mirror of
https://github.com/inverse-inc/sogo.git
synced 2026-05-27 06:15:26 +00:00
This commit is contained in:
Ludovic Marcotte
@@ -1,8 +1,6 @@
|
||||
/* SOGoCASSession.h - this file is part of SOGo
|
||||
*
|
||||
* Copyright (C) 2010 Inverse inc.
|
||||
*
|
||||
* Author: Wolfgang Sourdeau <wsourdeau@inverse.ca>
|
||||
* Copyright (C) 2010-2014 Inverse inc.
|
||||
*
|
||||
* This file is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -1,8 +1,6 @@
|
||||
/* SOGoCASSession.m - this file is part of SOGo
|
||||
*
|
||||
* Copyright (C) 2010 Inverse inc.
|
||||
*
|
||||
* Author: Wolfgang Sourdeau <wsourdeau@inverse.ca>
|
||||
* Copyright (C) 2010-2014 Inverse inc.
|
||||
*
|
||||
* This file is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
@@ -132,6 +132,7 @@
|
||||
- (NSDictionary *) saml2LoginDumpsForIdentifier: (NSString *) identifier;
|
||||
- (void) setSaml2LoginDumps: (NSDictionary *) dump
|
||||
forIdentifier: (NSString *) identifier;
|
||||
- (void) removeSAML2LoginDumpsForIdentifier: (NSString *) identifier;
|
||||
|
||||
//
|
||||
// ACL caching support
|
||||
|
||||
@@ -673,11 +673,13 @@ static memcached_st *handle = NULL;
|
||||
{
|
||||
key = [NSString stringWithFormat: @"cas-ticket:%@", ticket];
|
||||
[self removeValueForKey: key];
|
||||
[self debugWithFormat: @"Removed session: %@", session];
|
||||
[self debugWithFormat: @"Removed CAS session: %@", session];
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// SAML2 support
|
||||
//
|
||||
- (NSDictionary *) saml2LoginDumpsForIdentifier: (NSString *) identifier
|
||||
{
|
||||
NSString *key, *jsonString;
|
||||
@@ -698,6 +700,16 @@ static memcached_st *handle = NULL;
|
||||
[self setValue: [dump jsonRepresentation] forKey: key];
|
||||
}
|
||||
|
||||
- (void) removeSAML2LoginDumpsForIdentifier: (NSString *) identifier
|
||||
{
|
||||
NSString *key;
|
||||
|
||||
key = [NSString stringWithFormat: @"saml2-login:%@", identifier];
|
||||
|
||||
[self removeValueForKey: key];
|
||||
[self debugWithFormat: @"Removed SAML2 session for identifier: %@", identifier];
|
||||
}
|
||||
|
||||
//
|
||||
// ACL caching code
|
||||
//
|
||||
|
||||
@@ -37,8 +37,12 @@
|
||||
NSString *login;
|
||||
NSString *identifier;
|
||||
NSString *assertion;
|
||||
NSString *identity;
|
||||
NSString *session;
|
||||
}
|
||||
|
||||
+ (LassoServer *) lassoServerInContext: (WOContext *) context;
|
||||
|
||||
+ (NSString *) metadataInContext: (WOContext *) context
|
||||
certificate: (NSString *) certificate;
|
||||
|
||||
@@ -54,6 +58,8 @@
|
||||
- (NSString *) login;
|
||||
- (NSString *) identifier;
|
||||
- (NSString *) assertion;
|
||||
- (NSString *) identity;
|
||||
- (NSString *) session;
|
||||
|
||||
@end
|
||||
|
||||
|
||||
@@ -105,8 +105,7 @@ static NSMapTable *serverTable = nil;
|
||||
lasso_init ();
|
||||
}
|
||||
|
||||
static LassoServer *
|
||||
LassoServerInContext (WOContext *context)
|
||||
+ (LassoServer *) lassoServerInContext: (WOContext *) context
|
||||
{
|
||||
NSString *urlString, *metadata, *filename, *keyContent, *certContent,
|
||||
*idpKeyFilename, *idpCertFilename;
|
||||
@@ -170,7 +169,7 @@ LassoServerInContext (WOContext *context)
|
||||
NSString *url;
|
||||
GList *providers;
|
||||
|
||||
server = LassoServerInContext (context);
|
||||
server = [SOGoSAML2Session lassoServerInContext: context];
|
||||
tempLogin = lasso_login_new (server);
|
||||
|
||||
providers = g_hash_table_get_keys (server->providers);
|
||||
@@ -239,6 +238,8 @@ LassoServerInContext (WOContext *context)
|
||||
login = nil;
|
||||
identifier = nil;
|
||||
assertion = nil;
|
||||
identity = nil;
|
||||
