LassoProvider

LassoProvider — Service or identity provider

Synopsis


#include <lasso/lasso.h>

                    LassoProvider;
enum                LassoProviderRole;
enum                LassoHttpMethod;
enum                LassoMdProtocolType;
LassoProvider*      lasso_provider_new                  (LassoProviderRole role,
                                                         const char *metadata,
                                                         const char *public_key,
                                                         const char *ca_cert_chain);
LassoProvider*      lasso_provider_new_from_dump        (const gchar *dump);
gboolean            lasso_provider_accept_http_method   (LassoProvider *provider,
                                                         LassoProvider *remote_provider,
                                                         LassoMdProtocolType protocol_type,
                                                         LassoHttpMethod http_method,
                                                         gboolean initiate_profile);
gchar*              lasso_provider_get_assertion_consumer_service_url
                                                        (LassoProvider *provider,
                                                         const char *service_id);
gchar*              lasso_provider_get_base64_succinct_id
                                                        (LassoProvider *provider);
LassoHttpMethod     lasso_provider_get_first_http_method
                                                        (LassoProvider *provider,
                                                         LassoProvider *remote_provider,
                                                         LassoMdProtocolType protocol_type);
GList*              lasso_provider_get_metadata_list    (LassoProvider *provider,
                                                         const char *name);
gchar*              lasso_provider_get_metadata_one     (LassoProvider *provider,
                                                         const char *name);
gboolean            lasso_provider_has_protocol_profile (LassoProvider *provider,
                                                         LassoMdProtocolType protocol_type,
                                                         const char *protocol_profile);
xmlNode*            lasso_provider_get_organization     (LassoProvider *provider);

Object Hierarchy

  GObject
   +----LassoNode
         +----LassoProvider
               +----LassoServer

Description

It holds all the data about a provider.

Details

LassoProvider

typedef struct {
	gchar *ProviderID;
	LassoProviderRole role;

	char *metadata_filename;
	gchar *public_key;
	gchar *ca_cert_chain;
} LassoProvider;

enum LassoProviderRole

typedef enum {
	LASSO_PROVIDER_ROLE_NONE = 0,
	LASSO_PROVIDER_ROLE_SP,
	LASSO_PROVIDER_ROLE_IDP
} LassoProviderRole;

Provider Role.

`LASSO_PROVIDER_ROLE_NONE`	unitialized value (internal use)
`LASSO_PROVIDER_ROLE_SP`	service provider
`LASSO_PROVIDER_ROLE_IDP`	identity provider

enum LassoHttpMethod

typedef enum {
	LASSO_HTTP_METHOD_NONE = -1,
	LASSO_HTTP_METHOD_ANY,
	LASSO_HTTP_METHOD_IDP_INITIATED,
	LASSO_HTTP_METHOD_GET,
	LASSO_HTTP_METHOD_POST,
	LASSO_HTTP_METHOD_REDIRECT,
	LASSO_HTTP_METHOD_SOAP,
	LASSO_HTTP_METHOD_ARTIFACT_GET,
	LASSO_HTTP_METHOD_ARTIFACT_POST
} LassoHttpMethod;

Method.

`LASSO_HTTP_METHOD_NONE`	invalid value (internal use)
`LASSO_HTTP_METHOD_ANY`	any method will do
`LASSO_HTTP_METHOD_IDP_INITIATED`	not a method, for IdP initiated profile
`LASSO_HTTP_METHOD_GET`	HTTP GET
`LASSO_HTTP_METHOD_POST`	Browser POST
`LASSO_HTTP_METHOD_REDIRECT`	HTTP-Redirect based
`LASSO_HTTP_METHOD_SOAP`	SOAP/HTTP based
`LASSO_HTTP_METHOD_ARTIFACT_GET`	Artifact by HTTP GET (SAML 2.0)
`LASSO_HTTP_METHOD_ARTIFACT_POST`	Artifact by HTTP POST (SAML 2.0)

enum LassoMdProtocolType

typedef enum {
	LASSO_MD_PROTOCOL_TYPE_FEDERATION_TERMINATION,
	LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING,
	LASSO_MD_PROTOCOL_TYPE_REGISTER_NAME_IDENTIFIER,
	LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT,
	LASSO_MD_PROTOCOL_TYPE_SINGLE_SIGN_ON,
	LASSO_MD_PROTOCOL_TYPE_ARTIFACT_RESOLUTION,
	LASSO_MD_PROTOCOL_TYPE_MANAGE_NAME_ID,
	LASSO_MD_PROTOCOL_TYPE_ASSERTION_ID_REQUEST
} LassoMdProtocolType;

Liberty Metadata Type.

