shibsp/attribute/NameIDAttributeDecoder.cpp

   1 /**
   2  * Licensed to the University Corporation for Advanced Internet
   3  * Development, Inc. (UCAID) under one or more contributor license
   4  * agreements. See the NOTICE file distributed with this work for
   5  * additional information regarding copyright ownership.
   6  *
   7  * UCAID licenses this file to you under the Apache License,
   8  * Version 2.0 (the "License"); you may not use this file except
   9  * in compliance with the License. You may obtain a copy of the
  10  * License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
  17  * either express or implied. See the License for the specific
  18  * language governing permissions and limitations under the License.
  19  */
  20
  21 /**
  22  * NameIDAttributeDecoder.cpp
  23  *
  24  * Decodes SAML into NameIDAttributes.
  25  */
  26
  27 #include "internal.h"
  28 #include "attribute/AttributeDecoder.h"
  29 #include "attribute/NameIDAttribute.h"
  30
  31 #include <saml/saml1/core/Assertions.h>
  32 #include <saml/saml2/core/Assertions.h>
  33
  34 using namespace shibsp;
  35 using namespace opensaml::saml1;
  36 using namespace opensaml::saml2;
  37 using namespace xmltooling;
  38 using namespace std;
  39
  40 namespace shibsp {
  41     static const XMLCh formatter[] = UNICODE_LITERAL_9(f,o,r,m,a,t,t,e,r);
  42     static const XMLCh defaultQualifiers[] = UNICODE_LITERAL_17(d,e,f,a,u,l,t,Q,u,a,l,i,f,i,e,r,s);
  43
  44     class SHIBSP_DLLLOCAL NameIDAttributeDecoder : virtual public AttributeDecoder
  45     {
  46     public:
  47         NameIDAttributeDecoder(const DOMElement* e)
  48             : AttributeDecoder(e),
  49                 m_formatter(XMLHelper::getAttrString(e, nullptr, formatter)),
  50                 m_defaultQualifiers(XMLHelper::getAttrBool(e, false, defaultQualifiers)) {
  51         }
  52         ~NameIDAttributeDecoder() {}
  53
  54         shibsp::Attribute* decode(
  55             const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty=nullptr, const char* relyingParty=nullptr
  56             ) const;
  57
  58     private:
  59         void extract(
  60             const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
  61             ) const;
  62         void extract(
  63             const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
  64             ) const;
  65         string m_formatter;
  66         bool m_defaultQualifiers;
  67     };
  68
  69     AttributeDecoder* SHIBSP_DLLLOCAL NameIDAttributeDecoderFactory(const DOMElement* const & e)
  70     {
  71         return new NameIDAttributeDecoder(e);
  72     }
  73 };
  74
  75 shibsp::Attribute* NameIDAttributeDecoder::decode(
  76     const vector<string>& ids, const XMLObject* xmlObject, const char* assertingParty, const char* relyingParty
  77     ) const
  78 {
  79     auto_ptr<NameIDAttribute> nameid(
  80         new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
  81         );
  82     vector<NameIDAttribute::Value>& dest = nameid->getValues();
  83     vector<XMLObject*>::const_iterator v,stop;
  84
  85     Category& log = Category::getInstance(SHIBSP_LOGCAT".AttributeDecoder.NameID");
  86
  87     if (xmlObject && XMLString::equals(opensaml::saml1::Attribute::LOCAL_NAME,xmlObject->getElementQName().getLocalPart())) {
  88         const opensaml::saml2::Attribute* saml2attr = dynamic_cast<const opensaml::saml2::Attribute*>(xmlObject);
  89         if (saml2attr) {
  90             const vector<XMLObject*>& values = saml2attr->getAttributeValues();
  91             v = values.begin();
  92             stop = values.end();
  93             if (log.isDebugEnabled()) {
  94                 auto_ptr_char n(saml2attr->getName());
  95                 log.debug(
  96                     "decoding NameIDAttribute (%s) from SAML 2 Attribute (%s) with %lu value(s)",
  97                     ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
  98                     );
  99             }
 100         }
 101         else {
 102             const opensaml::saml1::Attribute* saml1attr = dynamic_cast<const opensaml::saml1::Attribute*>(xmlObject);
 103             if (saml1attr) {
 104                 const vector<XMLObject*>& values = saml1attr->getAttributeValues();
 105                 v = values.begin();
 106                 stop = values.end();
 107                 if (log.isDebugEnabled()) {
 108                     auto_ptr_char n(saml1attr->getAttributeName());
 109                     log.debug(
 110                         "decoding NameIDAttribute (%s) from SAML 1 Attribute (%s) with %lu value(s)",
 111                         ids.front().c_str(), n.get() ? n.get() : "unnamed", values.size()
 112                         );
 113                 }
 114             }
 115             else {
 116                 log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
 117                 return nullptr;
 118             }
 119         }
 120
 121         for (; v!=stop; ++v) {
 122             const NameIDType* n2 = dynamic_cast<const NameIDType*>(*v);
 123             if (n2) {
 124                 log.debug("decoding AttributeValue element of saml2:NameIDType type");
 125                 extract(n2, dest, assertingParty, relyingParty);
 126             }
