From 44aa5e774f777b469674929b1bdd5834f6a167b2 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Mon, 21 May 2007 03:31:24 +0000
Subject: [PATCH] Add chaining resolver.

---
 xmltooling/Makefile.am                             |   1 +
 xmltooling/security/CredentialResolver.h           |   3 +
 .../security/impl/ChainingCredentialResolver.cpp   | 105 +++++++++++++++++++++
 xmltooling/security/impl/CredentialResolver.cpp    |   2 +
 xmltooling/xmltooling.vcproj                       |   4 +
 5 files changed, 115 insertions(+)
 create mode 100644 xmltooling/security/impl/ChainingCredentialResolver.cpp

diff --git a/xmltooling/Makefile.am b/xmltooling/Makefile.am
index 340ac2f..ffd2e11 100644
--- a/xmltooling/Makefile.am
+++ b/xmltooling/Makefile.am
@@ -122,6 +122,7 @@ xmlsec_sources = \
 	encryption/impl/Encrypter.cpp \
 	security/impl/AbstractPKIXTrustEngine.cpp \
 	security/impl/BasicX509Credential.cpp \
+	security/impl/ChainingCredentialResolver.cpp \
 	security/impl/ChainingTrustEngine.cpp \
 	security/impl/CredentialCriteria.cpp \
 	security/impl/CredentialResolver.cpp \
diff --git a/xmltooling/security/CredentialResolver.h b/xmltooling/security/CredentialResolver.h
index 68d675f..2c4b2cf 100644
--- a/xmltooling/security/CredentialResolver.h
+++ b/xmltooling/security/CredentialResolver.h
@@ -69,6 +69,9 @@ namespace xmltooling {
 
     /** CredentialResolver based on local files with no criteria support. */
     #define FILESYSTEM_CREDENTIAL_RESOLVER  "File"
+
+    /** CredentialResolver based on chaining together other resolvers. */
+    #define CHAINING_CREDENTIAL_RESOLVER    "Chaining"
 };
 
