AXIS2_EXTERN int AXIS2_CALL saml_subject_query_build(saml_subject_query_t* subject_query,
axiom_node_t *node,
const axutil_env_t *env)
{
axiom_element_t *element = NULL;
axiom_child_element_iterator_t *iterator = NULL;
axiom_node_t *child_node = NULL;
if (axiom_node_get_node_type(node, env) != AXIOM_ELEMENT)
{
return AXIS2_FAILURE;
}
if ((element = axiom_node_get_data_element(node, env)) == NULL)
{
return AXIS2_FAILURE;
}
iterator = axiom_element_get_child_elements(element, env, node);
if(iterator)
{
while(axiom_child_element_iterator_has_next(iterator, env))
{
child_node = axiom_child_element_iterator_next(iterator, env);
element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_SUBJECT)))
{
if(subject_query->subject)
return saml_subject_build(subject_query->subject, child_node, env);
else
return AXIS2_FAILURE; /*subject query saml subject does not exist*/
}
}
return AXIS2_SUCCESS;
}
else
return AXIS2_FAILURE;
}
AXIS2_EXTERN int AXIS2_CALL saml_attr_query_build(saml_attr_query_t* attribute_query,
axiom_node_t *node,
const axutil_env_t *env)
{
axutil_hash_t *attr_hash = NULL;
axiom_element_t *element = NULL;
axutil_hash_index_t *hi = NULL;
axiom_child_element_iterator_t *iterator = NULL;
axiom_node_t *child_node;
saml_attr_desig_t *attr_desig = NULL;
if (axiom_node_get_node_type(node, env) != AXIOM_ELEMENT)
{
return AXIS2_FAILURE;
}
if ((element = axiom_node_get_data_element(node, env)) == NULL)
{
return AXIS2_FAILURE;
}
/* initialize the attributes */
attr_hash = axiom_element_get_all_attributes(element, env);
/*One resource attribute relate to the attibute query*/
for (hi = axutil_hash_first(attr_hash, env); hi; hi = axutil_hash_next(env, hi))
{
void *v = NULL;
axutil_hash_this(hi, NULL, NULL, &v);
if (v)
{
axis2_char_t *attr_val = NULL;
axiom_attribute_t *attr = (axiom_attribute_t*)v;
attr_val = axiom_attribute_get_value(attr, env);
if(!axutil_strcmp(axiom_attribute_get_localname(attr, env),SAML_RESOURCE))
{
attribute_query->resource = attr_val;
break;
}
}
}
iterator = axiom_element_get_child_elements(element, env, node);
if(iterator)
{
while(axiom_child_element_iterator_has_next(iterator, env))
{
child_node = axiom_child_element_iterator_next(iterator, env);
element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_SUBJECT)))
{
if(attribute_query->subject)
saml_subject_build(attribute_query->subject, child_node, env);
}
else if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_ATTRIBUTE_DESIGNATOR)))
{
/*attr_desig = saml_attr_desig_create(env);
*/
attr_desig = (saml_attr_desig_t*)AXIS2_MALLOC(env->allocator,
sizeof(saml_attr_desig_t));
if( AXIS2_SUCCESS == saml_attr_desig_build(attr_desig, child_node, env))
{
axutil_array_list_add(attribute_query->attr_desigs,env, attr_desig);
}
}
}
return AXIS2_SUCCESS;
}
else
return AXIS2_FAILURE;
}
AXIS2_EXTERN int AXIS2_CALL saml_autho_decision_query_build(saml_autho_decision_query_t* autho_decision_query,
axiom_node_t *node,
const axutil_env_t *env)
{
axutil_hash_t *attr_hash = NULL;
axiom_element_t *element = NULL;
axutil_hash_index_t *hi = NULL;
axiom_child_element_iterator_t *iterator = NULL;
axiom_node_t *child_node;
saml_action_t *action;
if (axiom_node_get_node_type(node, env) != AXIOM_ELEMENT)
{
return AXIS2_FAILURE;
}
if ((element = axiom_node_get_data_element(node, env)) == NULL)
{
return AXIS2_FAILURE;
}
/* initialize the attributes */
attr_hash = axiom_element_get_all_attributes(element, env);
for (hi = axutil_hash_first(attr_hash, env); hi; hi = axutil_hash_next(env, hi))
{
void *v = NULL;
