2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
24 * A function that evaluates whether an expressed criteria is met by the current filter context.
28 #include "attribute/filtering/FilterPolicyContext.h"
29 #include "attribute/filtering/MatchFunctor.h"
30 #include "util/SPConstants.h"
32 #include <xercesc/util/XMLUniDefs.hpp>
34 using namespace shibsp;
35 using namespace xmltooling;
38 #define DECL_FACTORY(name) \
39 SHIBSP_DLLLOCAL PluginManager< MatchFunctor,xmltooling::QName,pair<const FilterPolicyContext*,const DOMElement*> >::Factory name##Factory
41 #define DECL_BASIC_QNAME(name,lit) \
42 xmltooling::QName shibsp::name##Type(shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, lit)
44 #define DECL_SAML_QNAME(name,lit) \
45 xmltooling::QName shibsp::name##Type(shibspconstants::SHIB2ATTRIBUTEFILTER_MF_SAML_NS, lit)
47 #define REGISTER_FACTORY(name) \
48 mgr.registerFactory(name##Type, name##Factory)
51 DECL_FACTORY(AnyMatchFunctor);
52 DECL_FACTORY(AndMatchFunctor);
53 DECL_FACTORY(OrMatchFunctor);
54 DECL_FACTORY(NotMatchFunctor);
55 DECL_FACTORY(AttributeIssuerString);
56 DECL_FACTORY(AttributeRequesterString);
57 DECL_FACTORY(AuthenticationMethodString);
58 DECL_FACTORY(AttributeValueString);
59 DECL_FACTORY(AttributeScopeString);
60 DECL_FACTORY(AttributeIssuerRegex);
61 DECL_FACTORY(AttributeRequesterRegex);
62 DECL_FACTORY(AuthenticationMethodRegex);
63 DECL_FACTORY(AttributeValueRegex);
64 DECL_FACTORY(AttributeScopeRegex);
65 DECL_FACTORY(NumberOfAttributeValues);
66 DECL_FACTORY(AttributeIssuerInEntityGroup);
67 DECL_FACTORY(AttributeRequesterInEntityGroup);
68 DECL_FACTORY(AttributeScopeMatchesShibMDScope);
69 DECL_FACTORY(NameIDQualifierString);
72 static const XMLCh ANY[] = UNICODE_LITERAL_3(A,N,Y);
73 static const XMLCh AND[] = UNICODE_LITERAL_3(A,N,D);
74 static const XMLCh OR[] = UNICODE_LITERAL_2(O,R);
75 static const XMLCh NOT[] = UNICODE_LITERAL_3(N,O,T);
76 static const XMLCh AttributeIssuerString[] = UNICODE_LITERAL_21(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,S,t,r,i,n,g);
77 static const XMLCh AttributeRequesterString[] = UNICODE_LITERAL_24(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,S,t,r,i,n,g);
78 static const XMLCh AuthenticationMethodString[] = UNICODE_LITERAL_26(A,u,t,h,e,n,t,i,c,a,t,i,o,n,M,e,t,h,o,d,S,t,r,i,n,g);
79 static const XMLCh AttributeValueString[] = UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,V,a,l,u,e,S,t,r,i,n,g);
80 static const XMLCh AttributeScopeString[] = UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,S,c,o,p,e,S,t,r,i,n,g);
81 static const XMLCh AttributeIssuerRegex[] = UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,R,e,g,e,x);
82 static const XMLCh AttributeRequesterRegex[] = UNICODE_LITERAL_23(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,R,e,g,e,x);
83 static const XMLCh AuthenticationMethodRegex[] = UNICODE_LITERAL_25(A,u,t,h,e,n,t,i,c,a,t,i,o,n,M,e,t,h,o,d,R,e,g,e,x);
84 static const XMLCh AttributeValueRegex[] = UNICODE_LITERAL_19(A,t,t,r,i,b,u,t,e,V,a,l,u,e,R,e,g,e,x);
85 static const XMLCh AttributeScopeRegex[] = UNICODE_LITERAL_19(A,t,t,r,i,b,u,t,e,S,c,o,p,e,R,e,g,e,x);
