projects / shibboleth / sp.git / blob
? search:


e819e90ad4b9c37680ab61981f1d944be2db4d0a
[shibboleth/sp.git] / shibsp / attribute / resolver / impl / ChainingAttributeResolver.cpp
1 /*
2  *  Copyright 2001-2007 Internet2
3  * 
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 /**
18  * ChainingAttributeResolver.cpp
19  * 
20  * Chains together multiple AttributeResolver plugins.
21  */
22
23 #include "internal.h"
24 #include "Application.h"
25 #include "ServiceProvider.h"
26 #include "attribute/Attribute.h"
27 #include "attribute/resolver/AttributeResolver.h"
28 #include "attribute/resolver/ResolutionContext.h"
29
30 #include <xercesc/util/XMLUniDefs.hpp>
31 #include <xmltooling/util/XMLHelper.h>
32
33 using namespace shibsp;
34 using namespace opensaml::saml2;
35 using namespace opensaml::saml2md;
36 using namespace xmltooling;
37 using namespace std;
38
39 namespace shibsp {
40
41     struct SHIBSP_DLLLOCAL ChainingContext : public ResolutionContext
42     {
43         ChainingContext(
44             const Application& application,
45             const EntityDescriptor* issuer,
46             const XMLCh* protocol,
47             const NameID* nameid,
48             const XMLCh* authncontext_class,
49             const XMLCh* authncontext_decl,
50             const vector<const opensaml::Assertion*>* tokens,
51             const vector<shibsp::Attribute*>* attributes
52             ) : m_app(application), m_issuer(issuer), m_protocol(protocol), m_authclass(authncontext_class), m_authdecl(authncontext_decl), m_session(NULL) {
53             if (tokens)
54                 m_tokens.assign(tokens->begin(), tokens->end());
55             if (attributes)
56                 m_attributes.assign(attributes->begin(), attributes->end());
57         }
58
59         ChainingContext(const Application& application, const Session& session) : m_app(application), m_session(&session) {
60         }
61
62         ~ChainingContext() {
63             for_each(m_ownedAttributes.begin(), m_ownedAttributes.end(), xmltooling::cleanup<shibsp::Attribute>());
64             for_each(m_ownedAssertions.begin(), m_ownedAssertions.end(), xmltooling::cleanup<opensaml::Assertion>());
65         }
66
67         vector<shibsp::Attribute*>& getResolvedAttributes() {
68             return m_ownedAttributes;
69         }
70         vector<opensaml::Assertion*>& getResolvedAssertions() {
71             return m_ownedAssertions;
72         }
73
74         vector<shibsp::Attribute*> m_ownedAttributes;
75         vector<opensaml::Assertion*> m_ownedAssertions;
76
77         const Application& m_app;
78         const EntityDescriptor* m_issuer;
79         const XMLCh* m_protocol;
80         const NameID* m_nameid;
81         const XMLCh* m_authclass;
82         const XMLCh* m_authdecl;
83         vector<const opensaml::Assertion*> m_tokens;
84         vector<shibsp::Attribute*> m_attributes;
85
86         const Session* m_session;
87     };
88
89     class SHIBSP_DLLLOCAL ChainingAttributeResolver : public AttributeResolver
90     {
91     public:
92         ChainingAttributeResolver(const DOMElement* e);
93         virtual ~ChainingAttributeResolver() {
94             for_each(m_resolvers.begin(), m_resolvers.end(), xmltooling::cleanup<AttributeResolver>());
95         }
96         
97         Lockable* lock() {
98             return this;
99         }
100         void unlock() {
101         }
102
103         ResolutionContext* createResolutionContext(
104             const Application& application,
105             const EntityDescriptor* issuer,
106             const XMLCh* protocol,
107             const NameID* nameid,
108             const XMLCh* authncontext_class=NULL,
109             const XMLCh* authncontext_decl=NULL,
110             const vector<const opensaml::Assertion*>* tokens=NULL,
111             const vector<shibsp::Attribute*>* attributes=NULL
112             ) const {
113             return new ChainingContext(application, issuer, protocol, nameid, authncontext_class, authncontext_decl, tokens, attributes);
114         }
115
116         ResolutionContext* createResolutionContext(const Application& application, const Session& session) const {
117             return new ChainingContext(application, session);
118         }
119
120         void resolveAttributes(ResolutionContext& ctx) const;
121
122         void getAttributeIds(vector<string>& attributes) const {
123             for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i) {
124                 Locker locker(*i);
125                 (*i)->getAttributeIds(attributes);
126             }
127         }
128         
129     private:
130         vector<AttributeResolver*> m_resolvers;
131     };
132
133     static const XMLCh _AttributeResolver[] =   UNICODE_LITERAL_17(A,t,t,r,i,b,u,t,e,R,e,s,o,l,v,e,r);
134     static const XMLCh _type[] =                UNICODE_LITERAL_4(t,y,p,e);
135
136     AttributeResolver* SHIBSP_DLLLOCAL ChainingAttributeResolverFactory(const DOMElement* & e)
137     {
138         return new ChainingAttributeResolver(e);
139     }
140 };
141
142 ChainingAttributeResolver::ChainingAttributeResolver(const DOMElement* e)
143 {
144     SPConfig& conf = SPConfig::getConfig();
145
146     // Load up the chain of handlers.
147     e = e ? XMLHelper::getFirstChildElement(e, _AttributeResolver) : NULL;
148     while (e) {
149         auto_ptr_char type(e->getAttributeNS(NULL,_type));
150         if (type.get() && *(type.get())) {
151             try {
152                 m_resolvers.push_back(conf.AttributeResolverManager.newPlugin(type.get(),e));
153             }
154             catch (exception& ex) {
155                 Category::getInstance(SHIBSP_LOGCAT".AttributeResolver").error(
156                     "caught exception processing embedded AttributeResolver element: %s", ex.what()
157                     );
158             }
159         }
160         e = XMLHelper::getNextSiblingElement(e, _AttributeResolver);
161     }
162 }
163
164 void ChainingAttributeResolver::resolveAttributes(ResolutionContext& ctx) const
165 {
166     ChainingContext& chain = dynamic_cast<ChainingContext&>(ctx);
167     for (vector<AttributeResolver*>::const_iterator i=m_resolvers.begin(); i!=m_resolvers.end(); ++i) {
168         Locker locker(*i);
169         auto_ptr<ResolutionContext> context(
170             chain.m_session ?
171                 (*i)->createResolutionContext(chain.m_app, *chain.m_session) :
172                 (*i)->createResolutionContext(
173                     chain.m_app, chain.m_issuer, chain.m_protocol, chain.m_nameid, chain.m_authclass, chain.m_authdecl, &chain.m_tokens, &chain.m_attributes
174                     )
175             );
176
177         (*i)->resolveAttributes(*context.get());
178
179         chain.m_attributes.insert(chain.m_attributes.end(), context->getResolvedAttributes().begin(), context->getResolvedAttributes().end());
180         chain.m_ownedAttributes.insert(chain.m_attributes.end(), context->getResolvedAttributes().begin(), context->getResolvedAttributes().end());
181         context->getResolvedAttributes().clear();
182
183         chain.m_tokens.insert(chain.m_tokens.end(), context->getResolvedAssertions().begin(), context->getResolvedAssertions().end());
184         chain.m_ownedAssertions.insert(chain.m_ownedAssertions.end(), context->getResolvedAssertions().begin(), context->getResolvedAssertions().end());
185         context->getResolvedAssertions().clear();
186     }
187 }
Shibboleth SP