 127             else {
 128                 const NameIdentifier* n1=dynamic_cast<const NameIdentifier*>(*v);
 129                 if (n1) {
 130                     log.debug("decoding AttributeValue element of saml1:NameIdentifier type");
 131                     extract(n1, dest, assertingParty, relyingParty);
 132                 }
 133                 else if ((*v)->hasChildren()) {
 134                     const list<XMLObject*>& values = (*v)->getOrderedChildren();
 135                     for (list<XMLObject*>::const_iterator vv = values.begin(); vv!=values.end(); ++vv) {
 136                         if (n2=dynamic_cast<const NameIDType*>(*vv)) {
 137                             log.debug("decoding saml2:NameID child element of AttributeValue");
 138                             extract(n2, dest, assertingParty, relyingParty);
 139                         }
 140                         else if (n1=dynamic_cast<const NameIdentifier*>(*vv)) {
 141                             log.debug("decoding saml1:NameIdentifier child element of AttributeValue");
 142                             extract(n1, dest, assertingParty, relyingParty);
 143                         }
 144                         else {
 145                             log.warn("skipping AttributeValue child element not recognizable as NameID/NameIdentifier");
 146                         }
 147                     }
 148                 }
 149                 else {
 150                     log.warn("AttributeValue was not of a supported type and contains no child elements");
 151                 }
 152             }
 153         }
 154
 155         return dest.empty() ? nullptr : _decode(nameid.release());
 156     }
 157
 158     const NameIDType* saml2name = dynamic_cast<const NameIDType*>(xmlObject);
 159     if (saml2name) {
 160         if (log.isDebugEnabled()) {
 161             auto_ptr_char f(saml2name->getFormat());
 162             log.debug("decoding NameIDAttribute (%s) from SAML 2 NameID with Format (%s)", ids.front().c_str(), f.get() ? f.get() : "unspecified");
 163         }
 164         extract(saml2name, dest, assertingParty, relyingParty);
 165     }
 166     else {
 167         const NameIdentifier* saml1name = dynamic_cast<const NameIdentifier*>(xmlObject);
 168         if (saml1name) {
 169             if (log.isDebugEnabled()) {
 170                 auto_ptr_char f(saml1name->getFormat());
 171                 log.debug(
 172                     "decoding NameIDAttribute (%s) from SAML 1 NameIdentifier with Format (%s)",
 173                     ids.front().c_str(), f.get() ? f.get() : "unspecified"
 174                     );
 175             }
 176             extract(saml1name, dest, assertingParty, relyingParty);
 177         }
 178         else {
 179             log.warn("XMLObject type not recognized by NameIDAttributeDecoder, no values returned");
 180             return nullptr;
 181         }
 182     }
 183
 184     return dest.empty() ? nullptr : _decode(nameid.release());
 185 }
 186
 187 void NameIDAttributeDecoder::extract(
 188     const NameIDType* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
 189     ) const
 190 {
 191     auto_arrayptr<char> name(toUTF8(n->getName()));
 192     if (name.get() && *name.get()) {
 193         dest.push_back(NameIDAttribute::Value());
 194         NameIDAttribute::Value& val = dest.back();
 195         val.m_Name = name.get();
 196         char* str = toUTF8(n->getFormat());
 197         if (str) {
 198             val.m_Format = str;
 199             delete[] str;
 200         }
 201
 202         str = toUTF8(n->getNameQualifier());
 203         if (str && *str)
 204             val.m_NameQualifier = str;
 205         else if (m_defaultQualifiers && assertingParty)
 206             val.m_NameQualifier = assertingParty;
 207         delete[] str;
 208
 209         str = toUTF8(n->getSPNameQualifier());
 210         if (str && *str)
 211             val.m_SPNameQualifier = str;
 212         else if (m_defaultQualifiers && relyingParty)
 213             val.m_SPNameQualifier = relyingParty;
 214         delete[] str;
 215
 216         str = toUTF8(n->getSPProvidedID());
 217         if (str) {
 218             val.m_SPProvidedID = str;
 219             delete[] str;
 220         }
 221     }
 222 }
 223
 224 void NameIDAttributeDecoder::extract(
 225     const NameIdentifier* n, vector<NameIDAttribute::Value>& dest, const char* assertingParty, const char* relyingParty
 226     ) const
 227 {
 228     auto_arrayptr<char> name(toUTF8(n->getName()));
 229     if (name.get() && *name.get()) {
 230         dest.push_back(NameIDAttribute::Value());
 231         NameIDAttribute::Value& val = dest.back();
 232         val.m_Name = name.get();
 233         char* str = toUTF8(n->getFormat());
 234         if (str) {
 235             val.m_Format = str;
 236             delete[] str;
 237         }
 238
 239         str = toUTF8(n->getNameQualifier());
 240         if (str && *str)
 241             val.m_NameQualifier = str;
 242         else if (m_defaultQualifiers && assertingParty)
 243             val.m_NameQualifier = assertingParty;
 244         delete[] str;
 245
 246         if (m_defaultQualifiers && relyingParty)
 247             val.m_SPNameQualifier = relyingParty;
 248     }
 249 }