolicy::setCorrelationID(const XMLCh* correlationID)
+{
+ m_correlationID.erase();
+ if (correlationID)
+ m_correlationID = correlationID;
+}
+
+void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request)
+{
+ for (vector<const SecurityPolicyRule*>::const_iterator i=m_rules.begin(); i!=m_rules.end(); ++i)
+ (*i)->evaluate(message,request,*this);
+}
+
void SecurityPolicy::reset(bool messageOnly)
{
_reset(messageOnly);
}
}
-void SecurityPolicy::setRole(const xmltooling::QName* role)
+const XMLCh* SecurityPolicy::getMessageID() const
{
- delete m_role;
- m_role = role ? new xmltooling::QName(*role) : NULL;
+ return m_messageID.c_str();
}
-MetadataProvider::Criteria& SecurityPolicy::getMetadataProviderCriteria() const
+time_t SecurityPolicy::getIssueInstant() const
{
- if (!m_metadataCriteria)
- m_metadataCriteria=new MetadataProvider::Criteria();
- else
- m_metadataCriteria->reset();
- return *m_metadataCriteria;
+ return m_issueInstant;
}
-void SecurityPolicy::setMetadataProviderCriteria(saml2md::MetadataProvider::Criteria* criteria)
+const Issuer* SecurityPolicy::getIssuer() const
{
- if (m_metadataCriteria)
- delete m_metadataCriteria;
- m_metadataCriteria=criteria;
+ return m_issuer;
}
-void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request)
+const RoleDescriptor* SecurityPolicy::getIssuerMetadata() const
{
- for (vector<const SecurityPolicyRule*>::const_iterator i=m_rules.begin(); i!=m_rules.end(); ++i)
- (*i)->evaluate(message,request,*this);
+ return m_issuerRole;
+}
+
+bool SecurityPolicy::isAuthenticated() const
+{
+ return m_authenticated;
+}
+
+void SecurityPolicy::setMessageID(const XMLCh* id)
+{
+ m_messageID.erase();
+ if (id)
+ m_messageID = id;
+}
+
+void SecurityPolicy::setIssueInstant(time_t issueInstant)
+{
+ m_issueInstant = issueInstant;
}
void SecurityPolicy::setIssuer(const Issuer* issuer)
m_issuerRole=issuerRole;
}
+void SecurityPolicy::setAuthenticated(bool auth)
+{
+ m_authenticated = auth;
+}
+
+SecurityPolicy::IssuerMatchingPolicy::IssuerMatchingPolicy()
+{
+}
+
+SecurityPolicy::IssuerMatchingPolicy::~IssuerMatchingPolicy()
+{
+}
+
bool SecurityPolicy::IssuerMatchingPolicy::issuerMatches(const Issuer* issuer1, const Issuer* issuer2) const
{
// NULL matches anything for the purposes of this interface.
return true;
}
+
+SecurityPolicy::IssuerMatchingPolicy SecurityPolicy::m_defaultMatching;
+
+const SecurityPolicy::IssuerMatchingPolicy& SecurityPolicy::getIssuerMatchingPolicy() const
+{
+ return m_matchingPolicy ? *m_matchingPolicy : m_defaultMatching;
+}
+
+void SecurityPolicy::setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy)
+{
+ delete m_matchingPolicy;
+ m_matchingPolicy = matchingPolicy;
+}
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* EncryptedKeyResolver.cpp
*
- * SAML-specific encrypted key resolver
+ * SAML-specific encrypted key resolver.
*/
#include "internal.h"
#include "saml2/core/Assertions.h"
using namespace xmlencryption;
+using opensaml::saml2::EncryptedElementType;
using namespace std;
+opensaml::EncryptedKeyResolver::EncryptedKeyResolver(const EncryptedElementType& ref) : m_ref(ref)
+{
+}
+
+opensaml::EncryptedKeyResolver::~EncryptedKeyResolver()
+{
+}
+
const EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(const EncryptedData& encryptedData, const XMLCh* recipient) const
{
const EncryptedKey* base = xmlencryption::EncryptedKeyResolver::resolveKey(encryptedData, recipient);
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/encryption/EncryptedKeyResolver.h
*
- * SAML-specific encrypted key resolver
+ * SAML-specific encrypted key resolver.
