1 /* $Id$
2 *
3 * Lasso - A free implementation of the Liberty Alliance specifications.
4 *
5 * Copyright (C) 2004-2007 Entr'ouvert
6 * http://lasso.entrouvert.org
7 *
8 * Authors: See AUTHORS file in top-level directory.
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, see <http://www.gnu.org/licenses/>.
22 */
23
24 /**
25 * SECTION:name_identifier_mapping
26 * @short_description: Liberty Enabled Client and Proxy Profile (ID-FF)
27 *
28 **/
29
30 #include "../utils.h"
31 #include "../xml/private.h"
32 #include "name_identifier_mapping.h"
33
34 #include "profileprivate.h"
35 #include "providerprivate.h"
36
37 /*****************************************************************************/
38 /* public methods */
39 /*****************************************************************************/
40
41 /**
42 * lasso_name_identifier_mapping_build_request_msg:
43 * @mapping: a #LassoNameIdentifierMapping
44 *
45 * Builds a name identifier mapping request message.
46 *
47 * <itemizedlist>
48 * <listitem><para>
49 * If it is a SOAP method, then it builds the request as a SOAP message,
50 * optionally signs his node, sets @msg_body with that message and sets
51 * @msg_url with the SOAP Endpoint URL
52 * </para></listitem>
53 * <listitem><para>
54 * If it is a HTTP-Redirect method, then it builds the request as a query
55 * string message, optionally signs it and sets @msg_url to that URL.
56 * </para></listitem>
57 * </itemizedlist>
58 *
59 * Return value: 0 on success; or a negative value otherwise.
60 **/
61 gint
lasso_name_identifier_mapping_build_request_msg(LassoNameIdentifierMapping * mapping)62 lasso_name_identifier_mapping_build_request_msg(LassoNameIdentifierMapping *mapping)
63 {
64 LassoProfile *profile;
65 LassoProvider *remote_provider;
66
67 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
68 LASSO_PARAM_ERROR_INVALID_VALUE);
69
70 profile = LASSO_PROFILE(mapping);
71 lasso_profile_clean_msg_info(profile);
72
73 if (profile->remote_providerID == NULL) {
74 /* this means lasso_name_identifer_mapping_init_request was not called before */
75 return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID);
76 }
77
78 /* get provider object */
79 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
80 if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
81 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
82 }
83
84 if (remote_provider->role != LASSO_PROVIDER_ROLE_IDP) {
85 message(G_LOG_LEVEL_CRITICAL, "Build request msg method is forbidden at IDP");
86 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
87 }
88
89 profile->msg_url = lasso_provider_get_metadata_one(remote_provider, "SoapEndpoint");
90 if (profile->msg_url == NULL) {
91 return critical_error(LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
92 }
93
94 LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->private_key_file =
95 profile->server->private_key;
96 LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->certificate_file =
97 profile->server->certificate;
98 profile->msg_body = lasso_node_export_to_soap(profile->request);
99 if (profile->msg_body == NULL) {
100 return critical_error(LASSO_PROFILE_ERROR_BUILDING_MESSAGE_FAILED);
101 }
102
103 return 0;
104 }
105
106
107 /**
108 * lasso_name_identifier_mapping_build_response_msg:
109 * @mapping: a #LassoNameIdentifierMapping
110 *
111 * Builds a name identifier mapping response message.
112 *
113 * <itemizedlist>
114 * <listitem><para>
115 * If it is a SOAP method, then it builds the response as a SOAP message,
116 * optionally signs his node, sets @msg_body with that message and sets
117 * @msg_url with the register name identifier service return URL.
118 * </para></listitem>
119 * <listitem><para>
120 * If it is a HTTP-Redirect method, then it builds the response as a query
121 * string message, optionally signs it and sets @msg_url to that URL.
122 * </para></listitem>
123 * </itemizedlist>
124 *
125 * If private key and certificate are set in server object it will also signs
126 * the message (either with X509 if SOAP or with a simple signature for query
127 * strings).
128 *
129 * Return value: 0 on success; or a negative value otherwise.
