2 * Copyright 2001-2006 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file saml/saml2/core/Protocols.h
20 * XMLObjects representing the SAML 2.0 Protocols schema
23 #ifndef __saml2_protocols_h__
24 #define __saml2_protocols_h__
26 #include <saml/saml2/core/Assertions.h>
28 #define DECL_SAML2POBJECTBUILDER(cname) \
29 DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML20P_NS,samlconstants::SAML20P_PREFIX)
34 * @namespace opensaml::saml2p
35 * SAML 2.0 protocol namespace
39 DECL_XMLOBJECT_SIMPLE(SAML_API,Artifact,Artifact,SAML 2.0 Artifact element);
40 DECL_XMLOBJECT_SIMPLE(SAML_API,GetComplete,GetComplete,SAML 2.0 GetComplete element);
41 DECL_XMLOBJECT_SIMPLE(SAML_API,NewID,NewID,SAML 2.0 NewID element);
42 DECL_XMLOBJECT_SIMPLE(SAML_API,RequesterID,RequesterID,SAML 2.0 RequesterID element);
43 DECL_XMLOBJECT_SIMPLE(SAML_API,SessionIndex,SessionIndex,SAML 2.0 SessionIndex element);
44 DECL_XMLOBJECT_SIMPLE(SAML_API,StatusMessage,Message,SAML 2.0 StatusMessage element);
46 DECL_XMLOBJECT_SIMPLE(SAML_API,RespondTo,Name,SAML 2.0 third-party request RespondTo extension element);
48 BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementExtensibleXMLObject,SAML 2.0 protocol Extensions element);
49 /** ExtensionsType local name */
50 static const XMLCh TYPE_NAME[];
53 BEGIN_XMLOBJECT(SAML_API,RequestAbstractType,saml2::RootObject,SAML 2.0 RequestAbstractType base type);
54 DECL_INHERITED_STRING_ATTRIB(ID,ID);
55 DECL_INHERITED_STRING_ATTRIB(Version,VER);
56 DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
57 DECL_STRING_ATTRIB(Destination,DESTINATION);
58 DECL_STRING_ATTRIB(Consent,CONSENT);
59 DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
60 DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
61 DECL_TYPED_CHILD(Extensions);
62 /** RequestAbstractType local name */
63 static const XMLCh TYPE_NAME[];
66 BEGIN_XMLOBJECT(SAML_API,StatusCode,xmltooling::XMLObject,SAML 2.0 StatusCode element);
67 DECL_STRING_ATTRIB(Value,VALUE);
68 DECL_TYPED_CHILD(StatusCode);
69 /** StatusCodeType local name */
70 static const XMLCh TYPE_NAME[];
73 * @name StatusCode Value Attribute URI Reference Constants
75 * SAML 2.0 Core, section 3.2.2.2, predefines several URI
76 * references for use in the Value attribue of the StatusCode
77 * element. Other values may be defined elsewhere.
80 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Success' */
81 static const XMLCh SUCCESS[];
82 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Requester' */
83 static const XMLCh REQUESTER[];
84 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Responder' */
85 static const XMLCh RESPONDER[];
86 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch' */
87 static const XMLCh VERSION_MISMATCH[];
88 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:AuthnFailed' */
89 static const XMLCh AUTHN_FAILED[];
90 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue' */
91 static const XMLCh INVALID_ATTR_NAME_OR_VALUE[];
92 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy' */
93 static const XMLCh INVALID_NAMEID_POLICY[];
94 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext' */
95 static const XMLCh NO_AUTHN_CONTEXT[];
96 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP' */
97 static const XMLCh NO_AVAILABLE_IDP[];
98 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoPassive' */
99 static const XMLCh NO_PASSIVE[];
100 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP' */
101 static const XMLCh NO_SUPPORTED_IDP[];
102 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout' */
