search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
svc: re-factor sipe_svc_ab_entry_request()
[siplcs.git] / src / core / sipe-svc.c
blobb3a65ef80ffca3eb3f580a13e57fd186f1fde38b
1 /**
2 * @file sipe-svc.c
3 *
4 * pidgin-sipe
5 *
6 * Copyright (C) 2011-2014 SIPE Project <http://sipe.sourceforge.net/>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 *
23 *
24 * Specification references:
25 *
26 * - [MS-SIPAE]: http://msdn.microsoft.com/en-us/library/cc431510.aspx
27 * - [MS-OCAUTHWS]: http://msdn.microsoft.com/en-us/library/ff595592.aspx
28 * - MS Tech-Ed Europe 2010 "UNC310: Microsoft Lync 2010 Technology Explained"
29 * http://ecn.channel9.msdn.com/o9/te/Europe/2010/pptx/unc310.pptx
30 */
31
32 #include <stdlib.h>
33 #include <string.h>
34
35 #include <glib.h>
36
37 #include "sipe-common.h"
38 #include "sipe-backend.h"
39 #include "sipe-core.h"
40 #include "sipe-core-private.h"
41 #include "sipe-http.h"
42 #include "sipe-svc.h"
43 #include "sipe-tls.h"
44 #include "sipe-utils.h"
45 #include "sipe-xml.h"
46 #include "uuid.h"
47
48 /* forward declaration */
49 struct svc_request;
50 typedef void (svc_callback)(struct sipe_core_private *sipe_private,
51 struct svc_request *data,
52 const gchar *raw,
53 sipe_xml *xml);
54
55 struct svc_request {
56 svc_callback *internal_cb;
57 sipe_svc_callback *cb;
58 gpointer *cb_data;
59 struct sipe_http_request *request;
60 gchar *uri;
61 };
62
63 struct sipe_svc {
64 GSList *pending_requests;
65 gboolean shutting_down;
66 };
67
68 struct sipe_svc_session {
69 struct sipe_http_session *session;
70 };
71
72 static void sipe_svc_request_free(struct sipe_core_private *sipe_private,
73 struct svc_request *data)
74 {
75 if (data->request)
76 sipe_http_request_cancel(data->request);
77 if (data->cb)
78 /* Callback: aborted */
79 (*data->cb)(sipe_private, NULL, NULL, NULL, data->cb_data);
80 g_free(data->uri);
81 g_free(data);
82 }
83
84 void sipe_svc_free(struct sipe_core_private *sipe_private)
85 {
86 struct sipe_svc *svc = sipe_private->svc;
87 if (!svc)
88 return;
89
90 /* Web Service stack is shutting down: reject all new requests */
91 svc->shutting_down = TRUE;
92
93 if (svc->pending_requests) {
94 GSList *entry = svc->pending_requests;
95 while (entry) {
96 sipe_svc_request_free(sipe_private, entry->data);
97 entry = entry->next;
98 }
99 g_slist_free(svc->pending_requests);
100 }
101
102 g_free(svc);
103 sipe_private->svc = NULL;
104 }
105
106 static void sipe_svc_init(struct sipe_core_private *sipe_private)
107 {
108 if (sipe_private->svc)
109 return;
110
111 sipe_private->svc = g_new0(struct sipe_svc, 1);
112 }
113
114 struct sipe_svc_session *sipe_svc_session_start(void)
115 {
116 struct sipe_svc_session *session = g_new0(struct sipe_svc_session, 1);
117 session->session = sipe_http_session_start();
118 return(session);
119 }
120
121 void sipe_svc_session_close(struct sipe_svc_session *session)
122 {
123 if (session) {
124 sipe_http_session_close(session->session);
125 g_free(session);
126 }
127 }
128
129 static void sipe_svc_https_response(struct sipe_core_private *sipe_private,
130 guint status,
131 SIPE_UNUSED_PARAMETER GSList *headers,
132 const gchar *body,
133 gpointer callback_data)
134 {
135 struct svc_request *data = callback_data;