*/
#ifndef __saml_enckeyres_h__
*
* @param ref reference to encrypted element
*/
- EncryptedKeyResolver(const saml2::EncryptedElementType& ref) : m_ref(ref) {
- }
+ EncryptedKeyResolver(const saml2::EncryptedElementType& ref);
- virtual ~EncryptedKeyResolver() {}
+ virtual ~EncryptedKeyResolver();
const xmlencryption::EncryptedKey* resolveKey(const xmlencryption::EncryptedData& encryptedData, const XMLCh* recipient=NULL) const;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
class SAML_API SAML1MessageDecoder : public MessageDecoder
{
protected:
- SAML1MessageDecoder() {}
- virtual ~SAML1MessageDecoder() {}
+ SAML1MessageDecoder();
+ virtual ~SAML1MessageDecoder();
public:
void extractMessageDetails (
* @param soaper reference to SOAPClient object to use for call
* @param fatalSAMLErrors true iff a non-successful SAML Status code should be fatal
*/
- SAML1SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) {
- }
+ SAML1SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true);
- virtual ~SAML1SOAPClient() {
- xercesc::XMLString::release(&m_correlate);
- }
+ virtual ~SAML1SOAPClient();
/**
* Specialized method for sending SAML 1.x requests. The SOAP layer will be
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml1/binding/SAMLArtifactType0001.h
*
- * Type 0x0001 SAML 1.x artifact class
+ * Type 0x0001 SAML 1.x artifact class.
*/
#ifndef __saml_artifacttype0001_h__
*/
SAMLArtifactType0001(const std::string& sourceid, const std::string& handle);
- virtual ~SAMLArtifactType0001() {}
+ virtual ~SAMLArtifactType0001();
- virtual SAMLArtifactType0001* clone() const {
- return new SAMLArtifactType0001(*this);
- }
-
- virtual std::string getSource() const {
- return toHex(getSourceID());
- }
+ // Virtual function overrides.
+ SAMLArtifactType0001* clone() const;
+ std::string getSource() const;
+ std::string getMessageHandle() const;
/**
* Returns the binary data that identifies the source.
*
* @return the binary source ID
*/
- virtual std::string getSourceID() const {
- return m_raw.substr(TYPECODE_LENGTH,SOURCEID_LENGTH); // bytes 3-22
- }
+ virtual std::string getSourceID() const;
- virtual std::string getMessageHandle() const {
- return m_raw.substr(TYPECODE_LENGTH+SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 23-42
- }
-
- /** Length of source ID */
+ /** Length of source ID */
static const unsigned int SOURCEID_LENGTH;
- /** Length of assertion handle */
+ /** Length of assertion handle */
static const unsigned int HANDLE_LENGTH;
protected:
*
* @param src object to copy
*/
- SAMLArtifactType0001(const SAMLArtifactType0001& src) : SAMLArtifact(src) {}
+ SAMLArtifactType0001(const SAMLArtifactType0001& src);
};
};
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml1/binding/SAMLArtifactType0002.h
*
- * Type 0x0002 SAML 1.x artifact class
+ * Type 0x0002 SAML 1.x artifact class.
*/
#ifndef __saml_artifacttype0002_h__
*/
SAMLArtifactType0002(const std::string& sourceLocation, const std::string& handle);
- virtual ~SAMLArtifactType0002() {}
-
- virtual SAMLArtifactType0002* clone() const {
- return new SAMLArtifactType0002(*this);
- }
-
- virtual std::string getMessageHandle() const {
- return m_raw.substr(TYPECODE_LENGTH, HANDLE_LENGTH); // bytes 3-22
- }
+ virtual ~SAMLArtifactType0002();
+
+ // Virtual function overrides.
+ SAMLArtifactType0002* clone() const;
+ std::string getSource() const;
+ std::string getMessageHandle() const;
- virtual std::string getSource() const {
- return m_raw.c_str() + TYPECODE_LENGTH + HANDLE_LENGTH; // bytes 23-terminating null
- }
/** Length of assertion handle */
static const unsigned int HANDLE_LENGTH;
*
* @param src object to copy
*/
- SAMLArtifactType0002(const SAMLArtifactType0002& src) : SAMLArtifact(src) {}
+ SAMLArtifactType0002(const SAMLArtifactType0002& src);
};
};
*/
#include "internal.h"
-#include "exceptions.h"
#include "binding/SecurityPolicy.h"
#include "saml1/binding/SAML1MessageDecoder.h"
#include "saml1/core/Assertions.h"
using namespace xmltooling;
using namespace std;
+SAML1MessageDecoder::SAML1MessageDecoder()
+{
+}
+
+SAML1MessageDecoder::~SAML1MessageDecoder()
+{
+}
+
void SAML1MessageDecoder::extractMessageDetails(
const XMLObject& message, const GenericRequest& req, const XMLCh* protocol, SecurityPolicy& policy
) const
using namespace xmltooling;
using namespace std;
+SAML1SOAPClient::SAML1SOAPClient(opensaml::SOAPClient& soaper, bool fatalSAMLErrors) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL)
+{
+}
+
+SAML1SOAPClient::~SAML1SOAPClient()
+{
+ XMLString::release(&m_correlate);
+}
+
void SAML1SOAPClient::sendSAML(Request* request, const char* from, MetadataCredentialCriteria& to, const char* endpoint)
{
auto_ptr<Envelope> env(EnvelopeBuilder::buildEnvelope());
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAMLArtifactType0001.cpp
*
- * Type 0x0001 SAML 1.x artifact class
+ * Type 0x0001 SAML 1.x artifact class.
