From b3aabf197d42b5766d2abcd745a66e3f6e00b7a2 Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Wed, 12 Jul 2006 03:57:38 +0000 Subject: [PATCH] Port Java provider API, fix to protocol support check. --- saml/saml2/metadata/Metadata.h | 12 +++++ saml/saml2/metadata/MetadataProvider.h | 16 +++++-- .../metadata/impl/FilesystemMetadataProvider.cpp | 23 +++++----- saml/saml2/metadata/impl/MetadataImpl.cpp | 52 +++++++++++++++++++++- samltest/saml2/metadata/.gitignore | 1 + .../metadata/FilesystemMetadataProviderTest.h | 9 +++- 6 files changed, 95 insertions(+), 18 deletions(-) create mode 100644 samltest/saml2/metadata/.gitignore diff --git a/saml/saml2/metadata/Metadata.h b/saml/saml2/metadata/Metadata.h index 2b4ca15..2fc3e8c 100644 --- a/saml/saml2/metadata/Metadata.h +++ b/saml/saml2/metadata/Metadata.h @@ -326,6 +326,18 @@ namespace opensaml { DECL_TYPED_CHILDREN(AuthnAuthorityDescriptor); DECL_TYPED_CHILDREN(AttributeAuthorityDescriptor); DECL_TYPED_CHILDREN(PDPDescriptor); + /** Finds an IDP role supporting a given protocol. */ + virtual const IDPSSODescriptor* getIDPSSODescriptor(const XMLCh* protocol) const=0; + /** Finds an SP role supporting a given protocol. */ + virtual const SPSSODescriptor* getSPSSODescriptor(const XMLCh* protocol) const=0; + /** Finds an Authn Authority role supporting a given protocol. */ + virtual const AuthnAuthorityDescriptor* getAuthnAuthorityDescriptor(const XMLCh* protocol) const=0; + /** Finds an Attribute Authority role supporting a given protocol. */ + virtual const AttributeAuthorityDescriptor* getAttributeAuthorityDescriptor(const XMLCh* protocol) const=0; + /** Finds a PDP role supporting a given protocol. */ + virtual const PDPDescriptor* getPDPDescriptor(const XMLCh* protocol) const=0; + /** Finds an extension role supporting a given protocol. */ + virtual const RoleDescriptor* getRoleDescriptor(xmltooling::QName& qname, const XMLCh* protocol) const=0; /** EntityDescriptorType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; diff --git a/saml/saml2/metadata/MetadataProvider.h b/saml/saml2/metadata/MetadataProvider.h index eac8ea6..3f5f814 100644 --- a/saml/saml2/metadata/MetadataProvider.h +++ b/saml/saml2/metadata/MetadataProvider.h @@ -78,6 +78,14 @@ namespace opensaml { virtual void init()=0; /** + * Gets the entire metadata tree, after the registered filter has been applied. + * The caller MUST unlock the provider when finished with the data. + * + * @return the entire metadata tree + */ + virtual const xmltooling::XMLObject* getMetadata() const=0; + + /** * Gets the metadata for a given entity. If a valid entity is returned, * the provider will be left in a locked state. The caller MUST unlock the * provider when finished with the entity. @@ -87,7 +95,7 @@ namespace opensaml { * * @return the entity's metadata or NULL if there is no metadata or no valid metadata */ - virtual const EntityDescriptor* lookup(const XMLCh* id, bool requireValidMetadata=true) const=0; + virtual const EntityDescriptor* getEntityDescriptor(const XMLCh* id, bool requireValidMetadata=true) const=0; /** * Gets the metadata for a given entity. If a valid entity is returned, @@ -99,7 +107,7 @@ namespace opensaml { * * @return the entity's metadata or NULL if there is no metadata or no valid metadata */ - virtual const EntityDescriptor* lookup(const char* id, bool requireValidMetadata=true) const=0; + virtual const EntityDescriptor* getEntityDescriptor(const char* id, bool requireValidMetadata=true) const=0; /** * Gets the metadata for a given group of entities. If a valid group is returned, @@ -111,7 +119,7 @@ namespace opensaml { * * @return the group's metadata or NULL if there is no metadata or no valid metadata */ - virtual const EntitiesDescriptor* lookupGroup(const XMLCh* name, bool requireValidMetadata=true) const=0; + virtual const EntitiesDescriptor* getEntitiesDescriptor(const