136 struct sipe_svc *svc = sipe_private->svc;
137
138 SIPE_DEBUG_INFO("sipe_svc_https_response: code %d", status);
139 data->request = NULL;
140
141 if ((status == SIPE_HTTP_STATUS_OK) && body) {
142 sipe_xml *xml = sipe_xml_parse(body, strlen(body));
143 /* Internal callback: success */
144 (*data->internal_cb)(sipe_private, data, body, xml);
145 sipe_xml_free(xml);
146 } else {
147 /* Internal callback: failed */
148 (*data->internal_cb)(sipe_private, data, NULL, NULL);
149 }
150
151 /* Internal callback has already called this */
152 data->cb = NULL;
153
154 svc->pending_requests = g_slist_remove(svc->pending_requests,
155 data);
156 sipe_svc_request_free(sipe_private, data);
157 }
158
159 /**
160 * Send GET request when @c body is NULL, otherwise send POST request
161 *
162 * @param content_type MIME type for body content (ignored when body is @c NULL)
163 * @param soap_action SOAP action header value (ignored when body is @c NULL)
164 * @param body body contents (may be @c NULL)
165 */
166 static gboolean sipe_svc_https_request(struct sipe_core_private *sipe_private,
167 struct sipe_svc_session *session,
168 const gchar *uri,
169 const gchar *content_type,
170 const gchar *soap_action,
171 const gchar *body,
172 svc_callback *internal_callback,
173 sipe_svc_callback *callback,
174 gpointer callback_data)
175 {
176 struct svc_request *data = g_new0(struct svc_request, 1);
177 struct sipe_http_request *request = NULL;
178 struct sipe_svc *svc;
179
180 sipe_svc_init(sipe_private);
181 svc = sipe_private->svc;
182
183 if (svc->shutting_down) {
184 SIPE_DEBUG_ERROR("sipe_svc_https_request: new Web Service request during shutdown: THIS SHOULD NOT HAPPEN! Debugging information:\n"
185 "URI: %s\n"
186 "Action: %s\n"
187 "Body: %s\n",
188 uri,
189 soap_action ? soap_action : "<NONE>",
190 body ? body : "<EMPTY>");
191 } else {
192 if (body) {
193 gchar *headers = g_strdup_printf("SOAPAction: \"%s\"\r\n",
194 soap_action);
195
196 request = sipe_http_request_post(sipe_private,
197 uri,
198 headers,
199 body,
200 content_type,
201 sipe_svc_https_response,
202 data);
203 g_free(headers);
204
205 } else {
206 request = sipe_http_request_get(sipe_private,
207 uri,
208 NULL,
209 sipe_svc_https_response,
210 data);
211 }
212 }
213
214 if (request) {
215 data->internal_cb = internal_callback;
216 data->cb = callback;
217 data->cb_data = callback_data;
218 data->request = request;
219 data->uri = g_strdup(uri);
220
221 svc->pending_requests = g_slist_prepend(svc->pending_requests,
222 data);
223
224 sipe_http_request_session(request, session->session);
225 sipe_http_request_ready(request);
226
227 } else {
228 SIPE_DEBUG_ERROR("failed to create HTTP connection to %s", uri);
229 g_free(data);
230 }
231
232 return(request != NULL);
233 }
234
235 static gboolean sipe_svc_wsdl_request(struct sipe_core_private *sipe_private,
236 struct sipe_svc_session *session,
237 const gchar *uri,
238 const gchar *additional_ns,
239 const gchar *soap_action,
240 const gchar *wsse_security,
241 const gchar *soap_body,
242 const gchar *content_type,
243 svc_callback *internal_callback,
244 sipe_svc_callback *callback,
245 gpointer callback_data)
246 {
247 /* Only generate SOAP header if we have a security token */
248 gchar *soap_header = wsse_security ?
