![]() |
![]() |
![]() |
Lasso Reference Manual | ![]() |
---|---|---|---|---|
Top | Description |
LassoProvider; LassoProvider* lasso_provider_new (LassoProviderRole role, const char *metadata, const char *public_key, const char *ca_cert_chain); enum LassoProviderRole; LassoProvider* lasso_provider_new_from_buffer (LassoProviderRole role, const char *metadata, const char *public_key, const char *ca_cert_chain); gchar* lasso_provider_get_assertion_consumer_service_url (const LassoProvider *provider, const char *service_id); gchar* lasso_provider_get_metadata_one (const LassoProvider *provider, const char *name); const GList* lasso_provider_get_metadata_list (const LassoProvider *provider, const char *name); LassoProvider* lasso_provider_new_from_dump (const gchar *dump); LassoHttpMethod lasso_provider_get_first_http_method (LassoProvider *provider, const LassoProvider *remote_provider, LassoMdProtocolType protocol_type); gboolean lasso_provider_accept_http_method (LassoProvider *provider, const LassoProvider *remote_provider, LassoMdProtocolType protocol_type, LassoHttpMethod http_method, gboolean initiate_profile); enum LassoHttpMethod; enum LassoMdProtocolType; gboolean lasso_provider_has_protocol_profile (const LassoProvider *provider, LassoMdProtocolType protocol_type, const char *protocol_profile); gchar* lasso_provider_get_base64_succinct_id (const LassoProvider *provider); xmlNode* lasso_provider_get_organization (const LassoProvider *provider); LassoProtocolConformance lasso_provider_get_protocol_conformance (const LassoProvider *provider); enum LassoProtocolConformance; LassoEncryptionMode lasso_provider_get_encryption_mode (LassoProvider *provider); void lasso_provider_set_encryption_mode (LassoProvider *provider, LassoEncryptionMode encryption_mode); enum LassoEncryptionMode; void lasso_provider_set_encryption_sym_key_type (LassoProvider *provider, LassoEncryptionSymKeyType encryption_sym_key_type); enum LassoEncryptionSymKeyType; int lasso_provider_verify_single_node_signature (LassoProvider *provider, LassoNode *node, const char *id_attr_name); gchar* lasso_provider_get_default_name_id_format (const LassoProvider *provider); char* lasso_provider_get_sp_name_qualifier (LassoProvider *provider);
typedef struct { LassoNode parent; gchar *ProviderID; LassoProviderRole role; char *metadata_filename; gchar *public_key; gchar *ca_cert_chain; } LassoProvider;
LassoProvider* lasso_provider_new (LassoProviderRole role, const char *metadata, const char *public_key, const char *ca_cert_chain);
Creates a new LassoProvider.
|
provider role, identity provider or service provider |
|
path to the provider metadata file |
|
path to the provider public key file (may be a certificate) or NULL |
|
path to the provider CA certificate chain file or NULL |
Returns : |
a newly created LassoProvider; or NULL if an error occured |
typedef enum { LASSO_PROVIDER_ROLE_NONE = 0, LASSO_PROVIDER_ROLE_SP, LASSO_PROVIDER_ROLE_IDP, LASSO_PROVIDER_ROLE_BOTH } LassoProviderRole;
Provider Role.
LassoProvider* lasso_provider_new_from_buffer (LassoProviderRole role, const char *metadata, const char *public_key, const char *ca_cert_chain);
Creates a new LassoProvider.
|
provider role, identity provider or service provider |
|
string buffer containing a metadata file |
|
path to the provider public key file (may be a certificate) or NULL |
|
path to the provider CA certificate chain file or NULL |
Returns : |
a newly created LassoProvider; or NULL if an error occured |
gchar* lasso_provider_get_assertion_consumer_service_url (const LassoProvider *provider, const char *service_id);
Extracts the AssertionConsumerServiceURL from the provider metadata descriptor.
|
a LassoProvider |
|
the AssertionConsumerServiceID, NULL for default |
Returns : |
the element value, NULL if the element was not found. This string must be freed by the caller. |
gchar* lasso_provider_get_metadata_one (const LassoProvider *provider, const char *name);
Extracts the element name
from the provider metadata descriptor.
|
a LassoProvider |
|
the element name |
Returns : |
the element value, NULL if the element was not found. This string must be freed by the caller. |
const GList* lasso_provider_get_metadata_list (const LassoProvider *provider, const char *name);
Extracts zero to many elements from the provider metadata descriptor.
|
a LassoProvider |
|
the element name |
Returns : |
element-type string. element-type string. |
LassoProvider* lasso_provider_new_from_dump (const gchar *dump);
Restores the dump
to a new LassoProvider.
|
XML provider dump |
Returns : |
a newly created LassoProvider; or NULL if an error occured. |
LassoHttpMethod lasso_provider_get_first_http_method (LassoProvider *provider, const LassoProvider *remote_provider, LassoMdProtocolType protocol_type);
Looks up and returns a LassoHttpMethod appropriate for performing the
protocol_type
between provider
and remote_provider
.
|
a LassoProvider. transfer none. |
|
a LassoProvider depicting the remote provider |
|
a Liberty profile |
Returns : |
the LassoHttpMethod |
gboolean lasso_provider_accept_http_method (LassoProvider *provider, const LassoProvider *remote_provider, LassoMdProtocolType protocol_type, LassoHttpMethod http_method, gboolean initiate_profile);
Gets if http_method
is an appropriate method for the protocol_type
profile
between provider
and remote_provider
.
