/usr/include/shibsp/handler/SessionInitiator.h is in libshibsp-dev 2.6.0+dfsg1-4+deb9u1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 | /**
* Licensed to the University Corporation for Advanced Internet
* Development, Inc. (UCAID) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for
* additional information regarding copyright ownership.
*
* UCAID licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the
* License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the specific
* language governing permissions and limitations under the License.
*/
/**
* @file shibsp/handler/SessionInitiator.h
*
* Pluggable runtime functionality that handles initiating sessions.
*/
#ifndef __shibsp_sesinitiator_h__
#define __shibsp_sesinitiator_h__
#include <shibsp/handler/Handler.h>
#include <map>
#include <set>
#include <string>
namespace shibsp {
class SHIBSP_API AuthnRequestEvent;
/**
* Pluggable runtime functionality that handles initiating sessions.
*
* <p>By default, SessionInitiators look for an entityID on the incoming request
* and pass control to the specialized run method.
*/
class SHIBSP_API SessionInitiator : public virtual Handler
{
friend void SHIBSP_API registerSessionInitiators();
protected:
/** Property remapper for configuration compatibility. */
static std::map<std::string,std::string> m_remapper;
/** Set of optional settings supported by handler. */
std::set<std::string> m_supportedOptions;
SessionInitiator();
/**
* Examines the request and applicable settings to determine whether
* the handler is able to support the request.
* <p>If the handler is within a chain, the method will return false,
* otherwise an exception will be raised.
*
* @param request SP request context
* @param isHandler true iff executing in the context of a direct handler invocation
* @return true iff the request appears to be compatible
*/
bool checkCompatibility(SPRequest& request, bool isHandler) const;
#ifndef SHIBSP_LITE
/**
* Creates a new AuthnRequestEvent for the event log.
*
* @param application the Application associated with the event
* @param request the HTTP client request associated with the event, or nullptr
* @return a fresh AuthnRequestEvent, prepopulated by the input parameters, or nullptr if an error occurs
*/
virtual AuthnRequestEvent* newAuthnRequestEvent(
const Application& application, const xmltooling::HTTPRequest* request=nullptr
) const;
#endif
public:
virtual ~SessionInitiator();
/**
* Indicates the set of optional settings supported by the handler.
*
* @return a set of the optional settings supported
*/
virtual const std::set<std::string>& getSupportedOptions() const;
/**
* Executes an incoming request.
*
* <p>SessionInitiators can be run either directly by incoming web requests
* or indirectly/implicitly during other SP processing.
*
* @param request SP request context
* @param entityID the name of an IdP to request a session from, if known
* @param isHandler true iff executing in the context of a direct handler invocation
* @return a pair containing a "request completed" indicator and a server-specific response code
*/
virtual std::pair<bool,long> run(SPRequest& request, std::string& entityID, bool isHandler=true) const=0;
std::pair<bool,long> run(SPRequest& request, bool isHandler=true) const;
#ifndef SHIBSP_LITE
const char* getType() const;
void generateMetadata(opensaml::saml2md::SPSSODescriptor& role, const char* handlerURL) const;
/**
* Generates RequestInitiator metadata when instructed. Allows subclasses to decide whether it's
* appropriate to do so instead of requiring them to override the method to stop it.
*
* @param role role object to inject metadata into
* @param handlerURL base of endpoint to generate metadata with
*/
void doGenerateMetadata(opensaml::saml2md::SPSSODescriptor& role, const char* handlerURL) const;
#endif
const char* getEventType() const;
};
/** Registers SessionInitiator implementations. */
void SHIBSP_API registerSessionInitiators();
/** SessionInitiator that iterates through a set of protocol-specific versions. */
#define CHAINING_SESSION_INITIATOR "Chaining"
/** SessionInitiator that supports SAML 2.0 AuthnRequests. */
#define SAML2_SESSION_INITIATOR "SAML2"
/** SessionInitiator that supports SAML Discovery Service protocol. */
#define SAMLDS_SESSION_INITIATOR "SAMLDS"
/** SessionInitiator that supports Shibboleth V1 AuthnRequest redirects. */
#define SHIB1_SESSION_INITIATOR "Shib1"
/** SessionInitiator that supports Shibboleth V1 WAYF redirects when no IdP is supplied. */
#define WAYF_SESSION_INITIATOR "WAYF"
/** SessionInitiator that attempts a sequence of transforms of an input until an entityID is found. */
#define TRANSFORM_SESSION_INITIATOR "Transform"
/** SessionInitiator that uses HTML form submission from the user. */
#define FORM_SESSION_INITIATOR "Form"
/** SessionInitiator that reads the CDC. */
#define COOKIE_SESSION_INITIATOR "Cookie"
};
#endif /* __shibsp_sesinitiator_h__ */
|