 #endif /* __xmltooling_credres_h__ */
diff --git a/xmltooling/security/impl/ChainingCredentialResolver.cpp b/xmltooling/security/impl/ChainingCredentialResolver.cpp
new file mode 100644
index 0000000..e0e198e
--- /dev/null
+++ b/xmltooling/security/impl/ChainingCredentialResolver.cpp
@@ -0,0 +1,105 @@
+/*
+ *  Copyright 2001-2007 Internet2
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * ChainingCredentialResolver.cpp
+ * 
+ * CredentialResolver with chaining capability.
+ */
+
+#include "internal.h"
+#include "XMLToolingConfig.h"
+#include "security/CredentialResolver.h"
+#include "util/NDC.h"
+#include "util/XMLHelper.h"
+
+#include <log4cpp/Category.hh>
+#include <xercesc/util/XMLUniDefs.hpp>
+
+using namespace xmltooling;
+using namespace log4cpp;
+using namespace std;
+
+namespace xmltooling {
+    class XMLTOOL_DLLLOCAL ChainingCredentialResolver : public CredentialResolver
+    {
+    public:
+        ChainingCredentialResolver(const DOMElement* e);
+        virtual ~ChainingCredentialResolver() {
+            for_each(m_resolvers.begin(), m_resolvers.end(), xmltooling::cleanup<CredentialResolver>());
+        }
+
+        Lockable* lock() {
+            for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun(&CredentialResolver::lock));
+            return this;
+        }
+        void unlock() {
+            for_each(m_resolvers.begin(), m_resolvers.end(), mem_fun(&CredentialResolver::unlock));
+        }
+        
+        const Credential* resolve(const CredentialCriteria* criteria=NULL) const {
+            const Credential* cred = NULL;
+            for (vector<CredentialResolver*>::const_iterator cr = m_resolvers.begin(); !cred && cr!=m_resolvers.end(); ++cr)
+                cred = (*cr)->resolve(criteria);
+            return cred;
+        }
+
+        virtual vector<const Credential*>::size_type resolve(
+            vector<const Credential*>& results, const CredentialCriteria* criteria=NULL
+            ) const {
+            for (vector<CredentialResolver*>::const_iterator cr = m_resolvers.begin(); cr!=m_resolvers.end(); ++cr)
+                (*cr)->resolve(results, criteria);
+            return results.size();
+        }
+
+    private:
+        vector<CredentialResolver*> m_resolvers;
+    };
+
+    CredentialResolver* XMLTOOL_DLLLOCAL ChainingCredentialResolverFactory(const DOMElement* const & e)
+    {
+        return new ChainingCredentialResolver(e);
+    }
+
+    static const XMLCh _CredentialResolver[] =  UNICODE_LITERAL_18(C,r,e,d,e,n,t,i,a,l,R,e,s,o,l,v,e,r);
+    static const XMLCh _type[] =                UNICODE_LITERAL_4(t,y,p,e);
+};
+
+ChainingCredentialResolver::ChainingCredentialResolver(const DOMElement* e)
+{
+#ifdef _DEBUG
+    NDC ndc("ChainingCredentialResolver");
+#endif
+
+    XMLToolingConfig& conf = XMLToolingConfig::getConfig();
+
+    // Load up the chain of resolvers.
+    e = e ? XMLHelper::getFirstChildElement(e, _CredentialResolver) : NULL;
+    while (e) {
+        auto_ptr_char type(e->getAttributeNS(NULL,_type));
+        if (type.get() && *(type.get())) {
+            try {
+                m_resolvers.push_back(conf.CredentialResolverManager.newPlugin(type.get(),e));
+            }
+            catch (exception& ex) {
+                Category::getInstance(XMLTOOLING_LOGCAT".CredentialResolver").error(
+                    "caught exception processing embedded CredentialResolver element: %s", ex.what()
+                    );
+            }
+        }
+        e = XMLHelper::getNextSiblingElement(e, _CredentialResolver);
+    }
+}
diff --git a/xmltooling/security/impl/CredentialResolver.cpp b/xmltooling/security/impl/CredentialResolver.cpp
index c0de4ce..82bb279 100644
--- a/xmltooling/security/impl/CredentialResolver.cpp
+++ b/xmltooling/security/impl/CredentialResolver.cpp
@@ -27,10 +27,12 @@ using namespace xmltooling;
 
 namespace xmltooling {
     XMLTOOL_DLLLOCAL PluginManager<CredentialResolver,std::string,const DOMElement*>::Factory FilesystemCredentialResolverFactory; 
+    XMLTOOL_DLLLOCAL PluginManager<CredentialResolver,std::string,const DOMElement*>::Factory ChainingCredentialResolverFactory; 
 };
 
 void XMLTOOL_API xmltooling::registerCredentialResolvers()
 {
     XMLToolingConfig& conf=XMLToolingConfig::getConfig();
     conf.CredentialResolverManager.registerFactory(FILESYSTEM_CREDENTIAL_RESOLVER, FilesystemCredentialResolverFactory);
+    conf.CredentialResolverManager.registerFactory(CHAINING_CREDENTIAL_RESOLVER, ChainingCredentialResolverFactory);
 }
diff --git a/xmltooling/xmltooling.vcproj b/xmltooling/xmltooling.vcproj
index a94c737..8b374c9 100644
--- a/xmltooling/xmltooling.vcproj
+++ b/xmltooling/xmltooling.vcproj
@@ -378,6 +378,10 @@
 						>
 					</File>
 					<File
+						RelativePath=".\security\impl\ChainingCredentialResolver.cpp"
+						>
+					</File>
+					<File
 						RelativePath=".\security\impl\ChainingTrustEngine.cpp"
 						>
 					</File>
-- 
2.1.4