249 g_strdup_printf("<soap:Header>"
250 " <wsa:To>%s</wsa:To>"
251 " <wsa:ReplyTo>"
252 " <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>"
253 " </wsa:ReplyTo>"
254 " <wsa:Action>%s</wsa:Action>"
255 " <wsse:Security>%s</wsse:Security>"
256 "</soap:Header>",
257 uri,
258 soap_action,
259 wsse_security) :
260 g_strdup("");
261 gchar *body = g_strdup_printf("<?xml version=\"1.0\"?>\r\n"
262 "<soap:Envelope %s"
263 " xmlns:auth=\"http://schemas.xmlsoap.org/ws/2006/12/authorization\""
264 " xmlns:wsa=\"http://www.w3.org/2005/08/addressing\""
265 " xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\""
266 " xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\""
267 " xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\""
268 " >"
269 "%s"
270 " <soap:Body>%s</soap:Body>"
271 "</soap:Envelope>",
272 additional_ns,
273 soap_header,
274 soap_body);
275
276 gboolean ret = sipe_svc_https_request(sipe_private,
277 session,
278 uri,
279 content_type ? content_type : "text/xml",
280 soap_action,
281 body,
282 internal_callback,
283 callback,
284 callback_data);
285 g_free(soap_header);
286 g_free(body);
287
288 return(ret);
289 }
290
291 static gboolean new_soap_req(struct sipe_core_private *sipe_private,
292 struct sipe_svc_session *session,
293 const gchar *uri,
294 const gchar *soap_action,
295 const gchar *wsse_security,
296 const gchar *soap_body,
297 svc_callback *internal_callback,
298 sipe_svc_callback *callback,
299 gpointer callback_data)
300 {
301 return(sipe_svc_wsdl_request(sipe_private,
302 session,
303 uri,
304 "xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" "
305 "xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" "
306 "xmlns:wst=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512\"",
307 soap_action,
308 wsse_security,
309 soap_body,
310 NULL,
311 internal_callback,
312 callback,
313 callback_data));
314 }
315
316 static void sipe_svc_wsdl_response(struct sipe_core_private *sipe_private,
317 struct svc_request *data,
318 const gchar *raw,
319 sipe_xml *xml)
320 {
321 if (xml) {
322 /* Callback: success */
323 (*data->cb)(sipe_private, data->uri, raw, xml, data->cb_data);
324 } else {
325 /* Callback: failed */
326 (*data->cb)(sipe_private, data->uri, NULL, NULL, data->cb_data);
327 }
328 }
329
330 gboolean sipe_svc_get_and_publish_cert(struct sipe_core_private *sipe_private,
331 struct sipe_svc_session *session,
332 const gchar *uri,
333 const gchar *wsse_security,
334 const gchar *certreq,
335 sipe_svc_callback *callback,
336 gpointer callback_data)
337 {
338 struct sipe_tls_random id;
339 gchar *id_base64;
340 gchar *id_uuid;
341 gchar *uuid = get_uuid(sipe_private);
342 gchar *soap_body;
343 gboolean ret;
344
345 /* random request ID */
346 sipe_tls_fill_random(&id, 256);
347 id_base64 = g_base64_encode(id.buffer, id.length);
348 sipe_tls_free_random(&id);
349 id_uuid = generateUUIDfromEPID(id_base64);
350 g_free(id_base64);
351
352 soap_body = g_strdup_printf("<GetAndPublishCert"
353 " xmlns=\"http://schemas.microsoft.com/OCS/AuthWebServices/\""
354 " xmlns:wst=\"http://docs.oasis-open.org/ws-sx/ws-trust/200512/\""
355 " xmlns:wstep=\"http://schemas.microsoft.com/windows/pki/2009/01/enrollment\""
356 " DeviceId=\"{%s}\""
357 " Entity=\"%s\""
358 ">"
359 " <wst:RequestSecurityToken>"
360 " <wst:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wst:TokenType>"
361 " <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>"
362 " <wsse:BinarySecurityToken"
363 " ValueType=\"http://schemas.microsoft.com/OCS/AuthWebServices.xsd#PKCS10\""
364 " EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#Base64Binary\""
365 " >\r\n%s</wsse:BinarySecurityToken>"
366 " <wstep:RequestID>%s</wstep:RequestID>"
367 " </wst:RequestSecurityToken>"
368 "</GetAndPublishCert>",
369 uuid,
370 sipe_private->username,
371 certreq,
372 id_uuid);
373 g_free(id_uuid);
374 g_free(uuid);
375
376 ret = new_soap_req(sipe_private,
377 session,
378 uri,
379 "http://schemas.microsoft.com/OCS/AuthWebServices/GetAndPublishCert",
380 wsse_security,
381 soap_body,
382 sipe_svc_wsdl_response,
383 callback,
384 callback_data);
385 g_free(soap_body);
386
387 return(ret);
