2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * Base64AttributeDecoder.cpp
24 * Decodes SAML containing base64-encoded values into SimpleAttributes.
28 #include "attribute/AttributeDecoder.h"
29 #include "attribute/SimpleAttribute.h"
31 #include <saml/saml1/core/Assertions.h>
32 #include <saml/saml2/core/Assertions.h>
34 #include <xercesc/util/Base64.hpp>
36 using namespace shibsp;
37 using namespace opensaml::saml1;
38 using namespace opensaml::saml2;
39 using namespace xmltooling::logging;
40 using namespace xmltooling;
44 class SHIBSP_DLLLOCAL Base64AttributeDecoder : virtual public AttributeDecoder
47 Base64AttributeDecoder(const DOMElement* e) : AttributeDecoder(e) {}
48 ~Base64AttributeDecoder() {}
51 shibsp::Attribute* decode(
52 const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=nullptr, const char* relyingParty=nullptr
54 return decode(nullptr, ids, xmlObject, assertingParty, relyingParty);
57 shibsp::Attribute* decode(
58 const GenericRequest*, const vector<string>&, const XMLObject*, const char* assertingParty=nullptr, const char* relyingParty=nullptr
62 AttributeDecoder* SHIBSP_DLLLOCAL Base64AttributeDecoderFactory(const DOMElement* const & e)
64 return new Base64AttributeDecoder(e);
68 shibsp::Attribute* Base64AttributeDecoder::decode(
69 const GenericRequest* request, const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
72 auto_ptr<SimpleAttribute> simple(new SimpleAttribute(ids));
73 vector<string>& dest = simple->getValues();
74 pair<vector<XMLObject*>::const_iterator,vector<XMLObject*>::const_iterator> valrange;
76 Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.Base64");
78 if (xmlObject && XMLString::equals(opensaml::saml1::Attribute::LOCAL_NAME,xmlObject->getElementQName().getLocalPart())) {
79 const opensaml::saml2::Attribute* saml2attr = dynamic_cast<const opensaml::saml2::Attribute*>(xmlObject);
81 const vector<XMLObject*>& values = saml2attr->getAttributeValues();
82 valrange = valueRange(request, values);
83 if (log.isDebugEnabled()) {
84 auto_ptr_char n(saml2attr->getName());
86 "decoding SimpleAttribute (%s) from SAML 2 Attribute (%s) with %lu base64-encoded value(s)",
87 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
92 const opensaml::saml1::Attribute* saml1attr = dynamic_cast<const opensaml::saml1::Attribute*>(xmlObject);
94 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
95 valrange = valueRange(request, values);
96 if (log.isDebugEnabled()) {
97 auto_ptr_char n(saml1attr->getAttributeName());
99 "decoding SimpleAttribute (%s) from SAML 1 Attribute (%s) with %lu base64-encoded value(s)",
100 ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
105 log.warn("XMLObject type not recognized by Base64AttributeDecoder, no values returned");
110 for (; valrange.first != valrange.second; ++valrange.first) {
111 if (!(*valrange.first)->hasChildren()) {
112 auto_ptr_char val((*valrange.first)->getTextContent());
113 if (val.get() && *val.get()) {
115 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
117 dest.push_back(reinterpret_cast<char*>(decoded));
118 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
119 XMLString::release(&decoded);
121 XMLString::release((char**)&decoded);
125 log.warn("skipping AttributeValue, unable to base64-decode");
129 log.warn("skipping empty AttributeValue");
132 log.warn("skipping complex AttributeValue");
136 return dest.empty() ? nullptr : _decode(simple.release());
139 const NameID* saml2name = dynamic_cast<const NameID*>(xmlObject);
141 if (log.isDebugEnabled()) {
142 auto_ptr_char f(saml2name->getFormat());
143 log.debug("decoding SimpleAttribute (%s) from SAML 2 NameID with Format (%s)", ids.front().c_str(), f.get() ? f.get() : "unspecified");
145 auto_ptr_char val(saml2name->getName());
146 if (val.get() && *val.get()) {
148 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
150 dest.push_back(reinterpret_cast<char*>(decoded));
151 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
152 XMLString::release(&decoded);
154 XMLString::release((char**)&decoded);
158 log.warn("ignoring NameID, unable to base64-decode");
162 log.warn("ignoring empty NameID");
165 const NameIdentifier* saml1name = dynamic_cast<const NameIdentifier*>(xmlObject);
167 if (log.isDebugEnabled()) {
168 auto_ptr_char f(saml1name->getFormat());
170 "decoding SimpleAttribute (%s) from SAML 1 NameIdentifier with Format (%s)",
171 ids.front().c_str(), f.get() ? f.get() : "unspecified"
174 auto_ptr_char val(saml1name->getName());
175 if (val.get() && *val.get()) {
177 XMLByte* decoded=Base64::decode(reinterpret_cast<const XMLByte*>(val.get()),&x);
179 dest.push_back(reinterpret_cast<char*>(decoded));
180 #ifdef SHIBSP_XERCESC_HAS_XMLBYTE_RELEASE
181 XMLString::release(&decoded);
183 XMLString::release((char**)&decoded);
187 log.warn("ignoring NameIdentifier, unable to base64-decode");
191 log.warn("ignoring empty NameIdentifier");
194 log.warn("XMLObject type not recognized by Base64AttributeDecoder, no values returned");
199 return dest.empty() ? nullptr : _decode(simple.release());