103 static const XMLCh PARTIAL_LOGOUT[];
104 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded' */
105 static const XMLCh PROXY_COUNT_EXCEEDED[];
106 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestDenied' */
107 static const XMLCh REQUEST_DENIED[];
108 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported' */
109 static const XMLCh REQUEST_UNSUPPORTED[];
110 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated' */
111 static const XMLCh REQUEST_VERSION_DEPRECATED[];
112 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh' */
113 static const XMLCh REQUEST_VERSION_TOO_HIGH[];
114 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow' */
115 static const XMLCh REQUEST_VERSION_TOO_LOW[];
116 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized' */
117 static const XMLCh RESOURCE_NOT_RECOGNIZED[];
118 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:TooManyResponses' */
119 static const XMLCh TOO_MANY_RESPONSES[];
120 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile' */
121 static const XMLCh UNKNOWN_ATTR_PROFILE[];
122 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal' */
123 static const XMLCh UNKNOWN_PRINCIPAL[];
124 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding' */
125 static const XMLCh UNSUPPORTED_BINDING[];
129 BEGIN_XMLOBJECT(SAML_API,StatusDetail,xmltooling::ElementExtensibleXMLObject,SAML 2.0 StatusDetail element);
130 /** StatusDetailType local name */
131 static const XMLCh TYPE_NAME[];
134 BEGIN_XMLOBJECT(SAML_API,Status,xmltooling::XMLObject,SAML 2.0 Status element);
135 DECL_TYPED_CHILD(StatusCode);
136 DECL_TYPED_CHILD(StatusMessage);
137 DECL_TYPED_CHILD(StatusDetail);
138 /** StatusType local name */
139 static const XMLCh TYPE_NAME[];
142 BEGIN_XMLOBJECT(SAML_API,StatusResponseType,saml2::RootObject,SAML 2.0 StatusResponseType base type);
143 DECL_INHERITED_STRING_ATTRIB(ID,ID);
144 DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
145 DECL_INHERITED_STRING_ATTRIB(Version,VER);
146 DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
147 DECL_STRING_ATTRIB(Destination,DESTINATION);
148 DECL_STRING_ATTRIB(Consent,CONSENT);
149 DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
150 DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
151 DECL_TYPED_CHILD(Extensions);
152 DECL_TYPED_CHILD(Status);
153 /** StatusResponseType local name */
154 static const XMLCh TYPE_NAME[];
157 BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,RequestAbstractType,SAML 2.0 AssertionIDRequest element);
158 DECL_TYPED_FOREIGN_CHILDREN(AssertionIDRef,saml2);
159 /** AssertionIDRequest local name */
160 static const XMLCh TYPE_NAME[];
163 BEGIN_XMLOBJECT(SAML_API,SubjectQuery,RequestAbstractType,SAML 2.0 SubjectQuery abstract element);
164 DECL_TYPED_FOREIGN_CHILD(Subject,saml2);
165 /** SubjectQueryAbstractType local name */
166 static const XMLCh TYPE_NAME[];
169 BEGIN_XMLOBJECT(SAML_API,RequestedAuthnContext,xmltooling::XMLObject,SAML 2.0 RequestedAuthnContext element);
170 //TODO whether, and how, to enforce the controlled vocabulary (schema enumeration) for the Comparison attrib, as in the Java ?
171 DECL_STRING_ATTRIB(Comparison,COMPARISON);
172 DECL_TYPED_FOREIGN_CHILDREN(AuthnContextClassRef,saml2);
173 DECL_TYPED_FOREIGN_CHILDREN(AuthnContextDeclRef,saml2);
174 /** RequestedAuthnContextType local name */
175 static const XMLCh TYPE_NAME[];
178 * @name RequestedAuthnContext Comparison Attribute Constants
180 * These are the allowed values for the Comparison attribute of
181 * the RequestedAuthnContext element, as defined by SAML 2.0 Core.
