X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml1%2Fcore%2FAssertions.h;h=6c5fa78d6a87137ba1f484001d3618350b0c94b4;hb=04482c5c0e5fac5b688b0d23713526a15c51bd31;hp=23cb0ef07a1178ed5893c4fd3b2bd187af01469f;hpb=096d14037ebd2271f8e116d13f742be853435816;p=shibboleth%2Fcpp-opensaml.git diff --git a/saml/saml1/core/Assertions.h b/saml/saml1/core/Assertions.h index 23cb0ef..6c5fa78 100644 --- a/saml/saml1/core/Assertions.h +++ b/saml/saml1/core/Assertions.h @@ -1,58 +1,68 @@ -/* - * Copyright 2001-2006 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. + * + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ /** - * @file Assertions.h - * - * XMLObjects representing the SAML 1.x Assertions schema + * @file saml/saml1/core/Assertions.h + * + * XMLObjects representing the SAML 1.x Assertions schema. */ -#ifndef __saml_assertions_h__ -#define __saml_assertions_h__ +#ifndef __saml1_assertions_h__ +#define __saml1_assertions_h__ -#include +#include #include + #include -#include -#include -#include -#include -#include -#include +#include #define DECL_SAML1OBJECTBUILDER(cname) \ - DECL_XMLOBJECTBUILDER(SAML_API,cname,opensaml::SAMLConstants::SAML1_NS,opensaml::SAMLConstants::SAML1_PREFIX) + DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML1_NS,samlconstants::SAML1_PREFIX) + +namespace xmltooling { + class XMLTOOL_API DateTime; +}; + +namespace xmlsignature { + class XMLTOOL_API KeyInfo; + class XMLTOOL_API Signature; +}; namespace opensaml { /** - * @namespace saml1 - * SAML 1.x class namespace + * @namespace opensaml::saml1 + * SAML 1.x assertion namespace */ namespace saml1 { - + + // Forward references class SAML_API Assertion; - - DECL_XMLOBJECT_SIMPLE(SAML_API,AssertionIDReference,Reference,SAML 1.x AssertionIDReference element); - DECL_XMLOBJECT_SIMPLE(SAML_API,Audience,Uri,SAML 1.x Audience element); + + DECL_XMLOBJECT_SIMPLE(SAML_API,AssertionIDReference,AssertionID,SAML 1.x AssertionIDReference element); + DECL_XMLOBJECT_SIMPLE(SAML_API,Audience,AudienceURI,SAML 1.x Audience element); DECL_XMLOBJECT_SIMPLE(SAML_API,ConfirmationMethod,Method,SAML 1.x ConfirmationMethod element); - + BEGIN_XMLOBJECT(SAML_API,Condition,xmltooling::XMLObject,SAML 1.x Condition element); END_XMLOBJECT; - + BEGIN_XMLOBJECT(SAML_API,AudienceRestrictionCondition,Condition,SAML 1.x AudienceRestrictionCondition element); DECL_TYPED_CHILDREN(Audience); /** AudienceRestrictionConditionType local name */ @@ -65,8 +75,8 @@ namespace opensaml { END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,Conditions,xmltooling::XMLObject,SAML 1.x Conditions element); - DECL_XMLOBJECT_ATTRIB(NotBefore,NOTBEFORE,xmltooling::DateTime); - DECL_XMLOBJECT_ATTRIB(NotOnOrAfter,NOTONORAFTER,xmltooling::DateTime); + DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE); + DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER); DECL_TYPED_CHILDREN(AudienceRestrictionCondition); DECL_TYPED_CHILDREN(DoNotCacheCondition); DECL_TYPED_CHILDREN(Condition); @@ -74,22 +84,41 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,NameIdentifier,xmltooling::SimpleElement,SAML 1.x NameIdentifier element); + BEGIN_XMLOBJECT(SAML_API,NameIdentifier,xmltooling::XMLObject,SAML 1.x NameIdentifier element); DECL_STRING_ATTRIB(NameQualifier,NAMEQUALIFIER); DECL_STRING_ATTRIB(Format,FORMAT); + DECL_SIMPLE_CONTENT(Name); /** NameIdentifierType local name */ static const XMLCh TYPE_NAME[]; + /** Unspecified name format ID */ + static const XMLCh UNSPECIFIED[]; + /** Email address name format ID */ + static const XMLCh EMAIL[]; + /** X.509 subject name format ID */ + static const XMLCh