Exemple #1
0
END_TEST

START_TEST(test01_server_new)
{
	LassoServer *server;
	LassoProvider *provider;
	char *dump;
	char *content = NULL;
	size_t len;

	server = lasso_server_new(
			TESTSDATADIR "/idp1-la/metadata.xml",
			TESTSDATADIR "/idp1-la/private-key-raw.pem",
			NULL, /* Secret key to unlock private key */
			TESTSDATADIR "/idp1-la/certificate.pem");
	fail_unless(LASSO_IS_SERVER(server));
	provider = LASSO_PROVIDER(server);
	fail_unless(server->private_key != NULL);
	fail_unless(server->private_key_password == NULL);
	fail_unless(server->certificate != NULL);
	fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
	fail_unless(provider->ProviderID != NULL);
	fail_unless(provider->role == 0);
	fail_unless(g_file_get_contents(TESTSDATADIR "/idp1-la/metadata.xml", &content, &len, NULL));
	fail_unless(strcmp(provider->metadata_filename, content) == 0);
	g_free(content);
	fail_unless(provider->public_key == NULL);
	fail_unless(provider->ca_cert_chain == NULL);

	dump = lasso_node_dump(LASSO_NODE(server));
	fail_unless(dump != NULL);
	g_object_unref(server);
	server = lasso_server_new_from_dump(dump);
	fail_unless(LASSO_IS_SERVER(server));
	provider = LASSO_PROVIDER(server);
	fail_unless(server->private_key != NULL);
	fail_unless(server->private_key_password == NULL);
	fail_unless(server->certificate != NULL);
	fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
	fail_unless(server->providers != NULL);
	fail_unless(provider->ProviderID != NULL);
	fail_unless(provider->role == 0, "provider->role != 0 => provider :=  %d", provider->role);
	fail_unless(g_file_get_contents(TESTSDATADIR "/idp1-la/metadata.xml", &content, &len, NULL));
	fail_unless(strcmp(provider->metadata_filename, content) == 0);
	fail_unless(provider->public_key == NULL);
	fail_unless(provider->ca_cert_chain == NULL);
	g_object_unref(server);
	lasso_release_string(dump);
	lasso_release_string(content);
}
Exemple #2
0
END_TEST

START_TEST(test02_server_add_provider)
{
	LassoServer *server;
	char *dump;

	server = lasso_server_new(
			TESTSDATADIR "/idp1-la/metadata.xml",
			TESTSDATADIR "/idp1-la/private-key-raw.pem",
			NULL, /* Secret key to unlock private key */
			TESTSDATADIR "/idp1-la/certificate.pem");
	fail_unless(LASSO_IS_SERVER(server));
	fail_unless(server->private_key != NULL);
	fail_unless(! server->private_key_password);
	fail_unless(server->certificate != NULL);
	fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
	fail_unless(server->providers != NULL);
	lasso_server_add_provider(
			server,
			LASSO_PROVIDER_ROLE_SP,
			TESTSDATADIR "/sp1-la/metadata.xml",
			TESTSDATADIR "/sp1-la/public-key.pem",
			TESTSDATADIR "/ca1-la/certificate.pem");
	fail_unless(g_hash_table_size(server->providers) == 1);


	dump = lasso_node_dump(LASSO_NODE(server));
	g_object_unref(server);
	lasso_release_string(dump);
}
Exemple #3
0
static gint
lasso_server_add_provider_helper(LassoServer *server, LassoProviderRole role,
		const gchar *metadata, const gchar *public_key, const gchar *ca_cert_chain,
		LassoProvider *(*provider_constructor)(LassoProviderRole role,
		const char *metadata, const char *public_key, const char *ca_cert_chain))
{
	LassoProvider *provider;

	g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
	g_return_val_if_fail(metadata != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);

	provider = provider_constructor(role, metadata, public_key, ca_cert_chain);
	if (provider == NULL) {
		return critical_error(LASSO_SERVER_ERROR_ADD_PROVIDER_FAILED);
	}
	provider->role = role;

	if (LASSO_PROVIDER(server)->private_data->conformance == LASSO_PROTOCOL_SAML_2_0 &&
			provider->private_data->conformance != LASSO_PROTOCOL_SAML_2_0) {
		lasso_node_destroy(LASSO_NODE(provider));
		return LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH;
	}

	if (LASSO_PROVIDER(server)->private_data->conformance == LASSO_PROTOCOL_LIBERTY_1_2 &&
			provider->private_data->conformance > LASSO_PROTOCOL_LIBERTY_1_2) {
		lasso_node_destroy(LASSO_NODE(provider));
		return LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH;
	}

	g_hash_table_insert(server->providers, g_strdup(provider->ProviderID), provider);

	return 0;
}
Exemple #4
0
/**
 * lasso_server_get_svc_metadatas:
 * @server: a #LassoServer object
 *
 * Return value:(element-type LassoIdWsf2DiscoSvcMetadata)(transfer none): a list of #LassoIdWsf2DiscoSvcMetadata
 */
const GList *
lasso_server_get_svc_metadatas(LassoServer *server)
{
	g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);

