/**
* lasso_wsa_endpoint_reference_add_security_token:
* @epr: a #LassoWsAddrEndpointReference object
* @security_token: a security token as a #LassoNode object
* @security_mechanisms:(element-type utf8): a list of security mechanism
* for whom the token is made
*
* Add a new security context declaration for the given security mechanisms identifiers and populate
* it with a security token.
*
* Return value: 0 if successfull, an error code otherwise.
*/
int
lasso_wsa_endpoint_reference_add_security_token(LassoWsAddrEndpointReference *epr,
LassoNode *security_token, GList *security_mechanisms)
{
LassoIdWsf2SecToken *sec_token = NULL;
LassoWsAddrMetadata *metadata = NULL;
LassoIdWsf2DiscoSecurityContext *security_context = NULL;
int rc = 0;
lasso_bad_param(WSA_ENDPOINT_REFERENCE, epr);
lasso_bad_param(NODE, security_token);
lasso_extract_node_or_fail(metadata, epr->Metadata, WSA_METADATA, LASSO_PARAM_ERROR_INVALID_VALUE);
sec_token = lasso_idwsf2_sec_token_new();
lasso_assign_gobject(sec_token->any, security_token);
lasso_assign_string(sec_token->usage, LASSO_IDWSF2_SEC_TOKEN_USAGE_SECURITY_TOKEN);
security_context = lasso_idwsf2_disco_security_context_new();
lasso_assign_list_of_strings(security_context->SecurityMechID,
security_mechanisms);
lasso_list_add_new_gobject(security_context->Token, sec_token);
lasso_list_add_new_gobject(metadata->any, security_context);
cleanup:
return rc;
}
/**
* lasso_login_assertion_add_discovery:
* @login: a #LassoLogin object
* @assertion: a #LassoSamlAssertion object
*
* Adds AttributeStatement and ResourceOffering attributes to @assertion of a @login object if there
* is a discovery service registerered in the @LassoLogin.server field.
* .
**/
void
lasso_login_assertion_add_discovery(LassoLogin *login, LassoSamlAssertion *assertion)
{
LassoProfile *profile = LASSO_PROFILE(login);
LassoDiscoResourceOffering *resourceOffering;
LassoDiscoServiceInstance *serviceInstance, *newServiceInstance;
LassoSamlAttributeStatement *attributeStatement;
LassoSamlAttribute *attribute;
LassoSamlAttributeValue *attributeValue;
serviceInstance = lasso_server_get_service(profile->server, LASSO_DISCO_HREF);
if (LASSO_IS_DISCO_SERVICE_INSTANCE(serviceInstance) &&
login->private_data->resourceId) {
newServiceInstance = lasso_disco_service_instance_copy(serviceInstance);
resourceOffering = lasso_disco_resource_offering_new(newServiceInstance);
lasso_release_gobject(newServiceInstance);
lasso_assign_gobject(resourceOffering->ResourceID, login->private_data->resourceId);
attributeValue = lasso_saml_attribute_value_new();
lasso_list_add_new_gobject(attributeValue->any, resourceOffering);
attribute = lasso_saml_attribute_new();
lasso_assign_string(attribute->attributeName, "DiscoveryResourceOffering");
lasso_assign_string(attribute->attributeNameSpace, LASSO_DISCO_HREF);
lasso_list_add_new_gobject(attribute->AttributeValue, attributeValue);
attributeStatement = lasso_saml_attribute_statement_new();
lasso_list_add_new_gobject(attributeStatement->Attribute, attribute);
lasso_assign_new_gobject(assertion->AttributeStatement, attributeStatement);
/* FIXME: Add CredentialsRef and saml:Advice Assertions */
}
}
void
lasso_idwsf2_util_response_set_status2(LassoIdWsf2UtilResponse *idwsf2_util_response,
const char *status, const char *status2)
{
LassoIdWsf2UtilStatus *idwsf2_util_status = NULL;
LassoIdWsf2UtilStatus *idwsf2_util_status2 = NULL;
if (! LASSO_IS_IDWSF2_UTIL_RESPONSE(idwsf2_util_response))
return;
if (status2 == NULL || status2[0] == '\0')
return;
if (status) {
idwsf2_util_status = lasso_idwsf2_util_status_new();
lasso_assign_string(idwsf2_util_status->code, status);
} else {
if (LASSO_IS_IDWSF2_UTIL_STATUS(idwsf2_util_response->Status)) {
idwsf2_util_status = idwsf2_util_response->Status;
} else {
return;
}
}
if (idwsf2_util_status) {
idwsf2_util_status2 = lasso_idwsf2_util_status_new();
lasso_assign_string(idwsf2_util_status2->code, status2);
lasso_list_add_new_gobject(idwsf2_util_status->Status, idwsf2_util_status2);
lasso_assign_new_gobject(idwsf2_util_response->Status, idwsf2_util_status);
}
}
/**
* lasso_assertion_query_add_attribute_request:
* @assertion_query: a #LassoAssertionQuery object
* @attribute_format: the attribute designator format
* @attribute_name: the attribute designator name
*
* Append a new attribute designator to the current attribute request.
*
* Return value: 0 if successful, an error code otherwise.
