shibsp/attribute/filtering/impl/MatchFunctor.cpp

   1 /**
   2  * Licensed to the University Corporation for Advanced Internet
   3  * Development, Inc. (UCAID) under one or more contributor license
   4  * agreements. See the NOTICE file distributed with this work for
   5  * additional information regarding copyright ownership.
   6  *
   7  * UCAID licenses this file to you under the Apache License,
   8  * Version 2.0 (the "License"); you may not use this file except
   9  * in compliance with the License. You may obtain a copy of the
  10  * License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
  17  * either express or implied. See the License for the specific
  18  * language governing permissions and limitations under the License.
  19  */
  20
  21 /**
  22  * MatchFunctor.cpp
  23  *
  24  * A function that evaluates whether an expressed criteria is met by the current filter context.
  25  */
  26
  27 #include "internal.h"
  28 #include "attribute/filtering/FilterPolicyContext.h"
  29 #include "attribute/filtering/MatchFunctor.h"
  30 #include "util/SPConstants.h"
  31
  32 #include <xercesc/util/XMLUniDefs.hpp>
  33
  34 using namespace shibsp;
  35 using namespace xmltooling;
  36 using namespace std;
  37
  38 #define DECL_FACTORY(name) \
  39     SHIBSP_DLLLOCAL PluginManager< MatchFunctor,xmltooling::QName,pair<const FilterPolicyContext*,const DOMElement*> >::Factory name##Factory
  40
  41 #define DECL_BASIC_QNAME(name,lit) \
  42     xmltooling::QName shibsp::name##Type(shibspconstants::SHIB2ATTRIBUTEFILTER_MF_BASIC_NS, lit)
  43
  44 #define DECL_SAML_QNAME(name,lit) \
  45     xmltooling::QName shibsp::name##Type(shibspconstants::SHIB2ATTRIBUTEFILTER_MF_SAML_NS, lit)
  46
  47 #define REGISTER_FACTORY(name) \
  48     mgr.registerFactory(name##Type, name##Factory)
  49
  50 namespace shibsp {
  51     DECL_FACTORY(AnyMatchFunctor);
  52     DECL_FACTORY(AndMatchFunctor);
  53     DECL_FACTORY(OrMatchFunctor);
  54     DECL_FACTORY(NotMatchFunctor);
  55     DECL_FACTORY(AttributeIssuerString);
  56     DECL_FACTORY(AttributeRequesterString);
  57     DECL_FACTORY(AuthenticationMethodString);
  58     DECL_FACTORY(AttributeValueString);
  59     DECL_FACTORY(AttributeScopeString);
  60     DECL_FACTORY(AttributeIssuerRegex);
  61     DECL_FACTORY(AttributeRequesterRegex);
  62     DECL_FACTORY(AuthenticationMethodRegex);
  63     DECL_FACTORY(AttributeValueRegex);
  64     DECL_FACTORY(AttributeScopeRegex);
  65     DECL_FACTORY(NumberOfAttributeValues);
  66     DECL_FACTORY(AttributeIssuerInEntityGroup);
  67     DECL_FACTORY(AttributeRequesterInEntityGroup);
  68     DECL_FACTORY(AttributeIssuerEntityAttributeExactMatch);
  69     DECL_FACTORY(AttributeRequesterEntityAttributeExactMatch);
  70     DECL_FACTORY(AttributeIssuerEntityAttributeRegexMatch);
  71     DECL_FACTORY(AttributeRequesterEntityAttributeRegexMatch);
  72     DECL_FACTORY(AttributeIssuerEntityMatcher);
  73     DECL_FACTORY(AttributeRequesterEntityMatcher);
  74     DECL_FACTORY(AttributeScopeMatchesShibMDScope);
  75     DECL_FACTORY(AttributeValueMatchesShibMDScope);
