From: cantor Date: Tue, 12 Feb 2008 18:32:26 +0000 (+0000) Subject: Clean up existing handlers a bit. X-Git-Tag: 2.4~552 X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fsp.git;a=commitdiff_plain;h=6811e40cc92f24e0c9c7e6ab2265a862b0a84b51 Clean up existing handlers a bit. Add initiator to read IdP history cookie. git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@2734 cb58f699-b61c-0410-a6fe-9272a202ed29 --- diff --git a/shibsp/Makefile.am b/shibsp/Makefile.am index 32c5e43..cd1d348 100644 --- a/shibsp/Makefile.am +++ b/shibsp/Makefile.am @@ -111,6 +111,7 @@ common_sources = \ handler/impl/AssertionLookup.cpp \ handler/impl/ChainingLogoutInitiator.cpp \ handler/impl/ChainingSessionInitiator.cpp \ + handler/impl/CookieSessionInitiator.cpp \ handler/impl/FormSessionInitiator.cpp \ handler/impl/LocalLogoutInitiator.cpp \ handler/impl/LogoutHandler.cpp \ diff --git a/shibsp/handler/SessionInitiator.h b/shibsp/handler/SessionInitiator.h index bd0ae6b..ab19446 100644 --- a/shibsp/handler/SessionInitiator.h +++ b/shibsp/handler/SessionInitiator.h @@ -86,6 +86,9 @@ namespace shibsp { /** SessionInitiator that uses HTML form submission from the user. */ #define FORM_SESSION_INITIATOR "Form" + + /** SessionInitiator that reads the CDC. */ + #define COOKIE_SESSION_INITIATOR "Cookie" }; #endif /* __shibsp_initiator_h__ */ diff --git a/shibsp/handler/impl/CookieSessionInitiator.cpp b/shibsp/handler/impl/CookieSessionInitiator.cpp new file mode 100644 index 0000000..b79ed15 --- /dev/null +++ b/shibsp/handler/impl/CookieSessionInitiator.cpp @@ -0,0 +1,90 @@ +/* + * Copyright 2001-2007 Internet2 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/** + * CookieSessionInitiator.cpp + * + * Cookie-based IdP discovery. + */ + +#include "internal.h" +#include "Application.h" +#include "exceptions.h" +#include "SPRequest.h" +#include "handler/AbstractHandler.h" +#include "handler/SessionInitiator.h" + +#ifndef SHIBSP_LITE +# include +#else +# include "lite/CommonDomainCookie.h" +#endif + +#include +#include + +using namespace shibsp; +using namespace opensaml; +using namespace xmltooling; +using namespace std; + +namespace shibsp { + +#if defined (_MSC_VER) + #pragma warning( push ) + #pragma warning( disable : 4250 ) +#endif + + class SHIBSP_DLLLOCAL CookieSessionInitiator : public SessionInitiator, public AbstractHandler + { + public: + CookieSessionInitiator(const DOMElement* e, const char* appId) + : AbstractHandler(e, Category::getInstance(SHIBSP_LOGCAT".SessionInitiator.Cookie")), m_followMultiple(getBool("followMultiple").second) { + } + virtual ~CookieSessionInitiator() {} + + pair run(SPRequest& request, string& entityID, bool isHandler=true) const; + + private: + bool m_followMultiple; + }; + +#if defined (_MSC_VER) + #pragma warning( pop ) +#endif + + SessionInitiator* SHIBSP_DLLLOCAL CookieSessionInitiatorFactory(const pair& p) + { + return new CookieSessionInitiator(p.first, p.second); + } + +}; + +pair CookieSessionInitiator::run(SPRequest& request, string& entityID, bool isHandler) const +{ + // The IdP CANNOT be specified for us to run. + if (!entityID.empty()) + return make_pair(false,0L); + + // If there's no entityID yet, we can check for cookie processing. + CommonDomainCookie cdc(request.getCookie(CommonDomainCookie::CDCName)); + if ((m_followMultiple && cdc.get().size() > 0) || (!m_followMultiple && cdc.get().size() == 1)) { + entityID = cdc.get().back(); + m_log.info("set entityID (%s) from IdP history cookie", entityID.c_str()); + } + + return make_pair(false,0L); +} diff --git a/shibsp/handler/impl/FormSessionInitiator.cpp b/shibsp/handler/impl/FormSessionInitiator.cpp