/*
- * Copyright 2001-2006 Internet2
+ * Copyright 2001-2007 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "internal.h"
#include "exceptions.h"
-#include "binding/HTTPResponse.h"
-#include "binding/URLEncoder.h"
+#include "binding/MessageEncoder.h"
#include "saml2/binding/SAML2Redirect.h"
-#include "saml2/binding/SAML2RedirectEncoder.h"
#include "saml2/core/Protocols.h"
#include <fstream>
#include <sstream>
-#include <log4cpp/Category.hh>
#include <xercesc/util/Base64.hpp>
+#include <xmltooling/logging.h>
+#include <xmltooling/io/HTTPResponse.h>
#include <xmltooling/util/NDC.h>
+#include <xmltooling/util/URLEncoder.h>
using namespace opensaml::saml2p;
+using namespace opensaml::saml2md;
using namespace opensaml;
using namespace xmlsignature;
+using namespace xmltooling::logging;
using namespace xmltooling;
-using namespace log4cpp;
using namespace std;
namespace opensaml {
namespace saml2p {
- MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const DOMElement* const & e)
+ class SAML_DLLLOCAL SAML2RedirectEncoder : public MessageEncoder
{
- return new SAML2RedirectEncoder(e);
+ public:
+ SAML2RedirectEncoder() {}
+ virtual ~SAML2RedirectEncoder() {}
+
+ bool isCompact() const {
+ return true;
+ }
+
+ long encode(
+ GenericResponse& genericResponse,
+ XMLObject* xmlObject,
+ const char* destination,
+ const EntityDescriptor* recipient=NULL,
+ const char* relayState=NULL,
+ const ArtifactGenerator* artifactGenerator=NULL,
+ const Credential* credential=NULL,
+ const XMLCh* signatureAlg=NULL,
+ const XMLCh* digestAlg=NULL
+ ) const;
+ };
+
+ MessageEncoder* SAML_DLLLOCAL SAML2RedirectEncoderFactory(const pair<const DOMElement*,const XMLCh*>& p)
+ {
+ return new SAML2RedirectEncoder();
}
};
};
GenericResponse& genericResponse,
XMLObject* xmlObject,
const char* destination,
- const char* recipientID,
+ const EntityDescriptor* recipient,
const char* relayState,
- const CredentialResolver* credResolver,
- const XMLCh* sigAlgorithm
+ const ArtifactGenerator* artifactGenerator,
+ const Credential* credential,
+ const XMLCh* signatureAlg,
+ const XMLCh* digestAlg
) const
{
#ifdef _DEBUG
throw BindingException("Base64 encoding of XML failed.");
// Create beginnings of redirect query string.
- URLEncoder* escaper = SAMLConfig::getConfig().getURLEncoder();
+ const URLEncoder* escaper = XMLToolingConfig::getConfig().getURLEncoder();
xmlbuf.erase();
xmlbuf.append(reinterpret_cast<char*>(encoded),len);
xmlbuf = (request ? "SAMLRequest=" : "SAMLResponse=") + escaper->encode(xmlbuf.c_str());
- if (relayState)
+ if (relayState && *relayState)
xmlbuf = xmlbuf + "&RelayState=" + escaper->encode(relayState);
- if (credResolver) {
+ if (credential) {
+ log.debug("signing the message");
+
// Sign the query string after adding the algorithm.
- if (!sigAlgorithm)
- sigAlgorithm = DSIGConstants::s_unicodeStrURIRSA_SHA1;
- auto_ptr_char alg(sigAlgorithm);
+ if (!signatureAlg)
+ signatureAlg = DSIGConstants::s_unicodeStrURIRSA_SHA1;
+ auto_ptr_char alg(signatureAlg);
xmlbuf = xmlbuf + "&SigAlg=" + escaper->encode(alg.get());
char sigbuf[1024];
memset(sigbuf,0,sizeof(sigbuf));
- auto_ptr<XSECCryptoKey> key(credResolver->getKey());
- Signature::createRawSignature(key.get(), sigAlgorithm, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
+ Signature::createRawSignature(credential->getPrivateKey(), signatureAlg, xmlbuf.c_str(), xmlbuf.length(), sigbuf, sizeof(sigbuf)-1);
xmlbuf = xmlbuf + "&Signature=" + escaper->encode(sigbuf);
}
// Generate redirect.
log.debug("message encoded, sending redirect to client");
- xmlbuf.insert(0,1,(strchr(destination,'?') ? '&' : '?'));
+ xmlbuf.insert((string::size_type)0,(string::size_type)1,(strchr(destination,'?') ? '&' : '?'));
xmlbuf.insert(0,destination);
long ret = httpResponse->sendRedirect(xmlbuf.c_str());