130 **/
131 gint
lasso_name_identifier_mapping_build_response_msg(LassoNameIdentifierMapping * mapping)132 lasso_name_identifier_mapping_build_response_msg(LassoNameIdentifierMapping *mapping)
133 {
134 LassoProfile *profile;
135 LassoProvider *remote_provider;
136
137 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
138 LASSO_PARAM_ERROR_INVALID_VALUE);
139
140 profile = LASSO_PROFILE(mapping);
141 lasso_profile_clean_msg_info(profile);
142
143 if (profile->remote_providerID == NULL) {
144 /* this means lasso_name_identifer_mapping_init_request was not called before */
145 return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID);
146 }
147
148 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
149 if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
150 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
151 }
152
153 if (remote_provider->role != LASSO_PROVIDER_ROLE_SP) {
154 message(G_LOG_LEVEL_CRITICAL, "Build response msg method is forbidden at SP");
155 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
156 }
157
158 /* verify the provider type is a service provider type */
159 /* build name identifier mapping response msg */
160 if (profile->http_request_method != LASSO_HTTP_METHOD_SOAP) {
161 return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD);
162 }
163
164 profile->msg_url = NULL;
165 LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->private_key_file =
166 profile->server->private_key;
167 LASSO_SAMLP_RESPONSE_ABSTRACT(profile->response)->certificate_file =
168 profile->server->certificate;
169 profile->msg_body = lasso_node_export_to_soap(profile->response);
170
171 return 0;
172 }
173
174
175 /**
176 * lasso_name_identifier_mapping_destroy:
177 * @mapping: a #LassoNameIdentifierMapping
178 *
179 * Destroys a #LassoNameIdentifierMapping object.
180 **/
181 void
lasso_name_identifier_mapping_destroy(LassoNameIdentifierMapping * mapping)182 lasso_name_identifier_mapping_destroy(LassoNameIdentifierMapping *mapping)
183 {
184 lasso_node_destroy(LASSO_NODE(mapping));
185 }
186
187
188 /**
189 * lasso_name_identifier_mapping_init_request:
190 * @mapping: a #LassoNameIdentifierMapping
191 * @targetNamespace: the request targetNamespace
192 * @remote_providerID: the providerID of the identity provider.
193 *
194 * Initializes a new lib:NameIdentifierMappingRequest request.
195 *
196 * Return value: 0 on success; or a negative value otherwise.
197 **/
198 gint
lasso_name_identifier_mapping_init_request(LassoNameIdentifierMapping * mapping,char * targetNamespace,char * remote_providerID)199 lasso_name_identifier_mapping_init_request(LassoNameIdentifierMapping *mapping,
200 char *targetNamespace, char *remote_providerID)
201 {
202 LassoProfile *profile;
203 LassoProvider *remote_provider;
204 LassoFederation *federation;
205 LassoSamlNameIdentifier *nameIdentifier;
206
207 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
208 LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
209 g_return_val_if_fail(targetNamespace != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
210 g_return_val_if_fail(remote_providerID != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
211
212 profile = LASSO_PROFILE(mapping);
213
214 /* verify if the identity exists */
215 if (profile->identity == NULL) {
216 return critical_error(LASSO_PROFILE_ERROR_IDENTITY_NOT_FOUND);
217 }
218
219 /* set the remote provider id */
220 profile->remote_providerID = g_strdup(remote_providerID);
221
222 /* verify the provider type is a service provider type */
223 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
224 if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
225 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
226 }
227 if (remote_provider->role != LASSO_PROVIDER_ROLE_IDP) {
228 message(G_LOG_LEVEL_CRITICAL, "Init request method is forbidden for an IDP");
229 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
230 }
231
232 /* get federation */
233 federation = g_hash_table_lookup(profile->identity->federations,
234 profile->remote_providerID);
235 if (federation == NULL) {
236 return critical_error(LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
237 }
238
239 /* name identifier */
240 nameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->local_nameIdentifier);
241 if (nameIdentifier == NULL)
242 nameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->remote_nameIdentifier);
243 if (nameIdentifier == NULL) {
244 return critical_error(LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND);
245 }
246
247 /* get / verify http method */
248 profile->http_request_method = LASSO_HTTP_METHOD_NONE;
249 if (lasso_provider_accept_http_method(LASSO_PROVIDER(profile->server),
250 remote_provider,
251 LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING,
252 LASSO_HTTP_METHOD_REDIRECT, TRUE) == FALSE) {
253 return critical_error(LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE);
254 }
255
256 profile->request = lasso_lib_name_identifier_mapping_request_new_full(
257 LASSO_PROVIDER(profile->server)->ProviderID,
258 nameIdentifier,
259 targetNamespace,
260 profile->server->certificate ?
