From fe73576ec05a91b1133a2349c8224414a9fc6416 Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Mon, 3 Jul 2006 22:16:37 +0000 Subject: [PATCH] Reworked int/bool attribute handling. --- saml/Makefile.am | 6 +- saml/saml.vcproj | 4 ++ saml/saml1/core/impl/AssertionsImpl.cpp | 12 ++-- .../saml1/core/impl/AssertionsSchemaValidators.cpp | 5 +- saml/saml1/core/impl/ProtocolsImpl.cpp | 24 ++++--- saml/saml1/core/impl/ProtocolsSchemaValidators.cpp | 8 ++- saml/saml2/core/impl/Assertions20Impl.cpp | 7 +- .../core/impl/Assertions20SchemaValidators.cpp | 2 +- saml/saml2/metadata/impl/MetadataImpl.cpp | 77 ++++++++-------------- .../metadata/impl/MetadataSchemaValidators.cpp | 4 +- samltest/saml1/core/impl/AssertionTest.h | 2 +- 11 files changed, 78 insertions(+), 73 deletions(-) diff --git a/saml/Makefile.am b/saml/Makefile.am index 3d2b1d4..e27f6d4 100644 --- a/saml/Makefile.am +++ b/saml/Makefile.am @@ -42,7 +42,10 @@ saml2coreinclude_HEADERS = \ saml2/core/Protocols.h saml2mdinclude_HEADERS = \ - saml2/metadata/Metadata.h + saml2/metadata/Metadata.h \ + saml2/metadata/MetadataFilter.h \ + saml2/metadata/MetadataProvider.h \ + saml2/metadata/MetadataResolver.h noinst_HEADERS = \ internal.h @@ -58,6 +61,7 @@ libsaml_la_SOURCES = \ saml2/core/impl/Assertions20SchemaValidators.cpp \ saml2/core/impl/Protocols20Impl.cpp \ saml2/metadata/impl/MetadataImpl.cpp \ + saml2/metadata/impl/MetadataProvider.cpp \ saml2/metadata/impl/MetadataSchemaValidators.cpp \ signature/ContentReference.cpp \ signature/SignatureProfileValidator.cpp \ diff --git a/saml/saml.vcproj b/saml/saml.vcproj index 6bdb719..c2b6e6a 100644 --- a/saml/saml.vcproj +++ b/saml/saml.vcproj @@ -353,6 +353,10 @@ RelativePath=".\saml2\core\Assertions.h" > + + setAttributeNS(NULL,MAJORVERSION,ONE); + domElement->setAttributeNS(NULL,MAJORVERSION,XMLConstants::XML_ONE); + if (!m_MinorVersion) + const_cast(this)->m_MinorVersion=XMLString::replicate(XMLConstants::XML_ONE); MARSHALL_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); if (!m_AssertionID) const_cast(this)->m_AssertionID=SAMLConfig::getConfig().generateIdentifier(); @@ -1091,7 +1093,7 @@ namespace opensaml { void processAttribute(const DOMAttr* attribute) { static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n); if (XMLHelper::isNodeNamed(attribute,NULL,MAJORVERSION)) { - if (XMLString::parseInt(attribute->getValue()) != 1) + if (!XMLString::equals(attribute->getValue(),XMLConstants::XML_ONE)) throw UnmarshallingException("Assertion has invalid major version."); } PROC_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); diff --git a/saml/saml1/core/impl/AssertionsSchemaValidators.cpp b/saml/saml1/core/impl/AssertionsSchemaValidators.cpp index 61475c3..df178bd 100644 --- a/saml/saml1/core/impl/AssertionsSchemaValidators.cpp +++ b/saml/saml1/core/impl/AssertionsSchemaValidators.cpp @@ -113,7 +113,10 @@ namespace opensaml { ptr->getSubjectStatements().empty() && ptr->getStatements().empty()) throw ValidationException("Assertion must have at least one statement."); - if (ptr->getMinorVersion()==0 && ptr->getConditions() && !ptr->getConditions()->getDoNotCacheConditions().empty()) + pair minor=ptr->getMinorVersion(); + if (!minor.first) + throw ValidationException("Assertion must have MinorVersion"); + if (minor.second==0 && ptr->getConditions() && !ptr->getConditions()->getDoNotCacheConditions().empty()) throw ValidationException("SAML 1.0 assertions cannot contain DoNotCacheCondition elements."); END_XMLOBJECTVALIDATOR; diff --git a/saml/saml1/core/impl/ProtocolsImpl.cpp b/saml/saml1/core/impl/ProtocolsImpl.cpp index af7797b..2ea517d 100644 --- a/saml/saml1/core/impl/ProtocolsImpl.cpp +++ b/saml/saml1/core/impl/ProtocolsImpl.cpp @@ -307,7 +307,7 @@ namespace opensaml { public AbstractXMLObjectUnmarshaller { void init() { - m_MinorVersion=1; + m_MinorVersion=NULL; m_RequestID=NULL; m_IssueInstant=NULL; m_children.push_back(NULL); @@ -320,6 +320,7 @@ namespace opensaml { } public: virtual ~RequestAbstractTypeImpl() { + XMLString::release(&m_MinorVersion); XMLString::release(&m_RequestID); delete m_IssueInstant; } @@ -334,7 +335,7 @@ namespace opensaml { AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) { init(); - setMinorVersion(src.getMinorVersion()); + setMinorVersion(src.m_MinorVersion); setRequestID(src.getRequestID()); setIssueInstant(src.getIssueInstant()); if (src.getSignature()) @@ -377,8 +378,9 @@ namespace opensaml { protected: void marshallAttributes(DOMElement* domElement) const { static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n); - static const XMLCh ONE[] = { chDigit_1, chNull }; - domElement->setAttributeNS(NULL,MAJORVERSION,ONE); + domElement->setAttributeNS(NULL,MAJORVERSION,XMLConstants::XML_ONE); + if (!m_MinorVersion) + const_cast(this)->m_MinorVersion=XMLString::replicate(XMLConstants::XML_ONE); MARSHALL_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); if (!m_RequestID) const_cast(this)->m_RequestID=SAMLConfig::getConfig().generateIdentifier(); @@ -397,7 +399,7 @@ namespace opensaml { void processAttribute(const DOMAttr* attribute) { static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n); if (XMLHelper::isNodeNamed(attribute,NULL,MAJORVERSION)) { - if (XMLString::parseInt(attribute->getValue()) != 1) + if (!XMLString::equals(attribute->getValue(),XMLConstants::XML_ONE)) throw UnmarshallingException("Request has invalid major version."); } PROC_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); @@ -629,7 +631,7 @@ namespace opensaml { public AbstractXMLObjectUnmarshaller { void init() { - m_MinorVersion=1; + m_MinorVersion=NULL; m_ResponseID=NULL; m_InResponseTo=NULL; m_IssueInstant=NULL; @@ -644,6 +646,7 @@ namespace opensaml { } public: virtual ~ResponseAbstractTypeImpl() { + XMLString::release(&m_MinorVersion); XMLString::release(&m_ResponseID); XMLString::release(&m_InResponseTo); XMLString::release(&m_Recipient); @@ -660,7 +663,7 @@ namespace opensaml { AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) { init(); - setMinorVersion(src.getMinorVersion()); + setMinorVersion(src.m_MinorVersion); setResponseID(src.getResponseID()); setInResponseTo(src.getInResponseTo()); setIssueInstant(src.getIssueInstant()); @@ -700,8 +703,9 @@ namespace opensaml { protected: void marshallAttributes(DOMElement* domElement) const { static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n); - static const XMLCh ONE[] = { chDigit_1, chNull }; - domElement->setAttributeNS(NULL,MAJORVERSION,ONE); + domElement->setAttributeNS(NULL,MAJORVERSION,XMLConstants::XML_ONE); + if (!m_MinorVersion) + const_cast(this)->m_MinorVersion=XMLString::replicate(XMLConstants::XML_ONE); MARSHALL_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); if (!m_ResponseID) const_cast(this)->m_ResponseID=SAMLConfig::getConfig().generateIdentifier(); @@ -721,7 +725,7 @@ namespace opensaml { void processAttribute(const DOMAttr* attribute) { static const XMLCh MAJORVERSION[] = UNICODE_LITERAL_12(M,a,j,o,r,V,e,r,s,i,o,n); if (XMLHelper::isNodeNamed(attribute,NULL,MAJORVERSION)) { - if (XMLString::parseInt(attribute->getValue()) != 1) + if (!XMLString::equals(attribute->getValue(),XMLConstants::XML_ONE)) throw UnmarshallingException("Response has invalid major version."); } PROC_INTEGER_ATTRIB(MinorVersion,MINORVERSION,NULL); diff --git a/saml/saml1/core/impl/ProtocolsSchemaValidators.cpp