/* Called by: main, zxid_di_query */
struct zx_str* zxid_callf(zxid_conf* cf, zxid_ses* ses, const char* svctype, const char* url, const char* di_opt, const char* az_cred, const char* env_f, ...)
{
char* s;
va_list ap;
va_start(ap, env_f);
s = zx_alloc_vasprintf(cf->ctx, 0, env_f, ap);
va_end(ap);
return zxid_call(cf, ses, svctype, url, di_opt, az_cred, s);
}
/* Called by: */
int zxumacall_main(int argc, char** argv, char** env)
{
int siz, got, n;
char* p;
struct zx_str* ss;
zxid_ses* ses;
zxid_entity* idp_meta;
zxid_epr* epr;
strncpy(errmac_instance, CC_CYNY("\tzxuma"), sizeof(errmac_instance));
cf = zxid_new_conf_to_cf(0);
opt(&argc, &argv, &env);
if (dynclireg) {
zxumacall_dynclireg_client(cf);
return 0;
}
if (rsrc_name) {
if (!client_secret)
zxumacall_dynclireg_client(cf);
zxumacall_rsrcreg_client(cf);
return 0;
}
if (sid) {
D("Existing session sesid(%s)", sid);
ses = zxid_fetch_ses(cf, sid);
if (!ses) {
ERR("Session not found or error in session sesid(%s)", sid);
return 1;
}
} else {
D("Obtain session from authentication service(%s)", idp);
idp_meta = zxid_get_ent(cf, idp);
if (!idp_meta) {
ERR("IdP metadata not found and could not be fetched. idp(%s)", idp);
return 1;
}
for (p = user; !ONE_OF_2(*p, ':', 0); ++p) ;
if (*p)
*p++ = 0;
ses = zxid_as_call(cf, idp_meta, user, p);
if (!ses) {
ERR("Login using Authentication Service failed idp(%s)", idp);
return 1;
}
INFO("Logged in. NameID(%s) Session in %s" ZXID_SES_DIR "%s", ses->nid, cf->cpath, ses->sid);
}
if (listses)
return zxid_print_session(cf, ses);
if (im_to) {
D("ID-WSF Map to identity at eid(%s)", im_to);
zxid_map_identity_token(cf, ses, im_to, 0);
//printf("%.*s\n", ZX_GET_CONTENT_LEN(nameid), ZX_GET_CONTENT_S(nameid));
return 0;
}
if (nidmap_to) {
D("SAML Map to identity at eid(%s)", nidmap_to);
zxid_nidmap_identity_token(cf, ses, nidmap_to, 0);
//printf("%.*s\n", ZX_GET_CONTENT_LEN(nameid), ZX_GET_CONTENT_S(nameid));
return 0;
}
if (di_only) {
D("Discover only. svctype(%s), dindex=%d", STRNULLCHK(svc), din);
epr = zxid_get_epr(cf, ses, svc, url, di, 0 /*action*/, din);
if (!epr) {
ERR("Discovery failed to find any epr of service type(%s)", STRNULLCHK(svc));
return 3;
}
for (din = 1; ;++din) {
epr = zxid_get_epr(cf, ses, svc, url, di, 0 /*action*/, din);
if (!epr)
break;
printf("%d. Found epr for service type(%s)\n", din, STRNULLCHK(svc));
ss = zxid_get_epr_desc(cf, epr);
printf(" Description: %.*s\n", ss?ss->len:0, ss?ss->s:"");
ss = zxid_get_epr_address(cf, epr);
printf(" EPURL: %.*s\n", ss?ss->len:0, ss?ss->s:"");
ss = zxid_get_epr_entid(cf, epr);
printf(" EntityID: %.*s\n", ss?ss->len:0, ss?ss->s:"");
}
return 0;
}
if (svc) {
D("Call service svctype(%s)", svc);
if (!bdy) {
if (verbose)
fprintf(stderr, "Reading SOAP request body from stdin...\n");
siz = 4096;
p = bdy = ZX_ALLOC(cf->ctx, siz);
while (1) {
n = read_all_fd(fdstdin, p, siz+bdy-p-1, &got);
if (n == -1) {
perror("reading SOAP req from stdin");
break;
}
p += got;
if (got < siz+bdy-p-1) break;
siz += 60*1024;
REALLOCN(bdy, siz);
}
*p = 0;
}
if (dryrun) {
if (verbose)
fprintf(stderr, "Dryrun. Call aborted.\n");
return 0;
}
if (verbose)
fprintf(stderr, "Calling...\n");
ss = zxid_call(cf, ses, svc, url, di, az, bdy);
if (!ss || !ss->s) {
ERR("Call failed %p", ss);
return 2;
}
if (verbose)
fprintf(stderr, "Done. Call returned %d bytes.\n", ss->len);
if (out_fmt) {
p = zxid_extract_body(cf, ss->s);
printf("%s", p);
} else
printf("%.*s", ss->len, ss->s);
} else if (az) {
D("Call Az(%s)", az);
if (dryrun) {
if (verbose)
fprintf(stderr, "Dryrun. zxid_az() aborted.\n");
return 0;
}
if (zxid_az_cf_ses(cf, az, ses)) {
if (verbose)
fprintf(stderr, "Permit.\n");
return 0;
} else {
if (verbose)
fprintf(stderr, "Deny.\n");
return 1;
}
} else {
D("Neither service type (-t) nor -az supplied. Performed only authentication. %d",0);
if (verbose)
fprintf(stderr, "Authentication only.\n");
}
return 0;
}