From d8a4f024b89272eae00618fc39e6127b6c191edd Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Tue, 13 Oct 2009 21:05:40 +0000 Subject: [PATCH] Reducing header overuse, non-inlining selected methods (CPPOST-35). --- saml/Assertion.h | 4 +- saml/RootObject.h | 6 +- saml/SAMLConfig.cpp | 41 ++++- saml/SAMLConfig.h | 8 +- saml/binding/ArtifactMap.h | 3 + saml/binding/MessageDecoder.h | 12 +- saml/binding/MessageEncoder.h | 8 +- saml/binding/SAMLArtifact.h | 7 +- saml/binding/SOAPClient.h | 15 +- saml/binding/SecurityPolicy.h | 115 +++---------- saml/binding/SecurityPolicyRule.h | 4 +- saml/binding/impl/MessageDecoder.cpp | 21 +++ saml/binding/impl/MessageEncoder.cpp | 16 ++ saml/binding/impl/SAMLArtifact.cpp | 12 ++ saml/binding/impl/SOAPClient.cpp | 15 ++ saml/binding/impl/SecurityPolicy.cpp | 187 +++++++++++++++++++-- saml/encryption/EncryptedKeyResolver.cpp | 13 +- saml/encryption/EncryptedKeyResolver.h | 9 +- saml/saml1/binding/SAML1MessageDecoder.h | 6 +- saml/saml1/binding/SAML1SOAPClient.h | 7 +- saml/saml1/binding/SAMLArtifactType0001.h | 31 ++-- saml/saml1/binding/SAMLArtifactType0002.h | 24 +-- saml/saml1/binding/impl/SAML1MessageDecoder.cpp | 9 +- saml/saml1/binding/impl/SAML1SOAPClient.cpp | 9 + saml/saml1/binding/impl/SAMLArtifactType0001.cpp | 32 +++- saml/saml1/binding/impl/SAMLArtifactType0002.cpp | 27 ++- saml/saml1/profile/AssertionValidator.h | 13 +- saml/saml1/profile/BrowserSSOProfileValidator.h | 11 +- saml/saml1/profile/impl/AssertionValidator.cpp | 9 + .../profile/impl/BrowserSSOProfileValidator.cpp | 13 +- saml/saml2/binding/SAML2Artifact.h | 12 +- saml/saml2/binding/SAML2ArtifactType0004.h | 29 ++-- saml/saml2/binding/SAML2MessageDecoder.h | 7 +- saml/saml2/binding/SAML2SOAPClient.h | 7 +- saml/saml2/binding/impl/SAML2Artifact.cpp | 20 ++- saml/saml2/binding/impl/SAML2ArtifactType0004.cpp | 32 +++- saml/saml2/binding/impl/SAML2MessageDecoder.cpp | 9 +- saml/saml2/binding/impl/SAML2SOAPClient.cpp | 10 ++ saml/saml2/metadata/AbstractMetadataProvider.h | 5 + saml/saml2/metadata/EndpointManager.h | 5 +- saml/saml2/metadata/MetadataCredentialContext.h | 8 +- saml/saml2/metadata/MetadataFilter.h | 5 +- saml/saml2/metadata/MetadataProvider.h | 43 ++--- saml/saml2/metadata/ObservableMetadataProvider.h | 4 +- .../metadata/impl/MetadataCredentialContext.cpp | 9 + saml/saml2/metadata/impl/MetadataProvider.cpp | 61 ++++++- .../metadata/impl/ObservableMetadataProvider.cpp | 8 + saml/saml2/profile/AssertionValidator.h | 13 +- saml/saml2/profile/BrowserSSOProfileValidator.h | 17 +- saml/saml2/profile/SAML2AssertionPolicy.h | 17 +- saml/saml2/profile/impl/Assertion20Validator.cpp | 13 +- .../profile/impl/BrowserSSOProfile20Validator.cpp | 19 +++ saml/saml2/profile/impl/SAML2AssertionPolicy.cpp | 27 +++ saml/signature/ContentReference.cpp | 19 +++ saml/signature/ContentReference.h | 14 +- saml/signature/SignableObject.h | 4 +- saml/signature/SignatureProfileValidator.cpp | 8 + saml/signature/SignatureProfileValidator.h | 4 +- saml/util/CommonDomainCookie.cpp | 9 + saml/util/CommonDomainCookie.h | 8 +- 60 files changed, 792 insertions(+), 341 deletions(-) diff --git a/saml/Assertion.h b/saml/Assertion.h index dd29488..c9fdef9 100644 --- a/saml/Assertion.h +++ b/saml/Assertion.h @@ -34,9 +34,9 @@ namespace opensaml { class SAML_API Assertion : public virtual RootObject { public: - virtual ~Assertion() {} + virtual ~Assertion(); protected: - Assertion() {} + Assertion(); }; }; diff --git a/saml/RootObject.h b/saml/RootObject.h index d0a459b..2c79f64 100644 --- a/saml/RootObject.h +++ b/saml/RootObject.h @@ -17,7 +17,7 @@ /** * @file saml/RootObject.h * - * Base class for SAML objects at the root of core schemas + * Base class for SAML objects at the root of core schemas. */ #ifndef __saml_root_h__ @@ -38,7 +38,7 @@ namespace opensaml { class SAML_API RootObject : public SignableObject { public: - virtual ~RootObject() {} + virtual ~RootObject(); /** * Returns the unique SAML ID of the object. @@ -62,7 +62,7 @@ namespace opensaml { virtual time_t getIssueInstantEpoch() const=0; protected: - RootObject() {} + RootObject(); }; }; diff --git a/saml/SAMLConfig.cpp b/saml/SAMLConfig.cpp index f5082b8..66f8b8a 100644 --- a/saml/SAMLConfig.cpp +++ b/saml/SAMLConfig.cpp @@ -1,6 +1,6 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ /** * SAMLConfig.cpp * - * Library configuration + * Library configuration. */ #include "internal.h" @@ -103,6 +103,19 @@ SAMLInternalConfig& SAMLInternalConfig::getInternalConfig() return g_config; } +SAMLConfig::SAMLConfig() : m_artifactMap(NULL) +{ +} + +SAMLConfig::~SAMLConfig() +{ +} + +ArtifactMap* SAMLConfig::getArtifactMap() const +{ + return m_artifactMap; +} + void SAMLConfig::setArtifactMap(ArtifactMap* artifactMap) { delete m_artifactMap; @@ -229,6 +242,30 @@ string SAMLInternalConfig::hashSHA1(const char* s, bool toHex) throw XMLSecurityException("Unable to generate SHA-1 hash."); } +SignableObject::SignableObject() +{ +} + +SignableObject::~SignableObject() +{ +} + +RootObject::RootObject() +{ +} + +RootObject::~RootObject() +{ +} + +Assertion::Assertion() +{ +} + +Assertion::~Assertion() +{ +} + using namespace saml2p; using namespace saml2md; diff --git a/saml/SAMLConfig.h b/saml/SAMLConfig.h index 97d1bbf..dc342e6 100644 --- a/saml/SAMLConfig.h +++ b/saml/SAMLConfig.h @@ -58,7 +58,7 @@ namespace opensaml { { MAKE_NONCOPYABLE(SAMLConfig); public: - virtual ~SAMLConfig() {} + virtual ~SAMLConfig(); /** * Returns the global configuration object for the library. @@ -106,9 +106,7 @@ namespace opensaml { * * @return global ArtifactMap or NULL */ - ArtifactMap* getArtifactMap() const { - return m_artifactMap; - } + ArtifactMap* getArtifactMap() const; /** * Generate random information using the underlying security library @@ -163,7 +161,7 @@ namespace opensaml { xmltooling::PluginManager MetadataFilterManager; protected: - SAMLConfig() : m_artifactMap(NULL) {} + SAMLConfig(); /** Global ArtifactMap instance for use by artifact-related functions. */ ArtifactMap* m_artifactMap; diff --git a/saml/binding/ArtifactMap.h b/saml/binding/ArtifactMap.h index c6a513d..8a84ee5 100644 --- a/saml/binding/ArtifactMap.h +++ b/saml/binding/ArtifactMap.h @@ -25,6 +25,9 @@ #include +#include +#include + namespace xmltooling { class XMLTOOL_API StorageService; class XMLTOOL_API XMLObject; diff --git a/saml/binding/MessageDecoder.h b/saml/binding/MessageDecoder.h index 837eca0..986338e 100644 --- a/saml/binding/MessageDecoder.h +++ b/saml/binding/MessageDecoder.h @@ -58,7 +58,7 @@ namespace opensaml { { MAKE_NONCOPYABLE(MessageDecoder); public: - virtual ~MessageDecoder() {} + virtual ~MessageDecoder(); /** * Indicates whether a web browser or similar user agent delivered the message. @@ -81,10 +81,10 @@ namespace opensaml { class SAML_API ArtifactResolver { MAKE_NONCOPYABLE(ArtifactResolver); protected: - ArtifactResolver() {} + ArtifactResolver(); public: - virtual ~ArtifactResolver() {} + virtual ~ArtifactResolver(); /** * Resolves one or more SAML 1.x artifacts into a response containing a set of @@ -136,9 +136,7 @@ namespace opensaml { * * @param artifactResolver an ArtifactResolver implementation to use */ - void setArtifactResolver(const ArtifactResolver* artifactResolver) { - m_artifactResolver = artifactResolver; - } + void setArtifactResolver(const ArtifactResolver* artifactResolver); /** * Decodes a transport request into a SAML protocol message, and evaluates it @@ -161,7 +159,7 @@ namespace opensaml { ) const=0; protected: - MessageDecoder() : m_artifactResolver(NULL) {} + MessageDecoder(); /** Pointer to an ArtifactResolver implementation. */ const ArtifactResolver* m_artifactResolver; diff --git a/saml/binding/MessageEncoder.h b/saml/binding/MessageEncoder.h index eb2db16..8ee13a8 100644 --- a/saml/binding/MessageEncoder.h +++ b/saml/binding/MessageEncoder.h @@ -48,7 +48,7 @@ namespace opensaml { { MAKE_NONCOPYABLE(MessageEncoder); public: - virtual ~MessageEncoder() {} + virtual ~MessageEncoder(); /** * Indicates whether the encoding format requires that messages be as compact as possible. @@ -77,9 +77,9 @@ namespace opensaml { class SAML_API ArtifactGenerator { MAKE_NONCOPYABLE(ArtifactGenerator); protected: - ArtifactGenerator() {} + ArtifactGenerator(); public: - virtual ~ArtifactGenerator() {} + virtual ~ArtifactGenerator(); /** * Generate a SAML 1.x artifact suitable for consumption by the relying party. @@ -133,7 +133,7 @@ namespace opensaml { ) const=0; protected: - MessageEncoder() {} + MessageEncoder(); }; /** diff --git a/saml/binding/SAMLArtifact.h b/saml/binding/SAMLArtifact.h index 9e7aa0d..f97926b 100644 --- a/saml/binding/SAMLArtifact.h +++ b/saml/binding/SAMLArtifact.h @@ -26,6 +26,7 @@ #include #include +#include namespace opensaml { @@ -36,7 +37,7 @@ namespace opensaml { { SAMLArtifact& operator=(const SAMLArtifact& src); public: - virtual ~SAMLArtifact() {} + virtual ~SAMLArtifact(); /** * Returns artifact encoded into null-terminated base64 for transmission. @@ -122,7 +123,7 @@ namespace opensaml { static std::string toHex(const std::string& s); protected: - SAMLArtifact() {} + SAMLArtifact(); /** * Decodes a base64-encoded artifact into its raw form. @@ -131,7 +132,7 @@ namespace opensaml { */ SAMLArtifact(const char* s); - SAMLArtifact(const SAMLArtifact& src) : m_raw(src.m_raw) {} + SAMLArtifact(const SAMLArtifact& src); /** Raw binary data that makes up an artifact. */ std::string m_raw; diff --git a/saml/binding/SOAPClient.h b/saml/binding/SOAPClient.h index 3fc9fd1..0941a6c 100644 --- a/saml/binding/SOAPClient.h +++ b/saml/binding/SOAPClient.h @@ -23,13 +23,16 @@ #ifndef __saml_soap11client_h__ #define __saml_soap11client_h__ -#include +#include #include namespace opensaml { class SAML_API SecurityPolicy; + namespace saml2md { + class SAML_API MetadataCredentialCriteria; + }; /** * Specialized SOAPClient for SAML SOAP bindings. @@ -44,7 +47,7 @@ namespace opensaml { */ SOAPClient(SecurityPolicy& policy); - virtual ~SOAPClient() {} + virtual ~SOAPClient(); /** * Controls whether to force transport/peer authentication via an X509TrustEngine. @@ -53,9 +56,7 @@ namespace opensaml { * * @param force true iff the client should refuse to communicate without this protection */ - void forceTransportAuthentication(bool force=true) { - m_force = force; - } + void forceTransportAuthentication(bool force=true); using soap11::SOAPClient::send; @@ -85,9 +86,7 @@ namespace opensaml { * * @return the associated SecurityPolicy */ - SecurityPolicy& getPolicy() const { - return m_policy; - } + SecurityPolicy& getPolicy() const; protected: /** diff --git a/saml/binding/SecurityPolicy.h b/saml/binding/SecurityPolicy.h index 670b47e..ed6bdae 100644 --- a/saml/binding/SecurityPolicy.h +++ b/saml/binding/SecurityPolicy.h @@ -83,9 +83,7 @@ namespace opensaml { * * @return the supplied MetadataProvider or NULL */ - const saml2md::MetadataProvider* getMetadataProvider() const { - return m_metadata; - } + const saml2md::MetadataProvider* getMetadataProvider() const; /** * Returns a reference to a MetadataProvider::Criteria instance suitable for use with the @@ -103,65 +101,49 @@ namespace opensaml { * * @return the peer role element/type, or an empty QName */ - const xmltooling::QName* getRole() const { - return m_role; - } + const xmltooling::QName* getRole() const; /** * Returns the TrustEngine supplied to the policy. * * @return the supplied TrustEngine or NULL */ - const xmltooling::TrustEngine* getTrustEngine() const { - return m_trust; - } + const xmltooling::TrustEngine* getTrustEngine() const; /** * Returns XML message validation setting. * * @return validation flag */ - bool getValidating() const { - return m_validate; - } + bool getValidating() const; /** * Returns flag controlling non-entity issuer support. * * @return flag controlling non-entity issuer support */ - bool requireEntityIssuer() const { - return m_entityOnly; - } + bool requireEntityIssuer() const; /** * Returns the SAML audiences that represent the receiving peer. * * @return audience values of the peer processing the message */ - const std::vector& getAudiences() const { - return m_audiences; - } + const std::vector& getAudiences() const; /** * Returns the SAML audiences that represent the receiving peer. * * @return audience values of the peer processing the message */ - std::vector& getAudiences() { - return m_audiences; - } + std::vector& getAudiences(); /** * Gets the effective time of message processing. * * @return the time at which the message is being processed */ - time_t getTime() const { - if (m_ts == 0) - return m_ts = time(NULL); - return m_ts; - } + time_t getTime() const; /** * Returns the message identifier to which the message being evaluated @@ -169,9 +151,7 @@ namespace opensaml { * * @return correlated message identifier */ - const XMLCh* getCorrelationID() const { - return m_correlationID.c_str(); - } + const XMLCh* getCorrelationID() const; /** * Gets a mutable array of installed policy rules. @@ -180,18 +160,14 @@ namespace opensaml { * * @return mutable array of rules */ - std::vector& getRules() { - return m_rules; - } + std::vector& getRules(); /** * Sets a locked MetadataProvider for the policy. * * @param metadata a locked MetadataProvider or NULL */ - void setMetadataProvider(const saml2md::MetadataProvider* metadata) { - m_metadata = metadata; - } + void setMetadataProvider(const saml2md::MetadataProvider* metadata); /** * Sets a MetadataProvider::Criteria instance suitable for use with the @@ -216,9 +192,7 @@ namespace opensaml { * * @param trust a TrustEngine or NULL */ - void setTrustEngine(const xmltooling::TrustEngine* trust) { - m_trust = trust; - } + void setTrustEngine(const xmltooling::TrustEngine* trust); /** * Controls schema validation of incoming XML messages. @@ -227,18 +201,14 @@ namespace opensaml { * * @param validate validation setting */ - void setValidating(bool validate=true) { - m_validate = validate; - } + void setValidating(bool validate=true); /** * Sets flag controlling non-entity issuer support. * * @param entityOnly require that Issuer be in entity format */ - void requireEntityIssuer(bool entityOnly=true) { - m_entityOnly = entityOnly; - } + void requireEntityIssuer(bool entityOnly=true); /** * Sets effective time of message processing. @@ -248,9 +218,7 @@ namespace opensaml { * * @param ts the time at which the message is being processed */ - void setTime(time_t ts) { - m_ts = ts; - } + void setTime(time_t ts); /** * Sets the message identifier to which the message being evaluated @@ -258,11 +226,7 @@ namespace opensaml { * * @param correlationID correlated message identifier */ - void setCorrelationID(const XMLCh* correlationID) { - m_correlationID.erase(); - if (correlationID) - m_correlationID = correlationID; - } + void setCorrelationID(const XMLCh* correlationID); /** * Evaluates the policy against the given request and message, @@ -300,65 +264,49 @@ namespace opensaml { * * @return message identifier as determined by the registered policies */ - const XMLCh* getMessageID() const { - return m_messageID.c_str(); - } + const XMLCh* getMessageID() const; /** * Returns the message timestamp as determined by the registered policies. * * @return message timestamp as determined by the registered policies */ - time_t getIssueInstant() const { - return m_issueInstant; - } + time_t getIssueInstant() const; /** * Gets the issuer of the message as determined by the registered policies. * * @return issuer of the message as determined by the registered policies */ - const saml2::Issuer* getIssuer() const { - return m_issuer; - } + const saml2::Issuer* getIssuer() const; /** * Gets the metadata for the role the issuer is operating in. * * @return metadata for the role the issuer is operating in */ - const saml2md::RoleDescriptor* getIssuerMetadata() const { - return m_issuerRole; - } + const saml2md::RoleDescriptor* getIssuerMetadata() const; /** * Returns the authentication status of the message as determined by the registered policies. * * @return true iff a SecurityPolicyRule has indicated the issuer/message has been authenticated */ - bool isAuthenticated() const { - return m_authenticated; - } + bool isAuthenticated() const; /** * Sets the message identifier as determined by the registered policies. * * @param id message identifier */ - void setMessageID(const XMLCh* id) { - m_messageID.erase(); - if (id) - m_messageID = id; - } + void setMessageID(const XMLCh* id); /** * Sets the message timestamp as determined by the registered policies. * * @param issueInstant message timestamp */ - void setIssueInstant(time_t issueInstant) { - m_issueInstant = issueInstant; - } + void setIssueInstant(time_t issueInstant); /** * Sets the issuer of the message as determined by the registered policies. @@ -386,16 +334,14 @@ namespace opensaml { * * @param auth indicates whether the issuer/message has been authenticated */ - void setAuthenticated(bool auth) { - m_authenticated = auth; - } + void setAuthenticated(bool auth); /** Allows override of rules for comparing saml2:Issuer information. */ class SAML_API IssuerMatchingPolicy { MAKE_NONCOPYABLE(IssuerMatchingPolicy); public: - IssuerMatchingPolicy() {} - virtual ~IssuerMatchingPolicy() {} + IssuerMatchingPolicy(); + virtual ~IssuerMatchingPolicy(); /** * Returns true iff the two operands "match". Applications can override this method to @@ -429,9 +375,7 @@ namespace opensaml { * * @return the effective IssuerMatchingPolicy */ - const IssuerMatchingPolicy& getIssuerMatchingPolicy() const { - return m_matchingPolicy ? *m_matchingPolicy : m_defaultMatching; - } + const IssuerMatchingPolicy& getIssuerMatchingPolicy() const; /** * Sets the IssuerMatchingPolicy in