XMLCh* name, bool requireValidMetadata=true) const=0; /** * Gets the metadata for a given group of entities. If a valid group is returned, @@ -123,7 +131,7 @@ namespace opensaml { * * @return the group's metadata or NULL if there is no metadata or no valid metadata */ - virtual const EntitiesDescriptor* lookupGroup(const char* name, bool requireValidMetadata=true) const=0; + virtual const EntitiesDescriptor* getEntitiesDescriptor(const char* name, bool requireValidMetadata=true) const=0; protected: MetadataFilter* m_filter; diff --git a/saml/saml2/metadata/impl/FilesystemMetadataProvider.cpp b/saml/saml2/metadata/impl/FilesystemMetadataProvider.cpp index dc264d6..3026a32 100644 --- a/saml/saml2/metadata/impl/FilesystemMetadataProvider.cpp +++ b/saml/saml2/metadata/impl/FilesystemMetadataProvider.cpp @@ -55,10 +55,13 @@ namespace opensaml { void init(); - const EntityDescriptor* lookup(const XMLCh* id, bool requireValidMetadata=true) const; - const EntityDescriptor* lookup(const char* id, bool requireValidMetadata=true) const; - const EntitiesDescriptor* lookupGroup(const XMLCh* name, bool requireValidMetadata=true) const; - const EntitiesDescriptor* lookupGroup(const char* name, bool requireValidMetadata=true) const; + const EntityDescriptor* getEntityDescriptor(const XMLCh* id, bool requireValidMetadata=true) const; + const EntityDescriptor* getEntityDescriptor(const char* id, bool requireValidMetadata=true) const; + const EntitiesDescriptor* getEntitiesDescriptor(const XMLCh* name, bool requireValidMetadata=true) const; + const EntitiesDescriptor* getEntitiesDescriptor(const char* name, bool requireValidMetadata=true) const; + const XMLObject* getMetadata() const { + return m_object; + } private: XMLObject* load() const; @@ -306,7 +309,7 @@ void FilesystemMetadataProvider::index(EntitiesDescriptor* group, time_t validUn index(*j,group->getValidUntilEpoch()); } -const EntitiesDescriptor* FilesystemMetadataProvider::lookupGroup(const char* name, bool strict) const +const EntitiesDescriptor* FilesystemMetadataProvider::getEntitiesDescriptor(const char* name, bool strict) const { pair range=m_groups.equal_range(name); @@ -321,13 +324,13 @@ const EntitiesDescriptor* FilesystemMetadataProvider::lookupGroup(const char* na return NULL; } -const EntitiesDescriptor* FilesystemMetadataProvider::lookupGroup(const XMLCh* name, bool strict) const +const EntitiesDescriptor* FilesystemMetadataProvider::getEntitiesDescriptor(const XMLCh* name, bool strict) const { auto_ptr_char temp(name); - return lookupGroup(temp.get(),strict); + return getEntitiesDescriptor(temp.get(),strict); } -const EntityDescriptor* FilesystemMetadataProvider::lookup(const char* name, bool strict) const +const EntityDescriptor* FilesystemMetadataProvider::getEntityDescriptor(const char* name, bool strict) const { pair range=m_sites.equal_range(name); @@ -342,8 +345,8 @@ const EntityDescriptor* FilesystemMetadataProvider::lookup(const char* name, boo return NULL; } -const EntityDescriptor* FilesystemMetadataProvider::lookup(const XMLCh* name, bool strict) const +const EntityDescriptor* FilesystemMetadataProvider::getEntityDescriptor(const XMLCh* name, bool strict) const { auto_ptr_char temp(name); - return lookup(temp.get(),strict); + return getEntityDescriptor(temp.get(),strict); } diff --git a/saml/saml2/metadata/impl/MetadataImpl.cpp b/saml/saml2/metadata/impl/MetadataImpl.cpp index 23cd26d..e853b65 100644 --- a/saml/saml2/metadata/impl/MetadataImpl.cpp +++ b/saml/saml2/metadata/impl/MetadataImpl.cpp @@ -1005,10 +1005,10 @@ namespace opensaml { // See if rest of protocol string is present. if (0==XMLString::compareNString(m_ProtocolSupportEnumeration+index+1,protocol+1,len-1)) { // Only possible match is if it's the last character or a space comes after it. - if (m_ProtocolSupportEnumeration[index+len+1]==chNull || m_ProtocolSupportEnumeration[index+len+1]==chSpace) + if (m_ProtocolSupportEnumeration[index+len]==chNull || m_ProtocolSupportEnumeration[index+len]==chSpace) return true; else - pos=index+len+1; + pos=index+len; } else { // Move past last search and start again. @@ -2066,6 +2066,54 @@ namespace opensaml { AbstractAttributeExtensibleXMLObject::setAttribute(qualifiedName, value); } + const IDPSSODescriptor* getIDPSSODescriptor(const XMLCh* protocol) const { + for (vector::const_iterator i=m_IDPSSODescriptors.begin(); i!