/** * lasso_wsa_endpoint_reference_add_security_token: * @epr: a #LassoWsAddrEndpointReference object * @security_token: a security token as a #LassoNode object * @security_mechanisms:(element-type utf8): a list of security mechanism * for whom the token is made * * Add a new security context declaration for the given security mechanisms identifiers and populate * it with a security token. * * Return value: 0 if successfull, an error code otherwise. */ int lasso_wsa_endpoint_reference_add_security_token(LassoWsAddrEndpointReference *epr, LassoNode *security_token, GList *security_mechanisms) { LassoIdWsf2SecToken *sec_token = NULL; LassoWsAddrMetadata *metadata = NULL; LassoIdWsf2DiscoSecurityContext *security_context = NULL; int rc = 0; lasso_bad_param(WSA_ENDPOINT_REFERENCE, epr); lasso_bad_param(NODE, security_token); lasso_extract_node_or_fail(metadata, epr->Metadata, WSA_METADATA, LASSO_PARAM_ERROR_INVALID_VALUE); sec_token = lasso_idwsf2_sec_token_new(); lasso_assign_gobject(sec_token->any, security_token); lasso_assign_string(sec_token->usage, LASSO_IDWSF2_SEC_TOKEN_USAGE_SECURITY_TOKEN); security_context = lasso_idwsf2_disco_security_context_new(); lasso_assign_list_of_strings(security_context->SecurityMechID, security_mechanisms); lasso_list_add_new_gobject(security_context->Token, sec_token); lasso_list_add_new_gobject(metadata->any, security_context); cleanup: return rc; }
/** * lasso_login_assertion_add_discovery: * @login: a #LassoLogin object * @assertion: a #LassoSamlAssertion object * * Adds AttributeStatement and ResourceOffering attributes to @assertion of a @login object if there * is a discovery service registerered in the @LassoLogin.server field. * . **/ void lasso_login_assertion_add_discovery(LassoLogin *login, LassoSamlAssertion *assertion) { LassoProfile *profile = LASSO_PROFILE(login); LassoDiscoResourceOffering *resourceOffering; LassoDiscoServiceInstance *serviceInstance, *newServiceInstance; LassoSamlAttributeStatement *attributeStatement; LassoSamlAttribute *attribute; LassoSamlAttributeValue *attributeValue; serviceInstance = lasso_server_get_service(profile->server, LASSO_DISCO_HREF); if (LASSO_IS_DISCO_SERVICE_INSTANCE(serviceInstance) && login->private_data->resourceId) { newServiceInstance = lasso_disco_service_instance_copy(serviceInstance); resourceOffering = lasso_disco_resource_offering_new(newServiceInstance); lasso_release_gobject(newServiceInstance); lasso_assign_gobject(resourceOffering->ResourceID, login->private_data->resourceId); attributeValue = lasso_saml_attribute_value_new(); lasso_list_add_new_gobject(attributeValue->any, resourceOffering); attribute = lasso_saml_attribute_new(); lasso_assign_string(attribute->attributeName, "DiscoveryResourceOffering"); lasso_assign_string(attribute->attributeNameSpace, LASSO_DISCO_HREF); lasso_list_add_new_gobject(attribute->AttributeValue, attributeValue); attributeStatement = lasso_saml_attribute_statement_new(); lasso_list_add_new_gobject(attributeStatement->Attribute, attribute); lasso_assign_new_gobject(assertion->AttributeStatement, attributeStatement); /* FIXME: Add CredentialsRef and saml:Advice Assertions */ } }
void lasso_idwsf2_util_response_set_status2(LassoIdWsf2UtilResponse *idwsf2_util_response, const char *status, const char *status2) { LassoIdWsf2UtilStatus *idwsf2_util_status = NULL; LassoIdWsf2UtilStatus *idwsf2_util_status2 = NULL; if (! LASSO_IS_IDWSF2_UTIL_RESPONSE(idwsf2_util_response)) return; if (status2 == NULL || status2[0] == '\0') return; if (status) { idwsf2_util_status = lasso_idwsf2_util_status_new(); lasso_assign_string(idwsf2_util_status->code, status); } else { if (LASSO_IS_IDWSF2_UTIL_STATUS(idwsf2_util_response->Status)) { idwsf2_util_status = idwsf2_util_response->Status; } else { return; } } if (idwsf2_util_status) { idwsf2_util_status2 = lasso_idwsf2_util_status_new(); lasso_assign_string(idwsf2_util_status2->code, status2); lasso_list_add_new_gobject(idwsf2_util_status->Status, idwsf2_util_status2); lasso_assign_new_gobject(idwsf2_util_response->Status, idwsf2_util_status); } }