184 /** 'exact' Comparison */
185 static const XMLCh COMPARISON_EXACT[];
186 /** 'minimum' Comparison */
187 static const XMLCh COMPARISON_MINIMUM[];
188 /** 'maximum' Comparison */
189 static const XMLCh COMPARISON_MAXIMUM[];
190 /** 'better' Comparison */
191 static const XMLCh COMPARISON_BETTER[];
195 BEGIN_XMLOBJECT(SAML_API,AuthnQuery,SubjectQuery,SAML 2.0 AuthnQuery element);
196 DECL_STRING_ATTRIB(SessionIndex,SESSIONINDEX);
197 DECL_TYPED_CHILD(RequestedAuthnContext);
198 /** AuthnQueryType local name */
199 static const XMLCh TYPE_NAME[];
202 BEGIN_XMLOBJECT(SAML_API,AttributeQuery,SubjectQuery,SAML 2.0 AttributeQuery element);
203 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
204 /** AttributeQueryType local name */
205 static const XMLCh TYPE_NAME[];
208 BEGIN_XMLOBJECT(SAML_API,AuthzDecisionQuery,SubjectQuery,SAML 2.0 AuthzDecisionQuery element);
209 DECL_STRING_ATTRIB(Resource,RESOURCE);
210 DECL_TYPED_FOREIGN_CHILDREN(Action,saml2);
211 DECL_TYPED_FOREIGN_CHILD(Evidence,saml2);
212 /** AuthzDecisionQueryType local name */
213 static const XMLCh TYPE_NAME[];
216 BEGIN_XMLOBJECT(SAML_API,NameIDPolicy,xmltooling::XMLObject,SAML 2.0 NameIDPolicy element);
217 DECL_STRING_ATTRIB(Format,FORMAT);
218 DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER);
219 DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE,false);
220 /** NameIDPolicyType local name */
221 static const XMLCh TYPE_NAME[];
224 BEGIN_XMLOBJECT(SAML_API,IDPEntry,xmltooling::XMLObject,SAML2.0 IDPEntry element);
225 DECL_STRING_ATTRIB(ProviderID,PROVIDERID);
226 DECL_STRING_ATTRIB(Name,NAME);
227 DECL_STRING_ATTRIB(Loc,LOC);
228 /** IDPEntryType local name */
229 static const XMLCh TYPE_NAME[];
232 BEGIN_XMLOBJECT(SAML_API,IDPList,xmltooling::XMLObject,SAML 2.0 IDPList element);
233 DECL_TYPED_CHILDREN(IDPEntry);
234 DECL_TYPED_CHILD(GetComplete);
235 /** IDPListType local name */
236 static const XMLCh TYPE_NAME[];
239 BEGIN_XMLOBJECT(SAML_API,Scoping,xmltooling::XMLObject,SAML 2.0 Scoping element);
240 DECL_INTEGER_ATTRIB(ProxyCount,PROXYCOUNT);
241 DECL_TYPED_CHILD(IDPList);
242 DECL_TYPED_CHILDREN(RequesterID);
243 /** ScopingType local name */
244 static const XMLCh TYPE_NAME[];
247 BEGIN_XMLOBJECT(SAML_API,AuthnRequest,RequestAbstractType,SAML 2.0 AuthnRequest element);
248 DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN,false);
249 DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE,false);
250 DECL_STRING_ATTRIB(ProtocolBinding,PROTOCOLBINDING);
251 DECL_INTEGER_ATTRIB(AssertionConsumerServiceIndex,ASSERTIONCONSUMERSERVICEINDEX);
252 DECL_STRING_ATTRIB(AssertionConsumerServiceURL,ASSERTIONCONSUMERSERVICEURL);
253 DECL_INTEGER_ATTRIB(AttributeConsumingServiceIndex,ATTRIBUTECONSUMINGSERVICEINDEX);
254 DECL_STRING_ATTRIB(ProviderName,PROVIDERNAME);
256 DECL_TYPED_FOREIGN_CHILD(Subject,saml2);
257 DECL_TYPED_CHILD(NameIDPolicy);
258 DECL_TYPED_FOREIGN_CHILD(Conditions,saml2);
259 DECL_TYPED_CHILD(RequestedAuthnContext);
260 DECL_TYPED_CHILD(Scoping);
261 /** AuthnRequestType local name */
262 static const XMLCh TYPE_NAME[];
265 BEGIN_XMLOBJECT(SAML_API,Response,StatusResponseType,SAML 2.0 Response element);
266 DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
267 DECL_TYPED_FOREIGN_CHILDREN(EncryptedAssertion,saml2);
268 /** ResponseType local name */
269 static const XMLCh TYPE_NAME[];
272 BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,RequestAbstractType,SAML 2.0 ArtifactResolve element);
273 DECL_TYPED_CHILD(Artifact);
274 /** ArtifiactResolveType local name */
275 static const XMLCh TYPE_NAME[];
278 BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponseType,SAML 2.0 ArtifactResponse element);
279 DECL_XMLOBJECT_CHILD(Payload);
280 /** ArtifiactResponseType local name */
281 static const XMLCh TYPE_NAME[];
284 BEGIN_XMLOBJECT(SAML_API,Terminate,xmltooling::XMLObject,SAML 2.0 Terminate element);
285 /** TerminateType local name */
286 static const XMLCh TYPE_NAME[];
289 BEGIN_XMLOBJECT(SAML_API,NewEncryptedID,saml2::EncryptedElementType,SAML 2.0 NewEncryptedID element);
292 BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,RequestAbstractType,SAML 2.0 ManageNameIDRequest element);
293 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
294 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
295 DECL_TYPED_CHILD(NewID);
296 DECL_TYPED_CHILD(NewEncryptedID);
297 DECL_TYPED_CHILD(Terminate);
298 /** ManageNameIDRequestType local name */
299 static const XMLCh TYPE_NAME[];
302 BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponseType,SAML 2.0 ManageNameIDResponse element);
305 BEGIN_XMLOBJECT(SAML_API,LogoutRequest,RequestAbstractType,SAML 2.0 LogoutRequest element);
306 DECL_STRING_ATTRIB(Reason,REASON);
307 DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
308 DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
309 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
310 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
311 DECL_TYPED_CHILDREN(SessionIndex);
313 /** LogoutRequestType local name */
314 static const XMLCh TYPE_NAME[];
317 * @name LogoutRequest Reason URI Constants
319 * URI Constants for the Reason attribute of the LogoutRequest
320 * element as defined by SAML 2.0 Core, section 3.7.3.