*/
int
lasso_assertion_query_add_attribute_request(LassoAssertionQuery *assertion_query,
char *format, char *name)
{
int rc = 0;
LassoSaml2Attribute *attribute = NULL;
LassoSamlp2AttributeQuery *query = NULL;
lasso_bad_param(ASSERTION_QUERY, assertion_query);
lasso_null_param(format);
lasso_null_param(name);
query = (LassoSamlp2AttributeQuery*) assertion_query->parent.request;
g_return_val_if_fail(LASSO_IS_SAMLP2_ATTRIBUTE_QUERY(query),
LASSO_ASSERTION_QUERY_ERROR_NOT_AN_ATTRIBUTE_QUERY);
/* Check unicity */
attribute = lasso_assertion_query_lookup_attribute(assertion_query, format, name);
if (attribute != NULL) {
return LASSO_ASSERTION_QUERY_ERROR_ATTRIBUTE_REQUEST_ALREADY_EXIST;
}
/* Do the work */
attribute = (LassoSaml2Attribute*)lasso_saml2_attribute_new();
lasso_assign_string(attribute->NameFormat, format);
lasso_assign_string(attribute->Name, name);
lasso_list_add_new_gobject(query->Attribute, attribute);
return rc;
}
/**
* lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism:
* @epr: a #LassoWsAddrEndpointReference object
* @security_mech_predicate: (allow-none): a predicate to test for security mechanism
* @security_mech_id: (allow-none): a security mechanism identifier
* @create: allow to create the element if none if found, @security_mech_id is mandatory when create
* is TRUE.
*
* Return value: (transfer none): a #LassoIdWsf2DiscoSecurityContext, or NULL if none was found and
* created is FALSE.
*/
LassoIdWsf2DiscoSecurityContext*
lasso_wsa_endpoint_reference_get_idwsf2_security_context_for_security_mechanism(
const LassoWsAddrEndpointReference *epr,
gboolean (*sech_mech_predicate)(const char *),
const char *security_mech_id,
gboolean create)
{
LassoIdWsf2DiscoSecurityContext *created = NULL;
LassoMiscTextNode *new_security_mech_id_declaration;
if (! LASSO_IS_WSA_ENDPOINT_REFERENCE (epr) || epr->Metadata == NULL)
return NULL;
lasso_foreach_full_begin(LassoIdWsf2DiscoSecurityContext*, context, it1, epr->Metadata->any);
if (LASSO_IS_IDWSF2_DISCO_SECURITY_CONTEXT (context)) {
lasso_foreach_full_begin(char*, textnode, it2, context->SecurityMechID);
if (lasso_strisequal(textnode,security_mech_id) || sech_mech_predicate(textnode)) {
return context;
}
lasso_foreach_full_end()
}
lasso_foreach_full_end();
if (create && security_mech_id) {
created = lasso_idwsf2_disco_security_context_new();
new_security_mech_id_declaration =
lasso_misc_text_node_new_with_string(security_mech_id);
new_security_mech_id_declaration->name = "SecurityMechID";
new_security_mech_id_declaration->ns_href = LASSO_IDWSF2_DISCOVERY_HREF;
new_security_mech_id_declaration->ns_prefix = LASSO_IDWSF2_DISCOVERY_PREFIX;
lasso_list_add_new_gobject (created->SecurityMechID,
new_security_mech_id_declaration);
lasso_list_add_new_gobject (epr->Metadata->any, created);
}
if (create && ! security_mech_id) {
message(G_LOG_LEVEL_WARNING, "cannot create a LassoIdWsf2DiscoSecurityContext withou a security_mech_id");
}
return created;
}
/**
* lasso_wsa_endpoint_reference_new_for_idwsf2_service:
* @address: the URL of the SOAP endpoint where the service is anchored
* @service_type: an URI identifying the ID-WSF 2.0 service type
* @provider_id: an URI identifying the SAML 2.0 service provider hosting the service, this should
* help in finding key material for security mechanisms.
* @abstract: a human description of the service.
*
* Create and populate a new #LassoWsAddrEndpointReference object.
*
* Return value: a newly created #LassoWsAddrEndpointReference.
*/
LassoWsAddrEndpointReference*
lasso_wsa_endpoint_reference_new_for_idwsf2_service(const char *address,
const char *service_type, const char *provider_id, const char *abstract)
{
LassoWsAddrEndpointReference *epr = NULL;
LassoWsAddrMetadata *metadata = NULL;
/* Check parameters */
if (address == NULL || service_type == NULL || provider_id == NULL || abstract == NULL)
return NULL;
/* Build EndpointReference */
epr = lasso_wsa_endpoint_reference_new();
/* Address */
epr->Address = lasso_wsa_attributed_uri_new_with_string(address);
/* Metadatas */
metadata = lasso_wsa_metadata_new();
epr->Metadata = metadata;
/* Abstract */
lasso_list_add_new_gobject(metadata->any,
lasso_idwsf2_disco_abstract_new_with_string(abstract));
/* ProviderID */
lasso_list_add_new_gobject(metadata->any,
lasso_idwsf2_disco_provider_id_new_with_string(provider_id));
/* ServiceType */
lasso_list_add_new_gobject(metadata->any,
lasso_idwsf2_disco_service_type_new_with_string(service_type));
/* Framework */
lasso_list_add_new_gobject(metadata->any,
lasso_idwsf2_sbf_framework_new_full("2.0"));
return epr;
}