effect. Setting no policy will @@ -441,10 +385,7 @@ namespace opensaml { * * @param matchingPolicy the IssuerMatchingPolicy to use */ - void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy) { - delete m_matchingPolicy; - m_matchingPolicy = matchingPolicy; - } + void setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy); protected: /** A shared matching object that just supports the default matching rules. */ diff --git a/saml/binding/SecurityPolicyRule.h b/saml/binding/SecurityPolicyRule.h index 884264d..515c637 100644 --- a/saml/binding/SecurityPolicyRule.h +++ b/saml/binding/SecurityPolicyRule.h @@ -44,9 +44,9 @@ namespace opensaml { { MAKE_NONCOPYABLE(SecurityPolicyRule); protected: - SecurityPolicyRule() {} + SecurityPolicyRule(); public: - virtual ~SecurityPolicyRule() {} + virtual ~SecurityPolicyRule(); /** * Returns the rule's class/type. diff --git a/saml/binding/impl/MessageDecoder.cpp b/saml/binding/impl/MessageDecoder.cpp index 42039f4..0ca6b81 100644 --- a/saml/binding/impl/MessageDecoder.cpp +++ b/saml/binding/impl/MessageDecoder.cpp @@ -66,11 +66,32 @@ void SAML_API opensaml::registerMessageDecoders() XMLObjectBuilder::registerBuilder(xmltooling::QName(samlconstants::SAML20ECP_NS, RelayState), new AnyElementBuilder()); } +MessageDecoder::MessageDecoder() : m_artifactResolver(NULL) +{ +} + +MessageDecoder::~MessageDecoder() +{ +} + bool MessageDecoder::isUserAgentPresent() const { return true; } +void MessageDecoder::setArtifactResolver(const ArtifactResolver* artifactResolver) +{ + m_artifactResolver = artifactResolver; +} + +MessageDecoder::ArtifactResolver::ArtifactResolver() +{ +} + +MessageDecoder::ArtifactResolver::~ArtifactResolver() +{ +} + bool MessageDecoder::ArtifactResolver::isSupported(const SSODescriptorType& ssoDescriptor) const { EndpointManager mgr(ssoDescriptor.getArtifactResolutionServices()); diff --git a/saml/binding/impl/MessageEncoder.cpp b/saml/binding/impl/MessageEncoder.cpp index 88f41da..c4f3e69 100644 --- a/saml/binding/impl/MessageEncoder.cpp +++ b/saml/binding/impl/MessageEncoder.cpp @@ -63,6 +63,14 @@ void SAML_API opensaml::registerMessageEncoders() conf.MessageEncoderManager.registerFactory(samlconstants::SAML20_BINDING_PAOS, saml2p::SAML2ECPEncoderFactory); } +MessageEncoder::MessageEncoder() +{ +} + +MessageEncoder::~MessageEncoder() +{ +} + bool MessageEncoder::isCompact() const { return false; @@ -72,3 +80,11 @@ bool MessageEncoder::isUserAgentPresent() const { return true; } + +MessageEncoder::ArtifactGenerator::ArtifactGenerator() +{ +} + +MessageEncoder::ArtifactGenerator::~ArtifactGenerator() +{ +} diff --git a/saml/binding/impl/SAMLArtifact.cpp b/saml/binding/impl/SAMLArtifact.cpp index 755089e..49e84d8 100644 --- a/saml/binding/impl/SAMLArtifact.cpp +++ b/saml/binding/impl/SAMLArtifact.cpp @@ -58,6 +58,18 @@ void SAML_API opensaml::registerSAMLArtifacts() const unsigned int SAMLArtifact::TYPECODE_LENGTH = 2; +SAMLArtifact::SAMLArtifact() +{ +} + +SAMLArtifact::~SAMLArtifact() +{ +} + +SAMLArtifact::SAMLArtifact(const SAMLArtifact& src) : m_raw(src.m_raw) +{ +} + // Basic constructor just decodes the string and saves it off. // Subclasses will handle pulling it apart. diff --git a/saml/binding/impl/SOAPClient.cpp b/saml/binding/impl/SOAPClient.cpp index 9120951..4346ef5 100644 --- a/saml/binding/impl/SOAPClient.cpp +++ b/saml/binding/impl/SOAPClient.cpp @@ -26,6 +26,7 @@ #include "binding/SecurityPolicy.h" #include "binding/SOAPClient.h" #include "saml2/metadata/Metadata.h" +#include "saml2/metadata/MetadataCredentialCriteria.h" #include "saml2/metadata/MetadataProvider.h" #include @@ -44,6 +45,15 @@ SOAPClient::SOAPClient(SecurityPolicy& policy) { } +SOAPClient::~SOAPClient() +{ +} + +void SOAPClient::forceTransportAuthentication(bool force) +{ + m_force = force; +} + void SOAPClient::send(const soap11::Envelope& env, const char* from, MetadataCredentialCriteria& to, const char* endpoint) { // Clear policy. @@ -108,3 +118,8 @@ void SOAPClient::reset() soap11::SOAPClient::reset(); m_policy.reset(); } + +SecurityPolicy& SOAPClient::getPolicy() const +{ + return m_policy; +} diff --git a/saml/binding/impl/SecurityPolicy.cpp b/saml/binding/impl/SecurityPolicy.cpp index 4886905..2d40425 100644 --- a/saml/binding/impl/SecurityPolicy.cpp +++ b/saml/binding/impl/SecurityPolicy.cpp @@ -68,7 +68,13 @@ void SAML_API opensaml::registerSecurityPolicyRules() conf.SecurityPolicyRuleManager.registerFactory(DELEGATION_POLICY_RULE, saml2::DelegationRestrictionRuleFactory); } -SecurityPolicy::IssuerMatchingPolicy SecurityPolicy::m_defaultMatching; +SecurityPolicyRule::SecurityPolicyRule() +{ +} + +SecurityPolicyRule::~SecurityPolicyRule() +{ +} SecurityPolicy::SecurityPolicy( const saml2md::MetadataProvider* metadataProvider, @@ -98,6 +104,118 @@ SecurityPolicy::~SecurityPolicy() delete m_issuer; } +const MetadataProvider* SecurityPolicy::getMetadataProvider() const +{ + return m_metadata; +} + +MetadataProvider::Criteria& SecurityPolicy::getMetadataProviderCriteria() const +{ + if (!m_metadataCriteria) + m_metadataCriteria=new MetadataProvider::Criteria(); + else + m_metadataCriteria->reset(); + return *m_metadataCriteria; +} + +const xmltooling::QName* SecurityPolicy::getRole() const +{ + return m_role; +} + +const TrustEngine* SecurityPolicy::getTrustEngine() const +{ + return m_trust; +} + +bool SecurityPolicy::getValidating() const +{ + return m_validate; +} + +bool SecurityPolicy::requireEntityIssuer() const +{ + return m_entityOnly; +} + +const vector& SecurityPolicy::getAudiences() const +{ + return m_audiences; +} + +vector& SecurityPolicy::getAudiences() +{ + return m_audiences; +} + +time_t SecurityPolicy::getTime() const +{ + if (m_ts == 0) + return m_ts = time(NULL); + return m_ts; +} + +const XMLCh* SecurityPolicy::getCorrelationID() const +{ + return m_correlationID.c_str(); +} + +vector& SecurityPolicy::getRules() +{ + return m_rules; +} + +void SecurityPolicy::setMetadataProvider(const MetadataProvider* metadata) +{ + m_metadata = metadata; +} + +void SecurityPolicy::setMetadataProviderCriteria(MetadataProvider::Criteria* criteria) +{ + if (m_metadataCriteria) + delete m_metadataCriteria; + m_metadataCriteria=criteria; +} + +void SecurityPolicy::setRole(const xmltooling::QName* role) +{ + delete m_role; + m_role = role ? new xmltooling::QName(*role) : NULL; +} + +void SecurityPolicy::setTrustEngine(const TrustEngine* trust) +{ + m_trust = trust; +} + +void SecurityPolicy::setValidating(bool validate) +{ + m_validate = validate; +} + +void SecurityPolicy::requireEntityIssuer(bool entityOnly) +{ + m_entityOnly = entityOnly; +} + +void SecurityPolicy::setTime(time_t ts) +{ + m_ts = ts; +} + +void SecurityPolicy::setCorrelationID(const XMLCh* correlationID) +{ + m_correlationID.erase(); + if (correlationID) + m_correlationID = correlationID; +} + +void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request) +{ + for (vector::const_iterator i=m_rules.begin(); i!=m_rules.end(); ++i) + (*i)->evaluate(message,request,*this); +} + void SecurityPolicy::reset(bool messageOnly) { _reset(messageOnly); @@ -115,32 +233,41 @@ void SecurityPolicy::_reset(bool messageOnly) } } -void SecurityPolicy::setRole(const xmltooling::QName* role) +const XMLCh* SecurityPolicy::getMessageID() const { - delete m_role; - m_role = role ? new xmltooling::QName(*role) : NULL; + return m_messageID.c_str(); } -MetadataProvider::Criteria& SecurityPolicy::getMetadataProviderCriteria() const +time_t SecurityPolicy::getIssueInstant() const { - if (!m_metadataCriteria) - m_metadataCriteria=new MetadataProvider::Criteria(); - else - m_metadataCriteria->reset(); - return *m_metadataCriteria; + return m_issueInstant; } -void SecurityPolicy::setMetadataProviderCriteria(saml2md::MetadataProvider::Criteria* criteria) +const Issuer* SecurityPolicy::getIssuer() const { - if (m_metadataCriteria) - delete m_metadataCriteria; - m_metadataCriteria=criteria; + return m_issuer; } -void SecurityPolicy::evaluate(const XMLObject& message, const GenericRequest* request) +const RoleDescriptor* SecurityPolicy::getIssuerMetadata() const { - for (vector::const_iterator i=m_rules.begin(); i!