![]() |
![]() |
![]() |
Lasso Reference Manual | ![]() |
---|---|---|---|---|
Top | Description |
LassoProfile; LassoRequestType lasso_profile_get_request_type_from_soap_msg (const gchar *soap); enum LassoRequestType; gboolean lasso_profile_is_liberty_query (const gchar *query); LassoIdentity* lasso_profile_get_identity (LassoProfile *profile); LassoSession* lasso_profile_get_session (LassoProfile *profile); gboolean lasso_profile_is_identity_dirty (LassoProfile *profile); gboolean lasso_profile_is_session_dirty (LassoProfile *profile); gint lasso_profile_set_identity_from_dump (LassoProfile *profile, const gchar *dump); gint lasso_profile_set_session_from_dump (LassoProfile *profile, const gchar *dump); LassoNode* lasso_profile_get_nameIdentifier (LassoProfile *profile); char* lasso_profile_get_artifact (LassoProfile *profile); char* lasso_profile_get_artifact_message (LassoProfile *profile); void lasso_profile_set_artifact_message (LassoProfile *profile, char *message); LassoServer* lasso_profile_get_server (LassoProfile *profile); void lasso_profile_set_signature_hint (LassoProfile *profile, LassoProfileSignatureHint signature_hint); LassoProfileSignatureHint lasso_profile_get_signature_hint (LassoProfile *profile); enum LassoProfileSignatureHint;
typedef struct { LassoNode parent; LassoServer *server; LassoNode *request; LassoNode *response; LassoNode *nameIdentifier; gchar *remote_providerID; gchar *msg_url; gchar *msg_body; gchar *msg_relayState; } LassoProfile;
LassoProfile, child class of LassoNode is the basis object of profiles object like LassoLogin, LassoLogout, LassoDefederation, LassoNameIdentifierMapping, LassoNameRegistration, LassoNameIdManagement or LassoAssertionQuery. It handles the minimal state used by all theses profiles.
LassoNode |
|
LassoServer * |
LassoServer object representing the provider intiating this profile, |
LassoNode * |
the currently initialized request, or the last request parsed, |
LassoNode * |
the currently intialized request, or the last response parsed, |
LassoNode * |
for profiles which transmit a name identifier (that is, most of them), the parsed name identifier, can be a LassoSamlNameIdentifier or a LassoSaml2NameID, |
gchar * |
the provider ID of the issuer of the last parsed message, whatever it is (a request or a response), |
gchar * |
when generating a request or a response, it give the URL to contact |
gchar * |
when generating a request or a response using HTTP POST binding (can be HTTP-SOAP or HTTP-Post binding), the body of the POST will be in this field, |
gchar * |
put there the relaystate to put in the genereated URL for HTTP-Redirect or HTTP-Get binding. |
LassoRequestType lasso_profile_get_request_type_from_soap_msg (const gchar *soap);
Looks up and return the type of the request in a SOAP message.
|
the SOAP message |
Returns : |
the type of request |
typedef enum { LASSO_REQUEST_TYPE_INVALID = 0, LASSO_REQUEST_TYPE_LOGIN = 1, LASSO_REQUEST_TYPE_LOGOUT = 2, LASSO_REQUEST_TYPE_DEFEDERATION = 3, LASSO_REQUEST_TYPE_NAME_REGISTRATION = 4, LASSO_REQUEST_TYPE_NAME_IDENTIFIER_MAPPING = 5, LASSO_REQUEST_TYPE_LECP = 6, LASSO_REQUEST_TYPE_DISCO_QUERY = 7, LASSO_REQUEST_TYPE_DISCO_MODIFY = 8, LASSO_REQUEST_TYPE_DST_QUERY = 9, LASSO_REQUEST_TYPE_DST_MODIFY = 10, LASSO_REQUEST_TYPE_SASL_REQUEST = 11, LASSO_REQUEST_TYPE_NAME_ID_MANAGEMENT = 12, LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_REGISTER = 13, LASSO_REQUEST_TYPE_IDWSF2_DISCO_SVCMD_ASSOCIATION_ADD = 14, LASSO_REQUEST_TYPE_IDWSF2_DISCO_QUERY = 15 } LassoRequestType;
Request types (known for SOAP endpoints)
invalid | |
Single Sign On and Federation | |
Single Logout | |
Federation Termination | |
Name Registration | |
Name Identifier Mapping | |
Liberty-Enabled Client / Proxy | |
ID-WSF 1.0 Discovery Query request | |
ID-WSF 1.0 Discovery Modify Request | |
ID-WSF 1.0 Data Service Template Query request | |
ID-WSF 1.0 Data Service Temaplte Modify request | |
ID-WSF 1.0 Authentication request | |
SAML 2.0 NameID Management request | |
ID-WSF 2.0 Discovery Service Metadata Register request | |
ID-WSF 2.0 Discovery Service Metadata Add Association request | |
ID-WSF 2.0 Discovery Query request |
gboolean lasso_profile_is_liberty_query (const gchar *query);
Tests the query string to know if the URL is called as the result of a Liberty redirect (action initiated elsewhere) or not.