index 7842963..53f6008 100644 --- a/shibsp/handler/impl/FormSessionInitiator.cpp +++ b/shibsp/handler/impl/FormSessionInitiator.cpp @@ -76,14 +76,13 @@ pair FormSessionInitiator::run(SPRequest& request, string& entityID, { string target; const char* option; - bool isPassive=false; const Application& app=request.getApplication(); if (isHandler) { option = request.getParameter("target"); if (option) target = option; - recoverRelayState(request.getApplication(), request, request, target, false); + recoverRelayState(app, request, request, target, false); } else { // We're running as a "virtual handler" from within the filter. @@ -103,7 +102,7 @@ pair FormSessionInitiator::run(SPRequest& request, string& entityID, if (option) target = option; } - preserveRelayState(request.getApplication(), request, target); + preserveRelayState(app, request, target); request.setContentType("text/html"); request.setResponseHeader("Expires","01-Jan-1997 12:00:00 GMT"); @@ -114,7 +113,7 @@ pair FormSessionInitiator::run(SPRequest& request, string& entityID, throw ConfigurationException("Unable to access HTML template ($1).", params(1, m_template)); TemplateParameters tp; tp.m_request = &request; - tp.setPropertySet(request.getApplication().getPropertySet("Errors")); + tp.setPropertySet(app.getPropertySet("Errors")); tp.m_map["action"] = returnURL; if (!target.empty()) tp.m_map["target"] = target; diff --git a/shibsp/handler/impl/SessionInitiator.cpp b/shibsp/handler/impl/SessionInitiator.cpp index 0e96922..1d41570 100644 --- a/shibsp/handler/impl/SessionInitiator.cpp +++ b/shibsp/handler/impl/SessionInitiator.cpp @@ -36,6 +36,7 @@ namespace shibsp { SHIBSP_DLLLOCAL PluginManager< SessionInitiator,string,pair >::Factory SAMLDSSessionInitiatorFactory; SHIBSP_DLLLOCAL PluginManager< SessionInitiator,string,pair >::Factory TransformSessionInitiatorFactory; SHIBSP_DLLLOCAL PluginManager< SessionInitiator,string,pair >::Factory FormSessionInitiatorFactory; + SHIBSP_DLLLOCAL PluginManager< SessionInitiator,string,pair >::Factory CookieSessionInitiatorFactory; }; void SHIBSP_API shibsp::registerSessionInitiators() @@ -47,6 +48,7 @@ void SHIBSP_API shibsp::registerSessionInitiators() conf.SessionInitiatorManager.registerFactory(WAYF_SESSION_INITIATOR, WAYFSessionInitiatorFactory); conf.SessionInitiatorManager.registerFactory(TRANSFORM_SESSION_INITIATOR, TransformSessionInitiatorFactory); conf.SessionInitiatorManager.registerFactory(FORM_SESSION_INITIATOR, FormSessionInitiatorFactory); + conf.SessionInitiatorManager.registerFactory(COOKIE_SESSION_INITIATOR, CookieSessionInitiatorFactory); } pair SessionInitiator::run(SPRequest& request, bool isHandler) const diff --git a/shibsp/handler/impl/TransformSessionInitiator.cpp b/shibsp/handler/impl/TransformSessionInitiator.cpp index 440668b..c265f7a 100644 --- a/shibsp/handler/impl/TransformSessionInitiator.cpp +++ b/shibsp/handler/impl/TransformSessionInitiator.cpp @@ -62,7 +62,6 @@ namespace shibsp { static SHIBSP_DLLLOCAL TransformSINodeFilter g_TSINFilter; #ifndef SHIBSP_LITE - static const XMLCh alwaysRun[] = UNICODE_LITERAL_9(a,l,w,a,y,s,R,u,n); static const XMLCh force[] = UNICODE_LITERAL_5(f,o,r,c,e); static const XMLCh match[] = UNICODE_LITERAL_5(m,a,t,c,h); static const XMLCh Regex[] = UNICODE_LITERAL_5(R,e,g,e,x); diff --git a/shibsp/shibsp-lite.vcproj b/shibsp/shibsp-lite.vcproj index a59b023..2a1e205 100644 --- a/shibsp/shibsp-lite.vcproj +++ b/shibsp/shibsp-lite.vcproj @@ -304,6 +304,10 @@ > + + diff --git a/shibsp/shibsp.vcproj b/shibsp/shibsp.vcproj index d3511c3..c8d78c2 100644 --- a/shibsp/shibsp.vcproj +++ b/shibsp/shibsp.vcproj @@ -475,6 +475,10 @@ > + +