*/
#include "internal.h"
const unsigned int SAMLArtifactType0001::SOURCEID_LENGTH = 20;
const unsigned int SAMLArtifactType0001::HANDLE_LENGTH = 20;
+SAMLArtifactType0001::SAMLArtifactType0001(const SAMLArtifactType0001& src) : SAMLArtifact(src)
+{
+}
+
SAMLArtifactType0001::SAMLArtifactType0001(const char* s) : SAMLArtifact(s)
{
// The base class does the work, we just do the checking.
m_raw.append(sourceid,0,SOURCEID_LENGTH);
m_raw.append(handle,0,HANDLE_LENGTH);
}
+
+SAMLArtifactType0001::~SAMLArtifactType0001()
+{
+}
+
+SAMLArtifactType0001* SAMLArtifactType0001::clone() const
+{
+ return new SAMLArtifactType0001(*this);
+}
+
+string SAMLArtifactType0001::getSource() const
+{
+ return toHex(getSourceID());
+}
+
+string SAMLArtifactType0001::getSourceID() const
+{
+ return m_raw.substr(TYPECODE_LENGTH,SOURCEID_LENGTH); // bytes 3-22
+}
+
+string SAMLArtifactType0001::getMessageHandle() const
+{
+ return m_raw.substr(TYPECODE_LENGTH+SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 23-42
+}
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAMLArtifactType0002.cpp
*
- * Type 0x0002 SAML 1.x artifact class
+ * Type 0x0002 SAML 1.x artifact class.
*/
#include "internal.h"
const unsigned int SAMLArtifactType0002::HANDLE_LENGTH = 20;
+SAMLArtifactType0002::SAMLArtifactType0002(const SAMLArtifactType0002& src) : SAMLArtifact(src)
+{
+}
+
SAMLArtifactType0002::SAMLArtifactType0002(const char* s) : SAMLArtifact(s)
{
// The base class does the work, we just do the checking.
m_raw.append(handle,0,HANDLE_LENGTH);
m_raw+=sourceLocation;
}
+
+SAMLArtifactType0002::~SAMLArtifactType0002()
+{
+}
+
+SAMLArtifactType0002* SAMLArtifactType0002::clone() const
+{
+ return new SAMLArtifactType0002(*this);
+}
+
+string SAMLArtifactType0002::getMessageHandle() const
+{
+ return m_raw.substr(TYPECODE_LENGTH, HANDLE_LENGTH); // bytes 3-22
+}
+
+string SAMLArtifactType0002::getSource() const
+{
+ return m_raw.c_str() + TYPECODE_LENGTH + HANDLE_LENGTH; // bytes 23-terminating null
+}
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml1/profile/AssertionValidator.h
*
- * SAML 1.x basic assertion validator
+ * SAML 1.x basic assertion validator.
*/
#ifndef __saml1_assval_h__
#define __saml1_assval_h__
#include <saml/base.h>
+
+#include <ctime>
+#include <vector>
#include <xmltooling/validation/Validator.h>
namespace opensaml {
* @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
- : m_recipient(recipient), m_audiences(audiences), m_ts(ts) {
- }
+ AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0);
- virtual ~AssertionValidator() {}
+ virtual ~AssertionValidator();
void validate(const xmltooling::XMLObject* xmlObject) const;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml1/profile/BrowserSSOProfileValidator.h
*
- * SAML 1.x Browser SSO Profile Assertion Validator
+ * SAML 1.x Browser SSO Profile Assertion Validator.
*/
#ifndef __saml1_ssoval_h__
* @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
- : AssertionValidator(recipient, audiences, ts) {
- }
- virtual ~BrowserSSOProfileValidator() {}
+ BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0);
+
+ virtual ~BrowserSSOProfileValidator();
void validateAssertion(const Assertion& assertion) const;
};
using namespace xmltooling;
using namespace std;
+AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
+ : m_recipient(recipient), m_audiences(audiences), m_ts(ts)
+{
+}
+
+AssertionValidator::~AssertionValidator()
+{
+}
+
void AssertionValidator::validate(const xmltooling::XMLObject* xmlObject) const
{
const Assertion* a=dynamic_cast<const Assertion*>(xmlObject);
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* BrowserSSOProfileValidator.cpp
*
- * SAML 1.x Browser SSO Profile Assertion Validator
+ * SAML 1.x Browser SSO Profile Assertion Validator.
