From 5e93d043918fd9c79b9a4d43a9d0cbe4b9f6d281 Mon Sep 17 00:00:00 2001 From: cantor Date: Sun, 1 Apr 2007 22:30:15 +0000 Subject: [PATCH] Support for application-specific attribute IDs. git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@2208 cb58f699-b61c-0410-a6fe-9272a202ed29 --- schemas/shibboleth-spconfig-2.0.xsd | 4 +++- shibsp/Application.h | 7 +++++++ .../resolver/impl/SimpleAttributeResolver.cpp | 20 +++++++++---------- shibsp/handler/impl/AssertionConsumerService.cpp | 2 +- shibsp/impl/XMLServiceProvider.cpp | 23 ++++++++++++++++++++++ 5 files changed, 44 insertions(+), 12 deletions(-) diff --git a/schemas/shibboleth-spconfig-2.0.xsd b/schemas/shibboleth-spconfig-2.0.xsd index 0d70774..c145ce2 100644 --- a/schemas/shibboleth-spconfig-2.0.xsd +++ b/schemas/shibboleth-spconfig-2.0.xsd @@ -350,6 +350,7 @@ + @@ -373,7 +374,8 @@ - + + diff --git a/shibsp/Application.h b/shibsp/Application.h index 99797e2..4b42220 100644 --- a/shibsp/Application.h +++ b/shibsp/Application.h @@ -99,6 +99,13 @@ namespace shibsp { virtual AttributeResolver* getAttributeResolver() const=0; /** + * Returns a set of attribute IDs to resolve for the Application. + * + * @return a set of attribute IDs, or an empty set + */ + virtual const std::set* getAttributeIds() const=0; + + /** * Returns the CredentialResolver instance associated with this Application. * * @return a CredentialResolver, or NULL diff --git a/shibsp/attribute/resolver/impl/SimpleAttributeResolver.cpp b/shibsp/attribute/resolver/impl/SimpleAttributeResolver.cpp index 2745e6a..b09b71b 100644 --- a/shibsp/attribute/resolver/impl/SimpleAttributeResolver.cpp +++ b/shibsp/attribute/resolver/impl/SimpleAttributeResolver.cpp @@ -596,15 +596,15 @@ void SimpleResolverImpl::populateQuery(saml1p::AttributeQuery& query, const stri if (i->second.second == id) { AttributeDesignator* a = AttributeDesignatorBuilder::buildAttributeDesignator(); #ifdef HAVE_GOOD_STL - a->setAttributeName(i->first.second.c_str()); - a->setAttributeNamespace(i->first.first.empty() ? shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI : i->first.first.c_str()); + a->setAttributeName(i->first.first.c_str()); + a->setAttributeNamespace(i->first.second.empty() ? shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI : i->first.second.c_str()); #else - auto_ptr_XMLCh n(i->first.second); + auto_ptr_XMLCh n(i->first.first.c_str()); a->setAttributeName(n.get()); - if (i->first.first.empty()) + if (i->first.second.empty()) a->setAttributeNamespace(shibspconstants::SHIB1_ATTRIBUTE_NAMESPACE_URI); else { - auto_ptr_XMLCh ns(i->first.first); + auto_ptr_XMLCh ns(i->first.second.c_str()); a->setAttributeNamespace(ns.get()); } #endif @@ -713,15 +713,15 @@ void SimpleResolverImpl::populateQuery(saml2p::AttributeQuery& query, const stri if (i->second.second == id) { saml2::Attribute* a = saml2::AttributeBuilder::buildAttribute(); #ifdef HAVE_GOOD_STL - a->setName(i->first.second.c_str()); - a->setNameFormat(i->first.first.empty() ? saml2::Attribute::URI_REFERENCE : i->first.first.c_str()); + a->setName(i->first.first.c_str()); + a->setNameFormat(i->first.second.empty() ? saml2::Attribute::URI_REFERENCE : i->first.second.c_str()); #else - auto_ptr_XMLCh n(i->first.second); + auto_ptr_XMLCh n(i->first.first.c_str()); a->setName(n.get()); - if (i->first.first.empty()) + if (i->first.second.empty()) a->setNameFormat(saml2::Attribute::URI_REFERENCE); else { - auto_ptr_XMLCh ns(i->first.first); + auto_ptr_XMLCh ns(i->first.second.c_str()); a->setNameFormat(ns.get()); } #endif diff --git a/shibsp/handler/impl/AssertionConsumerService.cpp b/shibsp/handler/impl/AssertionConsumerService.cpp index 02995c4..829208b 100644 --- a/shibsp/handler/impl/AssertionConsumerService.cpp +++ b/shibsp/handler/impl/AssertionConsumerService.cpp @@ -248,7 +248,7 @@ ResolutionContext* AssertionConsumerService::resolveAttributes( auto_ptr ctx( resolver->createResolutionContext(application, httpRequest.getRemoteAddr().c_str(), issuer, nameid, tokens) ); - resolver->resolveAttributes(*ctx.get()); + resolver->resolveAttributes(*ctx.get(), application.getAttributeIds()); return ctx.release(); } catch (exception& ex) { diff --git a/shibsp/impl/XMLServiceProvider.cpp b/shibsp/impl/XMLServiceProvider.cpp index 849fc16..e5c96a6 100644 --- a/shibsp/impl/XMLServiceProvider.cpp +++ b/shibsp/impl/XMLServiceProvider.cpp @@ -97,6 +97,9 @@ namespace { AttributeResolver* getAttributeResolver() const { return (!m_attrResolver && m_base) ? m_base->getAttributeResolver() : m_attrResolver; } + const set* getAttributeIds() const { + return (m_attributeIds.empty() && m_base) ? m_base->getAttributeIds() : (m_attributeIds.empty() ? NULL : &m_attributeIds); + } CredentialResolver* getCredentialResolver() const { return (!m_credResolver && m_base) ? m_base->getCredentialResolver() : m_credResolver; } @@ -126,6 +129,7 @@ namespace { AttributeResolver* m_attrResolver; CredentialResolver* m_credResolver; vector m_audiences; + set m_attributeIds; // manage handler objects vector m_handlers; @@ -361,6 +365,25 @@ XMLApplication::XMLApplication( m_hash+=getString("providerId").second; m_hash=samlConf.hashSHA1(m_hash.c_str(), true); + pair attributes = getString("attributeIds"); + if (attributes.first) { + char* dup = strdup(attributes.second); + char* pos; + char* start = dup; + while (start && *start) { + while (*start && isspace(*start)) + start++; + if (!*start) + break; + pos = strchr(start,' '); + if (pos) + *pos=0; + m_attributeIds.insert(start); + start = pos ? pos+1 : NULL; + } + free(dup); + } + const PropertySet* sessions = getPropertySet("Sessions"); // Process handlers. -- 2.1.4