Streamline SecurityPolicy methods and rule modification.

[shibboleth/opensaml2.git] / saml / saml2 / binding / impl / SAML2ArtifactDecoder.cpp

diff --git a/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp b/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp
index c4c24a4..ae7545a 100644 (file)
--- a/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp
+++ b/saml/saml2/binding/impl/SAML2ArtifactDecoder.cpp
@@ -22,14 +22,14 @@
 
 #include "internal.h"
 #include "exceptions.h"
-#include "binding/HTTPRequest.h"
 #include "binding/MessageDecoder.h"
 #include "saml2/binding/SAML2Artifact.h"
 #include "saml2/core/Protocols.h"
 #include "saml2/metadata/Metadata.h"
 #include "saml2/metadata/MetadataProvider.h"
 
-#include <log4cpp/Category.hh>
+#include <xmltooling/logging.h>
+#include <xmltooling/io/HTTPRequest.h>
 #include <xmltooling/util/NDC.h>
 #include <xmltooling/util/ReplayCache.h>
 
@@ -37,8 +37,8 @@ using namespace opensaml::saml2md;
 using namespace opensaml::saml2p;
 using namespace opensaml::saml2;
 using namespace opensaml;
+using namespace xmltooling::logging;
 using namespace xmltooling;
-using namespace log4cpp;
 using namespace std;
 
 namespace opensaml {
@@ -46,7 +46,7 @@ namespace opensaml {
         class SAML_DLLLOCAL SAML2ArtifactDecoder : public MessageDecoder
         {
         public:
-            SAML2ArtifactDecoder(const DOMElement* e) {}
+            SAML2ArtifactDecoder() {}
             virtual ~SAML2ArtifactDecoder() {}
             
             xmltooling::XMLObject* decode(
@@ -56,9 +56,9 @@ namespace opensaml {
                 ) const;
         };                
 
-        MessageDecoder* SAML_DLLLOCAL SAML2ArtifactDecoderFactory(const DOMElement* const & e)
+        MessageDecoder* SAML_DLLLOCAL SAML2ArtifactDecoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
         {
-            return new SAML2ArtifactDecoder(e);
+            return new SAML2ArtifactDecoder();
         }
     };
 };
@@ -76,13 +76,11 @@ XMLObject* SAML2ArtifactDecoder::decode(
 
     log.debug("validating input");
     const HTTPRequest* httpRequest=dynamic_cast<const HTTPRequest*>(&genericRequest);
-    if (!httpRequest) {
-        log.error("unable to cast request to HTTPRequest type");
-        return NULL;
-    }
+    if (!httpRequest)
+        throw BindingException("Unable to cast request object to HTTPRequest type.");
     const char* SAMLart = httpRequest->getParameter("SAMLart");
     if (!SAMLart)
-        return NULL;
+        throw BindingException("Request missing SAMLart parameter.");
     const char* state = httpRequest->getParameter("RelayState");
     if (state)
         relayState = state;
@@ -149,15 +147,18 @@ XMLObject* SAML2ArtifactDecoder::decode(
     }
     policy.setIssuerMetadata(roledesc);
     
+    log.debug("calling ArtifactResolver...");
     auto_ptr<ArtifactResponse> response(
         m_artifactResolver->resolve(*(artifact2.get()), dynamic_cast<const SSODescriptorType&>(*roledesc), policy)
         );
     
-    // The policy should be enforced against the ArtifactResponse by the resolve step. 
+    // The policy should be enforced against the ArtifactResponse by the resolve step.
+    // Reset only the message state.
+    policy.reset(true);
 
     // Extract payload and check that message.
     XMLObject* payload = response->getPayload();
-    policy.evaluate(*payload, &genericRequest);
+    policy.evaluate(*payload, &genericRequest, samlconstants::SAML20P_NS);
 
     // Return the payload only.
     response.release();