*/
#include "internal.h"
};
};
+BrowserSSOProfileValidator::BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences, time_t ts)
+ : AssertionValidator(recipient, audiences, ts)
+{
+}
+
+BrowserSSOProfileValidator::~BrowserSSOProfileValidator()
+{
+}
+
void BrowserSSOProfileValidator::validateAssertion(const Assertion& assertion) const
{
#ifdef _DEBUG
/**
* @file saml/saml2/binding/SAML2Artifact.h
*
- * Base class for SAML 2.0 artifacts
+ * Base class for SAML 2.0 artifacts.
*/
#ifndef __saml2_artifact_h__
namespace saml2p {
/**
- * Base class for SAML 2.0 artifacts
+ * Base class for SAML 2.0 artifacts.
*/
class SAML_API SAML2Artifact : public SAMLArtifact
{
SAML2Artifact& operator=(const SAML2Artifact& src);
public:
- virtual ~SAML2Artifact() {}
+ virtual ~SAML2Artifact();
/**
* Returns the endpoint index of the artifact.
static const unsigned int INDEX_LENGTH;
protected:
- SAML2Artifact() {}
+ SAML2Artifact();
/**
* Constructor.
*
* @param s raw artifact string
*/
- SAML2Artifact(const char* s) : SAMLArtifact(s) {}
+ SAML2Artifact(const char* s);
/**
* Copy constructor.
*
* @param src object to copy
*/
- SAML2Artifact(const SAML2Artifact& src) : SAMLArtifact(src) {}
+ SAML2Artifact(const SAML2Artifact& src);
};
};
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml2/binding/SAML2ArtifactType0004.h
*
- * Type 0x0004 SAML 2.0 artifact class
+ * Type 0x0004 SAML 2.0 artifact class.
*/
#ifndef __saml_artifacttype0004_h__
namespace saml2p {
/**
- * Type 0x0004 SAML 2.0 artifact class
+ * Type 0x0004 SAML 2.0 artifact class.
*/
class SAML_API SAML2ArtifactType0004 : public SAML2Artifact
{
*/
SAML2ArtifactType0004(const std::string& sourceid, int index, const std::string& handle);
- virtual ~SAML2ArtifactType0004() {}
+ virtual ~SAML2ArtifactType0004();
- virtual SAML2ArtifactType0004* clone() const {
- return new SAML2ArtifactType0004(*this);
- }
-
- virtual std::string getSource() const {
- return toHex(getSourceID());
- }
+ // Virtual function overrides.
+ SAML2ArtifactType0004* clone() const;
+ std::string getSource() const;
+ std::string getMessageHandle() const;
/**
* Returns the binary data that identifies the source.
*
* @return the binary source ID
*/
- virtual std::string getSourceID() const {
- return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH, SOURCEID_LENGTH); // bytes 5-24
- }
+ virtual std::string getSourceID() const;
- virtual std::string getMessageHandle() const {
- return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH + SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 25-44
- }
-
/** Length of source ID */
static const unsigned int SOURCEID_LENGTH;
*
* @param src object to copy
*/
- SAML2ArtifactType0004(const SAML2ArtifactType0004& src) : SAML2Artifact(src) {}
+ SAML2ArtifactType0004(const SAML2ArtifactType0004& src);
};
};
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <saml/binding/MessageDecoder.h>
namespace opensaml {
-
namespace saml2p {
/**
class SAML_API SAML2MessageDecoder : public MessageDecoder
{
protected:
- SAML2MessageDecoder() {}
- virtual ~SAML2MessageDecoder() {}
+ SAML2MessageDecoder();
+ virtual ~SAML2MessageDecoder();
public:
void extractMessageDetails (
* @param soaper reference to SOAPClient object to use for call
* @param fatalSAMLErrors true iff a non-successful SAML Status code should be fatal
*/
- SAML2SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) {
- }
+ SAML2SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true);
- virtual ~SAML2SOAPClient() {
- xercesc::XMLString::release(&m_correlate);
- }
+ virtual ~SAML2SOAPClient();
/**
* Specialized method for sending SAML 2.0 requests. The SOAP layer will be
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAML2Artifact.cpp
*
- * Base class for SAML 2.0 artifacts
+ * Base class for SAML 2.0 artifacts.
*/
#include "internal.h"
const unsigned int SAML2Artifact::INDEX_LENGTH = 2;
+SAML2Artifact::SAML2Artifact()
+{
+}
+
+SAML2Artifact::SAML2Artifact(const char* s) : SAMLArtifact(s)
+{
+}
+
+SAML2Artifact::SAML2Artifact(const SAML2Artifact& src) : SAMLArtifact(src)
+{
+}
+
+SAML2Artifact::~SAML2Artifact()
+{
+}
+
int SAML2Artifact::getEndpointIndex() const
{
int index=0;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* SAML2ArtifactType0004.cpp
*
- * Type 0x0004 SAML 2.0 artifact class
+ * Type 0x0004 SAML 2.0 artifact class.
