![]() | ![]() | ![]() | Lasso Reference Manual | ![]() |
---|
LassoLogoutLassoLogout — Single Logout Profile |
#include <lasso/lasso.h> LassoLogout; LassoLogout* lasso_logout_new (LassoServer *server); LassoLogout* lasso_logout_new_from_dump (LassoServer *server, constgchar *dump);gint lasso_logout_build_request_msg (LassoLogout *logout);gint lasso_logout_build_response_msg (LassoLogout *logout);void lasso_logout_destroy (LassoLogout *logout);gchar * lasso_logout_dump (LassoLogout *logout);gchar * lasso_logout_get_next_providerID (LassoLogout *logout);gint lasso_logout_init_request (LassoLogout *logout,gchar *remote_providerID, LassoHttpMethod request_method);gint lasso_logout_process_request_msg (LassoLogout *logout,gchar *request_msg);gint lasso_logout_process_response_msg (LassoLogout *logout,gchar *response_msg);gint lasso_logout_reset_providerID_index (LassoLogout *logout);gint lasso_logout_validate_request (LassoLogout *logout);
LassoLogout* lasso_logout_new (LassoServer *server);
Creates a new LassoLogout.
server : | the LassoServer |
Returns : | a newly created LassoLogout object; or NULL if an error occured |
LassoLogout* lasso_logout_new_from_dump (LassoServer *server, constgchar *dump);
Restores the dump
to a new LassoLogout.
server : | the LassoServer |
dump : | XML logout dump |
Returns : | a newly created LassoLogout; or NULL if an error occured |
gint lasso_logout_build_request_msg (LassoLogout *logout);
Builds the logout request message.
It gets the HTTP method retrieved to send the request and:
if it is a SOAP method, then it builds the logout request SOAP message,
sets the msg_body attribute, gets the single logout service url and sets
msg_url
in the logout object.
if it is a HTTP-Redirect method, then it builds the logout request QUERY
message, builds the logout request url, sets msg_url
in the logout
request url, sets msg_body
to NULL.
If private key and certificate are set in server object it will also signs the message (either with X509 if SOAP or with a simple signature for query strings).
logout : | a LassoLogout |
Returns : | 0 on success; or a negative value otherwise. |
gint lasso_logout_build_response_msg (LassoLogout *logout);
Builds the logout response message.
It gets the request message method and:
if it is a SOAP method, then it builds the logout response SOAP message,
sets the msg_body attribute, gets the single logout service return url
and sets msg_url
in the logout object.
if it is a HTTP-Redirect method, then it builds the logout response QUERY message,
builds the logout response url, sets msg_url
with the logout response url,
sets msg_body
to NULL
If private key and certificate are set in server object it will also signs the message (either with X509 if SOAP or with a simple signature for query strings).
logout : | a LassoLogout |
Returns : | 0 on success; or a negative value otherwise. |
void lasso_logout_destroy (LassoLogout *logout);
Destroys a logout object.
logout : | a LassoLogout |
gchar * lasso_logout_dump (LassoLogout *logout);
Dumps logout
content to an XML string.
logout : | a LassoLogout |
Returns : | the dump string. It must be freed by the caller. |
gchar * lasso_logout_get_next_providerID (LassoLogout *logout);
Returns the provider id from providerID_index in list of providerIDs in principal session with the exception of initial service provider ID.
logout : | a LassoLogout |
Returns : | a newly allocated string or NULL |
gint lasso_logout_init_request (LassoLogout *logout,gchar *remote_providerID, LassoHttpMethod request_method);
Initializes a new lib:LogoutRequest.
logout : | a LassoLogout |
remote_providerID : | the providerID of the identity provider. If NULL the first identity provider is used. |
request_method : | if set, then it get the protocol profile in metadata corresponding of this HTTP request method. |
Returns : | 0 on success; or a negative value otherwise. |
gint lasso_logout_process_request_msg (LassoLogout *logout,gchar *request_msg);
Processes a lib:LogoutRequest message. Rebuilds a request object from the message and optionally verifies its signature.
logout : | a LassoLogout |
request_msg : | the logout request message |
Returns : | 0 on success; or a negative value otherwise. |
gint lasso_logout_process_response_msg (LassoLogout *logout,gchar *response_msg);
Parses the response message and builds the response object.
Checks the status code value and if it is not success, then if the local provider is a Service Provider and response method is SOAP, then builds a new logout request message for HTTP Redirect / GET method and returns the error code LASSO_LOGOUT_ERROR_UNSUPPORTED_PROFILE.
If it is a SOAP method or, IDP type and http method is Redirect/GET, then removes assertion.
If local server is an Identity Provider and if there is no more assertion (Identity Provider has logged out every Service Providers), then restores the initial response.
logout : | a LassoLogout |
response_msg : | the response message |
Returns : | 0 on success; or a negative value otherwise. |
gint lasso_logout_reset_providerID_index (LassoLogout *logout);
Reset the providerID_index attribute (set to 0).
logout : | a LassoLogout |
Returns : | 0 on success; or a negative value otherwise. |
gint lasso_logout_validate_request (LassoLogout *logout);
logout : | a LassoLogout |
Returns : | 0 on success; or a negative value otherwise. |
<< LassoLecp | LassoDefederation >> |