2 * Copyright 2001-2007 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file shibsp/Application.h
20 * Interface to a Shibboleth Application instance.
23 #ifndef __shibsp_app_h__
24 #define __shibsp_app_h__
26 #include <shibsp/util/PropertySet.h>
27 #include <saml/saml2/metadata/MetadataProvider.h>
28 #include <xmltooling/security/TrustEngine.h>
29 #include <xmltooling/validation/Validator.h>
33 class SHIBSP_API Handler;
34 class SHIBSP_API ServiceProvider;
37 * Interface to a Shibboleth Application instance.
39 * <p>An Application is a logical set of resources that act as a unit
40 * of session management and policy.
42 class SHIBSP_API Application : public virtual PropertySet
44 MAKE_NONCOPYABLE(Application);
48 virtual ~Application() {}
51 * Returns the owning ServiceProvider instance.
53 * @return a locked ServiceProvider
55 virtual const ServiceProvider& getServiceProvider() const=0;
58 * Returns the Application's ID.
62 virtual const char* getId() const=0;
65 * Returns a unique hash for the Application.
67 * @return a value resulting from a hash of the Application's ID
69 virtual const char* getHash() const=0;
72 * Returns the name and cookie properties to use for this Application.
74 * @param prefix a value to prepend to the base cookie name
75 * @return a pair containing the cookie name and the string to append to the cookie value
77 virtual std::pair<std::string,const char*> getCookieNameProps(const char* prefix) const;
80 * Returns a MetadataProvider for use with this Application.
82 * @return a MetadataProvider instance, or NULL
84 virtual opensaml::saml2md::MetadataProvider* getMetadataProvider() const=0;
87 * Returns a TrustEngine for use with this Application.
89 * @return a TrustEngine instance, or NULL
91 virtual xmltooling::TrustEngine* getTrustEngine() const=0;
94 * Returns configuration properties governing security interactions with a peer entity.
96 * @param provider a peer entity's metadata
97 * @return the applicable PropertySet
99 virtual const PropertySet* getCredentialUse(const opensaml::saml2md::EntityDescriptor* provider) const=0;
102 * Returns the default SessionInitiator Handler when automatically
103 * requesting a session.
105 * @return the default SessionInitiator, or NULL
107 virtual const Handler* getDefaultSessionInitiator() const=0;
110 * Returns a SessionInitiator Handler with a particular ID when automatically
111 * requesting a session.
113 * @param id an identifier unique to the Application
114 * @return the designated SessionInitiator, or NULL
116 virtual const Handler* getSessionInitiatorById(const char* id) const=0;
119 * Returns the default AssertionConsumerService Handler
120 * for use in AuthnRequest messages.
122 * @return the default AssertionConsumerService, or NULL
124 virtual const Handler* getDefaultAssertionConsumerService() const=0;
127 * Returns an AssertionConsumerService Handler with a particular index
128 * for use in AuthnRequest messages.
130 * @param index an index unique to an application
131 * @return the designated AssertionConsumerService, or NULL
133 virtual const Handler* getAssertionConsumerServiceByIndex(unsigned short index) const=0;
136 * Returns one or more AssertionConsumerService Handlers that support
137 * a particular protocol binding.
139 * @param binding a protocol binding identifier
140 * @return a set of qualifying AssertionConsumerServices
142 virtual const std::vector<const Handler*>& getAssertionConsumerServicesByBinding(const XMLCh* binding) const=0;
145 * Returns the Handler associated with a particular path/location.
147 * @param path the PATH_INFO appended to the end of a base Handler location
148 * that invokes the Handler
149 * @return the mapped Handler, or NULL
151 virtual const Handler* getHandler(const char* path) const=0;
154 * Returns the set of audience values associated with this Application.
156 * @return set of audience values associated with the Application
158 virtual const std::vector<const XMLCh*>& getAudiences() const=0;
161 * Returns a validator for applying verification rules to incoming SAML tokens.
163 * <p>The validator must be freed by the caller.
165 * @param ts timestamp against which to evaluate the token's validity, or 0 to ignore
166 * @param role metadata role of token issuer, if known
167 * @return a validator
169 virtual xmltooling::Validator* getTokenValidator(time_t ts=0, const opensaml::saml2md::RoleDescriptor* role=NULL) const=0;
173 #endif /* __shibsp_app_h__ */