/**
* Specialized SOAPClient for SAML SOAP bindings.
*/
- class SAML_API SOAPClient : public virtual soap11::SOAPClient
+ class SAML_API SOAPClient : public soap11::SOAPClient
{
public:
/**
* @param validating controls schema validation
*/
SOAPClient(SecurityPolicy& policy, bool validating=false)
- : soap11::SOAPClient(validating), m_policy(policy), m_force(true), m_correlate(NULL) {}
+ : soap11::SOAPClient(validating), m_policy(policy), m_force(true), m_peer(NULL) {}
- virtual ~SOAPClient() {
- XMLString::release(&m_correlate);
- }
+ virtual ~SOAPClient() {}
/**
* Controls whether to force transport/peer authentication via an X509TrustEngine.
void reset();
+ /**
+ * Returns the SecurityPolicy supplied to the client.
+ *
+ * @return the associated SecurityPolicy
+ */
+ SecurityPolicy& getPolicy() const {
+ return m_policy;
+ }
+
protected:
/**
* Override prepares transport by assigning an X509TrustEngine to it, if one is
/** Flag controlling whether transport/peer authn is mandatory. */
bool m_force;
- /** Message correlation ID. */
- XMLCh* m_correlate;
-
- private:
+ /** Metadata-based peer identity. */
const saml2md::RoleDescriptor* m_peer;
};
// Clear policy.
m_policy.reset();
- m_peer = dynamic_cast<const RoleDescriptor*>(&peer);
+ if (!m_peer)
+ m_peer = dynamic_cast<const RoleDescriptor*>(&peer);
if (m_peer) {
const QName& role = m_peer->getElementQName();
if (XMLString::equals(role.getLocalPart(),RoleDescriptor::LOCAL_NAME))
void SOAPClient::reset()
{
+ m_peer = NULL;
soap11::SOAPClient::reset();
m_policy.reset();
- XMLString::release(&m_correlate);
- m_correlate=NULL;
}
/**
* @file saml/saml1/binding/SAML1SOAPClient.h
*
- * Specialized SOAPClient for SAML 1.x SOAP binding.
+ * Client class for SAML 1.x SOAP binding.
*/
#ifndef __saml1_soap11client_h__
class SAML_API Status;
/**
- * Specialized SOAPClient for SAML 1.x SOAP binding.
+ * Client class for SAML 1.x SOAP binding.
*/
- class SAML_API SAML1SOAPClient : public opensaml::SOAPClient
+ class SAML_API SAML1SOAPClient
{
public:
/**
- * Creates a SOAP client instance with a particular SecurityPolicy.
+ * Constructor
*
- * @param policy reference to SecurityPolicy to apply
- * @param validating controls schema validation
+ * @param soaper reference to SOAPClient object to use for call
*/
- SAML1SOAPClient(SecurityPolicy& policy, bool validating=false) : opensaml::SOAPClient(policy, validating) {}
+ SAML1SOAPClient(SOAPClient& soaper) : m_soaper(soaper), m_correlate(NULL) {
+ }
- virtual ~SAML1SOAPClient() {}
+ virtual ~SAML1SOAPClient() {
+ XMLString::release(&m_correlate);
+ }
/**
* Specialized method for sending SAML 1.x requests. The SOAP layer will be
* @return true iff the error should be treated as a fatal error
*/
virtual bool handleError(const Status& status);
+
+ /** SOAP client object */
+ SOAPClient& m_soaper;
+
+ private:
+ XMLCh* m_correlate;
};
};
Body* body = BodyBuilder::buildBody();
env->setBody(body);
body->getUnknownXMLObjects().push_back(request);
- send(*env.get(), peer, endpoint);
+ m_soaper.send(*env.get(), peer, endpoint);
m_correlate = XMLString::replicate(request->getRequestID());
}
Response* SAML1SOAPClient::receiveSAML()
{
- auto_ptr<Envelope> env(receive());
+ auto_ptr<Envelope> env(m_soaper.receive());
if (env.get()) {
Body* body = env->getBody();
if (body && body->hasChildren()) {
throw BindingException("SAML Response contained an error.");
}
- m_policy.evaluate(*response);
+ m_soaper.getPolicy().evaluate(*response);
env.release();
body->detach(); // frees Envelope
response->detach(); // frees Body
DECL_TYPED_CHILDREN(AuthenticationStatement);
DECL_TYPED_CHILDREN(AttributeStatement);
DECL_TYPED_CHILDREN(AuthorizationDecisionStatement);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
/** AssertionType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
DECL_STRING_ATTRIB(RequestID,REQUESTID);
DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_TYPED_CHILDREN(RespondWith);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
/** RequestAbstractType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_STRING_ATTRIB(Recipient,RECIPIENT);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
/** ResponseAbstractType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
/**
* Specialized SOAPClient for SAML 2.0 SOAP binding.