b/saml/saml1/core/impl/ProtocolsSchemaValidators.cpp index ab6e67e..c52e988 100644 --- a/saml/saml1/core/impl/ProtocolsSchemaValidators.cpp +++ b/saml/saml1/core/impl/ProtocolsSchemaValidators.cpp @@ -58,7 +58,10 @@ namespace opensaml { BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Request); XMLOBJECTVALIDATOR_REQUIRE(Request,RequestID); XMLOBJECTVALIDATOR_REQUIRE(Request,IssueInstant); - int count=0; + pair minor=ptr->getMinorVersion(); + if (!minor.first) + throw ValidationException("Request must have MinorVersion"); + int count=0; if (ptr->getQuery()!=NULL) count++; if (!ptr->getAssertionIDReferences().empty()) @@ -85,6 +88,9 @@ namespace opensaml { XMLOBJECTVALIDATOR_REQUIRE(Response,ResponseID); XMLOBJECTVALIDATOR_REQUIRE(Response,IssueInstant); XMLOBJECTVALIDATOR_REQUIRE(Response,Status); + pair minor=ptr->getMinorVersion(); + if (!minor.first) + throw ValidationException("Response must have MinorVersion"); END_XMLOBJECTVALIDATOR; }; }; diff --git a/saml/saml2/core/impl/Assertions20Impl.cpp b/saml/saml2/core/impl/Assertions20Impl.cpp index 97d8eac..7b3ec9a 100644 --- a/saml/saml2/core/impl/Assertions20Impl.cpp +++ b/saml/saml2/core/impl/Assertions20Impl.cpp @@ -311,15 +311,18 @@ namespace opensaml { public AbstractXMLObjectUnmarshaller { public: - virtual ~ProxyRestrictionImpl() {} + virtual ~ProxyRestrictionImpl() { + XMLString::release(&m_Count); + } ProxyRestrictionImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType) : AbstractXMLObject(nsURI, localName, prefix, schemaType) { + m_Count=NULL; } ProxyRestrictionImpl(const ProxyRestrictionImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) { - setCount(src.getCount()); + setCount(src.m_Count); VectorOf(Audience) v=getAudiences(); for (vector::const_iterator i=src.m_Audiences.begin(); i!=src.m_Audiences.end(); i++) { if (*i) { diff --git a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp index 455ad72..69c9a56 100644 --- a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp +++ b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp @@ -65,7 +65,7 @@ namespace opensaml { BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,ProxyRestriction); if (ptr->getAudiences().empty()) { - XMLOBJECTVALIDATOR_REQUIRE(ProxyRestriction,Count); + XMLOBJECTVALIDATOR_REQUIRE_INTEGER(ProxyRestriction,Count); } END_XMLOBJECTVALIDATOR; diff --git a/saml/saml2/metadata/impl/MetadataImpl.cpp b/saml/saml2/metadata/impl/MetadataImpl.cpp index 4ff0864..9a86aab 100644 --- a/saml/saml2/metadata/impl/MetadataImpl.cpp +++ b/saml/saml2/metadata/impl/MetadataImpl.cpp @@ -690,8 +690,8 @@ namespace opensaml { class SAML_DLLLOCAL IndexedEndpointTypeImpl : public virtual IndexedEndpointType, public EndpointTypeImpl { void init() { - m_Index=0; - m_isDefault=false; + m_Index=NULL; + m_isDefault=XMLConstants::XML_BOOL_NULL; } protected: @@ -699,14 +699,16 @@ namespace opensaml { init(); } public: - virtual ~IndexedEndpointTypeImpl() {} + virtual ~IndexedEndpointTypeImpl() { + XMLString::release(&m_Index); + } IndexedEndpointTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType) : AbstractXMLObject(nsURI, localName, prefix, schemaType) {} IndexedEndpointTypeImpl(const IndexedEndpointTypeImpl& src) : AbstractXMLObject(src), EndpointTypeImpl(src) { - setIndex(src.getIndex()); - isDefault(src.isDefault()); + setIndex(src.m_Index); + isDefault(src.m_isDefault); } IMPL_XMLOBJECT_CLONE(IndexedEndpointType); @@ -720,16 +722,11 @@ namespace opensaml { void setAttribute(QName& qualifiedName, const XMLCh* value) { if (!qualifiedName.hasNamespaceURI()) { if (XMLString::equals(qualifiedName.getLocalPart(),INDEX_ATTRIB_NAME)) { - setIndex(XMLString::parseInt(value)); + setIndex(value); return; } else