|
HTTP query string |
Returns : |
TRUE if Liberty query, FALSE otherwise |
LassoIdentity* lasso_profile_get_identity (LassoProfile *profile);
Gets the identity bound to profile
.
|
a LassoProfile |
Returns : |
the identity or NULL if it none was found. The LassoIdentity object is internally allocated and must not be freed by the caller. |
LassoSession* lasso_profile_get_session (LassoProfile *profile);
Gets the session bound to profile
.
|
a LassoProfile |
Returns : |
the session or NULL if it none was found. The LassoSession object is internally allocated and must not be freed by the caller. |
gboolean lasso_profile_is_identity_dirty (LassoProfile *profile);
Checks whether identity has been modified (and should therefore be saved).
|
a LassoProfile |
Returns : |
TRUE if identity has changed
|
gboolean lasso_profile_is_session_dirty (LassoProfile *profile);
Checks whether session has been modified (and should therefore be saved).
|
a LassoProfile |
Returns : |
TRUE if session has changed
|
gint lasso_profile_set_identity_from_dump (LassoProfile *profile, const gchar *dump);
Builds a new LassoIdentity object from XML dump and binds it to profile
.
|
a LassoProfile |
|
XML identity dump |
Returns : |
0 on success; or a negative value otherwise. |
gint lasso_profile_set_session_from_dump (LassoProfile *profile, const gchar *dump);
Builds a new LassoSession object from XML dump and binds it to profile
.
|
a LassoProfile |
|
XML session dump |
Returns : |
0 on success; or a negative value otherwise. |
LassoNode* lasso_profile_get_nameIdentifier (LassoProfile *profile);
Looks up appropriate federation in object and gets the service provider name identifier (which is actually a LassoSamlNameIdentifier in ID-FF 1.2 and LassoSaml2NameID in SAML 2.0).
|
a LassoProfile |
Returns : |
the name identifier or NULL if none was found. The LassoNode object is internally allocated and must not be freed by the caller. |
char* lasso_profile_get_artifact_message (LassoProfile *profile);
void lasso_profile_set_artifact_message (LassoProfile *profile, char *message);
LassoServer* lasso_profile_get_server (LassoProfile *profile);
Return the LassoServer linked to this profile object. A profile object should always contains one. It allows to find metadatas of other providers and to know our own metadatas.
|
a LassoProfile object |
Returns : |
a LassoServer or NULL if profile is not a LassoProfile or no LassoServer object was setup at the creation of this profile. |
void lasso_profile_set_signature_hint (LassoProfile *profile, LassoProfileSignatureHint signature_hint);
By default each profile will choose to sign or not its messages, this method allow to force or forbid the signature of messages, on a per transaction basis.
|
a LassoProfile object |
|
wheter next produced messages should be signed or not (or let Lasso choose from implicit information). |
LassoProfileSignatureHint lasso_profile_get_signature_hint (LassoProfile *profile);
Return the value of the signature hint attribute (see lasso_profile_set_signature_hint()
).
|
a LassoProfile object |
Returns : |
a value in the enum type LassoProfileSignatureHint. |
typedef enum { LASSO_PROFILE_SIGNATURE_HINT_MAYBE = 0, LASSO_PROFILE_SIGNATURE_HINT_FORCE = 1, LASSO_PROFILE_SIGNATURE_HINT_FORBID = 2 } LassoProfileSignatureHint;
Advice a LassoProfile object about the policy for generating and validating request and response signatures.