=m_rules.end(); ++i) - (*i)->evaluate(message,request,*this); + return m_issuerRole; +} + +bool SecurityPolicy::isAuthenticated() const +{ + return m_authenticated; +} + +void SecurityPolicy::setMessageID(const XMLCh* id) +{ + m_messageID.erase(); + if (id) + m_messageID = id; +} + +void SecurityPolicy::setIssueInstant(time_t issueInstant) +{ + m_issueInstant = issueInstant; } void SecurityPolicy::setIssuer(const Issuer* issuer) @@ -175,6 +302,19 @@ void SecurityPolicy::setIssuerMetadata(const RoleDescriptor* issuerRole) m_issuerRole=issuerRole; } +void SecurityPolicy::setAuthenticated(bool auth) +{ + m_authenticated = auth; +} + +SecurityPolicy::IssuerMatchingPolicy::IssuerMatchingPolicy() +{ +} + +SecurityPolicy::IssuerMatchingPolicy::~IssuerMatchingPolicy() +{ +} + bool SecurityPolicy::IssuerMatchingPolicy::issuerMatches(const Issuer* issuer1, const Issuer* issuer2) const { // NULL matches anything for the purposes of this interface. @@ -228,3 +368,16 @@ bool SecurityPolicy::IssuerMatchingPolicy::issuerMatches(const Issuer* issuer1, return true; } + +SecurityPolicy::IssuerMatchingPolicy SecurityPolicy::m_defaultMatching; + +const SecurityPolicy::IssuerMatchingPolicy& SecurityPolicy::getIssuerMatchingPolicy() const +{ + return m_matchingPolicy ? *m_matchingPolicy : m_defaultMatching; +} + +void SecurityPolicy::setIssuerMatchingPolicy(IssuerMatchingPolicy* matchingPolicy) +{ + delete m_matchingPolicy; + m_matchingPolicy = matchingPolicy; +} diff --git a/saml/encryption/EncryptedKeyResolver.cpp b/saml/encryption/EncryptedKeyResolver.cpp index 449a753..e6e0028 100644 --- a/saml/encryption/EncryptedKeyResolver.cpp +++ b/saml/encryption/EncryptedKeyResolver.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * EncryptedKeyResolver.cpp * - * SAML-specific encrypted key resolver + * SAML-specific encrypted key resolver. */ #include "internal.h" @@ -25,8 +25,17 @@ #include "saml2/core/Assertions.h" using namespace xmlencryption; +using opensaml::saml2::EncryptedElementType; using namespace std; +opensaml::EncryptedKeyResolver::EncryptedKeyResolver(const EncryptedElementType& ref) : m_ref(ref) +{ +} + +opensaml::EncryptedKeyResolver::~EncryptedKeyResolver() +{ +} + const EncryptedKey* opensaml::EncryptedKeyResolver::resolveKey(const EncryptedData& encryptedData, const XMLCh* recipient) const { const EncryptedKey* base = xmlencryption::EncryptedKeyResolver::resolveKey(encryptedData, recipient); diff --git a/saml/encryption/EncryptedKeyResolver.h b/saml/encryption/EncryptedKeyResolver.h index db5f501..c5b9cfe 100644 --- a/saml/encryption/EncryptedKeyResolver.h +++ b/saml/encryption/EncryptedKeyResolver.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/encryption/EncryptedKeyResolver.h * - * SAML-specific encrypted key resolver + * SAML-specific encrypted key resolver. */ #ifndef __saml_enckeyres_h__ @@ -46,10 +46,9 @@ namespace opensaml { * * @param ref reference to encrypted element */ - EncryptedKeyResolver(const saml2::EncryptedElementType& ref) : m_ref(ref) { - } + EncryptedKeyResolver(const saml2::EncryptedElementType& ref); - virtual ~EncryptedKeyResolver() {} + virtual ~EncryptedKeyResolver(); const xmlencryption::EncryptedKey* resolveKey(const xmlencryption::EncryptedData& encryptedData, const XMLCh* recipient=NULL) const; diff --git a/saml/saml1/binding/SAML1MessageDecoder.h b/saml/saml1/binding/SAML1MessageDecoder.h index d84338c..2346624 100644 --- a/saml/saml1/binding/SAML1MessageDecoder.h +++ b/saml/saml1/binding/SAML1MessageDecoder.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,8 +35,8 @@ namespace opensaml { class SAML_API SAML1MessageDecoder : public MessageDecoder { protected: - SAML1MessageDecoder() {} - virtual ~SAML1MessageDecoder() {} + SAML1MessageDecoder(); + virtual ~SAML1MessageDecoder(); public: void extractMessageDetails ( diff --git a/saml/saml1/binding/SAML1SOAPClient.h b/saml/saml1/binding/SAML1SOAPClient.h index 0b8a3f1..baa28c5 100644 --- a/saml/saml1/binding/SAML1SOAPClient.h +++ b/saml/saml1/binding/SAML1SOAPClient.h @@ -51,12 +51,9 @@ namespace opensaml { * @param soaper reference to SOAPClient object to use for call * @param fatalSAMLErrors true iff a non-successful SAML Status code should be fatal */ - SAML1SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) { - } + SAML1SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true); - virtual ~SAML1SOAPClient() { - xercesc::XMLString::release(&m_correlate); - } + virtual ~SAML1SOAPClient(); /** * Specialized method for sending SAML 1.x requests. The SOAP layer will be diff --git a/saml/saml1/binding/SAMLArtifactType0001.h b/saml/saml1/binding/SAMLArtifactType0001.h index c3b1869..778ef83 100644 --- a/saml/saml1/binding/SAMLArtifactType0001.h +++ b/saml/saml1/binding/SAMLArtifactType0001.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/saml1/binding/SAMLArtifactType0001.h * - * Type 0x0001 SAML 1.x artifact class + * Type 0x0001 SAML 1.x artifact class. */ #ifndef __saml_artifacttype0001_h__ @@ -57,15 +57,12 @@ namespace opensaml { */ SAMLArtifactType0001(const std::string& sourceid, const std::string& handle); - virtual ~SAMLArtifactType0001() {} + virtual ~SAMLArtifactType0001(); - virtual SAMLArtifactType0001* clone() const { - return new SAMLArtifactType0001(*this); - } - - virtual std::string getSource() const { - return toHex(getSourceID()); - } + // Virtual function overrides. + SAMLArtifactType0001* clone() const; + std::string getSource() const; + std::string getMessageHandle() const; /** * Returns the binary data that identifies the source. @@ -73,18 +70,12 @@ namespace opensaml { * * @return the binary source ID */ - virtual std::string getSourceID() const { - return m_raw.substr(TYPECODE_LENGTH,SOURCEID_LENGTH); // bytes 3-22 - } + virtual std::string getSourceID() const; - virtual std::string getMessageHandle() const { - return m_raw.substr(TYPECODE_LENGTH+SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 23-42 - } - - /** Length of source ID */ + /** Length of source ID */ static const unsigned int SOURCEID_LENGTH; - /** Length of assertion handle */ + /** Length of assertion handle */ static const unsigned int HANDLE_LENGTH; protected: @@ -93,7 +84,7 @@ namespace opensaml { * * @param src object to copy */ - SAMLArtifactType0001(const SAMLArtifactType0001& src) : SAMLArtifact(src) {} + SAMLArtifactType0001(const SAMLArtifactType0001& src); }; }; diff --git a/saml/saml1/binding/SAMLArtifactType0002.h b/saml/saml1/binding/SAMLArtifactType0002.h index 66d7f68..e64984e 100644 --- a/saml/saml1/binding/SAMLArtifactType0002.h +++ b/saml/saml1/binding/SAMLArtifactType0002.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/saml1/binding/SAMLArtifactType0002.h * - * Type 0x0002 SAML 1.x artifact class + * Type 0x0002 SAML 1.x artifact class. */ #ifndef __saml_artifacttype0002_h__ @@ -57,19 +57,13 @@ namespace opensaml { */ SAMLArtifactType0002(const std::string& sourceLocation, const std::string& handle); - virtual ~SAMLArtifactType0002() {} - - virtual SAMLArtifactType0002* clone() const { - return new SAMLArtifactType0002(*this); - } - - virtual std::string getMessageHandle() const { - return m_raw.substr(TYPECODE_LENGTH, HANDLE_LENGTH); // bytes 3-22 - } + virtual ~SAMLArtifactType0002(); + + // Virtual function overrides. + SAMLArtifactType0002* clone() const; + std::string getSource() const; + std::string getMessageHandle() const; - virtual std::string getSource() const { - return m_raw.c_str() + TYPECODE_LENGTH + HANDLE_LENGTH; // bytes 23-terminating null - } /** Length of assertion handle */ static const unsigned int HANDLE_LENGTH; @@ -80,7 +74,7 @@ namespace opensaml { * * @param src object to copy */ - SAMLArtifactType0002(const SAMLArtifactType0002& src) : SAMLArtifact(src) {} + SAMLArtifactType0002(const SAMLArtifactType0002& src); }; }; diff --git a/saml/saml1/binding/impl/SAML1MessageDecoder.cpp b/saml/saml1/binding/impl/SAML1MessageDecoder.cpp index 8a751b9..9be6c49 100644 --- a/saml/saml1/binding/impl/SAML1MessageDecoder.cpp +++ b/saml/saml1/binding/impl/SAML1MessageDecoder.cpp @@ -21,7 +21,6 @@ */ #include "internal.h" -#include "exceptions.h" #include "binding/SecurityPolicy.h" #include "saml1/binding/SAML1MessageDecoder.h" #include "saml1/core/Assertions.h" @@ -39,6 +38,14 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +SAML1MessageDecoder::SAML1MessageDecoder() +{ +} + +SAML1MessageDecoder::~SAML1MessageDecoder() +{ +} + void SAML1MessageDecoder::extractMessageDetails( const XMLObject& message, const GenericRequest& req, const XMLCh* protocol, SecurityPolicy& policy ) const diff --git a/saml/saml1/binding/impl/SAML1SOAPClient.cpp b/saml/saml1/binding/impl/SAML1SOAPClient.cpp index d6e86ee..710c212 100644 --- a/saml/saml1/binding/impl/SAML1SOAPClient.cpp +++ b/saml/saml1/binding/impl/SAML1SOAPClient.cpp @@ -39,6 +39,15 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +SAML1SOAPClient::SAML1SOAPClient(opensaml::SOAPClient& soaper, bool fatalSAMLErrors) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) +{ +} + +SAML1SOAPClient::~SAML1SOAPClient() +{ + XMLString::release(&m_correlate); +} + void SAML1SOAPClient::sendSAML(Request* request, const char* from, MetadataCredentialCriteria& to, const char* endpoint) { auto_ptr env(EnvelopeBuilder::buildEnvelope()); diff --git a/saml/saml1/binding/impl/SAMLArtifactType0001.cpp b/saml/saml1/binding/impl/SAMLArtifactType0001.cpp index 81c5ca4..74e7f01 100644 --- a/saml/saml1/binding/impl/SAMLArtifactType0001.cpp +++ b/saml/saml1/binding/impl/SAMLArtifactType0001.