*/
#include "internal.h"
m_raw.append(sourceid,0,SOURCEID_LENGTH);
m_raw.append(handle,0,HANDLE_LENGTH);
}
+
+SAML2ArtifactType0004::SAML2ArtifactType0004(const SAML2ArtifactType0004& src) : SAML2Artifact(src)
+{
+}
+
+SAML2ArtifactType0004::~SAML2ArtifactType0004()
+{
+}
+
+SAML2ArtifactType0004* SAML2ArtifactType0004::clone() const
+{
+ return new SAML2ArtifactType0004(*this);
+}
+
+string SAML2ArtifactType0004::getSource() const
+{
+ return toHex(getSourceID());
+}
+
+string SAML2ArtifactType0004::getSourceID() const
+{
+ return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH, SOURCEID_LENGTH); // bytes 5-24
+}
+
+string SAML2ArtifactType0004::getMessageHandle() const
+{
+ return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH + SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 25-44
+}
*/
#include "internal.h"
-#include "exceptions.h"
#include "binding/SecurityPolicy.h"
#include "saml2/binding/SAML2MessageDecoder.h"
#include "saml2/core/Protocols.h"
using namespace xmltooling;
using namespace std;
+SAML2MessageDecoder::SAML2MessageDecoder()
+{
+}
+
+SAML2MessageDecoder::~SAML2MessageDecoder()
+{
+}
+
void SAML2MessageDecoder::extractMessageDetails(
const XMLObject& message, const GenericRequest& request, const XMLCh* protocol, SecurityPolicy& policy
) const
using namespace xmltooling;
using namespace std;
+SAML2SOAPClient::SAML2SOAPClient(opensaml::SOAPClient& soaper, bool fatalSAMLErrors)
+ : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL)
+{
+}
+
+SAML2SOAPClient::~SAML2SOAPClient()
+{
+ XMLString::release(&m_correlate);
+}
+
void SAML2SOAPClient::sendSAML(RequestAbstractType* request, const char* from, MetadataCredentialCriteria& to, const char* endpoint)
{
auto_ptr<Envelope> env(EnvelopeBuilder::buildEnvelope());
#include <saml/saml2/metadata/ObservableMetadataProvider.h>
+#include <ctime>
+#include <map>
+#include <vector>
+#include <string>
+
namespace xmltooling {
class XMLTOOL_API Credential;
class XMLTOOL_API CredentialCriteria;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <saml/base.h>
+#include <vector>
+#include <xercesc/util/XMLString.hpp>
+
namespace opensaml {
namespace saml2md {
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*/
MetadataCredentialContext(const KeyDescriptor& descriptor);
- virtual ~MetadataCredentialContext() {}
+ virtual ~MetadataCredentialContext();
/**
* Return the KeyDescriptor associated with the credential.
*
* @return the associated KeyDescriptor
*/
- const KeyDescriptor& getKeyDescriptor() const {
- return m_descriptor;
- }
+ const KeyDescriptor& getKeyDescriptor() const;
private:
const KeyDescriptor& m_descriptor;
#define __saml2_metadatafilt_h__
namespace opensaml {
-
namespace saml2md {
/**
{
MAKE_NONCOPYABLE(MetadataFilter);
protected:
- MetadataFilter() {}
+ MetadataFilter();
public:
- virtual ~MetadataFilter() {}
+ virtual ~MetadataFilter();
/**
* Returns an identifying string for the filter.
#define __saml2_metadataprov_h__
#include <saml/base.h>
+
+#include <vector>
#include <xmltooling/exceptions.h>
#include <xmltooling/security/CredentialResolver.h>
*
* @param newFilter metadata filter to add
*/
- virtual void addMetadataFilter(MetadataFilter* newFilter) {
- m_filters.push_back(newFilter);
- }
+ virtual void addMetadataFilter(MetadataFilter* newFilter);
/**
* Removes a metadata filter. The caller must delete the filter if necessary.
* @param oldFilter metadata filter to remove
* @return the old filter
*/
- virtual MetadataFilter* removeMetadataFilter(MetadataFilter* oldFilter) {
- for (std::vector<MetadataFilter*>::iterator i=m_filters.begin(); i!=m_filters.end(); i++) {
- if (oldFilter==(*i)) {
- m_filters.erase(i);
- return oldFilter;
- }
- }
- return NULL;
- }
+ virtual MetadataFilter* removeMetadataFilter(MetadataFilter* oldFilter);
/**
* Should be called after instantiating provider and adding filters, but before
/**
* Default constructor.