axutil_hash_this(hi, NULL, NULL, &v);
if (v)
{
axis2_char_t *attr_val = NULL;
axiom_attribute_t *attr = (axiom_attribute_t*)v;
attr_val = axiom_attribute_get_value(attr, env);
if(!axutil_strcmp(axiom_attribute_get_localname(attr, env), SAML_RESOURCE))
{
if(autho_decision_query->resource)
{
autho_decision_query->resource = attr_val;
break;
}
else
return AXIS2_FAILURE;
}
}
}
iterator = axiom_element_get_child_elements(element, env, node);
if(iterator)
{
while(axiom_child_element_iterator_has_next(iterator, env))
{
child_node = axiom_child_element_iterator_next(iterator, env);
element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_SUBJECT)))
{
if(autho_decision_query->subject)
saml_subject_build(autho_decision_query->subject, child_node, env);
}
else if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_ACTION)))
{
if(autho_decision_query->saml_actions)
{
action = saml_action_create(env);
saml_action_build(action, child_node, env);
axutil_array_list_add(autho_decision_query->saml_actions, env, action);
}
}
else if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_EVIDENCE)))
{
if(autho_decision_query->evidence)
saml_evidence_build(autho_decision_query->evidence, child_node, env);
}
}
return AXIS2_SUCCESS;
}
else
return AXIS2_FAILURE;
}
AXIS2_EXTERN int AXIS2_CALL saml_authentication_query_build(saml_authentication_query_t* authentication_query,
axiom_node_t *node,
const axutil_env_t *env)
{
axutil_hash_t *attr_hash = NULL;
axiom_element_t *element = NULL;
axutil_hash_index_t *hi = NULL;
axiom_child_element_iterator_t *iterator = NULL;
axiom_node_t *child_node;
if (axiom_node_get_node_type(node, env) != AXIOM_ELEMENT)
{
return AXIS2_FAILURE;
}
if ((element = axiom_node_get_data_element(node, env)) == NULL)
{
return AXIS2_FAILURE;
}
/* initialize the attributes */
attr_hash = axiom_element_get_all_attributes(element, env);
if(attr_hash)
{
for (hi = axutil_hash_first(attr_hash, env); hi; hi = axutil_hash_next(env, hi))
{
void *v = NULL;
axutil_hash_this(hi, NULL, NULL, &v);
if (v)
{
axis2_char_t *attr_val = NULL;
axiom_attribute_t *attr = (axiom_attribute_t*)v;
attr_val = axiom_attribute_get_value(attr, env);
if(!axutil_strcmp(axiom_attribute_get_localname(attr, env), SAML_AUTHENTICATION_METHOD))
{
authentication_query->auth_method = attr_val;
break;
}
}
}
}
iterator = axiom_element_get_child_elements(element, env, node);
if(iterator)
{
while(axiom_child_element_iterator_has_next(iterator, env))
{
child_node = axiom_child_element_iterator_next(iterator, env);
element = (axiom_element_t *)axiom_node_get_data_element(child_node, env);
if(element != NULL && !(axutil_strcmp(axiom_element_get_localname(element, env),
SAML_SUBJECT)))
{
if(authentication_query->subject)
return saml_subject_build(authentication_query->subject, child_node, env);
else
return AXIS2_FAILURE;
}
}
return AXIS2_SUCCESS;
}
else
return AXIS2_FAILURE;
}
void wsf_util_pack_attachments (
axutil_env_t *env,
axiom_node_t *node,
VALUE attach_ht,
int enable_mtom,
char *default_cnt_type)
{
axiom_element_t *node_element = NULL;
axiom_element_t *child_element = NULL;
axiom_child_element_iterator_t *child_element_ite = NULL;
axiom_node_t *child_node = NULL;
int attachment_done = 0;
axis2_char_t *element_localname = NULL;
axiom_namespace_t *element_namespace = NULL;
axis2_char_t *namespace_uri = NULL;
if (!node)
return;
if (axiom_node_get_node_type(node, env) == AXIOM_ELEMENT)
{
node_element = axiom_node_get_data_element(node, env);
if (node_element)
{