|
a LassoProvider |
|
a LassoProvider depicting the remote provider |
|
a Liberty profile type |
|
an HTTP method |
|
whether provider initiates the profile
|
Returns : |
TRUE if it is appropriate
|
typedef enum { LASSO_HTTP_METHOD_NONE = -1, LASSO_HTTP_METHOD_ANY, LASSO_HTTP_METHOD_IDP_INITIATED, LASSO_HTTP_METHOD_GET, LASSO_HTTP_METHOD_POST, LASSO_HTTP_METHOD_REDIRECT, LASSO_HTTP_METHOD_SOAP, LASSO_HTTP_METHOD_ARTIFACT_GET, LASSO_HTTP_METHOD_ARTIFACT_POST, LASSO_HTTP_METHOD_PAOS, LASSO_HTTP_METHOD_LAST } LassoHttpMethod;
Method.
invalid value (internal use) | |
any method will do | |
not a method, for IdP initiated profile | |
HTTP GET | |
Browser POST | |
HTTP-Redirect based | |
SOAP/HTTP based | |
Artifact by HTTP GET (SAML 2.0) | |
Artifact by HTTP POST (SAML 2.0) | |
PAOS/HTTP based (SAML 2.0) | |
typedef enum { LASSO_MD_PROTOCOL_TYPE_FEDERATION_TERMINATION, LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING, LASSO_MD_PROTOCOL_TYPE_REGISTER_NAME_IDENTIFIER, LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT, LASSO_MD_PROTOCOL_TYPE_SINGLE_SIGN_ON, LASSO_MD_PROTOCOL_TYPE_ARTIFACT_RESOLUTION, LASSO_MD_PROTOCOL_TYPE_MANAGE_NAME_ID, LASSO_MD_PROTOCOL_TYPE_ASSERTION_ID_REQUEST } LassoMdProtocolType;
Liberty Metadata Type.
Federation Termination Notification | |
Name Identifier Mapping | |
Name Registration | |
Single Logout | |
Single Sign-On and Federation | |
Artifact Resolution (SAML 2.0) | |
Manage Name Identifier (SAML 2.0) | |
Assertion ID Request (SAML 2.0) |
gboolean lasso_provider_has_protocol_profile (const LassoProvider *provider, LassoMdProtocolType protocol_type, const char *protocol_profile);
Gets if provider
supports protocol_profile
.
|
a LassoProvider |
|
a Liberty profile type |
|
a fully-qualified Liberty profile |
Returns : |
TRUE if it is supported
|
gchar* lasso_provider_get_base64_succinct_id (const LassoProvider *provider);
Computes and returns the base64-encoded provider succinct ID.
|
a LassoProvider |
Returns : |
the provider succinct ID. This string must be freed by the caller. |
xmlNode* lasso_provider_get_organization (const LassoProvider *provider);
Returns the provider metadata <Organization> XML node.
|
a LassoProvider |
Returns : |
the <Organization/> node (libxml2 xmlNode*); or NULL if it is not found. This xmlnode must be freed by the caller. |
LassoProtocolConformance lasso_provider_get_protocol_conformance (const LassoProvider *provider);
typedef enum { LASSO_PROTOCOL_NONE = -1, LASSO_PROTOCOL_LIBERTY_1_0, LASSO_PROTOCOL_LIBERTY_1_1, LASSO_PROTOCOL_LIBERTY_1_2, LASSO_PROTOCOL_SAML_2_0 } LassoProtocolConformance;
Provider protocol conformance.
LassoEncryptionMode lasso_provider_get_encryption_mode (LassoProvider *provider);
Return the current encryption mode.
|
a LassoProvider object |
void lasso_provider_set_encryption_mode (LassoProvider *provider, LassoEncryptionMode encryption_mode);
Activate or desactivate encryption
|
provider to set encryption for |
|
TRUE to activate, FALSE to desactivate |
typedef enum { LASSO_ENCRYPTION_MODE_NONE, LASSO_ENCRYPTION_MODE_NAMEID, LASSO_ENCRYPTION_MODE_ASSERTION } LassoEncryptionMode;
Encryption mode.
void lasso_provider_set_encryption_sym_key_type (LassoProvider *provider, LassoEncryptionSymKeyType encryption_sym_key_type);
Set the type of the generated encryption symetric key
|
provider to set encryption for |
|
enum type for generated symetric key |
typedef enum { LASSO_ENCRYPTION_SYM_KEY_TYPE_DEFAULT, LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_256, LASSO_ENCRYPTION_SYM_KEY_TYPE_AES_128, LASSO_ENCRYPTION_SYM_KEY_TYPE_3DES } LassoEncryptionSymKeyType;
Encryption symetric key type.
int lasso_provider_verify_single_node_signature (LassoProvider *provider, LassoNode *node, const char *id_attr_name);
Return wheter the provider signed this node.
|
a LassoProvider object |
|
a LassoNode object, still having its originalXmlnode content, and containing an XML signature. |
|
the name of the ID attribute to lookup. |
Returns : |
0 if the node is signed by this provider, an error code otherwise. |
gchar* lasso_provider_get_default_name_id_format (const LassoProvider *provider);
If the provider has a list of supported name id formats in its metadatas, return the first one.
|
a LassoProvider object |
Returns : |
a NameIDFormat URI or NULL, the returned value must be freed by the caller. |
char* lasso_provider_get_sp_name_qualifier (LassoProvider *provider);
Return the entityID to use for qualifying NameIdentifier.
|
a LassoPRovider object |
Returns : |
transfer none. transfer none. |