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * SAMLArtifactType0001.cpp * - * Type 0x0001 SAML 1.x artifact class + * Type 0x0001 SAML 1.x artifact class. */ #include "internal.h" @@ -40,6 +40,10 @@ namespace opensaml { const unsigned int SAMLArtifactType0001::SOURCEID_LENGTH = 20; const unsigned int SAMLArtifactType0001::HANDLE_LENGTH = 20; +SAMLArtifactType0001::SAMLArtifactType0001(const SAMLArtifactType0001& src) : SAMLArtifact(src) +{ +} + SAMLArtifactType0001::SAMLArtifactType0001(const char* s) : SAMLArtifact(s) { // The base class does the work, we just do the checking. @@ -75,3 +79,27 @@ SAMLArtifactType0001::SAMLArtifactType0001(const string& sourceid, const string& m_raw.append(sourceid,0,SOURCEID_LENGTH); m_raw.append(handle,0,HANDLE_LENGTH); } + +SAMLArtifactType0001::~SAMLArtifactType0001() +{ +} + +SAMLArtifactType0001* SAMLArtifactType0001::clone() const +{ + return new SAMLArtifactType0001(*this); +} + +string SAMLArtifactType0001::getSource() const +{ + return toHex(getSourceID()); +} + +string SAMLArtifactType0001::getSourceID() const +{ + return m_raw.substr(TYPECODE_LENGTH,SOURCEID_LENGTH); // bytes 3-22 +} + +string SAMLArtifactType0001::getMessageHandle() const +{ + return m_raw.substr(TYPECODE_LENGTH+SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 23-42 +} diff --git a/saml/saml1/binding/impl/SAMLArtifactType0002.cpp b/saml/saml1/binding/impl/SAMLArtifactType0002.cpp index ca73e96..fe4896b 100644 --- a/saml/saml1/binding/impl/SAMLArtifactType0002.cpp +++ b/saml/saml1/binding/impl/SAMLArtifactType0002.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * SAMLArtifactType0002.cpp * - * Type 0x0002 SAML 1.x artifact class + * Type 0x0002 SAML 1.x artifact class. */ #include "internal.h" @@ -39,6 +39,10 @@ namespace opensaml { const unsigned int SAMLArtifactType0002::HANDLE_LENGTH = 20; +SAMLArtifactType0002::SAMLArtifactType0002(const SAMLArtifactType0002& src) : SAMLArtifact(src) +{ +} + SAMLArtifactType0002::SAMLArtifactType0002(const char* s) : SAMLArtifact(s) { // The base class does the work, we just do the checking. @@ -74,3 +78,22 @@ SAMLArtifactType0002::SAMLArtifactType0002(const string& sourceLocation, const s m_raw.append(handle,0,HANDLE_LENGTH); m_raw+=sourceLocation; } + +SAMLArtifactType0002::~SAMLArtifactType0002() +{ +} + +SAMLArtifactType0002* SAMLArtifactType0002::clone() const +{ + return new SAMLArtifactType0002(*this); +} + +string SAMLArtifactType0002::getMessageHandle() const +{ + return m_raw.substr(TYPECODE_LENGTH, HANDLE_LENGTH); // bytes 3-22 +} + +string SAMLArtifactType0002::getSource() const +{ + return m_raw.c_str() + TYPECODE_LENGTH + HANDLE_LENGTH; // bytes 23-terminating null +} diff --git a/saml/saml1/profile/AssertionValidator.h b/saml/saml1/profile/AssertionValidator.h index aa26c79..39e7740 100644 --- a/saml/saml1/profile/AssertionValidator.h +++ b/saml/saml1/profile/AssertionValidator.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,13 +17,16 @@ /** * @file saml/saml1/profile/AssertionValidator.h * - * SAML 1.x basic assertion validator + * SAML 1.x basic assertion validator. */ #ifndef __saml1_assval_h__ #define __saml1_assval_h__ #include + +#include +#include #include namespace opensaml { @@ -46,11 +49,9 @@ namespace opensaml { * @param audiences additional audience values * @param ts timestamp to evaluate assertion conditions, or 0 to bypass check */ - AssertionValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0) - : m_recipient(recipient), m_audiences(audiences), m_ts(ts) { - } + AssertionValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0); - virtual ~AssertionValidator() {} + virtual ~AssertionValidator(); void validate(const xmltooling::XMLObject* xmlObject) const; diff --git a/saml/saml1/profile/BrowserSSOProfileValidator.h b/saml/saml1/profile/BrowserSSOProfileValidator.h index 0580d14..da275a8 100644 --- a/saml/saml1/profile/BrowserSSOProfileValidator.h +++ b/saml/saml1/profile/BrowserSSOProfileValidator.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/saml1/profile/BrowserSSOProfileValidator.h * - * SAML 1.x Browser SSO Profile Assertion Validator + * SAML 1.x Browser SSO Profile Assertion Validator. */ #ifndef __saml1_ssoval_h__ @@ -46,10 +46,9 @@ namespace opensaml { * @param audiences additional audience values * @param ts timestamp to evaluate assertion conditions, or 0 to bypass check */ - BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0) - : AssertionValidator(recipient, audiences, ts) { - } - virtual ~BrowserSSOProfileValidator() {} + BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0); + + virtual ~BrowserSSOProfileValidator(); void validateAssertion(const Assertion& assertion) const; }; diff --git a/saml/saml1/profile/impl/AssertionValidator.cpp b/saml/saml1/profile/impl/AssertionValidator.cpp index edb4fce..9b570e9 100644 --- a/saml/saml1/profile/impl/AssertionValidator.cpp +++ b/saml/saml1/profile/impl/AssertionValidator.cpp @@ -33,6 +33,15 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector* audiences, time_t ts) + : m_recipient(recipient), m_audiences(audiences), m_ts(ts) +{ +} + +AssertionValidator::~AssertionValidator() +{ +} + void AssertionValidator::validate(const xmltooling::XMLObject* xmlObject) const { const Assertion* a=dynamic_cast(xmlObject); diff --git a/saml/saml1/profile/impl/BrowserSSOProfileValidator.cpp b/saml/saml1/profile/impl/BrowserSSOProfileValidator.cpp index 22f9d41..23035f6 100644 --- a/saml/saml1/profile/impl/BrowserSSOProfileValidator.cpp +++ b/saml/saml1/profile/impl/BrowserSSOProfileValidator.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * BrowserSSOProfileValidator.cpp * - * SAML 1.x Browser SSO Profile Assertion Validator + * SAML 1.x Browser SSO Profile Assertion Validator. */ #include "internal.h" @@ -59,6 +59,15 @@ namespace { }; }; +BrowserSSOProfileValidator::BrowserSSOProfileValidator(const XMLCh* recipient, const std::vector* audiences, time_t ts) + : AssertionValidator(recipient, audiences, ts) +{ +} + +BrowserSSOProfileValidator::~BrowserSSOProfileValidator() +{ +} + void BrowserSSOProfileValidator::validateAssertion(const Assertion& assertion) const { #ifdef _DEBUG diff --git a/saml/saml2/binding/SAML2Artifact.h b/saml/saml2/binding/SAML2Artifact.h index af2dbe9..13f2022 100644 --- a/saml/saml2/binding/SAML2Artifact.h +++ b/saml/saml2/binding/SAML2Artifact.h @@ -17,7 +17,7 @@ /** * @file saml/saml2/binding/SAML2Artifact.h * - * Base class for SAML 2.0 artifacts + * Base class for SAML 2.0 artifacts. */ #ifndef __saml2_artifact_h__ @@ -29,13 +29,13 @@ namespace opensaml { namespace saml2p { /** - * Base class for SAML 2.0 artifacts + * Base class for SAML 2.0 artifacts. */ class SAML_API SAML2Artifact : public SAMLArtifact { SAML2Artifact& operator=(const SAML2Artifact& src); public: - virtual ~SAML2Artifact() {} + virtual ~SAML2Artifact(); /** * Returns the endpoint index of the artifact. @@ -48,21 +48,21 @@ namespace opensaml { static const unsigned int INDEX_LENGTH; protected: - SAML2Artifact() {} + SAML2Artifact(); /** * Constructor. * * @param s raw artifact string */ - SAML2Artifact(const char* s) : SAMLArtifact(s) {} + SAML2Artifact(const char* s); /** * Copy constructor. * * @param src object to copy */ - SAML2Artifact(const SAML2Artifact& src) : SAMLArtifact(src) {} + SAML2Artifact(const SAML2Artifact& src); }; }; diff --git a/saml/saml2/binding/SAML2ArtifactType0004.h b/saml/saml2/binding/SAML2ArtifactType0004.h index 355645d..9479556 100644 --- a/saml/saml2/binding/SAML2ArtifactType0004.h +++ b/saml/saml2/binding/SAML2ArtifactType0004.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/saml2/binding/SAML2ArtifactType0004.h * - * Type 0x0004 SAML 2.0 artifact class + * Type 0x0004 SAML 2.0 artifact class. */ #ifndef __saml_artifacttype0004_h__ @@ -29,7 +29,7 @@ namespace opensaml { namespace saml2p { /** - * Type 0x0004 SAML 2.0 artifact class + * Type 0x0004 SAML 2.0 artifact class. */ class SAML_API SAML2ArtifactType0004 : public SAML2Artifact { @@ -59,15 +59,12 @@ namespace opensaml { */ SAML2ArtifactType0004(const std::string& sourceid, int index, const std::string& handle); - virtual ~SAML2ArtifactType0004() {} + virtual ~SAML2ArtifactType0004(); - virtual SAML2ArtifactType0004* clone() const { - return new SAML2ArtifactType0004(*this); - } - - virtual std::string getSource() const { - return toHex(getSourceID()); - } + // Virtual function overrides. + SAML2ArtifactType0004* clone() const; + std::string getSource() const; + std::string getMessageHandle() const; /** * Returns the binary data that identifies the source. @@ -75,14 +72,8 @@ namespace opensaml { * * @return the binary source ID */ - virtual std::string getSourceID() const { - return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH, SOURCEID_LENGTH); // bytes 5-24 - } + virtual std::string getSourceID() const; - virtual std::string getMessageHandle() const { - return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH + SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 25-44 - } - /** Length of source ID */ static const unsigned int SOURCEID_LENGTH; @@ -95,7 +86,7 @@ namespace opensaml { * * @param src object to copy */ - SAML2ArtifactType0004(const SAML2ArtifactType0004& src) : SAML2Artifact(src) {} + SAML2ArtifactType0004(const SAML2ArtifactType0004& src); }; }; diff --git a/saml/saml2/binding/SAML2MessageDecoder.h b/saml/saml2/binding/SAML2MessageDecoder.h index a81cfcb..7932735 100644 --- a/saml/saml2/binding/SAML2MessageDecoder.h +++ b/saml/saml2/binding/SAML2MessageDecoder.