261 LASSO_SIGNATURE_TYPE_WITHX509 : LASSO_SIGNATURE_TYPE_SIMPLE,
262 LASSO_SIGNATURE_METHOD_RSA_SHA1);
263 if (LASSO_IS_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request) == FALSE) {
264 return critical_error(LASSO_PROFILE_ERROR_BUILDING_REQUEST_FAILED);
265 }
266
267 if (lasso_provider_get_protocol_conformance(remote_provider) < LASSO_PROTOCOL_LIBERTY_1_2) {
268 LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MajorVersion = 1;
269 LASSO_SAMLP_REQUEST_ABSTRACT(profile->request)->MinorVersion = 1;
270 }
271
272 profile->http_request_method = LASSO_HTTP_METHOD_SOAP;
273
274 return 0;
275 }
276
277
278 /**
279 * lasso_name_identifier_mapping_process_request_msg:
280 * @mapping: a #LassoNameIdentifierMapping
281 * @request_msg: the name identifier mapping request message
282 *
283 * Processes a lib:NameIdentifierMappingRequest message. Rebuilds a request
284 * object from the message and optionally verifies its signature.
285 *
286 * Return value: 0 on success; or a negative value otherwise.
287 **/
288 gint
lasso_name_identifier_mapping_process_request_msg(LassoNameIdentifierMapping * mapping,char * request_msg)289 lasso_name_identifier_mapping_process_request_msg(LassoNameIdentifierMapping *mapping,
290 char *request_msg)
291 {
292 LassoProfile *profile;
293 LassoProvider *remote_provider;
294 LassoMessageFormat format;
295
296 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
297 LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
298 g_return_val_if_fail(request_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
299
300 profile = LASSO_PROFILE(mapping);
301
302 /* build name identifier mapping from message */
303 profile->request = lasso_lib_name_identifier_mapping_request_new();
304 format = lasso_node_init_from_message(LASSO_NODE(profile->request), request_msg);
305 if (format == LASSO_MESSAGE_FORMAT_UNKNOWN || format == LASSO_MESSAGE_FORMAT_ERROR) {
306 return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
307 }
308
309 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
310 if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
311 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
312 }
313 profile->remote_providerID = g_strdup(remote_provider->ProviderID);
314
315 /* verify http method is supported */
316 if (lasso_provider_accept_http_method(LASSO_PROVIDER(profile->server),
317 remote_provider,
318 LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING,
319 LASSO_HTTP_METHOD_REDIRECT, FALSE) == FALSE ) {
320 return critical_error(LASSO_PROFILE_ERROR_UNSUPPORTED_PROFILE);
321 }
322
323 /* verify signature */
324 profile->signature_status = lasso_provider_verify_signature(
325 remote_provider, request_msg, "RequestID", format);
326
327 profile->http_request_method = LASSO_HTTP_METHOD_SOAP;
328
329 profile->nameIdentifier = LASSO_NODE(g_object_ref(LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(
330 profile->request)->NameIdentifier));
331
332 return profile->signature_status;
333 }
334
335
336 /**
337 * lasso_name_identifier_mapping_process_response_msg:
338 * @mapping: a #LassoNameIdentifierMapping
339 * @response_msg: the name identifier mapping response message
340 *
341 * Processes a lib:NameIdentifierMappingResponse message. Rebuilds a response
342 * object from the message and optionally verifies its signature.
343 *
344 * If the response depicts Success it will also sets @targetNameIdentifier.
345 *
346 * Return value: 0 on success; or a negative value otherwise.
347 **/
348 gint
lasso_name_identifier_mapping_process_response_msg(LassoNameIdentifierMapping * mapping,char * response_msg)349 lasso_name_identifier_mapping_process_response_msg(LassoNameIdentifierMapping *mapping,
350 char *response_msg)
351 {
352 LassoProfile *profile;
353 LassoProvider *remote_provider;
354 LassoMessageFormat format;
355 LassoLibNameIdentifierMappingResponse *response;
356 int rc = 0;
357 char *statusCodeValue;
358
359 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping),
360 LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
361 g_return_val_if_fail(response_msg != NULL, LASSO_PARAM_ERROR_INVALID_VALUE);
362
363 profile = LASSO_PROFILE(mapping);
364
365 profile->response = lasso_lib_name_identifier_mapping_response_new();
366 format = lasso_node_init_from_message(LASSO_NODE(profile->response), response_msg);
367 if (format == LASSO_MESSAGE_FORMAT_UNKNOWN || format == LASSO_MESSAGE_FORMAT_ERROR) {
368 return critical_error(LASSO_PROFILE_ERROR_INVALID_MSG);
369 }
370
371 response = LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response);
372
373 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
374 if (LASSO_IS_PROVIDER(remote_provider) == FALSE) {
375 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
376 }
377
378 /* verify signature */
379 rc = lasso_provider_verify_signature(remote_provider, response_msg, "ResponseID", format);
380
381 if (response->Status == NULL || response->Status->StatusCode == NULL) {
382 return LASSO_PROFILE_ERROR_MISSING_STATUS_CODE;
383 }
384
385 statusCodeValue = response->Status->StatusCode->Value;
386 if (statusCodeValue == NULL || strcmp(statusCodeValue,
387 LASSO_SAML_STATUS_CODE_SUCCESS) != 0) {
388 return LASSO_PROFILE_ERROR_STATUS_NOT_SUCCESS;
389 }
390
391
392 /* Set the target name identifier */
393 if (LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request)->NameIdentifier) {
394 mapping->targetNameIdentifier = g_strdup(LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(
395 profile->request)->NameIdentifier->content);
396 } else {
397 mapping->targetNameIdentifier = NULL;
398 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_IDENTIFIER;
399 }
400
401 return rc;
402 }
403
404
405 /**
406 * lasso_name_identifier_mapping_validate_request:
407 * @mapping: a #LassoNameIdentifierMapping
408 *
409 * Checks profile request with regards to message status and principal
410 * federations, update them accordingly and prepares a
411 * lib:NameIdentifierMappingResponse accordingly.
