From b7af62a5d1012124fd830922e25314a194ec3022 Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Wed, 25 Nov 2009 20:32:46 +0000 Subject: [PATCH] https://issues.shibboleth.net/jira/browse/SSPCPP-184 --- shibsp/handler/impl/AssertionConsumerService.cpp | 26 +++++++++++------- shibsp/handler/impl/SAML2ArtifactResolution.cpp | 6 ++-- shibsp/handler/impl/SAMLDSSessionInitiator.cpp | 35 ++++++++++++++++++++++-- 3 files changed, 50 insertions(+), 17 deletions(-) diff --git a/shibsp/handler/impl/AssertionConsumerService.cpp b/shibsp/handler/impl/AssertionConsumerService.cpp index e2a2290..f5d4e5e 100644 --- a/shibsp/handler/impl/AssertionConsumerService.cpp +++ b/shibsp/handler/impl/AssertionConsumerService.cpp @@ -234,25 +234,31 @@ const char* AssertionConsumerService::getType() const void AssertionConsumerService::generateMetadata(SPSSODescriptor& role, const char* handlerURL) const { + // Initial guess at index to use. + pair ix = pair(false,0); + if (!strncmp(handlerURL, "https", 5)) + ix = getUnsignedInt("sslIndex", shibspconstants::ASCII_SHIB2SPCONFIG_NS); + if (!ix.first) + ix = getUnsignedInt("index"); + if (!ix.first) + ix.second = 1; + + // Find maximum index in use and go one higher. + const vector& services = const_cast(role).getAssertionConsumerServices(); + if (!services.empty() && ix.second <= services.back()->getIndex().second) + ix.second = services.back()->getIndex().second + 1; + const char* loc = getString("Location").second; string hurl(handlerURL); if (*loc != '/') hurl += '/'; hurl += loc; auto_ptr_XMLCh widen(hurl.c_str()); + saml2md::AssertionConsumerService* ep = saml2md::AssertionConsumerServiceBuilder::buildAssertionConsumerService(); ep->setLocation(widen.get()); ep->setBinding(getXMLString("Binding").second); - if (!strncmp(handlerURL, "https", 5)) { - pair index = getXMLString("sslIndex", shibspconstants::ASCII_SHIB2SPCONFIG_NS); - if (index.first) - ep->setIndex(index.second); - else - ep->setIndex(getXMLString("index").second); - } - else { - ep->setIndex(getXMLString("index").second); - } + ep->setIndex(ix.second); role.getAssertionConsumerServices().push_back(ep); } diff --git a/shibsp/handler/impl/SAML2ArtifactResolution.cpp b/shibsp/handler/impl/SAML2ArtifactResolution.cpp index 1ea7317..bec9c01 100644 --- a/shibsp/handler/impl/SAML2ArtifactResolution.cpp +++ b/shibsp/handler/impl/SAML2ArtifactResolution.cpp @@ -88,10 +88,8 @@ namespace shibsp { // Find maximum index in use and go one higher. const vector& services = const_cast(role).getArtifactResolutionServices(); - for (vector::const_iterator i = services.begin(); i != services.end(); ++i) { - if (ix.second <= (*i)->getIndex().second) - ix.second = (*i)->getIndex().second + 1; - } + if (!services.empty() && ix.second <= services.back()->getIndex().second) + ix.second = services.back()->getIndex().second + 1; const char* loc = getString("Location").second; string hurl(handlerURL); diff --git a/shibsp/handler/impl/SAMLDSSessionInitiator.cpp b/shibsp/handler/impl/SAMLDSSessionInitiator.cpp index 1c0a7e3..85b65bb 100644 --- a/shibsp/handler/impl/SAMLDSSessionInitiator.cpp +++ b/shibsp/handler/impl/SAMLDSSessionInitiator.cpp @@ -73,18 +73,47 @@ namespace shibsp { #ifndef SHIBSP_LITE void generateMetadata(SPSSODescriptor& role, const char* handlerURL) const { static const XMLCh LOCAL_NAME[] = UNICODE_LITERAL_17(D,i,s,c,o,v,e,r,y,R,e,s,p,o,n,s,e); + + // Initial guess at index to use. + pair ix = getUnsignedInt("index"); + if (!ix.first) + ix.second = 1; + + // Find maximum index in use and go one higher. + if (role.getExtensions()) { + const vector& exts = const_cast(role.getExtensions())->getUnknownXMLObjects(); + for (vector::const_reverse_iterator i = exts.rbegin(); i != exts.rend(); ++i) { + if (XMLString::equals((*i)->getElementQName().getLocalPart(), LOCAL_NAME) && + XMLString::equals((*i)->getElementQName().getNamespaceURI(), m_discoNS.get())) { + const AttributeExtensibleXMLObject* sub = dynamic_cast(*i); + if (sub) { + const XMLCh* val = sub->getAttribute(xmltooling::QName(NULL,IndexedEndpointType::INDEX_ATTRIB_NAME)); + if (val) { + int maxindex = XMLString::parseInt(val); + if (ix.second <= maxindex) + ix.second = maxindex + 1; + break; + } + } + } + } + } + const char* loc = getString("Location").second; string hurl(handlerURL); if (*loc != '/') hurl += '/'; hurl += loc; auto_ptr_XMLCh widen(hurl.c_str()); + + ostringstream os; + os << ix.second; + auto_ptr_XMLCh widen2(os.str().c_str()); + ElementProxy* ep = new AnyElementImpl(m_discoNS.get(), LOCAL_NAME); ep->setAttribute(xmltooling::QName(NULL,EndpointType::LOCATION_ATTRIB_NAME), widen.get()); ep->setAttribute(xmltooling::QName(NULL,EndpointType::BINDING_ATTRIB_NAME), m_discoNS.get()); - pair ix = getXMLString("index"); - ep->setAttribute(xmltooling::QName(NULL,IndexedEndpointType::INDEX_ATTRIB_NAME), ix.first ? ix.second : xmlconstants::XML_ONE); - + ep->setAttribute(xmltooling::QName(NULL,IndexedEndpointType::INDEX_ATTRIB_NAME), widen2.get()); Extensions* ext = role.getExtensions(); if (!ext) { ext = ExtensionsBuilder::buildExtensions(); -- 2.1.4