`LASSO_MD_PROTOCOL_TYPE_FEDERATION_TERMINATION`	Federation Termination Notification
`LASSO_MD_PROTOCOL_TYPE_NAME_IDENTIFIER_MAPPING`	Name Identifier Mapping
`LASSO_MD_PROTOCOL_TYPE_REGISTER_NAME_IDENTIFIER`	Name Registration
`LASSO_MD_PROTOCOL_TYPE_SINGLE_LOGOUT`	Single Logout
`LASSO_MD_PROTOCOL_TYPE_SINGLE_SIGN_ON`	Single Sign-On and Federation
`LASSO_MD_PROTOCOL_TYPE_ARTIFACT_RESOLUTION`	Artifact Resolution (SAML 2.0)
`LASSO_MD_PROTOCOL_TYPE_MANAGE_NAME_ID`	Manage Name Identifier (SAML 2.0)
`LASSO_MD_PROTOCOL_TYPE_ASSERTION_ID_REQUEST`	Assertion ID Request (SAML 2.0)

lasso_provider_new ()

LassoProvider*      lasso_provider_new                  (LassoProviderRole role,
                                                         const char *metadata,
                                                         const char *public_key,
                                                         const char *ca_cert_chain);

Creates a new LassoProvider.

`role` :	provider role, identity provider or service provider
`metadata` :	path to the provider metadata file
`public_key` :	path to the provider public key file (may be a certificate) or NULL
`ca_cert_chain` :	path to the provider CA certificate chain file or NULL
Returns :	a newly created LassoProvider; or NULL if an error occured

lasso_provider_new_from_dump ()

LassoProvider*      lasso_provider_new_from_dump        (const gchar *dump);

Restores the dump to a new LassoProvider.

`dump` :	XML provider dump
Returns :	a newly created LassoProvider; or NULL if an error occured.

lasso_provider_accept_http_method ()

gboolean            lasso_provider_accept_http_method   (LassoProvider *provider,
                                                         LassoProvider *remote_provider,
                                                         LassoMdProtocolType protocol_type,
                                                         LassoHttpMethod http_method,
                                                         gboolean initiate_profile);

Gets if http_method is an appropriate method for the protocol_type profile between provider and remote_provider.

`provider` :	a LassoProvider
`remote_provider` :	a LassoProvider depicting the remote provider
`protocol_type` :	a Liberty profile type
`http_method` :	an HTTP method
`initiate_profile` :	whether `provider` initiates the profile
Returns :	`TRUE` if it is appropriate

lasso_provider_get_assertion_consumer_service_url ()

gchar*              lasso_provider_get_assertion_consumer_service_url
                                                        (LassoProvider *provider,
                                                         const char *service_id);

Extracts the AssertionConsumerServiceURL from the provider metadata descriptor.

`provider` :	a LassoProvider
`service_id` :	the AssertionConsumerServiceID, NULL for default
Returns :	the element value, NULL if the element was not found. This string must be freed by the caller.

lasso_provider_get_base64_succinct_id ()

gchar*              lasso_provider_get_base64_succinct_id
                                                        (LassoProvider *provider);

Computes and returns the base64-encoded provider succinct ID.

`provider` :	a LassoProvider
Returns :	the provider succinct ID. This string must be freed by the caller.

lasso_provider_get_first_http_method ()

LassoHttpMethod     lasso_provider_get_first_http_method
                                                        (LassoProvider *provider,
                                                         LassoProvider *remote_provider,
                                                         LassoMdProtocolType protocol_type);

Looks up and returns a LassoHttpMethod appropriate for performing the protocol_type between provider and remote_provider.

`provider` :	a LassoProvider
`remote_provider` :	a LassoProvider depicting the remote provider
`protocol_type` :	a Liberty profile
Returns :	the LassoHttpMethod

lasso_provider_get_metadata_list ()

GList*              lasso_provider_get_metadata_list    (LassoProvider *provider,
                                                         const char *name);

Extracts zero to many elements from the provider metadata descriptor.

`provider` :	a LassoProvider
`name` :	the element name
Returns :	a GList with the elements. This GList is internally allocated and points to internally allocated strings. It must not be freed, modified or stored.

lasso_provider_get_metadata_one ()

gchar*              lasso_provider_get_metadata_one     (LassoProvider *provider,
                                                         const char *name);

Extracts the element name from the provider metadata descriptor.

`provider` :	a LassoProvider
`name` :	the element name
Returns :	the element value, NULL if the element was not found. This string must be freed by the caller.

lasso_provider_has_protocol_profile ()

gboolean            lasso_provider_has_protocol_profile (LassoProvider *provider,
                                                         LassoMdProtocolType protocol_type,
                                                         const char *protocol_profile);

Gets if provider supports protocol_profile.

`provider` :	a LassoProvider
`protocol_type` :	a Liberty profile type
`protocol_profile` :	a fully-qualified Liberty profile
Returns :	`TRUE` if it is supported

lasso_provider_get_organization ()

xmlNode*            lasso_provider_get_organization     (LassoProvider *provider);

Returns the provider metadata <Organization> XML node.

`provider` :	a LassoProvider
Returns :	the <Organization/> node (libxml2 xmlNode*); or NULL if it is not found. This xmlnode must be freed by the caller.

			Lasso Reference Manual
Top \| Description \| Object Hierarchy