323 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:user' */
324 static const XMLCh REASON_USER[];
325 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:admin' */
326 static const XMLCh REASON_ADMIN[];
327 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:global-timeout' */
328 static const XMLCh REASON_GLOBAL_TIMEOUT[];
329 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:sp-timeout' */
330 static const XMLCh REASON_SP_TIMEOUT[];
334 BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponseType,SAML 2.0 LogoutResponse element);
337 BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,RequestAbstractType,SAML 2.0 NameIDMappingRequest element);
338 DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
339 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
340 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
341 DECL_TYPED_CHILD(NameIDPolicy);
342 /** NameIDMappingRequestType local name */
343 static const XMLCh TYPE_NAME[];
346 BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponseType,SAML 2.0 NameIDMappingResponse element);
347 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
348 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
349 /** NameIDMappingResponseType local name */
350 static const XMLCh TYPE_NAME[];
355 DECL_SAML2POBJECTBUILDER(Artifact);
356 DECL_SAML2POBJECTBUILDER(ArtifactResolve);
357 DECL_SAML2POBJECTBUILDER(ArtifactResponse);
358 DECL_SAML2POBJECTBUILDER(AssertionIDRequest);
359 DECL_SAML2POBJECTBUILDER(AttributeQuery);
360 DECL_SAML2POBJECTBUILDER(AuthnQuery);
361 DECL_SAML2POBJECTBUILDER(AuthnRequest);
362 DECL_SAML2POBJECTBUILDER(AuthzDecisionQuery);
363 DECL_SAML2POBJECTBUILDER(Extensions);
364 DECL_SAML2POBJECTBUILDER(GetComplete);
365 DECL_SAML2POBJECTBUILDER(IDPEntry);
366 DECL_SAML2POBJECTBUILDER(IDPList);
367 DECL_SAML2POBJECTBUILDER(LogoutRequest);
368 DECL_SAML2POBJECTBUILDER(LogoutResponse);
369 DECL_SAML2POBJECTBUILDER(ManageNameIDRequest);
370 DECL_SAML2POBJECTBUILDER(ManageNameIDResponse);
371 DECL_SAML2POBJECTBUILDER(NameIDMappingRequest);
372 DECL_SAML2POBJECTBUILDER(NameIDMappingResponse);
373 DECL_SAML2POBJECTBUILDER(NameIDPolicy);
374 DECL_SAML2POBJECTBUILDER(NewEncryptedID);
375 DECL_SAML2POBJECTBUILDER(NewID);
376 DECL_SAML2POBJECTBUILDER(RequestedAuthnContext);
377 DECL_SAML2POBJECTBUILDER(RequesterID);
378 DECL_SAML2POBJECTBUILDER(Response);
379 DECL_SAML2POBJECTBUILDER(Scoping);
380 DECL_SAML2POBJECTBUILDER(SessionIndex);
381 DECL_SAML2POBJECTBUILDER(Status);
382 DECL_SAML2POBJECTBUILDER(StatusCode);
383 DECL_SAML2POBJECTBUILDER(StatusDetail);
384 DECL_SAML2POBJECTBUILDER(StatusMessage);
385 DECL_SAML2POBJECTBUILDER(Terminate);
387 DECL_XMLOBJECTBUILDER(SAML_API,RespondTo,samlconstants::SAML20P_THIRDPARTY_EXT_NS,samlconstants::SAML20P_THIRDPARTY_EXT_PREFIX);
390 * Registers builders and validators for SAML 2.0 Protocol classes into the runtime.
392 void SAML_API registerProtocolClasses();
396 #endif /* __saml2_protocols_h__ */