if (XMLString::equals(qualifiedName.getLocalPart(),ISDEFAULT_ATTRIB_NAME)) { - if (value) { - if (*value==chLatin_t || *value==chDigit_1) - isDefault(true); - else if (*value==chLatin_f || *value==chDigit_0) - isDefault(false); - } + setisDefault(value); return; } } @@ -1169,7 +1166,7 @@ namespace opensaml { list::iterator m_pos_AttributeProfile; void init() { - m_WantAuthnRequestsSigned=false; + m_WantAuthnRequestsSigned=XMLConstants::XML_BOOL_NULL; m_children.push_back(NULL); m_children.push_back(NULL); m_children.push_back(NULL); @@ -1194,7 +1191,7 @@ namespace opensaml { IDPSSODescriptorImpl(const IDPSSODescriptorImpl& src) : AbstractXMLObject(src), SSODescriptorTypeImpl(src) { init(); - WantAuthnRequestsSigned(src.WantAuthnRequestsSigned()); + WantAuthnRequestsSigned(src.m_WantAuthnRequestsSigned); VectorOf(SingleSignOnService) v=getSingleSignOnServices(); for (vector::const_iterator i=src.m_SingleSignOnServices.begin(); i!=src.m_SingleSignOnServices.end(); i++) { if (*i) { @@ -1245,12 +1242,7 @@ namespace opensaml { void setAttribute(QName& qualifiedName, const XMLCh* value) { if (!qualifiedName.hasNamespaceURI()) { if (XMLString::equals(qualifiedName.getLocalPart(),WANTAUTHNREQUESTSSIGNED_ATTRIB_NAME)) { - if (value) { - if (*value==chLatin_t || *value==chDigit_1) - WantAuthnRequestsSigned(true); - else if (*value==chLatin_f || *value==chDigit_0) - WantAuthnRequestsSigned(false); - } + setWantAuthnRequestsSigned(value); return; } } @@ -1283,7 +1275,7 @@ namespace opensaml { { void init() { m_Name=m_NameFormat=m_FriendlyName=NULL; - m_isRequired=false; + m_isRequired=XMLConstants::XML_BOOL_NULL; } public: virtual ~RequestedAttributeImpl() { @@ -1306,7 +1298,7 @@ namespace opensaml { setName(src.getName()); setNameFormat(src.getNameFormat()); setFriendlyName(src.getFriendlyName()); - isRequired(src.isRequired()); + isRequired(src.m_isRequired); VectorOf(XMLObject) v=getAttributeValues(); for (vector::const_iterator i=src.m_AttributeValues.begin(); i!=src.m_AttributeValues.end(); i++) { if (*i) { @@ -1341,12 +1333,7 @@ namespace opensaml { return; } else if (XMLString::equals(qualifiedName.getLocalPart(),ISREQUIRED_ATTRIB_NAME)) { - if (value) { - if (*value==chLatin_t || *value==chDigit_1) - isRequired(true); - else if (*value==chLatin_f || *value==chDigit_0) - isRequired(false); - } + setisRequired(value); return; } } @@ -1391,8 +1378,8 @@ namespace opensaml { list::iterator m_pos_RequestedAttribute; void init() { - m_Index=1; - m_isDefault=false; + m_Index=NULL; + m_isDefault=XMLConstants::XML_BOOL_NULL; m_children.push_back(NULL); m_children.push_back(NULL); m_pos_ServiceDescription=m_children.begin(); @@ -1401,7 +1388,9 @@ namespace opensaml { } public: - virtual ~AttributeConsumingServiceImpl() {} + virtual ~AttributeConsumingServiceImpl() { + XMLString::release(&m_Index); + } AttributeConsumingServiceImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const QName* schemaType) : AbstractXMLObject(nsURI, localName, prefix, schemaType) { @@ -1411,8 +1400,8 @@ namespace opensaml { AttributeConsumingServiceImpl(const AttributeConsumingServiceImpl& src) : AbstractXMLObject(src), AbstractDOMCachingXMLObject(src), AbstractValidatingXMLObject(src) { init(); - setIndex(src.getIndex()); - isDefault(src.isDefault()); + setIndex(src.m_Index); + isDefault(src.m_isDefault); VectorOf(ServiceName) v=getServiceNames(); for (vector::const_iterator i=src.m_ServiceNames.begin(); i!