388 }
389
390 gboolean sipe_svc_ab_entry_request(struct sipe_core_private *sipe_private,
391 struct sipe_svc_session *session,
392 const gchar *uri,
393 const gchar *wsse_security,
394 const gchar *search,
395 guint max_returns,
396 sipe_svc_callback *callback,
397 gpointer callback_data)
398 {
399 gboolean ret;
400 gchar *soap_body = g_strdup_printf("<SearchAbEntry"
401 " xmlns=\"DistributionListExpander\""
402 " xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\""
403 " xmlns:soapenc=\"http://schemas.xmlsoap.org/soap/encoding/\""
404 ">"
405 " <AbEntryRequest>"
406 " %s"
407 " <Metadata>"
408 " <FromDialPad>false</FromDialPad>"
409 " <MaxResultNum>%d</MaxResultNum>"
410 " <ReturnList>displayName,msRTCSIP-PrimaryUserAddress,title,telephoneNumber,homePhone,mobile,otherTelephone,mail,company,country,photoRelPath,photoSize,photoHash</ReturnList>"
411 " </Metadata>"
412 " </AbEntryRequest>"
413 "</SearchAbEntry>",
414 search,
415 max_returns);
416
417 ret = new_soap_req(sipe_private,
418 session,
419 uri,
420 "DistributionListExpander/IAddressBook/SearchAbEntry",
421 wsse_security,
422 soap_body,
423 sipe_svc_wsdl_response,
424 callback,
425 callback_data);
426 g_free(soap_body);
427
428 return(ret);
429 }
430
431 /* Requests to login.microsoftonline.com & ADFS */
432 static gboolean request_passport(struct sipe_core_private *sipe_private,
433 struct sipe_svc_session *session,
434 const gchar *service_uri,
435 const gchar *auth_uri,
436 const gchar *wsse_security,
437 const gchar *content_type,
438 const gchar *request_extension,
439 sipe_svc_callback *callback,
440 gpointer callback_data)
441 {
442 gchar *soap_body = g_strdup_printf("<wst:RequestSecurityToken>"
443 " <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>"
444 " <wsp:AppliesTo>"
445 " <wsa:EndpointReference>"
446 " <wsa:Address>%s</wsa:Address>"
447 " </wsa:EndpointReference>"
448 " </wsp:AppliesTo>"
449 " %s"
450 "</wst:RequestSecurityToken>",
451 service_uri,
452 request_extension ? request_extension : "");
453
454 gboolean ret = sipe_svc_wsdl_request(sipe_private,
455 session,
456 auth_uri,
457 "xmlns:soap=\"http://www.w3.org/2003/05/soap-envelope\" "
458 "xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\"",
459 "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue",
460 wsse_security,
461 soap_body,
462 content_type,
463 sipe_svc_wsdl_response,
464 callback,
465 callback_data);
466 g_free(soap_body);
467
468 return(ret);
469 }
470
471 static gboolean request_user_password(struct sipe_core_private *sipe_private,
472 struct sipe_svc_session *session,
473 const gchar *service_uri,
474 const gchar *auth_uri,
475 const gchar *content_type,
476 const gchar *request_extension,
477 sipe_svc_callback *callback,
478 gpointer callback_data)
479 {
480 /* Only cleartext passwords seem to be accepted... */
481 gchar *wsse_security = g_markup_printf_escaped("<wsse:UsernameToken>"
482 " <wsse:Username>%s</wsse:Username>"
483 " <wsse:Password>%s</wsse:Password>"
484 "</wsse:UsernameToken>",
485 sipe_private->authuser ? sipe_private->authuser : sipe_private->username,
486 sipe_private->password ? sipe_private->password : "");
487
488 gboolean ret = request_passport(sipe_private,
489 session,
490 service_uri,
491 auth_uri,
492 wsse_security,
493 content_type,
494 request_extension,
495 callback,
496 callback_data);
497 g_free(wsse_security);
498
499 return(ret);
500 }
501
502 gboolean sipe_svc_webticket_adfs(struct sipe_core_private *sipe_private,
503 struct sipe_svc_session *session,
504 const gchar *adfs_uri,
505 sipe_svc_callback *callback,
506 gpointer callback_data)
507 {
508 return(request_user_password(sipe_private,
509 session,
510 "urn:federation:MicrosoftOnline",
511 adfs_uri,
512 /* ADFS is special, *sigh* */
513 "application/soap+xml; charset=utf-8",
514 "<wst:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</wst:KeyType>",
515 callback,
516 callback_data));
517 }
518
519 #define LMC_URI "https://login.microsoftonline.com:443/RST2.srf"
520
521 gboolean sipe_svc_webticket_lmc(struct sipe_core_private *sipe_private,
522 struct sipe_svc_session *session,
523 const gchar *service_uri,
