2 * Copyright 2001-2005 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 # define _CRT_NONSTDC_NO_DEPRECATE 1
19 # define _CRT_SECURE_NO_DEPRECATE 1
22 #include <shib-target/shib-target.h>
23 #include <shibsp/SPConfig.h>
24 #include <shibsp/SPConstants.h>
26 using namespace shibsp;
27 using namespace shibtarget;
28 using namespace shibboleth;
32 int main(int argc,char* argv[])
41 for (int i=1; i<argc; i++) {
42 if (!strcmp(argv[i],"-c") && i+1<argc)
44 else if (!strcmp(argv[i],"-d") && i+1<argc)
46 else if (!strcmp(argv[i],"-h") && i+1<argc)
48 else if (!strcmp(argv[i],"-q") && i+1<argc)
50 else if (!strcmp(argv[i],"-f") && i+1<argc)
52 else if (!strcmp(argv[i],"-a") && i+1<argc)
56 if (!h_param || !q_param) {
57 cerr << "usage: shibtest -h <handle> -q <origin_site> [-f <format URI> -a <application_id> -d <schema path> -c <config>]" << endl;
62 path=getenv("SHIBSCHEMAS");
66 config=getenv("SHIBCONFIG");
72 ShibTargetConfig& conf=ShibTargetConfig::getConfig();
73 SPConfig::getConfig().setFeatures(
76 SPConfig::Credentials |
78 SPConfig::OutOfProcess |
81 if (!conf.init(path) || !conf.load(config))
85 const IApplication* app=conf.getINI()->getApplication(a_param);
87 throw SAMLException("specified <Application> section not found in configuration");
89 auto_ptr_XMLCh domain(q_param);
90 auto_ptr_XMLCh handle(h_param);
91 auto_ptr_XMLCh format(f_param);
92 auto_ptr_XMLCh resource(app->getString("providerId").second);
94 auto_ptr<SAMLRequest> req(
96 new SAMLAttributeQuery(
98 new SAMLNameIdentifier(
101 format.get() ? format.get() : shibspconstants::SHIB1_NAMEID_FORMAT_URI
105 app->getAttributeDesignators().clone()
110 Metadata m(app->getMetadataProviders());
111 const IEntityDescriptor* site=m.lookup(domain.get());
113 throw SAMLException("Unable to locate specified origin site's metadata.");
115 // Try to locate an AA role.
116 const IAttributeAuthorityDescriptor* AA=site->getAttributeAuthorityDescriptor(saml::XML::SAML11_PROTOCOL_ENUM);
118 throw SAMLException("Unable to locate metadata for origin site's Attribute Authority.");
120 ShibHTTPHook::ShibHTTPHookCallContext ctx(app->getCredentialUse(site),AA);
121 Trust t(app->getTrustProviders());
123 SAMLResponse* response=NULL;
124 Iterator<const IEndpoint*> endpoints=AA->getAttributeServiceManager()->getEndpoints();
125 while (!response && endpoints.hasNext()) {
126 const IEndpoint* ep=endpoints.next();
128 // Get a binding object for this protocol.
129 const SAMLBinding* binding = app->getBinding(ep->getBinding());
133 auto_ptr<SAMLResponse> r(binding->send(ep->getLocation(), *(req.get()), &ctx));
134 if (r->isSigned() && !t.validate(*r,AA))
135 throw TrustException("unable to verify signed response");
136 response = r.release();
138 catch (SAMLException&) {
143 throw SAMLException("unable to successfully query for attributes");
145 // Run it through the AAP. Note that we could end up with an empty response!
146 Iterator<SAMLAssertion*> a=response->getAssertions();
147 for (unsigned long c=0; c < a.size();) {
149 AAP::apply(app->getAAPProviders(),*(a[c]),site);
152 catch (SAMLException&) {
153 response->removeAssertion(c);
157 Iterator<SAMLAssertion*> i=response->getAssertions();
160 SAMLAssertion* a=i.next();
161 cout << "Issuer: "; xmlout(cout,a->getIssuer()); cout << endl;
162 const SAMLDateTime* exp=a->getNotOnOrAfter();
165 xmlout(cout,exp->getRawData());
170 Iterator<SAMLStatement*> j=a->getStatements();
173 SAMLAttributeStatement* s=dynamic_cast<SAMLAttributeStatement*>(j.next());
176 const SAMLNameIdentifier* sub=s->getSubject()->getNameIdentifier();
177 cout << "Format: "; xmlout(cout,sub->getFormat()); cout << endl;
178 cout << "Domain: "; xmlout(cout,sub->getNameQualifier()); cout << endl;
179 cout << "Handle: "; xmlout(cout,sub->getName()); cout << endl;
181 Iterator<SAMLAttribute*> attrs=s->getAttributes();
182 while (attrs.hasNext())
184 SAMLAttribute* attr=attrs.next();
185 cout << "Attribute Name: "; xmlout(cout,attr->getName()); cout << endl;
186 Iterator<const XMLCh*> vals=attr->getValues();
187 while (vals.hasNext())
189 cout << "Attribute Value: ";
190 xmlout(cout,vals.next());
198 catch(SAMLException& e)
200 cerr << "caught a SAML exception: " << e.what() << endl;
202 catch(XMLException& e)
204 cerr << "caught an XML exception: "; xmlout(cerr,e.getMessage()); cerr << endl;