session = nil;
|
||||
}
|
||||
|
||||
return self;
|
||||
@@ -350,7 +351,7 @@ LassoServerInContext (WOContext *context)
|
||||
|
||||
if ((self = [self init]))
|
||||
{
|
||||
server = LassoServerInContext (context);
|
||||
server = [SOGoSAML2Session lassoServerInContext: context];
|
||||
lassoLogin = lasso_login_new (server);
|
||||
if (saml2Dump)
|
||||
{
|
||||
@@ -358,12 +359,17 @@ LassoServerInContext (WOContext *context)
|
||||
ASSIGN (login, [saml2Dump objectForKey: @"login"]);
|
||||
ASSIGN (identifier, [saml2Dump objectForKey: @"identifier"]);
|
||||
ASSIGN (assertion, [saml2Dump objectForKey: @"assertion"]);
|
||||
dump = [[saml2Dump objectForKey: @"identity"] UTF8String];
|
||||
|
||||
ASSIGN(identity, [saml2Dump objectForKey: @"identity"]);
|
||||
dump = [identity UTF8String];
|
||||
if (dump)
|
||||
lasso_profile_set_identity_from_dump (profile, dump);
|
||||
dump = [[saml2Dump objectForKey: @"session"] UTF8String];
|
||||
|
||||
ASSIGN (session, [saml2Dump objectForKey: @"session"]);
|
||||
dump = [session UTF8String];
|
||||
if (dump)
|
||||
lasso_profile_set_session_from_dump (profile, dump);
|
||||
|
||||
lasso_login_accept_sso (lassoLogin);
|
||||
// if (rc)
|
||||
// [NSException raiseSAML2Exception: rc];
|
||||
@@ -381,6 +387,9 @@ LassoServerInContext (WOContext *context)
|
||||
[login release];
|
||||
[identifier release];
|
||||
[assertion release];
|
||||
[identity release];
|
||||
[session release];
|
||||
|
||||
[super dealloc];
|
||||
}
|
||||
|
||||
@@ -433,13 +442,23 @@ LassoServerInContext (WOContext *context)
|
||||
return assertion;
|
||||
}
|
||||
|
||||
- (NSString *) identity
|
||||
{
|
||||
return identity;
|
||||
}
|
||||
|
||||
- (NSString *) session
|
||||
{
|
||||
return session;
|
||||
}
|
||||
|
||||
- (void) processAuthnResponse: (NSString *) authnResponse
|
||||
{
|
||||
lasso_error_t rc;
|
||||
gchar *responseData, *dump;
|
||||
LassoProfile *profile;
|
||||
LassoIdentity *identity;
|
||||
LassoSession *session;
|
||||
LassoIdentity *lasso_identity;
|
||||
LassoSession *lasso_session;
|
||||
NSString *nsDump;
|
||||
NSMutableDictionary *saml2Dump;
|
||||
|
||||
@@ -463,22 +482,22 @@ LassoServerInContext (WOContext *context)
|
||||
|
||||
profile = LASSO_PROFILE (lassoLogin);
|
||||
|
||||
session = lasso_profile_get_session (profile);
|
||||
if (session)
|
||||
lasso_session = lasso_profile_get_session (profile);
|
||||
if (lasso_session)
|
||||
{
|
||||
dump = lasso_session_dump (session);
|
||||
dump = lasso_session_dump (lasso_session);
|
||||
nsDump = [NSString stringWithUTF8String: dump];
|
||||
[saml2Dump setObject: nsDump forKey: @"session"];
|
||||
lasso_session_destroy (session);
|
||||
lasso_session_destroy (lasso_session);
|
||||
}
|
||||
|
||||
identity = lasso_profile_get_identity (profile);
|
||||
if (identity)
|
||||
lasso_identity = lasso_profile_get_identity (profile);
|
||||
if (lasso_identity)
|
||||
{
|
||||
dump = lasso_identity_dump (identity);
|
||||
dump = lasso_identity_dump (lasso_identity);
|
||||
nsDump = [NSString stringWithUTF8String: dump];
|
||||
[saml2Dump setObject: nsDump forKey: @"identity"];
|
||||
lasso_identity_destroy (identity);
|
||||
lasso_identity_destroy (lasso_identity);
|
||||
}
|
||||
|
||||
[[SOGoCache sharedCache] setSaml2LoginDumps: saml2Dump
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
/* SOGoWebAuthenticator.m - this file is part of SOGo
|
||||
*
|
||||
* Copyright (C) 2007-2013 Inverse inc.
|
||||
* Copyright (C) 2007-2014 Inverse inc.
|
||||
*
|
||||
* This file is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
||||
Reference in New Issue
Block a user