524 sipe_svc_callback *callback,
525 gpointer callback_data)
526 {
527 return(request_user_password(sipe_private,
528 session,
529 service_uri,
530 LMC_URI,
531 NULL,
532 NULL,
533 callback,
534 callback_data));
535 }
536
537 gboolean sipe_svc_webticket_lmc_federated(struct sipe_core_private *sipe_private,
538 struct sipe_svc_session *session,
539 const gchar *wsse_security,
540 const gchar *service_uri,
541 sipe_svc_callback *callback,
542 gpointer callback_data)
543 {
544 return(request_passport(sipe_private,
545 session,
546 service_uri,
547 LMC_URI,
548 wsse_security,
549 NULL,
550 NULL,
551 callback,
552 callback_data));
553 }
554
555 gboolean sipe_svc_webticket(struct sipe_core_private *sipe_private,
556 struct sipe_svc_session *session,
557 const gchar *uri,
558 const gchar *wsse_security,
559 const gchar *service_uri,
560 const struct sipe_tls_random *entropy,
561 sipe_svc_callback *callback,
562 gpointer callback_data)
563 {
564 gchar *uuid = get_uuid(sipe_private);
565 gchar *secret = g_base64_encode(entropy->buffer, entropy->length);
566 gchar *soap_body = g_strdup_printf("<wst:RequestSecurityToken Context=\"%s\">"
567 " <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</wst:TokenType>"
568 " <wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>"
569 " <wsp:AppliesTo>"
570 " <wsa:EndpointReference>"
571 " <wsa:Address>%s</wsa:Address>"
572 " </wsa:EndpointReference>"
573 " </wsp:AppliesTo>"
574 " <wst:Claims Dialect=\"urn:component:Microsoft.Rtc.WebAuthentication.2010:authclaims\">"
575 " <auth:ClaimType Uri=\"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uri\" Optional=\"false\">"
576 " <auth:Value>sip:%s</auth:Value>"
577 " </auth:ClaimType>"
578 " </wst:Claims>"
579 " <wst:Entropy>"
580 " <wst:BinarySecret>%s</wst:BinarySecret>"
581 " </wst:Entropy>"
582 " <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>"
583 "</wst:RequestSecurityToken>",
584 uuid,
585 service_uri,
586 sipe_private->username,
587 secret);
588
589 gboolean ret = new_soap_req(sipe_private,
590 session,
591 uri,
592 "http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue",
593 wsse_security,
594 soap_body,
595 sipe_svc_wsdl_response,
596 callback,
597 callback_data);
598 g_free(soap_body);
599 g_free(secret);
600 g_free(uuid);
601
602 return(ret);
603 }
604
605 static void sipe_svc_metadata_response(struct sipe_core_private *sipe_private,
606 struct svc_request *data,
607 const gchar *raw,
608 sipe_xml *xml)
609 {
610 if (xml) {
611 /* Callback: success */
612 (*data->cb)(sipe_private, data->uri, raw, xml, data->cb_data);
613 } else {
614 /* Callback: failed */
615 (*data->cb)(sipe_private, data->uri, NULL, NULL, data->cb_data);
616 }
617 }
618
619 gboolean sipe_svc_realminfo(struct sipe_core_private *sipe_private,
620 struct sipe_svc_session *session,
621 sipe_svc_callback *callback,
622 gpointer callback_data)
623 {
624 /*
625 * For some users RealmInfo response is different for authuser and
626 * username. Use authuser, but only if it looks like "user@domain".
627 */
628 gchar *realminfo_uri = g_strdup_printf("https://login.microsoftonline.com/getuserrealm.srf?login=%s&xml=1",
629 sipe_private->authuser && strchr(sipe_private->authuser, '@') ?
630 sipe_private->authuser : sipe_private->username);
631 gboolean ret = sipe_svc_https_request(sipe_private,
632 session,
633 realminfo_uri,
634 NULL,
635 NULL,
636 NULL,
637 sipe_svc_metadata_response,
638 callback,
639 callback_data);
640 g_free(realminfo_uri);
641 return(ret);
642 }
643
644 gboolean sipe_svc_metadata(struct sipe_core_private *sipe_private,
645 struct sipe_svc_session *session,
646 const gchar *uri,
647 sipe_svc_callback *callback,
648 gpointer callback_data)
649 {
650 gchar *mex_uri = g_strdup_printf("%s/mex", uri);
651 gboolean ret = sipe_svc_https_request(sipe_private,
652 session,
653 mex_uri,
654 NULL,
655 NULL,
656 NULL,
657 sipe_svc_metadata_response,
658 callback,
659 callback_data);
660 g_free(mex_uri);
661 return(ret);
662 }
663
664 /*
665 Local Variables:
666 mode: c
667 c-file-style: "bsd"
668 indent-tabs-mode: t
669 tab-width: 8
670 End:
671 */
A third-party Pidgin plugin for Microsoft LCS/OCS