END_TEST
START_TEST(test01_server_new)
{
LassoServer *server;
LassoProvider *provider;
char *dump;
char *content = NULL;
size_t len;
server = lasso_server_new(
TESTSDATADIR "/idp1-la/metadata.xml",
TESTSDATADIR "/idp1-la/private-key-raw.pem",
NULL, /* Secret key to unlock private key */
TESTSDATADIR "/idp1-la/certificate.pem");
fail_unless(LASSO_IS_SERVER(server));
provider = LASSO_PROVIDER(server);
fail_unless(server->private_key != NULL);
fail_unless(server->private_key_password == NULL);
fail_unless(server->certificate != NULL);
fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
fail_unless(provider->ProviderID != NULL);
fail_unless(provider->role == 0);
fail_unless(g_file_get_contents(TESTSDATADIR "/idp1-la/metadata.xml", &content, &len, NULL));
fail_unless(strcmp(provider->metadata_filename, content) == 0);
g_free(content);
fail_unless(provider->public_key == NULL);
fail_unless(provider->ca_cert_chain == NULL);
dump = lasso_node_dump(LASSO_NODE(server));
fail_unless(dump != NULL);
g_object_unref(server);
server = lasso_server_new_from_dump(dump);
fail_unless(LASSO_IS_SERVER(server));
provider = LASSO_PROVIDER(server);
fail_unless(server->private_key != NULL);
fail_unless(server->private_key_password == NULL);
fail_unless(server->certificate != NULL);
fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
fail_unless(server->providers != NULL);
fail_unless(provider->ProviderID != NULL);
fail_unless(provider->role == 0, "provider->role != 0 => provider := %d", provider->role);
fail_unless(g_file_get_contents(TESTSDATADIR "/idp1-la/metadata.xml", &content, &len, NULL));
fail_unless(strcmp(provider->metadata_filename, content) == 0);
fail_unless(provider->public_key == NULL);
fail_unless(provider->ca_cert_chain == NULL);
g_object_unref(server);
lasso_release_string(dump);
lasso_release_string(content);
}
END_TEST
START_TEST(test02_server_add_provider)
{
LassoServer *server;
char *dump;
server = lasso_server_new(
TESTSDATADIR "/idp1-la/metadata.xml",
TESTSDATADIR "/idp1-la/private-key-raw.pem",
NULL, /* Secret key to unlock private key */
TESTSDATADIR "/idp1-la/certificate.pem");
fail_unless(LASSO_IS_SERVER(server));
fail_unless(server->private_key != NULL);
fail_unless(! server->private_key_password);
fail_unless(server->certificate != NULL);
fail_unless(server->signature_method == LASSO_SIGNATURE_METHOD_RSA_SHA1);
fail_unless(server->providers != NULL);
lasso_server_add_provider(
server,
LASSO_PROVIDER_ROLE_SP,
TESTSDATADIR "/sp1-la/metadata.xml",
TESTSDATADIR "/sp1-la/public-key.pem",
TESTSDATADIR "/ca1-la/certificate.pem");
fail_unless(g_hash_table_size(server->providers) == 1);
dump = lasso_node_dump(LASSO_NODE(server));
g_object_unref(server);
lasso_release_string(dump);
}
static gint
lasso_server_add_provider_helper(LassoServer *server, LassoProviderRole role,
const gchar *metadata, const gchar *public_key, const gchar *ca_cert_chain,
LassoProvider *(*provider_constructor)(LassoProviderRole role,
const char *metadata, const char *public_key, const char *ca_cert_chain))
{
LassoProvider *provider;
g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
g_return_val_if_fail(metadata != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
provider = provider_constructor(role, metadata, public_key, ca_cert_chain);
if (provider == NULL) {
return critical_error(LASSO_SERVER_ERROR_ADD_PROVIDER_FAILED);
}
provider->role = role;
if (LASSO_PROVIDER(server)->private_data->conformance == LASSO_PROTOCOL_SAML_2_0 &&
provider->private_data->conformance != LASSO_PROTOCOL_SAML_2_0) {
lasso_node_destroy(LASSO_NODE(provider));
return LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH;
}
if (LASSO_PROVIDER(server)->private_data->conformance == LASSO_PROTOCOL_LIBERTY_1_2 &&
provider->private_data->conformance > LASSO_PROTOCOL_LIBERTY_1_2) {
lasso_node_destroy(LASSO_NODE(provider));
return LASSO_SERVER_ERROR_ADD_PROVIDER_PROTOCOL_MISMATCH;
}
g_hash_table_insert(server->providers, g_strdup(provider->ProviderID), provider);
return 0;
}
/**
* lasso_server_get_svc_metadatas:
* @server: a #LassoServer object
*
* Return value:(element-type LassoIdWsf2DiscoSvcMetadata)(transfer none): a list of #LassoIdWsf2DiscoSvcMetadata
*/
const GList *
lasso_server_get_svc_metadatas(LassoServer *server)
{
g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
return server->private_data->svc_metadatas;
}
/**
* lasso_server_get_provider:
* @server: a #LassoServer
* @providerID: the provider ID
*
* Looks up for a #LassoProvider whose ID is @providerID and returns it.
*
* Return value: (transfer none): the #LassoProvider, NULL if it was not found. The
* #LassoProvider is owned by Lasso and should not be freed.