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,7 +26,6 @@ #include namespace opensaml { - namespace saml2p { /** @@ -35,8 +34,8 @@ namespace opensaml { class SAML_API SAML2MessageDecoder : public MessageDecoder { protected: - SAML2MessageDecoder() {} - virtual ~SAML2MessageDecoder() {} + SAML2MessageDecoder(); + virtual ~SAML2MessageDecoder(); public: void extractMessageDetails ( diff --git a/saml/saml2/binding/SAML2SOAPClient.h b/saml/saml2/binding/SAML2SOAPClient.h index a02ff50..55f8589 100644 --- a/saml/saml2/binding/SAML2SOAPClient.h +++ b/saml/saml2/binding/SAML2SOAPClient.h @@ -51,12 +51,9 @@ namespace opensaml { * @param soaper reference to SOAPClient object to use for call * @param fatalSAMLErrors true iff a non-successful SAML Status code should be fatal */ - SAML2SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true) : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) { - } + SAML2SOAPClient(SOAPClient& soaper, bool fatalSAMLErrors=true); - virtual ~SAML2SOAPClient() { - xercesc::XMLString::release(&m_correlate); - } + virtual ~SAML2SOAPClient(); /** * Specialized method for sending SAML 2.0 requests. The SOAP layer will be diff --git a/saml/saml2/binding/impl/SAML2Artifact.cpp b/saml/saml2/binding/impl/SAML2Artifact.cpp index 32ca3d5..5b9cd20 100644 --- a/saml/saml2/binding/impl/SAML2Artifact.cpp +++ b/saml/saml2/binding/impl/SAML2Artifact.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * SAML2Artifact.cpp * - * Base class for SAML 2.0 artifacts + * Base class for SAML 2.0 artifacts. */ #include "internal.h" @@ -27,6 +27,22 @@ using namespace opensaml::saml2p; const unsigned int SAML2Artifact::INDEX_LENGTH = 2; +SAML2Artifact::SAML2Artifact() +{ +} + +SAML2Artifact::SAML2Artifact(const char* s) : SAMLArtifact(s) +{ +} + +SAML2Artifact::SAML2Artifact(const SAML2Artifact& src) : SAMLArtifact(src) +{ +} + +SAML2Artifact::~SAML2Artifact() +{ +} + int SAML2Artifact::getEndpointIndex() const { int index=0; diff --git a/saml/saml2/binding/impl/SAML2ArtifactType0004.cpp b/saml/saml2/binding/impl/SAML2ArtifactType0004.cpp index f1e405b..9532677 100644 --- a/saml/saml2/binding/impl/SAML2ArtifactType0004.cpp +++ b/saml/saml2/binding/impl/SAML2ArtifactType0004.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * SAML2ArtifactType0004.cpp * - * Type 0x0004 SAML 2.0 artifact class + * Type 0x0004 SAML 2.0 artifact class. */ #include "internal.h" @@ -83,3 +83,31 @@ SAML2ArtifactType0004::SAML2ArtifactType0004(const string& sourceid, int index, m_raw.append(sourceid,0,SOURCEID_LENGTH); m_raw.append(handle,0,HANDLE_LENGTH); } + +SAML2ArtifactType0004::SAML2ArtifactType0004(const SAML2ArtifactType0004& src) : SAML2Artifact(src) +{ +} + +SAML2ArtifactType0004::~SAML2ArtifactType0004() +{ +} + +SAML2ArtifactType0004* SAML2ArtifactType0004::clone() const +{ + return new SAML2ArtifactType0004(*this); +} + +string SAML2ArtifactType0004::getSource() const +{ + return toHex(getSourceID()); +} + +string SAML2ArtifactType0004::getSourceID() const +{ + return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH, SOURCEID_LENGTH); // bytes 5-24 +} + +string SAML2ArtifactType0004::getMessageHandle() const +{ + return m_raw.substr(TYPECODE_LENGTH + INDEX_LENGTH + SOURCEID_LENGTH, HANDLE_LENGTH); // bytes 25-44 +} diff --git a/saml/saml2/binding/impl/SAML2MessageDecoder.cpp b/saml/saml2/binding/impl/SAML2MessageDecoder.cpp index 5b83605..23191df 100644 --- a/saml/saml2/binding/impl/SAML2MessageDecoder.cpp +++ b/saml/saml2/binding/impl/SAML2MessageDecoder.cpp @@ -21,7 +21,6 @@ */ #include "internal.h" -#include "exceptions.h" #include "binding/SecurityPolicy.h" #include "saml2/binding/SAML2MessageDecoder.h" #include "saml2/core/Protocols.h" @@ -39,6 +38,14 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +SAML2MessageDecoder::SAML2MessageDecoder() +{ +} + +SAML2MessageDecoder::~SAML2MessageDecoder() +{ +} + void SAML2MessageDecoder::extractMessageDetails( const XMLObject& message, const GenericRequest& request, const XMLCh* protocol, SecurityPolicy& policy ) const diff --git a/saml/saml2/binding/impl/SAML2SOAPClient.cpp b/saml/saml2/binding/impl/SAML2SOAPClient.cpp index 2da5a0d..6c6880b 100644 --- a/saml/saml2/binding/impl/SAML2SOAPClient.cpp +++ b/saml/saml2/binding/impl/SAML2SOAPClient.cpp @@ -41,6 +41,16 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +SAML2SOAPClient::SAML2SOAPClient(opensaml::SOAPClient& soaper, bool fatalSAMLErrors) + : m_soaper(soaper), m_fatal(fatalSAMLErrors), m_correlate(NULL) +{ +} + +SAML2SOAPClient::~SAML2SOAPClient() +{ + XMLString::release(&m_correlate); +} + void SAML2SOAPClient::sendSAML(RequestAbstractType* request, const char* from, MetadataCredentialCriteria& to, const char* endpoint) { auto_ptr env(EnvelopeBuilder::buildEnvelope()); diff --git a/saml/saml2/metadata/AbstractMetadataProvider.h b/saml/saml2/metadata/AbstractMetadataProvider.h index 6a757ce..2e5a7ca 100644 --- a/saml/saml2/metadata/AbstractMetadataProvider.h +++ b/saml/saml2/metadata/AbstractMetadataProvider.h @@ -25,6 +25,11 @@ #include +#include +#include +#include +#include + namespace xmltooling { class XMLTOOL_API Credential; class XMLTOOL_API CredentialCriteria; diff --git a/saml/saml2/metadata/EndpointManager.h b/saml/saml2/metadata/EndpointManager.h index b7495b1..48eee56 100644 --- a/saml/saml2/metadata/EndpointManager.h +++ b/saml/saml2/metadata/EndpointManager.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,6 +25,9 @@ #include +#include +#include + namespace opensaml { namespace saml2md { diff --git a/saml/saml2/metadata/MetadataCredentialContext.h b/saml/saml2/metadata/MetadataCredentialContext.h index c3e08f4..da4cab4 100644 --- a/saml/saml2/metadata/MetadataCredentialContext.h +++ b/saml/saml2/metadata/MetadataCredentialContext.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,16 +44,14 @@ namespace opensaml { */ MetadataCredentialContext(const KeyDescriptor& descriptor); - virtual ~MetadataCredentialContext() {} + virtual ~MetadataCredentialContext(); /** * Return the KeyDescriptor associated with the credential. * * @return the associated KeyDescriptor */ - const KeyDescriptor& getKeyDescriptor() const { - return m_descriptor; - } + const KeyDescriptor& getKeyDescriptor() const; private: const KeyDescriptor& m_descriptor; diff --git a/saml/saml2/metadata/MetadataFilter.h b/saml/saml2/metadata/MetadataFilter.h index 84e8080..c5428f1 100644 --- a/saml/saml2/metadata/MetadataFilter.h +++ b/saml/saml2/metadata/MetadataFilter.h @@ -26,7 +26,6 @@ #define __saml2_metadatafilt_h__ namespace opensaml { - namespace saml2md { /** @@ -40,9 +39,9 @@ namespace opensaml { { MAKE_NONCOPYABLE(MetadataFilter); protected: - MetadataFilter() {} + MetadataFilter(); public: - virtual ~MetadataFilter() {} + virtual ~MetadataFilter(); /** * Returns an identifying string for the filter. diff --git a/saml/saml2/metadata/MetadataProvider.h b/saml/saml2/metadata/MetadataProvider.h index 20bdc0f..8009ada 100644 --- a/saml/saml2/metadata/MetadataProvider.h +++ b/saml/saml2/metadata/MetadataProvider.h @@ -24,6 +24,8 @@ #define __saml2_metadataprov_h__ #include + +#include #include #include @@ -95,9 +97,7 @@ namespace opensaml { * * @param newFilter metadata filter to add */ - virtual void addMetadataFilter(MetadataFilter* newFilter) { - m_filters.push_back(newFilter); - } + virtual void addMetadataFilter(MetadataFilter* newFilter); /** * Removes a metadata filter. The caller must delete the filter if necessary. @@ -105,15 +105,7 @@ namespace opensaml { * @param oldFilter metadata filter to remove * @return the old filter */ - virtual MetadataFilter* removeMetadataFilter(MetadataFilter* oldFilter) { - for (std::vector::iterator i=m_filters.begin(); i!