*/
- Criteria() : entityID_unicode(NULL), entityID_ascii(NULL), artifact(NULL), role(NULL), protocol(NULL), protocol2(NULL), validOnly(true) {
- }
+ Criteria();
/**
* Constructor.
* @param prot protocol support constant, if any
* @param valid true iff stale metadata should be ignored
*/
- Criteria(const XMLCh* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true)
- : entityID_unicode(id), entityID_ascii(NULL), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) {
- }
+ Criteria(const XMLCh* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true);
/**
* Constructor.
* @param prot protocol support constant, if any
* @param valid true iff stale metadata should be ignored
*/
- Criteria(const char* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true)
- : entityID_unicode(NULL), entityID_ascii(id), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) {
- }
+ Criteria(const char* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true);
/**
* Constructor.
* @param prot protocol support constant, if any
* @param valid true iff stale metadata should be ignored
*/
- Criteria(const SAMLArtifact* a, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true)
- : entityID_unicode(NULL), entityID_ascii(NULL), artifact(a), role(q), protocol(prot), protocol2(NULL), validOnly(valid) {
- }
+ Criteria(const SAMLArtifact* a, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true);
- virtual ~Criteria() {}
+ virtual ~Criteria();
/**
* Restores the object to its default state.
*/
- virtual void reset() {
- entityID_unicode=NULL;
- entityID_ascii=NULL;
- artifact=NULL;
- role=NULL;
- protocol=NULL;
- protocol2=NULL;
- validOnly=true;
- }
+ virtual void reset();
/** Unique ID of entity. */
const XMLCh* entityID_unicode;
class SAML_API Observer {
MAKE_NONCOPYABLE(Observer);
protected:
- Observer() {}
+ Observer();
public:
- virtual ~Observer() {}
+ virtual ~Observer();
/**
* Called when a provider signals an event has occured.
: KeyInfoCredentialContext(descriptor.getKeyInfo()), m_descriptor(descriptor)
{
}
+
+MetadataCredentialContext::~MetadataCredentialContext()
+{
+}
+
+const KeyDescriptor& MetadataCredentialContext::getKeyDescriptor() const\r
+{\r
+ return m_descriptor;\r
+}\r
/**
* MetadataProvider.cpp
*
- * Registration of factories for built-in providers.
+ * Supplies an individual source of metadata.
*/
#include "internal.h"
for_each(m_filters.begin(),m_filters.end(),xmltooling::cleanup<MetadataFilter>());
}
+void MetadataProvider::addMetadataFilter(MetadataFilter* newFilter)
+{
+ m_filters.push_back(newFilter);
+}
+
+MetadataFilter* MetadataProvider::removeMetadataFilter(MetadataFilter* oldFilter)
+{
+ for (vector<MetadataFilter*>::iterator i=m_filters.begin(); i!=m_filters.end(); i++) {
+ if (oldFilter==(*i)) {
+ m_filters.erase(i);
+ return oldFilter;
+ }
+ }
+ return NULL;
+}
+
void MetadataProvider::doFilters(XMLObject& xmlObject) const
{
#ifdef _DEBUG
auto_ptr_char temp(name);
return getEntitiesDescriptor(temp.get(),strict);
}
+
+MetadataProvider::Criteria::Criteria()
+ : entityID_unicode(NULL), entityID_ascii(NULL), artifact(NULL), role(NULL), protocol(NULL), protocol2(NULL), validOnly(true)
+{
+}
+
+MetadataProvider::Criteria::Criteria(const XMLCh* id, const xmltooling::QName* q, const XMLCh* prot, bool valid)
+ : entityID_unicode(id), entityID_ascii(NULL), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid)
+{
+}
+
+MetadataProvider::Criteria::Criteria(const char* id, const xmltooling::QName* q, const XMLCh* prot, bool valid)
+ : entityID_unicode(NULL), entityID_ascii(id), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid)
+{
+}
+
+MetadataProvider::Criteria::Criteria(const SAMLArtifact* a, const xmltooling::QName* q, const XMLCh* prot, bool valid)
+ : entityID_unicode(NULL), entityID_ascii(NULL), artifact(a), role(q), protocol(prot), protocol2(NULL), validOnly(valid)
+{
+}
+
+MetadataProvider::Criteria::~Criteria()
+{
+}
+
+void MetadataProvider::Criteria::reset()
+{
+ entityID_unicode=NULL;
+ entityID_ascii=NULL;
+ artifact=NULL;
+ role=NULL;
+ protocol=NULL;
+ protocol2=NULL;
+ validOnly=true;
+}
+
+MetadataFilter::MetadataFilter()
+{
+}
+
+MetadataFilter::~MetadataFilter()
+{
+}
}
return NULL;
}
+
+ObservableMetadataProvider::Observer::Observer()
+{
+}
+
+ObservableMetadataProvider::Observer::~Observer()
+{
+}
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml2/profile/AssertionValidator.h
*
- * SAML 2.0 basic assertion validator
+ * SAML 2.0 basic assertion validator.