**/
LassoProvider*
lasso_server_get_provider(const LassoServer *server, const gchar *providerID)
{
if (! LASSO_IS_SERVER(server) || providerID == NULL || strlen(providerID) == 0) {
return NULL;
}
return g_hash_table_lookup(server->providers, providerID);
}
/**
* lasso_server_get_encryption_private_key:
* @server: a #LassoServer object
*
* Return:(transfer none): a xmlSecKey object, it is owned by the #LassoServer object, so do not
* free it.
*/
xmlSecKey*
lasso_server_get_encryption_private_key(LassoServer *server)
{
if (! LASSO_IS_SERVER(server))
return NULL;
if (! server->private_data)
return NULL;
return server->private_data->encryption_private_key;
}
/**
* lasso_server_get_private_key:
* @server: a #LassoServer object
*
* Return value:(transfer full): a newly created #xmlSecKey object.
*/
xmlSecKey*
lasso_server_get_private_key(LassoServer *server)
{
if (! LASSO_IS_SERVER(server))
return NULL;
if (! server->private_key)
return NULL;
return lasso_xmlsec_load_private_key(server->private_key, server->private_key_password);
}
/**
* lasso_server_new_from_dump:
* @dump: XML server dump
*
* Restores the @dump to a new #LassoServer.
*
* Return value: a newly created #LassoServer; or NULL if an error occured
**/
LassoServer*
lasso_server_new_from_dump(const gchar *dump)
{
LassoServer *server;
server = (LassoServer*)lasso_node_new_from_dump(dump);
if (! LASSO_IS_SERVER(server)) {
lasso_release_gobject(server);
}
return server;
}
/**
* lasso_assertion_query_new:
* @server: the #LassoServer
*
* Creates a new #LassoAssertionQuery.
*
* Return value: a newly created #LassoAssertionQuery object; or NULL if
* an error occured
**/
LassoAssertionQuery*
lasso_assertion_query_new(LassoServer *server)
{
LassoAssertionQuery *assertion_query;
g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
assertion_query = g_object_new(LASSO_TYPE_ASSERTION_QUERY, NULL);
LASSO_PROFILE(assertion_query)->server = lasso_ref(server);
return assertion_query;
}
gint
lasso_server_add_svc_metadata(LassoServer *server, LassoIdWsf2DiscoSvcMetadata *metadata)
{
g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
g_return_val_if_fail(LASSO_IS_IDWSF2_DISCO_SVC_METADATA(metadata),
LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
server->private_data->svc_metadatas = g_list_append(
server->private_data->svc_metadatas, g_object_ref(metadata));
return 0;
}
/**
* lasso_server_add_service:
* @server: a #LassoServer
* @service: a #LassoNode object implementing representing a service endpoint.
*
* Add a service to the registry of service of this #LassoServer object.
*
* Return value: 0 on success; a negative value if an error occured.
**/
gint
lasso_server_add_service(LassoServer *server, LassoNode *service)
{
g_return_val_if_fail(LASSO_IS_SERVER(server), LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
g_return_val_if_fail(service != NULL, LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
if (LASSO_IS_DISCO_SERVICE_INSTANCE(service)) {
g_hash_table_insert(server->services,
g_strdup(LASSO_DISCO_SERVICE_INSTANCE(service)->ServiceType),
g_object_ref(service));
} else if (LASSO_IS_IDWSF2_DISCO_SVC_METADATA(service)) {
return lasso_server_add_svc_metadata(server,
LASSO_IDWSF2_DISCO_SVC_METADATA(service));
} else {
return LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ;
}
return 0;
}
/**
* lasso_server_get_svc_metadatas_with_id_and_type:
* @server: a #LassoServer object
* @svcMDIDs:(allow-none): a list of service metadata IDs
* @service_type:(allow-none): a service type identifier
*
* Return value:(element-type LassoIdWsf2DiscoSvcMetadata)(transfer full): a list of #LassoIdWsf2DiscoSvcMetadata
*/
GList *
lasso_server_get_svc_metadatas_with_id_and_type(LassoServer *server, GList *svcMDIDs,
const gchar *service_type)
{
gchar *svcMDID;
LassoIdWsf2DiscoSvcMetadata *md;
GList *result = NULL;
GList *i;
GList *j;
g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
g_return_val_if_fail(service_type != NULL, NULL);
for (i = g_list_first(server->private_data->svc_metadatas); i != NULL; i = g_list_next(i)) {
md = LASSO_IDWSF2_DISCO_SVC_METADATA(i->data);
/* FIXME: this assumes there is one and only one service
* context, and service type, this should be fixed to iterate
* properly on the GList */
if (md->ServiceContext == NULL || strcmp((char*)(LASSO_IDWSF2_DISCO_SERVICE_CONTEXT(
md->ServiceContext->data)->ServiceType)->data, service_type) != 0) {
continue;
}
if (svcMDIDs == NULL) {
/* If no svcMDID is given, return all the metadatas with given */
/* service type */
result = g_list_append(result, g_object_ref(md));
} else {
for (j = g_list_first(svcMDIDs); j != NULL; j = g_list_next(j)) {
svcMDID = (gchar *)(j->data);
if (strcmp(svcMDID, md->svcMDID) == 0) {
result = g_list_append(result, g_object_ref(md));
}
}
}
}
return result;
}