=m_filters.end(); i++) { - if (oldFilter==(*i)) { - m_filters.erase(i); - return oldFilter; - } - } - return NULL; - } + virtual MetadataFilter* removeMetadataFilter(MetadataFilter* oldFilter); /** * Should be called after instantiating provider and adding filters, but before @@ -163,8 +155,7 @@ namespace opensaml { /** * Default constructor. */ - Criteria() : entityID_unicode(NULL), entityID_ascii(NULL), artifact(NULL), role(NULL), protocol(NULL), protocol2(NULL), validOnly(true) { - } + Criteria(); /** * Constructor. @@ -174,9 +165,7 @@ namespace opensaml { * @param prot protocol support constant, if any * @param valid true iff stale metadata should be ignored */ - Criteria(const XMLCh* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true) - : entityID_unicode(id), entityID_ascii(NULL), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) { - } + Criteria(const XMLCh* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true); /** * Constructor. @@ -186,9 +175,7 @@ namespace opensaml { * @param prot protocol support constant, if any * @param valid true iff stale metadata should be ignored */ - Criteria(const char* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true) - : entityID_unicode(NULL), entityID_ascii(id), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) { - } + Criteria(const char* id, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true); /** * Constructor. @@ -198,24 +185,14 @@ namespace opensaml { * @param prot protocol support constant, if any * @param valid true iff stale metadata should be ignored */ - Criteria(const SAMLArtifact* a, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true) - : entityID_unicode(NULL), entityID_ascii(NULL), artifact(a), role(q), protocol(prot), protocol2(NULL), validOnly(valid) { - } + Criteria(const SAMLArtifact* a, const xmltooling::QName* q=NULL, const XMLCh* prot=NULL, bool valid=true); - virtual ~Criteria() {} + virtual ~Criteria(); /** * Restores the object to its default state. */ - virtual void reset() { - entityID_unicode=NULL; - entityID_ascii=NULL; - artifact=NULL; - role=NULL; - protocol=NULL; - protocol2=NULL; - validOnly=true; - } + virtual void reset(); /** Unique ID of entity. */ const XMLCh* entityID_unicode; diff --git a/saml/saml2/metadata/ObservableMetadataProvider.h b/saml/saml2/metadata/ObservableMetadataProvider.h index 2bae5c7..9c01b46 100644 --- a/saml/saml2/metadata/ObservableMetadataProvider.h +++ b/saml/saml2/metadata/ObservableMetadataProvider.h @@ -64,9 +64,9 @@ namespace opensaml { class SAML_API Observer { MAKE_NONCOPYABLE(Observer); protected: - Observer() {} + Observer(); public: - virtual ~Observer() {} + virtual ~Observer(); /** * Called when a provider signals an event has occured. diff --git a/saml/saml2/metadata/impl/MetadataCredentialContext.cpp b/saml/saml2/metadata/impl/MetadataCredentialContext.cpp index 7b7dae7..f71968e 100644 --- a/saml/saml2/metadata/impl/MetadataCredentialContext.cpp +++ b/saml/saml2/metadata/impl/MetadataCredentialContext.cpp @@ -30,3 +30,12 @@ MetadataCredentialContext::MetadataCredentialContext(const KeyDescriptor& descri : KeyInfoCredentialContext(descriptor.getKeyInfo()), m_descriptor(descriptor) { } + +MetadataCredentialContext::~MetadataCredentialContext() +{ +} + +const KeyDescriptor& MetadataCredentialContext::getKeyDescriptor() const +{ + return m_descriptor; +} diff --git a/saml/saml2/metadata/impl/MetadataProvider.cpp b/saml/saml2/metadata/impl/MetadataProvider.cpp index c3015c5..4d8d6b1 100644 --- a/saml/saml2/metadata/impl/MetadataProvider.cpp +++ b/saml/saml2/metadata/impl/MetadataProvider.cpp @@ -17,7 +17,7 @@ /** * MetadataProvider.cpp * - * Registration of factories for built-in providers. + * Supplies an individual source of metadata. */ #include "internal.h" @@ -133,6 +133,22 @@ MetadataProvider::~MetadataProvider() for_each(m_filters.begin(),m_filters.end(),xmltooling::cleanup()); } +void MetadataProvider::addMetadataFilter(MetadataFilter* newFilter) +{ + m_filters.push_back(newFilter); +} + +MetadataFilter* MetadataProvider::removeMetadataFilter(MetadataFilter* oldFilter) +{ + for (vector::iterator i=m_filters.begin(); i!=m_filters.end(); i++) { + if (oldFilter==(*i)) { + m_filters.erase(i); + return oldFilter; + } + } + return NULL; +} + void MetadataProvider::doFilters(XMLObject& xmlObject) const { #ifdef _DEBUG @@ -150,3 +166,46 @@ const EntitiesDescriptor* MetadataProvider::getEntitiesDescriptor(const XMLCh* n auto_ptr_char temp(name); return getEntitiesDescriptor(temp.get(),strict); } + +MetadataProvider::Criteria::Criteria() + : entityID_unicode(NULL), entityID_ascii(NULL), artifact(NULL), role(NULL), protocol(NULL), protocol2(NULL), validOnly(true) +{ +} + +MetadataProvider::Criteria::Criteria(const XMLCh* id, const xmltooling::QName* q, const XMLCh* prot, bool valid) + : entityID_unicode(id), entityID_ascii(NULL), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) +{ +} + +MetadataProvider::Criteria::Criteria(const char* id, const xmltooling::QName* q, const XMLCh* prot, bool valid) + : entityID_unicode(NULL), entityID_ascii(id), artifact(NULL), role(q), protocol(prot), protocol2(NULL), validOnly(valid) +{ +} + +MetadataProvider::Criteria::Criteria(const SAMLArtifact* a, const xmltooling::QName* q, const XMLCh* prot, bool valid) + : entityID_unicode(NULL), entityID_ascii(NULL), artifact(a), role(q), protocol(prot), protocol2(NULL), validOnly(valid) +{ +} + +MetadataProvider::Criteria::~Criteria() +{ +} + +void MetadataProvider::Criteria::reset() +{ + entityID_unicode=NULL; + entityID_ascii=NULL; + artifact=NULL; + role=NULL; + protocol=NULL; + protocol2=NULL; + validOnly=true; +} + +MetadataFilter::MetadataFilter() +{ +} + +MetadataFilter::~MetadataFilter() +{ +} diff --git a/saml/saml2/metadata/impl/ObservableMetadataProvider.cpp b/saml/saml2/metadata/impl/ObservableMetadataProvider.cpp index 7724741..aa6d94b 100644 --- a/saml/saml2/metadata/impl/ObservableMetadataProvider.cpp +++ b/saml/saml2/metadata/impl/ObservableMetadataProvider.cpp @@ -64,3 +64,11 @@ const ObservableMetadataProvider::Observer* ObservableMetadataProvider::removeOb } return NULL; } + +ObservableMetadataProvider::Observer::Observer() +{ +} + +ObservableMetadataProvider::Observer::~Observer() +{ +} diff --git a/saml/saml2/profile/AssertionValidator.h b/saml/saml2/profile/AssertionValidator.h index 8a05e29..322df68 100644 --- a/saml/saml2/profile/AssertionValidator.h +++ b/saml/saml2/profile/AssertionValidator.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,13 +17,16 @@ /** * @file saml/saml2/profile/AssertionValidator.h * - * SAML 2.0 basic assertion validator + * SAML 2.0 basic assertion validator. */ #ifndef __saml2_assval_h__ #define __saml2_assval_h__ #include + +#include +#include #include namespace opensaml { @@ -46,11 +49,9 @@ namespace opensaml { * @param audiences additional audience values * @param ts timestamp to evaluate assertion conditions, or 0 to bypass check */ - AssertionValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0) - : m_recipient(recipient), m_audiences(audiences), m_ts(ts) { - } + AssertionValidator(const XMLCh* recipient, const std::vector* audiences=NULL, time_t ts=0); - virtual ~AssertionValidator() {} + virtual ~AssertionValidator(); void validate(const xmltooling::XMLObject* xmlObject) const; diff --git a/saml/saml2/profile/BrowserSSOProfileValidator.h b/saml/saml2/profile/BrowserSSOProfileValidator.h index 9af864c..81656ab 100644 --- a/saml/saml2/profile/BrowserSSOProfileValidator.h +++ b/saml/saml2/profile/BrowserSSOProfileValidator.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * @file saml/saml2/profile/BrowserSSOProfileValidator.h * - * SAML 2.0 Browser SSO Profile Assertion Validator + * SAML 2.0 Browser SSO Profile Assertion Validator. */ #ifndef __saml2_ssoval_h__ @@ -25,8 +25,9 @@ #include -namespace opensaml { +#include +namespace opensaml { namespace saml2 { /** @@ -54,9 +55,9 @@ namespace opensaml { time_t ts=0, const char* destination=NULL, const char* requestID=NULL - ) : AssertionValidator(recipient, audiences, ts), m_destination(destination), m_requestID(requestID) { - } - virtual ~BrowserSSOProfileValidator() {} + ); + + virtual ~BrowserSSOProfileValidator(); void validateAssertion(const Assertion& assertion) const; @@ -65,9 +66,7 @@ namespace opensaml { * * @return address information */ - const char* getAddress() const { - return m_address.c_str(); - } + const char* getAddress() const; protected: /** Server location to which assertion was delivered. */ diff --git a/saml/saml2/profile/SAML2AssertionPolicy.h b/saml/saml2/profile/SAML2AssertionPolicy.h index 17edff4..c871b0b 100644 --- a/saml/saml2/profile/SAML2AssertionPolicy.h +++ b/saml/saml2/profile/SAML2AssertionPolicy.h @@ -54,24 +54,19 @@ namespace opensaml { const xmltooling::QName* role=NULL, const xmltooling::TrustEngine* trustEngine=NULL, bool validate=true - ) : SecurityPolicy(metadataProvider, role, trustEngine, validate) { - } + ); - virtual ~SAML2AssertionPolicy() {} + virtual ~SAML2AssertionPolicy(); virtual void reset(bool messageOnly=false); - void _reset(bool messageOnly=false) { - m_confirmation = false; - } + void _reset(bool messageOnly=false); /** * Returns the subject confirmation that was successfully accepted by the policy. * * @return a successfully evaluated SubjectConfirmation */ - const saml2::SubjectConfirmation* getSubjectConfirmation() const { - return m_confirmation; - } + const saml2::SubjectConfirmation* getSubjectConfirmation() const; /** * Sets the SubjectConfirmation that was successfully accepted by the policy. @@ -81,9 +76,7 @@ namespace opensaml { * * @param confirmation the successfully evaluated SubjectConfirmation */ - void setSubjectConfirmation(const saml2::SubjectConfirmation* confirmation) { - m_confirmation = confirmation; - } + void setSubjectConfirmation(const saml2::SubjectConfirmation* confirmation); private: const saml2::SubjectConfirmation* m_confirmation; diff --git a/saml/saml2/profile/impl/Assertion20Validator.cpp b/saml/saml2/profile/impl/Assertion20Validator.cpp index b5c857f..b118d4b 100644 --- a/saml/saml2/profile/impl/Assertion20Validator.cpp +++ b/saml/saml2/profile/impl/Assertion20Validator.