From 4b8a14e41eaf7ba43259eb4dce9e1c20c23e7603 Mon Sep 17 00:00:00 2001 From: Wolfgang Sourdeau Date: Tue, 6 Nov 2012 10:46:40 -0500 Subject: [PATCH] Make use of SAML2 assertion as IMAP password --- SoObjects/SOGo/SOGoWebAuthenticator.m | 29 ++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/SoObjects/SOGo/SOGoWebAuthenticator.m b/SoObjects/SOGo/SOGoWebAuthenticator.m index 521349742..48bf6d2c5 100644 --- a/SoObjects/SOGo/SOGoWebAuthenticator.m +++ b/SoObjects/SOGo/SOGoWebAuthenticator.m @@ -34,8 +34,10 @@ #import #import #import +#import #import #import +#import #import #import @@ -242,16 +244,18 @@ forURL: (NSURL *) server forceRenew: (BOOL) renew { - NSString *password, *service, *scheme; - SOGoCASSession *session; - SOGoSystemDefaults *sd; + NSString *authType, *password; password = [self passwordInContext: context]; if ([password length]) { - sd = [SOGoSystemDefaults sharedSystemDefaults]; - if ([[sd authenticationType] isEqualToString: @"cas"]) + authType = [[SOGoSystemDefaults sharedSystemDefaults] + authenticationType]; + if ([authType isEqualToString: @"cas"]) { + SOGoCASSession *session; + NSString *service, *scheme; + session = [SOGoCASSession CASSessionWithIdentifier: password fromProxy: NO]; @@ -269,6 +273,21 @@ if ([password length] || renew) [session updateCache]; } +#if defined(SAML2_CONFIG) + else if ([authType isEqualToString: @"saml2"]) + { + SOGoSAML2Session *session; + WOContext *context; + NSData *assertion; + + context = [[WOApplication application] context]; + session = [SOGoSAML2Session SAML2SessionWithIdentifier: password + inContext: context]; + assertion = [[session assertion] + dataUsingEncoding: NSUTF8StringEncoding]; + password = [[assertion gzip] stringByEncodingBase64]; + } +#endif } return password;