  76     DECL_FACTORY(NameIDQualifierString);
  77     DECL_FACTORY(AttributeIssuerRegistrationAuthority);
  78     DECL_FACTORY(RegistrationAuthority);
  79
  80
  81     static const XMLCh ANY[] =                          UNICODE_LITERAL_3(A,N,Y);
  82     static const XMLCh AND[] =                          UNICODE_LITERAL_3(A,N,D);
  83     static const XMLCh OR[] =                           UNICODE_LITERAL_2(O,R);
  84     static const XMLCh NOT[] =                          UNICODE_LITERAL_3(N,O,T);
  85     static const XMLCh AttributeIssuerString[] =        UNICODE_LITERAL_21(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,S,t,r,i,n,g);
  86     static const XMLCh AttributeRequesterString[] =     UNICODE_LITERAL_24(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,S,t,r,i,n,g);
  87     static const XMLCh AuthenticationMethodString[] =   UNICODE_LITERAL_26(A,u,t,h,e,n,t,i,c,a,t,i,o,n,M,e,t,h,o,d,S,t,r,i,n,g);
  88     static const XMLCh AttributeValueString[] =         UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,V,a,l,u,e,S,t,r,i,n,g);
  89     static const XMLCh AttributeScopeString[] =         UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,S,c,o,p,e,S,t,r,i,n,g);
  90     static const XMLCh AttributeIssuerRegex[] =         UNICODE_LITERAL_20(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,R,e,g,e,x);
  91     static const XMLCh AttributeRequesterRegex[] =      UNICODE_LITERAL_23(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,R,e,g,e,x);
  92     static const XMLCh AuthenticationMethodRegex[] =    UNICODE_LITERAL_25(A,u,t,h,e,n,t,i,c,a,t,i,o,n,M,e,t,h,o,d,R,e,g,e,x);
  93     static const XMLCh AttributeValueRegex[] =          UNICODE_LITERAL_19(A,t,t,r,i,b,u,t,e,V,a,l,u,e,R,e,g,e,x);
  94     static const XMLCh AttributeScopeRegex[] =          UNICODE_LITERAL_19(A,t,t,r,i,b,u,t,e,S,c,o,p,e,R,e,g,e,x);
  95     static const XMLCh NumberOfAttributeValues[] =      UNICODE_LITERAL_23(N,u,m,b,e,r,O,f,A,t,t,r,i,b,u,t,e,V,a,l,u,e,s);
  96     static const XMLCh AttributeIssuerInEntityGroup[] = UNICODE_LITERAL_28(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
  97     static const XMLCh AttributeRequesterInEntityGroup[] = UNICODE_LITERAL_31(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,I,n,E,n,t,i,t,y,G,r,o,u,p);
  98     static const XMLCh InEntityGroup[] =                                UNICODE_LITERAL_13(I,n,E,n,t,i,t,y,G,r,o,u,p);
  99     static const XMLCh AttributeIssuerEntityAttributeExactMatch[] = UNICODE_LITERAL_40(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,E,x,a,c,t,M,a,t,c,h);
 100     static const XMLCh AttributeRequesterEntityAttributeExactMatch[] = UNICODE_LITERAL_43(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,E,x,a,c,t,M,a,t,c,h);
 101     static const XMLCh EntityAttributeExactMatch[] =    UNICODE_LITERAL_25(E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,E,x,a,c,t,M,a,t,c,h);
 102     static const XMLCh AttributeIssuerEntityAttributeRegexMatch[] = UNICODE_LITERAL_40(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,R,e,g,e,x,M,a,t,c,h);
