gsasl  2.2.1
saml20/server.c
Go to the documentation of this file.
1 /* server.c --- SAML20 mechanism, server side.
2  * Copyright (C) 2010-2024 Simon Josefsson
3  *
4  * This file is part of GNU SASL Library.
5  *
6  * GNU SASL Library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public License
8  * as published by the Free Software Foundation; either version 2.1 of
9  * the License, or (at your option) any later version.
10  *
11  * GNU SASL Library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with GNU SASL Library; if not, write to the Free
18  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19  * Boston, MA 02110-1301, USA.
20  *
21  */
22 
23 #include <config.h>
24 
25 /* Get specification. */
26 #include "saml20.h"
27 
28 /* Get strdup, strlen. */
29 #include <string.h>
30 
31 /* Get free. */
32 #include <stdlib.h>
33 
34 /* Get _gsasl_parse_gs2_header. */
35 #include "mechtools.h"
36 
37 struct saml20_server_state
38 {
39  int step;
40 };
41 
42 int
43 _gsasl_saml20_server_start (Gsasl_session *sctx _GL_UNUSED, void **mech_data)
44 {
45  struct saml20_server_state *state;
46 
47  state = (struct saml20_server_state *) calloc (sizeof (*state), 1);
48  if (state == NULL)
49  return GSASL_MALLOC_ERROR;
50 
51  *mech_data = state;
52 
53  return GSASL_OK;
54 }
55 
56 int
57 _gsasl_saml20_server_step (Gsasl_session *sctx,
58  void *mech_data,
59  const char *input, size_t input_len,
60  char **output, size_t *output_len)
61 {
62  struct saml20_server_state *state = mech_data;
63  int res = GSASL_MECHANISM_CALLED_TOO_MANY_TIMES;
64 
65  *output_len = 0;
66  *output = NULL;
67 
68  switch (state->step)
69  {
70  case 0:
71  {
72  const char *p;
73  char *authzid;
74  size_t headerlen;
75 
76  if (input_len == 0)
77  return GSASL_NEEDS_MORE;
78 
79  res = _gsasl_parse_gs2_header (input, input_len,
80  &authzid, &headerlen);
81  if (res != GSASL_OK)
82  return res;
83 
84  if (authzid)
85  {
86  res = gsasl_property_set (sctx, GSASL_AUTHZID, authzid);
87  free (authzid);
88  if (res != GSASL_OK)
89  return res;
90  }
91 
92  input += headerlen;
93  input_len -= headerlen;
94 
95  res = gsasl_property_set_raw (sctx, GSASL_SAML20_IDP_IDENTIFIER,
96  input, input_len);
97  if (res != GSASL_OK)
98  return res;
99 
100  p = gsasl_property_get (sctx, GSASL_SAML20_REDIRECT_URL);
101  if (!p || !*p)
102  return GSASL_NO_SAML20_REDIRECT_URL;
103 
104  *output_len = strlen (p);
105  *output = malloc (*output_len);
106  if (!*output)
107  return GSASL_MALLOC_ERROR;
108 
109  memcpy (*output, p, *output_len);
110 
111  res = GSASL_NEEDS_MORE;
112  state->step++;
113  break;
114  }
115 
116  case 1:
117  {
118  if (!(input_len == 1 && *input == '='))
119  return GSASL_MECHANISM_PARSE_ERROR;
120 
121  res = gsasl_callback (NULL, sctx, GSASL_VALIDATE_SAML20);
122  if (res != GSASL_OK)
123  return res;
124 
125  *output = NULL;
126  *output_len = 0;
127 
128  res = GSASL_OK;
129  state->step++;
130  break;
131  }
132 
133  default:
134  break;
135  }
136 
137  return res;
138 }
139 
140 void
141 _gsasl_saml20_server_finish (Gsasl_session *sctx _GL_UNUSED, void *mech_data)
142 {
143  struct saml20_server_state *state = mech_data;
144 
145  if (!state)
146  return;
147 
148  free (state);
149 }
gsasl_callback
int gsasl_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop)
Definition: callback.c:71
GSASL_OK
@ GSASL_OK
Definition: gsasl.h:129
GSASL_NEEDS_MORE
@ GSASL_NEEDS_MORE
Definition: gsasl.h:130
GSASL_MALLOC_ERROR
@ GSASL_MALLOC_ERROR
Definition: gsasl.h:133
GSASL_MECHANISM_CALLED_TOO_MANY_TIMES
@ GSASL_MECHANISM_CALLED_TOO_MANY_TIMES
Definition: gsasl.h:132
GSASL_MECHANISM_PARSE_ERROR
@ GSASL_MECHANISM_PARSE_ERROR
Definition: gsasl.h:137
GSASL_NO_SAML20_REDIRECT_URL
@ GSASL_NO_SAML20_REDIRECT_URL
Definition: gsasl.h:153
gsasl_property_set_raw
_GSASL_API int gsasl_property_set_raw(Gsasl_session *sctx, Gsasl_property prop, const char *data, size_t len)
Definition: property.c:218
gsasl_property_set
_GSASL_API int gsasl_property_set(Gsasl_session *sctx, Gsasl_property prop, const char *data)
Definition: property.c:189
gsasl_property_get
_GSASL_API const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:292
GSASL_AUTHZID
@ GSASL_AUTHZID
Definition: gsasl.h:225
GSASL_SAML20_IDP_IDENTIFIER
@ GSASL_SAML20_IDP_IDENTIFIER
Definition: gsasl.h:244
GSASL_VALIDATE_SAML20
@ GSASL_VALIDATE_SAML20
Definition: gsasl.h:258
GSASL_SAML20_REDIRECT_URL
@ GSASL_SAML20_REDIRECT_URL
Definition: gsasl.h:245
_gsasl_parse_gs2_header
int _gsasl_parse_gs2_header(const char *data, size_t len, char **authzid, size_t *headerlen)
Definition: mechtools.c:97
_gsasl_saml20_server_start
int _gsasl_saml20_server_start(Gsasl_session *sctx _GL_UNUSED, void **mech_data)
Definition: saml20/server.c:43
_gsasl_saml20_server_step
int _gsasl_saml20_server_step(Gsasl_session *sctx, void *mech_data, const char *input, size_t input_len, char **output, size_t *output_len)
Definition: saml20/server.c:57
_gsasl_saml20_server_finish
void _gsasl_saml20_server_finish(Gsasl_session *sctx _GL_UNUSED, void *mech_data)
Definition: saml20/server.c:141
Gsasl_session
Definition: internal.h:49
saml20_server_state
Definition: saml20/server.c:38
saml20_server_state::step
int step
Definition: saml20/server.c:39
Generated by doxygen 1.9.1