=src.m_ServiceNames.end(); i++) { if (*i) { @@ -1465,8 +1454,8 @@ namespace opensaml { list::iterator m_pos_AssertionConsumerService; void init() { - m_AuthnRequestsSigned=false; - m_WantAssertionsSigned=false; + m_AuthnRequestsSigned=XMLConstants::XML_BOOL_NULL; + m_WantAssertionsSigned=XMLConstants::XML_BOOL_NULL; m_children.push_back(NULL); m_pos_AssertionConsumerService=m_pos_NameIDFormat; ++m_pos_AssertionConsumerService; @@ -1482,8 +1471,8 @@ namespace opensaml { SPSSODescriptorImpl(const SPSSODescriptorImpl& src) : AbstractXMLObject(src), SSODescriptorTypeImpl(src) { init(); - AuthnRequestsSigned(src.AuthnRequestsSigned()); - WantAssertionsSigned(src.WantAssertionsSigned()); + AuthnRequestsSigned(src.m_AuthnRequestsSigned); + WantAssertionsSigned(src.m_WantAssertionsSigned); VectorOf(AssertionConsumerService) v=getAssertionConsumerServices(); for (vector::const_iterator i=src.m_AssertionConsumerServices.begin(); i!=src.m_AssertionConsumerServices.end(); i++) { if (*i) { @@ -1514,21 +1503,11 @@ namespace opensaml { void setAttribute(QName& qualifiedName, const XMLCh* value) { if (!qualifiedName.hasNamespaceURI()) { if (XMLString::equals(qualifiedName.getLocalPart(),AUTHNREQUESTSSIGNED_ATTRIB_NAME)) { - if (value) { - if (*value==chLatin_t || *value==chDigit_1) - AuthnRequestsSigned(true); - else if (*value==chLatin_f || *value==chDigit_0) - AuthnRequestsSigned(false); - } + setAuthnRequestsSigned(value); return; } else if (XMLString::equals(qualifiedName.getLocalPart(),WANTASSERTIONSSIGNED_ATTRIB_NAME)) { - if (value) { - if (*value==chLatin_t || *value==chDigit_1) - WantAssertionsSigned(true); - else if (*value==chLatin_f || *value==chDigit_0) - WantAssertionsSigned(false); - } + setWantAssertionsSigned(value); return; } } diff --git a/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp b/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp index d4755a3..707ac67 100644 --- a/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp +++ b/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp @@ -127,7 +127,7 @@ namespace opensaml { BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,IndexedEndpointType,EndpointType); EndpointTypeSchemaValidator::validate(xmlObject); - XMLOBJECTVALIDATOR_REQUIRE(IndexedEndpointType,Index); + XMLOBJECTVALIDATOR_REQUIRE_INTEGER(IndexedEndpointType,Index); END_XMLOBJECTVALIDATOR; BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ArtifactResolutionService,IndexedEndpointType); @@ -172,7 +172,7 @@ namespace opensaml { END_XMLOBJECTVALIDATOR; BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,AttributeConsumingService); - XMLOBJECTVALIDATOR_REQUIRE(AttributeConsumingService,Index); + XMLOBJECTVALIDATOR_REQUIRE_INTEGER(AttributeConsumingService,Index); XMLOBJECTVALIDATOR_NONEMPTY(AttributeConsumingService,ServiceName); XMLOBJECTVALIDATOR_NONEMPTY(AttributeConsumingService,RequestedAttribute); END_XMLOBJECTVALIDATOR; diff --git a/samltest/saml1/core/impl/AssertionTest.h b/samltest/saml1/core/impl/AssertionTest.h index 1f65eec..7387e34 100644 --- a/samltest/saml1/core/impl/AssertionTest.h +++ b/samltest/saml1/core/impl/AssertionTest.h @@ -68,7 +68,7 @@ public: TSM_ASSERT_SAME_DATA("Issuer attribute", expectedIssuer, assertion.getIssuer(), XMLString::stringLen(expectedIssuer)); TSM_ASSERT_SAME_DATA("IssueInstant attribute", expectedIssueInstant, assertion.getIssueInstant()->getRawData(), XMLString::stringLen(expectedIssueInstant)); TSM_ASSERT_SAME_DATA("ID attribute", expectedID, assertion.getAssertionID(), XMLString::stringLen(expectedID)); - TSM_ASSERT_EQUALS("Issuer expectedMinorVersion", expectedMinorVersion, assertion.getMinorVersion()); + TSM_ASSERT_EQUALS("Issuer expectedMinorVersion", expectedMinorVersion, assertion.getMinorVersion().second); TSM_ASSERT("Conditions element", assertion.getConditions()==NULL); TSM_ASSERT("Advice element", assertion.getAdvice()==NULL); -- 2.1.4