412 *
413 * Return value: 0 on success; or a negative value otherwise.
414 **/
415 gint
lasso_name_identifier_mapping_validate_request(LassoNameIdentifierMapping * mapping)416 lasso_name_identifier_mapping_validate_request(LassoNameIdentifierMapping *mapping)
417 {
418 LassoProfile *profile;
419 LassoProvider *remote_provider;
420 LassoFederation *federation;
421 LassoLibNameIdentifierMappingRequest *request;
422 LassoSamlNameIdentifier *nameIdentifier, *targetNameIdentifier;
423
424 g_return_val_if_fail(LASSO_IS_NAME_IDENTIFIER_MAPPING(mapping) == TRUE,
425 LASSO_PARAM_ERROR_BAD_TYPE_OR_NULL_OBJ);
426
427 profile = LASSO_PROFILE(mapping);
428
429 /* verify the provider type is a service provider type */
430 if (profile->remote_providerID == NULL) {
431 return critical_error(LASSO_PROFILE_ERROR_MISSING_REMOTE_PROVIDERID);
432 }
433 remote_provider = lasso_server_get_provider(profile->server, profile->remote_providerID);
434 if (remote_provider == NULL) {
435 return critical_error(LASSO_SERVER_ERROR_PROVIDER_NOT_FOUND);
436 }
437
438 if (remote_provider->role != LASSO_PROVIDER_ROLE_SP) {
439 message(G_LOG_LEVEL_CRITICAL, "Build request msg method is forbidden at SP");
440 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_FORBIDDEN_CALL_ON_THIS_SIDE;
441 }
442
443 /* verify request attribute of mapping is a name identifier mapping request */
444 if (LASSO_IS_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request) == FALSE) {
445 message(G_LOG_LEVEL_CRITICAL, "Invalid NameIdentifierMappingRequest");
446 return LASSO_PROFILE_ERROR_MISSING_REQUEST;
447 }
448
449 if (profile->http_request_method != LASSO_HTTP_METHOD_SOAP) {
450 return critical_error(LASSO_PROFILE_ERROR_INVALID_HTTP_METHOD);
451 }
452
453 request = LASSO_LIB_NAME_IDENTIFIER_MAPPING_REQUEST(profile->request);
454
455 profile->response = lasso_lib_name_identifier_mapping_response_new_full(
456 LASSO_PROVIDER(profile->server)->ProviderID,
457 LASSO_SAML_STATUS_CODE_SUCCESS,
458 request,
459 profile->server->certificate ?