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * Assertion20Validator.cpp * - * SAML 2.0 basic assertion validator + * SAML 2.0 basic assertion validator. */ #include "internal.h" @@ -33,6 +33,15 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +AssertionValidator::AssertionValidator(const XMLCh* recipient, const vector* audiences, time_t ts) + : m_recipient(recipient), m_audiences(audiences), m_ts(ts) +{ +} + +AssertionValidator::~AssertionValidator() +{ +} + void AssertionValidator::validate(const xmltooling::XMLObject* xmlObject) const { const Assertion* a=dynamic_cast(xmlObject); diff --git a/saml/saml2/profile/impl/BrowserSSOProfile20Validator.cpp b/saml/saml2/profile/impl/BrowserSSOProfile20Validator.cpp index c248ea9..691adc1 100644 --- a/saml/saml2/profile/impl/BrowserSSOProfile20Validator.cpp +++ b/saml/saml2/profile/impl/BrowserSSOProfile20Validator.cpp @@ -33,6 +33,20 @@ using namespace xmltooling::logging; using namespace xmltooling; using namespace std; +BrowserSSOProfileValidator::BrowserSSOProfileValidator( + const XMLCh* recipient, + const vector* audiences, + time_t ts, + const char* destination, + const char* requestID + ) : AssertionValidator(recipient, audiences, ts), m_destination(destination), m_requestID(requestID) +{ +} + +BrowserSSOProfileValidator::~BrowserSSOProfileValidator() +{ +} + void BrowserSSOProfileValidator::validateAssertion(const Assertion& assertion) const { #ifdef _DEBUG @@ -90,3 +104,8 @@ void BrowserSSOProfileValidator::validateAssertion(const Assertion& assertion) c log.error(msg ? msg : "no error message"); throw ValidationException("Unable to locate satisfiable bearer SubjectConfirmation in assertion."); } + +const char* BrowserSSOProfileValidator::getAddress() const +{ + return m_address.c_str(); +} diff --git a/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp b/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp index 08e9768..585e4b0 100644 --- a/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp +++ b/saml/saml2/profile/impl/SAML2AssertionPolicy.cpp @@ -23,11 +23,38 @@ #include "internal.h" #include "saml2/profile/SAML2AssertionPolicy.h" +using namespace opensaml::saml2md; using namespace opensaml::saml2; using namespace opensaml; +using namespace xmltooling; + +SAML2AssertionPolicy::SAML2AssertionPolicy( + const MetadataProvider* metadataProvider, const xmltooling::QName* role, const TrustEngine* trustEngine, bool validate + ) : SecurityPolicy(metadataProvider, role, trustEngine, validate) +{ +} + +SAML2AssertionPolicy::~SAML2AssertionPolicy() +{ +} void SAML2AssertionPolicy::reset(bool messageOnly) { SecurityPolicy::reset(messageOnly); SAML2AssertionPolicy::_reset(messageOnly); } + +void SAML2AssertionPolicy::_reset(bool messageOnly) +{ + m_confirmation = false; +} + +const SubjectConfirmation* SAML2AssertionPolicy::getSubjectConfirmation() const +{ + return m_confirmation; +} + +void SAML2AssertionPolicy::setSubjectConfirmation(const SubjectConfirmation* confirmation) +{ + m_confirmation = confirmation; +} diff --git a/saml/signature/ContentReference.cpp b/saml/signature/ContentReference.cpp index 454bdb9..fc71f1b 100644 --- a/saml/signature/ContentReference.cpp +++ b/saml/signature/ContentReference.cpp @@ -34,6 +34,15 @@ using namespace opensaml; using namespace xmltooling; using namespace std; +ContentReference::ContentReference(const SignableObject& signableObject) + : m_signableObject(signableObject), m_digest(NULL), m_c14n(NULL) +{ +} + +ContentReference::~ContentReference() +{ +} + void ContentReference::createReferences(DSIGSignature* sig) { DSIGReference* ref=NULL; @@ -93,6 +102,16 @@ void ContentReference::addInclusivePrefix(const XMLCh* prefix) #endif } +void ContentReference::setDigestAlgorithm(const XMLCh* digest) +{ + m_digest = digest; +} + +void ContentReference::setCanonicalizationMethod(const XMLCh* c14n) +{ + m_c14n = c14n; +} + void ContentReference::addPrefixes(const std::set& namespaces) { for (set::const_iterator n = namespaces.begin(); n!=namespaces.end(); ++n) { diff --git a/saml/signature/ContentReference.h b/saml/signature/ContentReference.h index 5c0550c..283267a 100644 --- a/saml/signature/ContentReference.h +++ b/saml/signature/ContentReference.h @@ -57,11 +57,9 @@ namespace opensaml { * * @param signableObject reference to object being signed */ - ContentReference(const SignableObject& signableObject) - : m_signableObject(signableObject), m_digest(NULL), m_c14n(NULL) { - } + ContentReference(const SignableObject& signableObject); - virtual ~ContentReference() {} + virtual ~ContentReference(); /** * Given a "blank" native signature, creates signature reference @@ -86,9 +84,7 @@ namespace opensaml { * * @param digest the digest algorithm */ - void setDigestAlgorithm(const XMLCh* digest) { - m_digest = digest; - } + void setDigestAlgorithm(const XMLCh* digest); /** * Sets the canonicalization method to include in the reference, @@ -96,9 +92,7 @@ namespace opensaml { * * @param c14n the canonicalization method */ - void setCanonicalizationMethod(const XMLCh* c14n) { - m_c14n = c14n; - } + void setCanonicalizationMethod(const XMLCh* c14n); private: void addPrefixes(const std::set& namespaces); diff --git a/saml/signature/SignableObject.h b/saml/signature/SignableObject.h index 56e6d17..fac2bb3 100644 --- a/saml/signature/SignableObject.h +++ b/saml/signature/SignableObject.h @@ -38,7 +38,7 @@ namespace opensaml { class SAML_API SignableObject : public virtual xmltooling::XMLObject { public: - virtual ~SignableObject() {} + virtual ~SignableObject(); /** * Returns the enveloped Signature from the object. @@ -55,7 +55,7 @@ namespace opensaml { virtual void setSignature(xmlsignature::Signature* sig)=0; protected: - SignableObject() {} + SignableObject(); }; }; diff --git a/saml/signature/SignatureProfileValidator.cpp b/saml/signature/SignatureProfileValidator.cpp index e6f214c..0e69c44 100644 --- a/saml/signature/SignatureProfileValidator.cpp +++ b/saml/signature/SignatureProfileValidator.cpp @@ -38,6 +38,14 @@ using namespace xmlsignature; using namespace xmltooling; using namespace std; +SignatureProfileValidator::SignatureProfileValidator() +{ +} + +SignatureProfileValidator::~SignatureProfileValidator() +{ +} + void SignatureProfileValidator::validate(const XMLObject* xmlObject) const { const Signature* sigObj=dynamic_cast(xmlObject); diff --git a/saml/signature/SignatureProfileValidator.h b/saml/signature/SignatureProfileValidator.h index 0a592e0..9278610 100644 --- a/saml/signature/SignatureProfileValidator.h +++ b/saml/signature/SignatureProfileValidator.h @@ -38,8 +38,8 @@ namespace opensaml { class SAML_API SignatureProfileValidator : public virtual xmltooling::Validator { public: - SignatureProfileValidator() {} - virtual ~SignatureProfileValidator() {} + SignatureProfileValidator(); + virtual ~SignatureProfileValidator(); void validate(const xmltooling::XMLObject* xmlObject) const; diff --git a/saml/util/CommonDomainCookie.cpp b/saml/util/CommonDomainCookie.cpp index 8a7b736..42f7ff8 100644 --- a/saml/util/CommonDomainCookie.cpp +++ b/saml/util/CommonDomainCookie.cpp @@ -70,6 +70,15 @@ CommonDomainCookie::CommonDomainCookie(const char* cookie) } } +CommonDomainCookie::~CommonDomainCookie() +{ +} + +const vector& CommonDomainCookie::get() const +{ + return m_list; +} + const char* CommonDomainCookie::set(const char* entityID) { // First scan the list for this IdP. diff --git a/saml/util/CommonDomainCookie.h b/saml/util/CommonDomainCookie.h index 48dc688..1decbe8 100644 --- a/saml/util/CommonDomainCookie.h +++ b/saml/util/CommonDomainCookie.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -47,16 +47,14 @@ namespace opensaml { */ CommonDomainCookie(const char* cookie); - ~CommonDomainCookie() {} + ~CommonDomainCookie(); /** * Returns list of IdPs stored in cookie. * * @return reference to vector of entityIDs */ - const std::vector& get() const { - return m_list; - } + const std::vector& get() const; /** * Adds/moves an IdP to the front of the list. -- 2.1.4