/** * lasso_assertion_query_add_attribute_request: * @assertion_query: a #LassoAssertionQuery object * @attribute_format: the attribute designator format * @attribute_name: the attribute designator name * * Append a new attribute designator to the current attribute request. * * Return value: 0 if successful, an error code otherwise. */ int lasso_assertion_query_add_attribute_request(LassoAssertionQuery *assertion_query, char *format, char *name) { int rc = 0; LassoSaml2Attribute *attribute = NULL; LassoSamlp2AttributeQuery *query = NULL; lasso_bad_param(ASSERTION_QUERY, assertion_query); lasso_null_param(format); lasso_null_param(name); query = (LassoSamlp2AttributeQuery*) assertion_query->parent.request; g_return_val_if_fail(LASSO_IS_SAMLP2_ATTRIBUTE_QUERY(query), LASSO_ASSERTION_QUERY_ERROR_NOT_AN_ATTRIBUTE_QUERY); /* Check unicity */ attribute = lasso_assertion_query_lookup_attribute(assertion_query, format, name); if (attribute != NULL) { return LASSO_ASSERTION_QUERY_ERROR_ATTRIBUTE_REQUEST_ALREADY_EXIST; } /* Do the work */ attribute = (LassoSaml2Attribute*)lasso_saml2_attribute_new(); lasso_assign_string(attribute->NameFormat, format); lasso_assign_string(attribute->Name, name); lasso_list_add_new_gobject(query->Attribute, attribute); return rc; }
/** * lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism: * @epr: a #LassoWsAddrEndpointReference object * @security_mech_predicate: (allow-none): a predicate to test for security mechanism * @security_mech_id: (allow-none): a security mechanism identifier * @create: allow to create the element if none if found, @security_mech_id is mandatory when create * is TRUE. * * Return value: (transfer none): a #LassoIdWsf2DiscoSecurityContext, or NULL if none was found and * created is FALSE. */ LassoIdWsf2DiscoSecurityContext* lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism( const LassoWsAddrEndpointReference *epr, gboolean (*sech_mech_predicate)(const char *), const char *security_mech_id, gboolean create) { LassoIdWsf2DiscoSecurityContext *created = NULL; LassoMiscTextNode *new_security_mech_id_declaration; if (! LASSO_IS_WSA_ENDPOINT_REFERENCE (epr) || epr->Metadata == NULL) return NULL; lasso_foreach_full_begin(LassoIdWsf2DiscoSecurityContext*, context, it1, epr->Metadata->any); if (LASSO_IS_IDWSF2_DISCO_SECURITY_CONTEXT (context)) { lasso_foreach_full_begin(char*, textnode, it2, context->SecurityMechID); if (lasso_strisequal(textnode,security_mech_id) || sech_mech_predicate(textnode)) { return context; } lasso_foreach_full_end() } lasso_foreach_full_end(); if (create && security_mech_id) { created = lasso_idwsf2_disco_security_context_new(); new_security_mech_id_declaration = lasso_misc_text_node_new_with_string(security_mech_id); new_security_mech_id_declaration->name = "SecurityMechID"; new_security_mech_id_declaration->ns_href = LASSO_IDWSF2_DISCOVERY_HREF; new_security_mech_id_declaration->ns_prefix = LASSO_IDWSF2_DISCOVERY_PREFIX; lasso_list_add_new_gobject (created->SecurityMechID, new_security_mech_id_declaration); lasso_list_add_new_gobject (epr->Metadata->any, created); } if (create && ! security_mech_id) { message(G_LOG_LEVEL_WARNING, "cannot create a LassoIdWsf2DiscoSecurityContext withou a security_mech_id"); } return created; }
/** * lasso_wsa_endpoint_reference_new_for_idwsf2_service: * @address: the URL of the SOAP endpoint where the service is anchored * @service_type: an URI identifying the ID-WSF 2.0 service type * @provider_id: an URI identifying the SAML 2.0 service provider hosting the service, this should * help in finding key material for security mechanisms. * @abstract: a human description of the service. * * Create and populate a new #LassoWsAddrEndpointReference object. * * Return value: a newly created #LassoWsAddrEndpointReference. */ LassoWsAddrEndpointReference* lasso_wsa_endpoint_reference_new_for_idwsf2_service(const char *address, const char *service_type, const char *provider_id, const char *abstract) { LassoWsAddrEndpointReference *epr = NULL; LassoWsAddrMetadata *metadata = NULL; /* Check parameters */ if (address == NULL || service_type == NULL || provider_id == NULL || abstract == NULL) return NULL; /* Build EndpointReference */ epr = lasso_wsa_endpoint_reference_new(); /* Address */ epr->Address = lasso_wsa_attributed_uri_new_with_string(address); /* Metadatas */ metadata = lasso_wsa_metadata_new(); epr->Metadata = metadata; /* Abstract */ lasso_list_add_new_gobject(metadata->any, lasso_idwsf2_disco_abstract_new_with_string(abstract)); /* ProviderID */ lasso_list_add_new_gobject(metadata->any, lasso_idwsf2_disco_provider_id_new_with_string(provider_id)); /* ServiceType */ lasso_list_add_new_gobject(metadata->any, lasso_idwsf2_disco_service_type_new_with_string(service_type)); /* Framework */ lasso_list_add_new_gobject(metadata->any, lasso_idwsf2_sbf_framework_new_full("2.0")); return epr; }