=m_IDPSSODescriptors.end(); i++) { + if ((*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + + const SPSSODescriptor* getSPSSODescriptor(const XMLCh* protocol) const { + for (vector::const_iterator i=m_SPSSODescriptors.begin(); i!=m_SPSSODescriptors.end(); i++) { + if ((*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + + const AuthnAuthorityDescriptor* getAuthnAuthorityDescriptor(const XMLCh* protocol) const { + for (vector::const_iterator i=m_AuthnAuthorityDescriptors.begin(); i!=m_AuthnAuthorityDescriptors.end(); i++) { + if ((*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + + const AttributeAuthorityDescriptor* getAttributeAuthorityDescriptor(const XMLCh* protocol) const { + for (vector::const_iterator i=m_AttributeAuthorityDescriptors.begin(); i!=m_AttributeAuthorityDescriptors.end(); i++) { + if ((*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + + const PDPDescriptor* getPDPDescriptor(const XMLCh* protocol) const { + for (vector::const_iterator i=m_PDPDescriptors.begin(); i!=m_PDPDescriptors.end(); i++) { + if ((*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + + const RoleDescriptor* getRoleDescriptor(xmltooling::QName& qname, const XMLCh* protocol) const { + for (vector::const_iterator i=m_RoleDescriptors.begin(); i!=m_RoleDescriptors.end(); i++) { + if ((*i)->getSchemaType() && qname==(*((*i)->getSchemaType())) && (*i)->hasSupport(protocol) && (*i)->isValid()) + return (*i); + } + return NULL; + } + protected: void marshallAttributes(DOMElement* domElement) const { MARSHALL_ID_ATTRIB(ID,ID,NULL); diff --git a/samltest/saml2/metadata/.gitignore b/samltest/saml2/metadata/.gitignore new file mode 100644 index 0000000..e16b497 --- /dev/null +++ b/samltest/saml2/metadata/.gitignore @@ -0,0 +1 @@ +/*.cpp diff --git a/samltest/saml2/metadata/FilesystemMetadataProviderTest.h b/samltest/saml2/metadata/FilesystemMetadataProviderTest.h index 0ba7c17..049ab31 100644 --- a/samltest/saml2/metadata/FilesystemMetadataProviderTest.h +++ b/samltest/saml2/metadata/FilesystemMetadataProviderTest.h @@ -22,12 +22,14 @@ using namespace opensaml::saml2md; class FilesystemMetadataProviderTest : public CxxTest::TestSuite, public SAMLObjectBaseTestCase { XMLCh* entityID; XMLCh* supportedProtocol; + XMLCh* supportedProtocol2; MetadataProvider* metadataProvider; public: void setUp() { entityID=XMLString::transcode("urn:mace:incommon:washington.edu"); supportedProtocol=XMLString::transcode("urn:oasis:names:tc:SAML:1.1:protocol"); + supportedProtocol2=XMLString::transcode("urn:mace:shibboleth:1.0"); auto_ptr_XMLCh MP("MetadataProvider"); auto_ptr_XMLCh path("path"); @@ -53,11 +55,14 @@ public: SAMLObjectBaseTestCase::tearDown(); } - void testGetEntityDescriptor() { + void testEntityDescriptor() { Locker locker(metadataProvider); - const EntityDescriptor* descriptor = metadataProvider->lookup(entityID); + const EntityDescriptor* descriptor = metadataProvider->getEntityDescriptor(entityID); TSM_ASSERT("Retrieved entity descriptor was null", descriptor!=NULL); assertEquals("Entity's ID does not match requested ID", entityID, descriptor->getEntityID()); + TSM_ASSERT_EQUALS("Unexpected number of roles", 1, descriptor->getIDPSSODescriptors().size()); + TSM_ASSERT("Role lookup failed", descriptor->getIDPSSODescriptor(supportedProtocol)!=NULL); + TSM_ASSERT("Role lookup failed", descriptor->getIDPSSODescriptor(supportedProtocol2)!=NULL); } }; -- 2.1.4