child_element_ite = axiom_element_get_child_elements(node_element, env, node);
if (child_element_ite)
{
child_node = axiom_child_element_iterator_next(child_element_ite, env);
attachment_done = 0;
while (child_node && !attachment_done)
{
child_element = axiom_node_get_data_element(child_node, env);
element_localname = axiom_element_get_localname(child_element, env);
if (element_localname && (axutil_strcmp(element_localname, AXIS2_ELEMENT_LN_INCLUDE) == 0))
{
element_namespace = axiom_element_get_namespace(child_element, env, child_node);
if (element_namespace)
{
namespace_uri = axiom_namespace_get_uri(element_namespace, env);
if (namespace_uri && (axutil_strcmp(namespace_uri, AXIS2_NAMESPACE_URI_INCLUDE) == 0))
{
axis2_char_t *cnt_type = NULL;
axis2_char_t *content_type = NULL;
axis2_char_t *href = NULL;
axis2_char_t* pos = NULL;
cnt_type = axiom_element_get_attribute_value_by_name(node_element, env, AXIS2_ELEMENT_ATTR_NAME_CONTENT_TYPE);
content_type = !cnt_type ? default_cnt_type : cnt_type;
href = axiom_element_get_attribute_value_by_name(child_element, env, AXIS2_ELEMENT_ATTR_NAME_HREF);
if ((axutil_strlen(href) > 4) && (pos = axutil_strstr (href, "cid:")))
{
axis2_char_t* cid = NULL;
VALUE content_tmp;
void* content = NULL;
unsigned int content_length = 0;
cid = href + 4;
content_tmp = rb_hash_aref(attach_ht, rb_str_new2(cid));
content_length = RSTRING(content_tmp)->len;
content = malloc(sizeof (char) * content_length);
memcpy (content, (const void*)STR2CSTR(content_tmp), content_length);
if (content)
{
void *data_buffer = NULL;
axiom_data_handler_t *data_handler = NULL;
axiom_node_t *text_node = NULL;
axiom_text_t *text = NULL;
data_buffer = AXIS2_MALLOC (env->allocator, sizeof (char) * content_length);
if (data_buffer)
{
memcpy (data_buffer, content, content_length);
data_handler = axiom_data_handler_create (env, NULL, content_type);
if (data_handler)
{
axiom_data_handler_set_binary_data (data_handler, env, (axis2_byte_t *)content, content_length);
text = axiom_text_create_with_data_handler (env, node, data_handler, &text_node);
if (enable_mtom == AXIS2_FALSE)
axiom_text_set_optimize (text, env, AXIS2_FALSE);
axiom_node_detach (child_node, env);
}
}
attachment_done = 1;
}
}
}
}
}
child_node = axiom_child_element_iterator_next(child_element_ite, env);
}
}
}
}
// Process child nodes
child_node = axiom_node_get_first_child(node, env);
while (child_node)
{
wsf_util_pack_attachments(env, child_node, attach_ht, enable_mtom, default_cnt_type);
child_node = axiom_node_get_next_sibling(child_node, env);
}
}
static void
ngx_squ_xml_parse_children(squ_State *l, axutil_env_t *env,
axiom_node_t *parent, axiom_element_t *parent_elem)
{
int n;
char *uri, *prefix, *name, *text, *value;
axiom_node_t *node;
axutil_hash_t *attrs;
axiom_element_t *elem;
ngx_squ_thread_t *thr;
axiom_attribute_t *attr;
axiom_namespace_t *ns;
axutil_hash_index_t *hi;
axiom_child_element_iterator_t *it;
thr = ngx_squ_thread(l);
ngx_log_debug0(NGX_LOG_DEBUG_CORE, thr->log, 0, "squ xml parse children");
it = axiom_element_get_child_elements(parent_elem, env, parent);
if (it == NULL) {
return;
}
n = 1;
do {
node = axiom_child_element_iterator_next(it, env);
elem = axiom_node_get_data_element(node, env);
name = axiom_element_get_localname(elem, env);
squ_createtable(l, 2, 4);
squ_pushstring(l, name);
squ_setfield(l, -2, "name");
ns = axiom_element_get_namespace(elem, env, node);
if (ns != NULL) {
uri = axiom_namespace_get_uri(ns, env);
if (uri != NULL) {
squ_pushstring(l, uri);
squ_setfield(l, -2, "uri");
}