*/
#ifndef __saml2_assval_h__
#define __saml2_assval_h__
#include <saml/base.h>
+
+#include <ctime>
+#include <vector>
#include <xmltooling/validation/Validator.h>
namespace opensaml {
* @param audiences additional audience values
* @param ts timestamp to evaluate assertion conditions, or 0 to bypass check
*/
- AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0)
- : m_recipient(recipient), m_audiences(audiences), m_ts(ts) {
- }
+ AssertionValidator(const XMLCh* recipient, const std::vector<const XMLCh*>* audiences=NULL, time_t ts=0);
- virtual ~AssertionValidator() {}
+ virtual ~AssertionValidator();
void validate(const xmltooling::XMLObject* xmlObject) const;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* @file saml/saml2/profile/BrowserSSOProfileValidator.h
*
- * SAML 2.0 Browser SSO Profile Assertion Validator
+ * SAML 2.0 Browser SSO Profile Assertion Validator.
*/
#ifndef __saml2_ssoval_h__
#include <saml/saml2/profile/AssertionValidator.h>
-namespace opensaml {
+#include <xmltooling/unicode.h>
+namespace opensaml {
namespace saml2 {
/**
time_t ts=0,
const char* destination=NULL,
const char* requestID=NULL
- ) : AssertionValidator(recipient, audiences, ts), m_destination(destination), m_requestID(requestID) {
- }
- virtual ~BrowserSSOProfileValidator() {}
+ );
+
+ virtual ~BrowserSSOProfileValidator();
void validateAssertion(const Assertion& assertion) const;
*
* @return address information
*/
- const char* getAddress() const {
- return m_address.c_str();
- }
+ const char* getAddress() const;
protected:
/** Server location to which assertion was delivered. */
const xmltooling::QName* role=NULL,
const xmltooling::TrustEngine* trustEngine=NULL,
bool validate=true
- ) : SecurityPolicy(metadataProvider, role, trustEngine, validate) {
- }
+ );
- virtual ~SAML2AssertionPolicy() {}
+ virtual ~SAML2AssertionPolicy();
virtual void reset(bool messageOnly=false);
- void _reset(bool messageOnly=false) {
- m_confirmation = false;
- }
+ void _reset(bool messageOnly=false);
/**
* Returns the subject confirmation that was successfully accepted by the policy.
*
* @return a successfully evaluated SubjectConfirmation
*/
- const saml2::SubjectConfirmation* getSubjectConfirmation() const {
- return m_confirmation;
- }
+ const saml2::SubjectConfirmation* getSubjectConfirmation() const;
/**
* Sets the SubjectConfirmation that was successfully accepted by the policy.
*
* @param confirmation the successfully evaluated SubjectConfirmation
*/
- void setSubjectConfirmation(const saml2::SubjectConfirmation* confirmation) {
- m_confirmation = confirmation;
- }
+ void setSubjectConfirmation(const saml2::SubjectConfirmation* confirmation);
private:
const saml2::SubjectConfirmation* m_confirmation;
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
/**
* Assertion20Validator.cpp
*
- * SAML 2.0 basic assertion validator
+ * SAML 2.0 basic assertion validator.