 103     static const XMLCh AttributeRequesterEntityAttributeRegexMatch[] = UNICODE_LITERAL_43(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,R,e,g,e,x,M,a,t,c,h);
 104     static const XMLCh EntityAttributeRegexMatch[] =    UNICODE_LITERAL_25(E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,R,e,g,e,x,M,a,t,c,h);
 105     static const XMLCh AttributeIssuerEntityMatcher[] = UNICODE_LITERAL_28(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,E,n,t,i,t,y,M,a,t,c,h,e,r);
 106     static const XMLCh AttributeRequesterEntityMatcher[] = UNICODE_LITERAL_31(A,t,t,r,i,b,u,t,e,R,e,q,u,e,s,t,e,r,E,n,t,i,t,y,M,a,t,c,h,e,r);
 107     static const XMLCh AttributeScopeMatchesShibMDScope[] = UNICODE_LITERAL_32(A,t,t,r,i,b,u,t,e,S,c,o,p,e,M,a,t,c,h,e,s,S,h,i,b,M,D,S,c,o,p,e);
 108     static const XMLCh AttributeValueMatchesShibMDScope[] = UNICODE_LITERAL_32(A,t,t,r,i,b,u,t,e,V,a,l,u,e,M,a,t,c,h,e,s,S,h,i,b,M,D,S,c,o,p,e);
 109     static const XMLCh NameIDQualifierString[] =        UNICODE_LITERAL_21(N,a,m,e,I,D,Q,u,a,l,i,f,i,e,r,S,t,r,i,n,g);
 110     static const XMLCh AttributeIssuerRegistrationAuthority[] = UNICODE_LITERAL_36(A,t,t,r,i,b,u,t,e,I,s,s,u,e,r,R,e,g,i,s,t,r,a,t,i,o,n,A,u,t,h,o,r,i,t,y);
 111     static const XMLCh RegistrationAuthority[] =        UNICODE_LITERAL_21(R,e,g,i,s,t,r,a,t,i,o,n,A,u,t,h,o,r,i,t,y);
 112 };
 113
 114 DECL_BASIC_QNAME(AnyMatchFunctor, ANY);
 115 DECL_BASIC_QNAME(AndMatchFunctor, AND);
 116 DECL_BASIC_QNAME(OrMatchFunctor, OR);
 117 DECL_BASIC_QNAME(NotMatchFunctor, NOT);
 118 DECL_BASIC_QNAME(AttributeIssuerString, AttributeIssuerString);
 119 DECL_BASIC_QNAME(AttributeRequesterString, AttributeRequesterString);
 120 DECL_BASIC_QNAME(AuthenticationMethodString, AuthenticationMethodString);
 121 DECL_BASIC_QNAME(AttributeValueString, AttributeValueString);
 122 DECL_BASIC_QNAME(AttributeScopeString, AttributeScopeString);
 123 DECL_BASIC_QNAME(AttributeIssuerRegex, AttributeIssuerRegex);
 124 DECL_BASIC_QNAME(AttributeRequesterRegex, AttributeRequesterRegex);
 125 DECL_BASIC_QNAME(AuthenticationMethodRegex, AuthenticationMethodRegex);
 126 DECL_BASIC_QNAME(AttributeValueRegex, AttributeValueRegex);
 127 DECL_BASIC_QNAME(AttributeScopeRegex, AttributeScopeRegex);
 128 DECL_BASIC_QNAME(NumberOfAttributeValues, NumberOfAttributeValues);
 129 DECL_SAML_QNAME(AttributeIssuerInEntityGroup, AttributeIssuerInEntityGroup);
 130 DECL_SAML_QNAME(AttributeRequesterInEntityGroup, AttributeRequesterInEntityGroup);
 131 DECL_SAML_QNAME(InEntityGroup, InEntityGroup);
 132 DECL_SAML_QNAME(AttributeIssuerEntityAttributeExactMatch, AttributeIssuerEntityAttributeExactMatch);
 133 DECL_SAML_QNAME(AttributeRequesterEntityAttributeExactMatch, AttributeRequesterEntityAttributeExactMatch);
 134 DECL_SAML_QNAME(EntityAttributeExactMatch, EntityAttributeExactMatch);
 135 DECL_SAML_QNAME(AttributeIssuerEntityAttributeRegexMatch, AttributeIssuerEntityAttributeRegexMatch);
 136 DECL_SAML_QNAME(AttributeRequesterEntityAttributeRegexMatch, AttributeRequesterEntityAttributeRegexMatch);
 137 DECL_SAML_QNAME(EntityAttributeRegexMatch, EntityAttributeRegexMatch);