86 static const XMLCh NumberOfAttributeValues[] = UNICODE_LITERAL_23(N,u,m,b,e,r,O,f,A,t,t,r,i,b,u,t,e,V,a,l,u,e,s);
87 static const XMLCh AttributeIssuerInEntityGroup[] = UNICODE_LITERAL_28(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
88 static const XMLCh AttributeRequesterInEntityGroup[] = UNICODE_LITERAL_31(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
89 static const XMLCh AttributeScopeMatchesShibMDScope[] = UNICODE_LITERAL_32(A,t,t,r,i,b,u,t,e,S,c,o,p,e,M,a,t,c,h,e,s,S,h,i,b,M,D,S,c,o,p,e);
90 static const XMLCh NameIDQualifierString[] = UNICODE_LITERAL_21(N,a,m,e,I,D,Q,u,a,l,i,f,i,e,r,S,t,r,i,n,g);
93 DECL_BASIC_QNAME(AnyMatchFunctor, ANY);
94 DECL_BASIC_QNAME(AndMatchFunctor, AND);
95 DECL_BASIC_QNAME(OrMatchFunctor, OR);
96 DECL_BASIC_QNAME(NotMatchFunctor, NOT);
97 DECL_BASIC_QNAME(AttributeIssuerString, AttributeIssuerString);
98 DECL_BASIC_QNAME(AttributeRequesterString, AttributeRequesterString);
99 DECL_BASIC_QNAME(AuthenticationMethodString, AuthenticationMethodString);
100 DECL_BASIC_QNAME(AttributeValueString, AttributeValueString);
101 DECL_BASIC_QNAME(AttributeScopeString, AttributeScopeString);
102 DECL_BASIC_QNAME(AttributeIssuerRegex, AttributeIssuerRegex);
103 DECL_BASIC_QNAME(AttributeRequesterRegex, AttributeRequesterRegex);
104 DECL_BASIC_QNAME(AuthenticationMethodRegex, AuthenticationMethodRegex);
105 DECL_BASIC_QNAME(AttributeValueRegex, AttributeValueRegex);
106 DECL_BASIC_QNAME(AttributeScopeRegex, AttributeScopeRegex);
107 DECL_BASIC_QNAME(NumberOfAttributeValues, NumberOfAttributeValues);
108 DECL_SAML_QNAME(AttributeIssuerInEntityGroup, AttributeIssuerInEntityGroup);
109 DECL_SAML_QNAME(AttributeRequesterInEntityGroup, AttributeRequesterInEntityGroup);
110 DECL_SAML_QNAME(AttributeScopeMatchesShibMDScope, AttributeScopeMatchesShibMDScope);
111 DECL_SAML_QNAME(NameIDQualifierString, NameIDQualifierString);
113 void SHIBSP_API shibsp::registerMatchFunctors()
115 PluginManager< MatchFunctor,xmltooling::QName,pair<const FilterPolicyContext*,const DOMElement*> >& mgr =
116 SPConfig::getConfig().MatchFunctorManager;
117 REGISTER_FACTORY(AnyMatchFunctor);
118 REGISTER_FACTORY(AndMatchFunctor);
119 REGISTER_FACTORY(OrMatchFunctor);
120 REGISTER_FACTORY(NotMatchFunctor);
121 REGISTER_FACTORY(AttributeIssuerString);
122 REGISTER_FACTORY(AttributeRequesterString);
123 REGISTER_FACTORY(AuthenticationMethodString);
124 REGISTER_FACTORY(AttributeValueString);
125 REGISTER_FACTORY(AttributeScopeString);
126 REGISTER_FACTORY(AttributeIssuerRegex);
127 REGISTER_FACTORY(AttributeRequesterRegex);
128 REGISTER_FACTORY(AuthenticationMethodRegex);
129 REGISTER_FACTORY(AttributeValueRegex);
130 REGISTER_FACTORY(AttributeScopeRegex);
131 REGISTER_FACTORY(NumberOfAttributeValues);
132 REGISTER_FACTORY(AttributeIssuerInEntityGroup);
133 REGISTER_FACTORY(AttributeRequesterInEntityGroup);
134 REGISTER_FACTORY(AttributeScopeMatchesShibMDScope);
135 REGISTER_FACTORY(NameIDQualifierString);
138 MatchFunctor::MatchFunctor()
142 MatchFunctor::~MatchFunctor()
146 FilterPolicyContext::FilterPolicyContext(multimap<string,MatchFunctor*>& functors) : m_functors(functors)
150 FilterPolicyContext::~FilterPolicyContext()
154 multimap<string,MatchFunctor*>& FilterPolicyContext::getMatchFunctors() const