2 * Copyright 2001-2010 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * AttributeScopeRegexFunctor.cpp
20 * A match function that evaluates an attribute value's scope against the
21 * provided regular expression.
25 #include "exceptions.h"
26 #include "attribute/Attribute.h"
27 #include "attribute/filtering/FilteringContext.h"
28 #include "attribute/filtering/FilterPolicyContext.h"
29 #include "attribute/filtering/MatchFunctor.h"
31 #include <xmltooling/util/XMLHelper.h>
32 #include <xercesc/util/regx/RegularExpression.hpp>
34 using namespace shibsp;
36 using xmltooling::XMLHelper;
40 static const XMLCh attributeID[] = UNICODE_LITERAL_11(a,t,t,r,i,b,u,t,e,I,D);
41 static const XMLCh options[] = UNICODE_LITERAL_7(o,p,t,i,o,n,s);
42 static const XMLCh regex[] = UNICODE_LITERAL_5(r,e,g,e,x);
45 * A match function that evaluates an attribute value's scope against the provided regular expression.
47 class SHIBSP_DLLLOCAL AttributeScopeRegexFunctor : public MatchFunctor
50 RegularExpression* m_regex;
52 bool hasScope(const FilteringContext& filterContext) const;
53 bool matches(const Attribute& attribute, size_t index) const;
56 AttributeScopeRegexFunctor(const DOMElement* e) : m_attributeID(XMLHelper::getAttrString(e, nullptr, attributeID)), m_regex(nullptr) {
57 const XMLCh* r = e ? e->getAttributeNS(nullptr,regex) : nullptr;
59 throw ConfigurationException("AttributeScopeRegex MatchFunctor requires non-empty regex attribute.");
61 m_regex = new RegularExpression(r, e->getAttributeNS(nullptr,options));
63 catch (XMLException& ex) {
64 xmltooling::auto_ptr_char temp(ex.getMessage());
65 throw ConfigurationException(temp.get());
69 bool evaluatePolicyRequirement(const FilteringContext& filterContext) const {
70 if (m_attributeID.empty())
71 throw AttributeFilteringException("No attributeID specified.");
72 return hasScope(filterContext);
75 bool evaluatePermitValue(const FilteringContext& filterContext, const Attribute& attribute, size_t index) const {
76 if (m_attributeID.empty() || m_attributeID == attribute.getId())
77 return matches(attribute, index);
78 return hasScope(filterContext);
82 MatchFunctor* SHIBSP_DLLLOCAL AttributeScopeRegexFactory(const std::pair<const FilterPolicyContext*,const DOMElement*>& p)
84 return new AttributeScopeRegexFunctor(p.second);
89 bool AttributeScopeRegexFunctor::hasScope(const FilteringContext& filterContext) const
92 pair<multimap<string,Attribute*>::const_iterator,multimap<string,Attribute*>::const_iterator> attrs =
93 filterContext.getAttributes().equal_range(m_attributeID);
94 for (; attrs.first != attrs.second; ++attrs.first) {
95 count = attrs.first->second->valueCount();
96 for (size_t index = 0; index < count; ++index) {
97 if (matches(*(attrs.first->second), index))
104 bool AttributeScopeRegexFunctor::matches(const Attribute& attribute, size_t index) const
106 const char* val = attribute.getScope(index);
109 XMLCh* temp = xmltooling::fromUTF8(val);
110 bool ret = m_regex->matches(temp);