*/
#include "internal.h"
using namespace xmltooling;
using namespace std;
+AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector<const XMLCh*>* audiences, time_t ts)
+ : m_recipient(recipient), m_audiences(audiences), m_ts(ts)
+{
+}
+
+AssertionValidator::~AssertionValidator()
+{
+}
+
void AssertionValidator::validate(const xmltooling::XMLObject* xmlObject) const
{
const Assertion* a=dynamic_cast<const Assertion*>(xmlObject);
using namespace xmltooling;
using namespace std;
+BrowserSSOProfileValidator::BrowserSSOProfileValidator(
+ const XMLCh* recipient,
+ const vector<const XMLCh*>* audiences,
+ time_t ts,
+ const char* destination,
+ const char* requestID
+ ) : AssertionValidator(recipient, audiences, ts), m_destination(destination), m_requestID(requestID)
+{
+}
+
+BrowserSSOProfileValidator::~BrowserSSOProfileValidator()
+{
+}
+
void BrowserSSOProfileValidator::validateAssertion(const Assertion& assertion) const
{
#ifdef _DEBUG
log.error(msg ? msg : "no error message");
throw ValidationException("Unable to locate satisfiable bearer SubjectConfirmation in assertion.");
}
+
+const char* BrowserSSOProfileValidator::getAddress() const
+{
+ return m_address.c_str();
+}
#include "internal.h"
#include "saml2/profile/SAML2AssertionPolicy.h"
+using namespace opensaml::saml2md;
using namespace opensaml::saml2;
using namespace opensaml;
+using namespace xmltooling;
+
+SAML2AssertionPolicy::SAML2AssertionPolicy(
+ const MetadataProvider* metadataProvider, const xmltooling::QName* role, const TrustEngine* trustEngine, bool validate
+ ) : SecurityPolicy(metadataProvider, role, trustEngine, validate)
+{
+}
+
+SAML2AssertionPolicy::~SAML2AssertionPolicy()
+{
+}
void SAML2AssertionPolicy::reset(bool messageOnly)
{
SecurityPolicy::reset(messageOnly);
SAML2AssertionPolicy::_reset(messageOnly);
}
+
+void SAML2AssertionPolicy::_reset(bool messageOnly)
+{
+ m_confirmation = false;
+}
+
+const SubjectConfirmation* SAML2AssertionPolicy::getSubjectConfirmation() const
+{
+ return m_confirmation;
+}
+
+void SAML2AssertionPolicy::setSubjectConfirmation(const SubjectConfirmation* confirmation)
+{
+ m_confirmation = confirmation;
+}
using namespace xmltooling;
using namespace std;
+ContentReference::ContentReference(const SignableObject& signableObject)
+ : m_signableObject(signableObject), m_digest(NULL), m_c14n(NULL)
+{
+}
+
+ContentReference::~ContentReference()
+{
+}
+
void ContentReference::createReferences(DSIGSignature* sig)
{
DSIGReference* ref=NULL;
#endif
}
+void ContentReference::setDigestAlgorithm(const XMLCh* digest)
+{
+ m_digest = digest;
+}
+
+void ContentReference::setCanonicalizationMethod(const XMLCh* c14n)
+{
+ m_c14n = c14n;
+}
+
void ContentReference::addPrefixes(const std::set<Namespace>& namespaces)
{
for (set<Namespace>::const_iterator n = namespaces.begin(); n!=namespaces.end(); ++n) {
*
* @param signableObject reference to object being signed
*/
- ContentReference(const SignableObject& signableObject)
- : m_signableObject(signableObject), m_digest(NULL), m_c14n(NULL) {
- }
+ ContentReference(const SignableObject& signableObject);
- virtual ~ContentReference() {}
+ virtual ~ContentReference();
/**
* Given a "blank" native signature, creates signature reference
*
* @param digest the digest algorithm
*/
- void setDigestAlgorithm(const XMLCh* digest) {
- m_digest = digest;
- }
+ void setDigestAlgorithm(const XMLCh* digest);
/**
* Sets the canonicalization method to include in the reference,
*
* @param c14n the canonicalization method
*/
- void setCanonicalizationMethod(const XMLCh* c14n) {
- m_c14n = c14n;
- }
+ void setCanonicalizationMethod(const XMLCh* c14n);
private:
void addPrefixes(const std::set<xmltooling::Namespace>& namespaces);
class SAML_API SignableObject : public virtual xmltooling::XMLObject
{
public:
- virtual ~SignableObject() {}
+ virtual ~SignableObject();
/**
* Returns the enveloped Signature from the object.
virtual void setSignature(xmlsignature::Signature* sig)=0;
protected:
- SignableObject() {}
+ SignableObject();
};
};
using namespace xmltooling;
using namespace std;
+SignatureProfileValidator::SignatureProfileValidator()
+{
+}
+
+SignatureProfileValidator::~SignatureProfileValidator()
+{
+}
+
void SignatureProfileValidator::validate(const XMLObject* xmlObject) const
{
const Signature* sigObj=dynamic_cast<const Signature*>(xmlObject);
class SAML_API SignatureProfileValidator : public virtual xmltooling::Validator
{
public:
- SignatureProfileValidator() {}
- virtual ~SignatureProfileValidator() {}
+ SignatureProfileValidator();
+ virtual ~SignatureProfileValidator();
void validate(const xmltooling::XMLObject* xmlObject) const;
}
}
+CommonDomainCookie::~CommonDomainCookie()
+{
+}
+
+const vector<string>& CommonDomainCookie::get() const
+{
+ return m_list;
+}
+
const char* CommonDomainCookie::set(const char* entityID)
{
// First scan the list for this IdP.
/*
- * Copyright 2001-2007 Internet2
+ * Copyright 2001-2009 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*/
CommonDomainCookie(const char* cookie);
- ~CommonDomainCookie() {}
+ ~CommonDomainCookie();
/**
* Returns list of IdPs stored in cookie.
*
* @return reference to vector of entityIDs
*/
- const std::vector<std::string>& get() const {
- return m_list;
- }
+ const std::vector<std::string>& get() const;
/**
* Adds/moves an IdP to the front of the list.