*/
#include "internal.h"
+#include "ServiceProvider.h"
#include "attribute/NameIDAttribute.h"
+#include "remoting/ListenerService.h"
#include <xmltooling/exceptions.h>
+#include <xmltooling/security/SecurityHelper.h>
using namespace shibsp;
+using namespace xmltooling::logging;
using namespace xmltooling;
using namespace std;
}
};
-NameIDAttribute::NameIDAttribute(const vector<string>& ids, const char* formatter) : Attribute(ids), m_formatter(formatter)
+NameIDAttribute::NameIDAttribute(const vector<string>& ids, const char* formatter, const char* hashAlg)
+ : Attribute(ids), m_formatter(formatter), m_hashAlg(hashAlg ? hashAlg : "")
{
}
NameIDAttribute::NameIDAttribute(DDF& in) : Attribute(in)
{
DDF val = in["_formatter"];
- if (val.isstring())
+ if (val.isstring() && val.string())
m_formatter = val.string();
else
m_formatter = DEFAULT_NAMEID_FORMATTER;
+ val = in["_hashalg"];
+ if (val.isstring() && val.string())
+ m_hashAlg = val.string();
const char* pch;
val = in.first().first();
while (val.name()) {
const vector<string>& NameIDAttribute::getSerializedValues() const
{
if (m_serialized.empty()) {
- for (vector<Value>::const_iterator i=m_values.begin(); i!=m_values.end(); ++i) {
+ for (vector<Value>::const_iterator i = m_values.begin(); i != m_values.end(); ++i) {
// This is kind of a hack, but it's a good way to reuse some code.
XMLToolingException e(
m_formatter,
"SPProvidedID", i->m_SPProvidedID.c_str()
)
);
- m_serialized.push_back(e.what());
+ if (m_hashAlg.empty()) {
+ m_serialized.push_back(e.what());
+ }
+ else {
+#ifndef SHIBSP_LITE
+ m_serialized.push_back(SecurityHelper::doHash(m_hashAlg.c_str(), e.what(), strlen(e.what())));
+#else
+ try {
+ DDF out, in("hash");
+ DDFJanitor jin(in), jout(out);
+ in.addmember("alg").string(m_hashAlg.c_str());
+ in.addmember("data").unsafe_string(e.what());
+ out = SPConfig::getConfig().getServiceProvider()->getListenerService()->send(in);
+ if (out.isstring() && out.string())
+ m_serialized.push_back(out.string());
+ }
+ catch (exception& ex) {
+ Category::getInstance(SHIBSP_LOGCAT".Attribute.NameID").error("exception remoting hash operation: %s", ex.what());
+ }
+#endif
+ }
}
}
return Attribute::getSerializedValues();
DDF ddf = Attribute::marshall();
ddf.name("NameID");
ddf.addmember("_formatter").string(m_formatter.c_str());
+ if (!m_hashAlg.empty())
+ ddf.addmember("_hashalg").string(m_hashAlg.c_str());
DDF vlist = ddf.first();
for (vector<Value>::const_iterator i=m_values.begin(); i!=m_values.end(); ++i) {
DDF val = DDF(i->m_Name.c_str()).structure();
*
* @param ids array with primary identifier in first position, followed by any aliases
* @param formatter template for serialization of tuple
+ * @param hashAlg hash algorithm to apply in producing serialized values
*/
- NameIDAttribute(const std::vector<std::string>& ids, const char* formatter=DEFAULT_NAMEID_FORMATTER);
+ NameIDAttribute(const std::vector<std::string>& ids, const char* formatter=DEFAULT_NAMEID_FORMATTER, const char* hashAlg=nullptr);
/**
* Constructs based on a remoted NameIDAttribute.
private:
std::vector<Value> m_values;
- std::string m_formatter;
+ std::string m_formatter,m_hashAlg;
};
#if defined (_MSC_VER)
) const
{
auto_ptr<NameIDAttribute> nameid(
- new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
+ new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER, m_hashAlg.c_str())
);
vector<NameIDAttribute::Value>& dest = nameid->getValues();
vector<XMLObject*>::const_iterator v,stop;
}
}
- return dest.empty() ? nullptr : _decode(nameid.release());
+ return dest.empty() ? nullptr : nameid.release();
}
const NameIDType* saml2name = dynamic_cast<const NameIDType*>(xmlObject);
}
}
- return dest.empty() ? nullptr : _decode(nameid.release());
+ return dest.empty() ? nullptr : nameid.release();
}
void NameIDAttributeDecoder::extract(
const XMLCh* xmlscope;
xmltooling::QName scopeqname(nullptr,Scope);
auto_ptr<NameIDAttribute> nameid(
- new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER)
+ new NameIDAttribute(ids, (!m_formatter.empty()) ? m_formatter.c_str() : DEFAULT_NAMEID_FORMATTER, m_hashAlg.c_str())
);
vector<NameIDAttribute::Value>& dest = nameid->getValues();
pair<vector<XMLObject*>::const_iterator,vector<XMLObject*>::const_iterator> valrange;
}
}
- return dest.empty() ? nullptr : _decode(nameid.release());
+ return dest.empty() ? nullptr : nameid.release();
}
log.warn("XMLObject type not recognized by NameIDFromScopedAttributeDecoder, no values returned");
#include "remoting/ListenerService.h"
#include <xercesc/dom/DOM.hpp>
+#include <xmltooling/security/SecurityHelper.h>
using namespace shibsp;
using namespace xmltooling;
{
if (!in.name())
throw ListenerException("Incoming message with no destination address rejected.");
- else if (!strcmp("ping",in.name())) {
- DDF outmsg=DDF(nullptr).integer(in.integer() + 1);
+ else if (!strcmp("ping", in.name())) {
+ DDF outmsg = DDF(nullptr).integer(in.integer() + 1);
DDFJanitor jan(outmsg);
out << outmsg;
+ return;
+ }
+ else if (!strcmp("hash", in.name())) {
+#ifndef SHIBSP_LITE
+ const char* hashAlg = in["alg"].string();
+ const char* data = in["data"].string();
+ if (!hashAlg || !*hashAlg || !data || !*data)
+ throw ListenerException("Hash request missing algorithm or data parameters.");
+ DDF outmsg(nullptr);
+ DDFJanitor jan(outmsg);
+ outmsg.string(SecurityHelper::doHash(hashAlg, data, strlen(data)).c_str());
+ out << outmsg;
+ return;
+#else
+ throw ListenerException("Hash algorithms unavailable in lite build of library.");
+#endif
}
// Two stage lookup, on the listener itself, and the SP interface.