460 LASSO_SIGNATURE_TYPE_WITHX509 : LASSO_SIGNATURE_TYPE_SIMPLE,
461 LASSO_SIGNATURE_METHOD_RSA_SHA1);
462
463 if (LASSO_IS_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response) == FALSE) {
464 return critical_error(LASSO_PROFILE_ERROR_BUILDING_RESPONSE_FAILED);
465 }
466
467 /* verify signature status */
468 if (profile->signature_status != 0) {
469 lasso_profile_set_response_status(profile,
470 LASSO_LIB_STATUS_CODE_INVALID_SIGNATURE);
471 }
472
473 /* Verify identity attribute of mapping object */
474 if (LASSO_IS_IDENTITY(profile->identity) == FALSE) {
475 return critical_error(LASSO_PROFILE_ERROR_IDENTITY_NOT_FOUND);
476 }
477
478 /* verify federation of the SP request */
479 federation = g_hash_table_lookup(
480 profile->identity->federations, profile->remote_providerID);
481 if (LASSO_IS_FEDERATION(federation) == FALSE) {
482 lasso_profile_set_response_status(profile,
483 LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL);
484 return critical_error(LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND);
485 }
486 nameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->remote_nameIdentifier);
487 if (nameIdentifier == NULL)
488 nameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->local_nameIdentifier);
489
490 if (nameIdentifier == NULL) {
491 lasso_profile_set_response_status(profile,
492 LASSO_LIB_STATUS_CODE_UNKNOWN_PRINCIPAL);
493 return LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
494 }
495
496 /* get the federation of the target name space and his name identifier */
497 if (request->TargetNamespace == NULL) {
498 return LASSO_NAME_IDENTIFIER_MAPPING_ERROR_MISSING_TARGET_NAMESPACE;
499 }
500 federation = g_hash_table_lookup(profile->identity->federations, request->TargetNamespace);
501 if (LASSO_IS_FEDERATION(federation) == FALSE) {
502 lasso_profile_set_response_status(profile,
503 LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST);
504 message(G_LOG_LEVEL_CRITICAL, "Target name space federation not found");
505 return LASSO_PROFILE_ERROR_FEDERATION_NOT_FOUND;
506 }
507
508 targetNameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->remote_nameIdentifier);
509 if (targetNameIdentifier == NULL) {
510 targetNameIdentifier = LASSO_SAML_NAME_IDENTIFIER(federation->local_nameIdentifier);
511 }
512
513 if (targetNameIdentifier == NULL) {
514 message(G_LOG_LEVEL_CRITICAL,
515 "Name identifier for target name space federation not found");
516 lasso_profile_set_response_status(profile,
517 LASSO_LIB_STATUS_CODE_FEDERATION_DOES_NOT_EXIST);
518 return LASSO_PROFILE_ERROR_NAME_IDENTIFIER_NOT_FOUND;
519 }
520
521 LASSO_LIB_NAME_IDENTIFIER_MAPPING_RESPONSE(profile->response)->NameIdentifier =
522 g_object_ref(targetNameIdentifier);
523
524 return 0;
525 }
526
527
528 /*****************************************************************************/
529 /* instance and class init functions */
530 /*****************************************************************************/
531
532 static void
class_init(LassoNameIdentifierMappingClass * klass,void * unused G_GNUC_UNUSED)533 class_init(LassoNameIdentifierMappingClass *klass, void *unused G_GNUC_UNUSED)
534 {
535 LassoNodeClass *nclass = LASSO_NODE_CLASS(klass);
536
537 nclass->node_data = g_new0(LassoNodeClassData, 1);
538 lasso_node_class_set_nodename(nclass, "NameIdentifierMapping");
539 lasso_node_class_set_ns(nclass, LASSO_LASSO_HREF, LASSO_LASSO_PREFIX);
540 }
541
542 GType
lasso_name_identifier_mapping_get_type()543 lasso_name_identifier_mapping_get_type()
544 {
545 static GType this_type = 0;
546
547 if (!this_type) {
548 static const GTypeInfo this_info = {
549 sizeof (LassoNameIdentifierMappingClass),
550 NULL,
551 NULL,
552 (GClassInitFunc)class_init,
553 NULL,
554 NULL,
555 sizeof(LassoNameIdentifierMapping),
556 0,
557 NULL,
558 NULL
559 };
560
561 this_type = g_type_register_static(LASSO_TYPE_PROFILE,
562 "LassoNameIdentifierMapping", &this_info, 0);
563 }
564 return this_type;
565 }
566
567 /**
568 * lasso_name_identifier_mapping_new
569 * @server: the #LassoServer
570 *
571 * Creates a new #LassoNameIdentifierMapping.
572 *
573 * Return value: a newly created #LassoNameIdentifierMapping object; or NULL
574 * if an error occured
575 **/
576 LassoNameIdentifierMapping *
lasso_name_identifier_mapping_new(LassoServer * server)577 lasso_name_identifier_mapping_new(LassoServer *server)
578 {
579 LassoNameIdentifierMapping *mapping = NULL;
580
581 g_return_val_if_fail(LASSO_IS_SERVER(server), NULL);
582
583 mapping = g_object_new(LASSO_TYPE_NAME_IDENTIFIER_MAPPING, NULL);
584 LASSO_PROFILE(mapping)->server = g_object_ref(server);
585
586 return mapping;
587 }
588