-------------------------------------------------------------------------------- -- SAML2 Middleware for WAI -- -------------------------------------------------------------------------------- -- This source code is licensed under the MIT license found in the LICENSE -- -- file in the root directory of this source tree. -- -------------------------------------------------------------------------------- -- | A high-level interface to XML canonicalisation for the purpose of -- SAML2 signature validation. module Network.Wai.SAML2.C14N ( canonicalise ) where -------------------------------------------------------------------------------- import qualified Data.ByteString as BS import Data.Text (Text) import qualified Data.Text.Encoding as T import Foreign.C.Types import Text.XML.C14N -------------------------------------------------------------------------------- -- | 'canonicalise' @prefixList@ @xml@ produces a canonical representation of @xml@ -- while retaining namespaces matching @prefixList@. canonicalise :: [Text] -> BS.ByteString -> IO BS.ByteString canonicalise :: [Text] -> ByteString -> IO ByteString canonicalise [Text] prefixList ByteString xml = [CInt] -> CInt -> [ByteString] -> Bool -> Maybe ByteString -> ByteString -> IO ByteString c14n [CInt] c14nOpts CInt c14n_exclusive_1_0 (forall a b. (a -> b) -> [a] -> [b] map Text -> ByteString T.encodeUtf8 [Text] prefixList) Bool False forall a. Maybe a Nothing ByteString xml -- | The options we want to use for canonicalisation of XML documents. c14nOpts :: [CInt] c14nOpts :: [CInt] c14nOpts = [ CInt xml_opt_noent , CInt xml_opt_dtdload , CInt xml_opt_dtdattr -- disable network access , CInt xml_opt_nonet -- compact small text nodes, this has no effect on the rendered output , CInt xml_opt_compact -- suppress standard output; the function will still fail if -- something goes wrong, but the reason won't be reported , CInt xml_opt_noerror , CInt xml_opt_nowarning ] --------------------------------------------------------------------------------