prefix = axiom_namespace_get_prefix(ns, env);
if (prefix != NULL) {
squ_pushstring(l, prefix);
squ_setfield(l, -2, "prefix");
}
}
attrs = axiom_element_get_all_attributes(elem, env);
if (attrs != NULL) {
squ_newtable(l);
hi = axutil_hash_first(attrs, env);
do {
if (hi == NULL) {
break;
}
axutil_hash_this(hi, NULL, NULL, (void **) &attr);
name = axiom_attribute_get_localname(attr, env);
value = axiom_attribute_get_value(attr, env);
squ_pushstring(l, value);
squ_setfield(l, -2, name);
hi = axutil_hash_next(env, hi);
} while (1);
squ_setfield(l, -2, "attributes");
}
text = axiom_element_get_text(elem, env, node);
if (text != NULL) {
squ_pushstring(l, text);
squ_setfield(l, -2, "text");
} else {
squ_newtable(l);
ngx_squ_xml_parse_children(l, env, node, elem);
squ_setfield(l, -2, "children");
}
squ_setfield(l, -2, name);
squ_getfield(l, -1, name);
squ_rawseti(l, -2, n++);
} while (axiom_child_element_iterator_has_next(it, env) == AXIS2_TRUE);
}
/* Get the client certificate from key manager by giving
* issuer and serial number of the certificate
*/
static oxs_x509_cert_t *
rampart_token_process_issuer_serial(
const axutil_env_t *env,
rampart_context_t *rampart_ctx,
axiom_node_t *x509_data_node)
{
oxs_x509_cert_t *cert = NULL;
axiom_node_t *issuer_serial_node = NULL;
axiom_element_t *issuer_serial_ele = NULL;
axiom_child_element_iterator_t *child_itr = NULL;
axiom_node_t *child_node = NULL;
axiom_element_t *child_ele = NULL;
axis2_char_t *ele_name = NULL;
axis2_char_t *issuer_name_str = NULL;
axis2_char_t *serial_num_str = NULL;
int serial_num = -1;
oxs_key_mgr_t *key_mgr = NULL;
if((cert = rampart_context_get_receiver_certificate(rampart_ctx, env)))
{
/* In the client side, it is preferred to use certificate files instead
* of key store, because one client normally interact with only one
* service. To handle this scenario, if we found receiver certificate file
* specified in rampart_context we directly call the get_reciever_certificate.
*/
return cert;
}
issuer_serial_node = axiom_node_get_first_child(x509_data_node, env);
issuer_serial_ele = axiom_node_get_data_element(issuer_serial_node, env);
child_itr = axiom_element_get_child_elements(issuer_serial_ele, env, issuer_serial_node);
while(axiom_child_element_iterator_has_next(child_itr, env))
{
child_node = axiom_child_element_iterator_next(child_itr, env);
child_ele = axiom_node_get_data_element(child_node, env);
ele_name = axiom_element_get_localname(child_ele, env);
if(axutil_strcmp(ele_name, OXS_NODE_X509_ISSUER_NAME) == 0)
{
issuer_name_str = axiom_element_get_text(child_ele, env, child_node);
if(!issuer_name_str)
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Issuer Name cannot be NULL.");
return NULL;
}
AXIS2_LOG_INFO(env->log, AXIS2_LOG_SI, "X509 Certificate Issuer Name Found: %s",
issuer_name_str);
}
else if(axutil_strcmp(ele_name, OXS_NODE_X509_SERIAL_NUMBER) == 0)
{
serial_num_str = axiom_element_get_text(child_ele, env, child_node);
if(!serial_num_str)
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI, "Serial number cannot be null.");
}
AXIS2_LOG_INFO(env->log, AXIS2_LOG_SI, "X509 Certificate Serial Number Found: %s",
serial_num_str);
}
else
{
AXIS2_LOG_ERROR(env->log, AXIS2_LOG_SI,
"Error in incoming key info. These types not supported: %", ele_name);
return NULL;
}
}
serial_num = atoi(serial_num_str);
key_mgr = rampart_context_get_key_mgr(rampart_ctx, env);
cert = oxs_key_mgr_get_receiver_certificate_from_issuer_serial(key_mgr, env, issuer_name_str,
serial_num);
return cert;
}