 138 DECL_SAML_QNAME(AttributeIssuerEntityMatcher, AttributeIssuerEntityMatcher);
 139 DECL_SAML_QNAME(AttributeRequesterEntityMatcher, AttributeRequesterEntityMatcher);
 140 DECL_SAML_QNAME(AttributeScopeMatchesShibMDScope, AttributeScopeMatchesShibMDScope);
 141 DECL_SAML_QNAME(AttributeValueMatchesShibMDScope, AttributeValueMatchesShibMDScope);
 142 DECL_SAML_QNAME(NameIDQualifierString, NameIDQualifierString);
 143 DECL_SAML_QNAME(AttributeIssuerRegistrationAuthority, AttributeIssuerRegistrationAuthority);
 144 DECL_SAML_QNAME(RegistrationAuthority, RegistrationAuthority);
 145
 146 void SHIBSP_API shibsp::registerMatchFunctors()
 147 {
 148     PluginManager< MatchFunctor,xmltooling::QName,pair<const FilterPolicyContext*,const DOMElement*> >& mgr =
 149         SPConfig::getConfig().MatchFunctorManager;
 150     REGISTER_FACTORY(AnyMatchFunctor);
 151     REGISTER_FACTORY(AndMatchFunctor);
 152     REGISTER_FACTORY(OrMatchFunctor);
 153     REGISTER_FACTORY(NotMatchFunctor);
 154     REGISTER_FACTORY(AttributeIssuerString);
 155     REGISTER_FACTORY(AttributeRequesterString);
 156     REGISTER_FACTORY(AuthenticationMethodString);
 157     REGISTER_FACTORY(AttributeValueString);
 158     REGISTER_FACTORY(AttributeScopeString);
 159     REGISTER_FACTORY(AttributeIssuerRegex);
 160     REGISTER_FACTORY(AttributeRequesterRegex);
 161     REGISTER_FACTORY(AuthenticationMethodRegex);
 162     REGISTER_FACTORY(AttributeValueRegex);
 163     REGISTER_FACTORY(AttributeScopeRegex);
 164     REGISTER_FACTORY(NumberOfAttributeValues);
 165     REGISTER_FACTORY(AttributeIssuerInEntityGroup);
 166     REGISTER_FACTORY(AttributeRequesterInEntityGroup);
 167     REGISTER_FACTORY(AttributeIssuerEntityAttributeExactMatch);
 168     REGISTER_FACTORY(AttributeRequesterEntityAttributeExactMatch);
 169     REGISTER_FACTORY(AttributeIssuerEntityAttributeRegexMatch);
 170     REGISTER_FACTORY(AttributeRequesterEntityAttributeRegexMatch);
 171     REGISTER_FACTORY(AttributeIssuerEntityMatcher);
 172     REGISTER_FACTORY(AttributeRequesterEntityMatcher);
 173     REGISTER_FACTORY(AttributeScopeMatchesShibMDScope);
 174     REGISTER_FACTORY(AttributeValueMatchesShibMDScope);
 175     REGISTER_FACTORY(NameIDQualifierString);
 176     REGISTER_FACTORY(AttributeIssuerRegistrationAuthority);
 177     REGISTER_FACTORY(RegistrationAuthority);
 178
 179     mgr.registerFactory(EntityAttributeExactMatchType, AttributeRequesterEntityAttributeExactMatchFactory);
 180     mgr.registerFactory(EntityAttributeRegexMatchType, AttributeRequesterEntityAttributeRegexMatchFactory);
 181     mgr.registerFactory(InEntityGroup, AttributeRequesterInEntityGroupFactory);
 182 }
 183
 184 MatchFunctor::MatchFunctor()
 185 {
 186 }
 187
 188 MatchFunctor::~MatchFunctor()
 189 {
 190 }
 191
 192 FilterPolicyContext::FilterPolicyContext(multimap<string,MatchFunctor*>& functors) : m_functors(functors)
 193 {
 194 }
 195
 196 FilterPolicyContext::~FilterPolicyContext()
 197 {
 198 }
 199
 200 multimap<string,MatchFunctor*>& FilterPolicyContext::getMatchFunctors() const
 201 {
 202     return m_functors;
 203 }