*/
- class SAML_API SAML2SOAPClient : public opensaml::SOAPClient
+ class SAML_API SAML2SOAPClient
{
public:
/**
- * Creates a SOAP client instance with a particular SecurityPolicy.
+ * Constructor
*
- * @param policy reference to SecurityPolicy to apply
- * @param validating controls schema validation
+ * @param soaper reference to SOAPClient object to use for call
*/
- SAML2SOAPClient(SecurityPolicy& policy, bool validating=false) : opensaml::SOAPClient(policy, validating) {}
+ SAML2SOAPClient(SOAPClient& soaper) : m_soaper(soaper), m_correlate(NULL) {
+ }
- virtual ~SAML2SOAPClient() {}
+ virtual ~SAML2SOAPClient() {
+ XMLString::release(&m_correlate);
+ }
/**
* Specialized method for sending SAML 2.0 requests. The SOAP layer will be
* @return true iff the error should be treated as a fatal error
*/
virtual bool handleError(const Status& status);
+
+ /** SOAP client object */
+ SOAPClient& m_soaper;
+
+ private:
+ XMLCh* m_correlate;
};
};
Body* body = BodyBuilder::buildBody();
env->setBody(body);
body->getUnknownXMLObjects().push_back(request);
- send(*env.get(), peer, endpoint);
+ m_soaper.send(*env.get(), peer, endpoint);
m_correlate = XMLString::replicate(request->getID());
}
StatusResponseType* SAML2SOAPClient::receiveSAML()
{
- auto_ptr<Envelope> env(receive());
+ auto_ptr<Envelope> env(m_soaper.receive());
if (env.get()) {
Body* body = env->getBody();
if (body && body->hasChildren()) {
throw BindingException("SAML Response contained an error.");
}
- m_policy.evaluate(*response);
+ m_soaper.getPolicy().evaluate(*response);
env.release();
body->detach(); // frees Envelope
response->detach(); // frees Body
DECL_INHERITED_STRING_ATTRIB(ID,ID);
DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_INHERITED_TYPED_CHILD(Issuer);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Subject);
DECL_TYPED_CHILD(Conditions);
DECL_TYPED_CHILD(Advice);
DECL_STRING_ATTRIB(Destination,DESTINATION);
DECL_STRING_ATTRIB(Consent,CONSENT);
DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
/** RequestAbstractType local name */
static const XMLCh TYPE_NAME[];
DECL_STRING_ATTRIB(Destination,DESTINATION);
DECL_STRING_ATTRIB(Consent,CONSENT);
DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILD(Status);
/** StatusResponseType local name */
/** Searches the ProtocolSupportEnumeration attribute for the indicated protocol. */
virtual bool hasSupport(const XMLCh* protocol) const=0;
DECL_STRING_ATTRIB(ErrorURL,ERRORURL);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILDREN(KeyDescriptor);
DECL_TYPED_CHILD(Organization);
CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 AffiliationDescriptor element);
DECL_STRING_ATTRIB(ID,ID);
DECL_STRING_ATTRIB(AffiliationOwnerID,AFFILIATIONOWNERID);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILDREN(AffiliateMember);
DECL_TYPED_CHILDREN(KeyDescriptor);
CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 EntityDescriptor element);
DECL_STRING_ATTRIB(ID,ID);
DECL_STRING_ATTRIB(EntityID,ENTITYID);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILD(AffiliationDescriptor);
DECL_TYPED_CHILDREN(RoleDescriptor);
TimeBoundSAMLObject,SAML 2.0 EntitiesDescriptor element);
DECL_STRING_ATTRIB(ID,ID);
DECL_STRING_ATTRIB(Name,NAME);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILDREN(EntityDescriptor);
DECL_TYPED_CHILDREN(EntitiesDescriptor);
*/
virtual xmlsignature::Signature* getSignature() const=0;
+ /**
+ * Sets an enveloped Signature in the object.
+ *
+ * @param sig the enveloped Signature, or NULL
+ */
+ virtual void setSignature(xmlsignature::Signature* sig)=0;
+
protected:
SignableObject() {}
};