LassoDefederation

LassoDefederation — Federation Termination Notification Profile (ID-FF)

Functions

Types and Values

Description

The Federation Termination Notification Profiles serves to suppress federations between identity providers and services providers. It can be initiated by any of the partners using Redirect or SOAP binding.

Functions

lasso_defederation_new ()

LassoDefederation *
lasso_defederation_new (LassoServer *server);

Creates a new LassoDefederation.

Parameters

server

the LassoServer

 

Returns

a newly created LassoDefederation object; or NULL if an error occured


lasso_defederation_build_notification_msg ()

lasso_error_t
lasso_defederation_build_notification_msg
                               (LassoDefederation *defederation);

Builds the federation termination notification message.

It gets the federation termination notification protocol profile and:

  • if it is a SOAP method, then it builds the federation termination notification SOAP message, optionally signs the notification node, sets msg_body, gets the SoapEndpoint url and sets msg_url of the federation termination object.

  • if it is a HTTP-Redirect method, then it builds the federation termination notification QUERY message (optionally signs the notification message), builds the federation termination notification url with federation termination service url, sets msg_url in the federation termination object, sets msg_body to NULL.

Parameters

defederation

a LassoDefederation

 

Returns

0 on success; or a negative value otherwise.


lasso_defederation_destroy ()

void
lasso_defederation_destroy (LassoDefederation *defederation);

Destroys a LassoDefederation object.

Parameters

defederation

a LassoDefederation

 

lasso_defederation_init_notification ()

lasso_error_t
lasso_defederation_init_notification (LassoDefederation *defederation,
                                      gchar *remote_providerID,
                                      LassoHttpMethod http_method);

Sets a new federation termination notification to the remote provider id with the provider id of the requester (from the server object) and the name identifier of the federated principal.

Parameters

defederation

a LassoDefederation

 

remote_providerID

the provider id of the federation termination notified provider.

 

http_method

the HTTP method to send the message.

 

Returns

0 on success; or a negative value otherwise.


lasso_defederation_process_notification_msg ()

lasso_error_t
lasso_defederation_process_notification_msg
                               (LassoDefederation *defederation,
                                gchar *notification_msg);

Processes a lib:FederationTerminationNotification message. Rebuilds a request object from the message and optionally verifies its signature.

Set the msg_nameIdentifier attribute with the NameIdentifier content of the notification object and optionally set the msg_relayState attribute with the RelayState content of the notification object.

Parameters

defederation

the federation termination object

 

notification_msg

the federation termination notification message

 

Returns

0 on success; or a negative value otherwise.


lasso_defederation_validate_notification ()

lasso_error_t
lasso_defederation_validate_notification
                               (LassoDefederation *defederation);

Checks notification with regards to message status and principal federations; update them accordingly.

Parameters

defederation

a LassoDefederation

 

Returns

0 on success; or a negative value otherwise.

Types and Values

struct LassoDefederation

struct LassoDefederation {
	LassoProfile parent;
};