LassoLibAssertion

LassoLibAssertion — <lib:Assertion>

Functions

Types and Values

Description

Authentication assertions provided in an AuthnResponse element MUST be of type AssertionType, which is an extension of saml:AssertionType, so that the RequestID attribute from the original AuthnRequest MAY be included in the InResponseTo attribute in the Assertion element. This is done because it is not required that the AuthnResponse element itself be signed. Instead, the individual Assertion elements contained MUST each be signed. Note that it is optional for the InResponseTo to be present. Its absence indicates that the AuthnResponse has been unilaterally sent by the identity provider without a corresponding AuthnRequest message from the service provider. If the attribute is present, it MUST be set to the RequestID of the original AuthnRequest.

Figure 1. Schema fragment for lib:Assertion

<xs:element name="Assertion" type="AssertionType" substitutionGroup="saml:Assertion" />
<xs:complexType name="AssertionType">
  <xs:complexContent>
    <xs:extension base="saml:AssertionType">
      <xs:attribute name="InResponseTo" type="xs:NCName" use="optional"/>
    </xs:extension>
  </xs:complexContent>
</xs:complexType>

Functions

lasso_lib_assertion_new ()

LassoLibAssertion *
lasso_lib_assertion_new (void);

Creates a new LassoLibAssertion object.

Returns

a newly created LassoLibAssertion object


lasso_lib_assertion_new_full ()

LassoLibAssertion *
lasso_lib_assertion_new_full (const char *issuer,
                              const char *requestID,
                              const char *audience,
                              const char *notBefore,
                              const char *notOnOrAfter);

Creates a new LassoLibAssertion object and initializes its Issuer, InResponseTo, AudienceRestrictionCondition, notBefore and notOnOrAfter fields or attributes.

Parameters

issuer

the issuer entityID string

 

requestID:(allow-none)

the identifier of the request which initiated the creation of this assertion

 

audience:(allow-none)

the entityID of the receiver of this assertion

 

notBefore

a timestamp formatted as iso-8601

 

notOnOrAfter

a timestamp formatted as iso-8601

 

Returns

a newly created LassoLibAssertion object

Types and Values

struct LassoLibAssertion

struct LassoLibAssertion {
	LassoSamlAssertion parent;

	char *InResponseTo;
};