	return server->private_data->svc_metadatas;
}
Exemple #5
0
/**
 * lasso_server_get_provider:
 * @server: a #LassoServer
 * @providerID: the provider ID
 *
 * Looks up for a #LassoProvider whose ID is @providerID and returns it.
 *
 * Return value: (transfer none): the #LassoProvider, NULL if it was not found.  The
 *     #LassoProvider is owned by Lasso and should not be freed.
 **/
LassoProvider*
lasso_server_get_provider(const LassoServer *server, const gchar *providerID)
{
	if (! LASSO_IS_SERVER(server) || providerID == NULL || strlen(providerID) == 0) {
		return NULL;
	}
	return g_hash_table_lookup(server->providers, providerID);
}
Exemple #6
0
/**
 * lasso_server_get_encryption_private_key:
 * @server: a #LassoServer object
 *
 * Return:(transfer none): a xmlSecKey object, it is owned by the #LassoServer object, so do not
 * free it.
 */
xmlSecKey*
lasso_server_get_encryption_private_key(LassoServer *server)
{
	if (! LASSO_IS_SERVER(server))
		return NULL;

	if (! server->private_data)
		return NULL;

	return server->private_data->encryption_private_key;
}
Exemple #7
0
/**
 * lasso_server_get_private_key:
 * @server: a #LassoServer object
 *
 * Return value:(transfer full): a newly created #xmlSecKey object.
 */
xmlSecKey*
lasso_server_get_private_key(LassoServer *server)
{
	if (! LASSO_IS_SERVER(server))
		return NULL;

	if (! server->private_key)
		return NULL;

	return lasso_xmlsec_load_private_key(server->private_key, server->private_key_password);
}
Exemple #8
0
/**
 * lasso_server_new_from_dump:
 * @dump: XML server dump
 *
 * Restores the @dump to a new #LassoServer.
 *
 * Return value: a newly created #LassoServer; or NULL if an error occured
 **/
LassoServer*
lasso_server_new_from_dump(const gchar *dump)
{
	LassoServer *server;

	server = (LassoServer*)lasso_node_new_from_dump(dump);
	if (! LASSO_IS_SERVER(server)) {
		lasso_release_gobject(server);
	}
	return server;
}
Exemple #9
0
/**
 * lasso_assertion_query_new:
 * @server: the #LassoServer
 *
 * Creates a new #LassoAssertionQuery.
 *
 * Return value: a newly created #LassoAssertionQuery object; or NULL if
 *     an error occured
 **/
LassoAssertionQuery*
lasso_assertion_query_new(LassoServer *server)
{
	LassoAssertionQuery *assertion_query;

	g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);

	assertion_query = g_object_new(LASSO_TYPE_ASSERTION_QUERY, NULL);
	LASSO_PROFILE(assertion_query)->server = lasso_ref(server);
	return assertion_query;
}
Exemple #10
0
gint
lasso_server_add_svc_metadata(LassoServer *server, LassoIdWsf2DiscoSvcMetadata *metadata)
{

	g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
	g_return_val_if_fail(LASSO_IS_IDWSF2_DISCO_SVC_METADATA(metadata),
			LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);

	server->private_data->svc_metadatas = g_list_append(
		server->private_data->svc_metadatas, g_object_ref(metadata));

	return 0;
}
Exemple #11
0
/**
 * lasso_server_add_service:
 * @server: a #LassoServer
 * @service: a #LassoNode object implementing representing a service endpoint.
 *
 * Add a service to the registry of service of this #LassoServer object.
 *
 * Return value: 0 on success; a negative value if an error occured.
 **/
gint
lasso_server_add_service(LassoServer *server, LassoNode *service)
{
	g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
	g_return_val_if_fail(service != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);

	if (LASSO_IS_DISCO_SERVICE_INSTANCE(service)) {
		g_hash_table_insert(server->services,
				g_strdup(LASSO_DISCO_SERVICE_INSTANCE(service)->ServiceType),
				g_object_ref(service));
	} else if (LASSO_IS_IDWSF2_DISCO_SVC_METADATA(service)) {
		return lasso_server_add_svc_metadata(server,
				LASSO_IDWSF2_DISCO_SVC_METADATA(service));
	} else {
		return LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ;
	}
	return 0;
}
Exemple #12
0
/**
 * lasso_server_get_svc_metadatas_with_id_and_type:
 * @server: a #LassoServer object
 * @svcMDIDs:(allow-none): a list of service metadata IDs
 * @service_type:(allow-none): a service type identifier
 *
 * Return value:(element-type LassoIdWsf2DiscoSvcMetadata)(transfer full): a list of #LassoIdWsf2DiscoSvcMetadata
 */
GList *
lasso_server_get_svc_metadatas_with_id_and_type(LassoServer *server, GList *svcMDIDs,
	const gchar *service_type)
{
	gchar *svcMDID;
	LassoIdWsf2DiscoSvcMetadata *md;
	GList *result = NULL;
	GList *i;
	GList *j;

	g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
	g_return_val_if_fail(service_type != NULL, NULL);

	for (i = g_list_first(server->private_data->svc_metadatas); i != NULL; i = g_list_next(i)) {
		md = LASSO_IDWSF2_DISCO_SVC_METADATA(i->data);
		/* FIXME: this assumes there is one and only one service
		 * context, and service type, this should be fixed to iterate
		 * properly on the GList */
		if (md->ServiceContext == NULL || strcmp((char*)(LASSO_IDWSF2_DISCO_SERVICE_CONTEXT(
				md->ServiceContext->data)->ServiceType)->data, service_type) != 0) {
			continue;
		}
		if (svcMDIDs == NULL) {
			/* If no svcMDID is given, return all the metadatas with given */
			/* service type */
			result = g_list_append(result, g_object_ref(md));
		} else {
			for (j = g_list_first(svcMDIDs); j != NULL; j = g_list_next(j)) {
				svcMDID = (gchar *)(j->data);
				if (strcmp(svcMDID, md->svcMDID) == 0) {
					result = g_list_append(result, g_object_ref(md));
				}
			}
		}
	}

	return result;
}