X509_SUBJECT[]; + /** Windows domain qualified name format ID */ + static const XMLCh WIN_DOMAIN_QUALIFIED[]; END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,SubjectConfirmationData,xmltooling::ElementProxy,SAML 1.x SubjectConfirmationData element); END_XMLOBJECT; - + BEGIN_XMLOBJECT(SAML_API,SubjectConfirmation,xmltooling::XMLObject,SAML 1.x SubjectConfirmation element); DECL_TYPED_CHILDREN(ConfirmationMethod); DECL_XMLOBJECT_CHILD(SubjectConfirmationData); DECL_TYPED_FOREIGN_CHILD(KeyInfo,xmlsignature); /** SubjectConfirmationType local name */ static const XMLCh TYPE_NAME[]; + /** Deprecated SAML 1.0 Artifact confirmation method */ + static const XMLCh ARTIFACT01[]; + /** Artifact confirmation method */ + static const XMLCh ARTIFACT[]; + /** Bearer confirmation method */ + static const XMLCh BEARER[]; + /** Holder of key confirmation method */ + static const XMLCh HOLDER_KEY[]; + /** Sender vouches confirmation method */ + static const XMLCh SENDER_VOUCHES[]; END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,Subject,xmltooling::XMLObject,SAML 1.x Subject element); @@ -109,7 +138,7 @@ namespace opensaml { BEGIN_XMLOBJECT(SAML_API,SubjectLocality,xmltooling::XMLObject,SAML 1.x SubjectLocality element); DECL_STRING_ATTRIB(IPAddress,IPADDRESS); DECL_STRING_ATTRIB(DNSAddress,DNSADDRESS); - /** SubjectLocality local name */ + /** SubjectLocalityType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; @@ -117,7 +146,7 @@ namespace opensaml { DECL_XMLOBJECT_ATTRIB(AuthorityKind,AUTHORITYKIND,xmltooling::QName); DECL_STRING_ATTRIB(Location,LOCATION); DECL_STRING_ATTRIB(Binding,BINDING); - /** AuthorityBinding local name */ + /** AuthorityBindingType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; @@ -126,54 +155,186 @@ namespace opensaml { DECL_DATETIME_ATTRIB(AuthenticationInstant,AUTHENTICATIONINSTANT); DECL_TYPED_CHILD(SubjectLocality); DECL_TYPED_CHILDREN(AuthorityBinding); - /** AuthenticationStatement local name */ + /** AuthenticationStatementType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,Action,xmltooling::XMLObject,SAML 1.x Action element); + DECL_STRING_ATTRIB(Namespace,NAMESPACE); + DECL_SIMPLE_CONTENT(Action); + /** ActionType local name */ + static const XMLCh TYPE_NAME[]; + /** Read/Write/Execute/Delete/Control Action Namespace */ + static const XMLCh RWEDC_NEG_ACTION_NAMESPACE[]; + /** Read/Write/Execute/Delete/Control with Negation Action Namespace */ + static const XMLCh RWEDC_ACTION_NAMESPACE[]; + /** Get/Head/Put/Post Action Namespace */ + static const XMLCh GHPP_ACTION_NAMESPACE[]; + /** UNIX File Permissions Action Namespace */ + static const XMLCh UNIX_ACTION_NAMESPACE[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,Evidence,xmltooling::XMLObject,SAML 1.x Evidence element); + DECL_TYPED_CHILDREN(AssertionIDReference); + DECL_TYPED_CHILDREN(Assertion); + /** EvidenceType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,AuthorizationDecisionStatement,SubjectStatement,SAML 1.x AuthorizationDecisionStatement element); + DECL_STRING_ATTRIB(Resource,RESOURCE); + DECL_STRING_ATTRIB(Decision,DECISION); + DECL_TYPED_CHILDREN(Action); + DECL_TYPED_CHILD(Evidence); + /** AuthorizationDecisionStatementType local name */ + static const XMLCh TYPE_NAME[]; + /** Permit Decision */ + static const XMLCh DECISION_PERMIT[]; + /** Deny Decision */ + static const XMLCh DECISION_DENY[]; + /** Indeterminate Decision */ + static const XMLCh DECISION_INDETERMINATE[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,AttributeDesignator,xmltooling::XMLObject,SAML 1.x AttributeDesignator element); + DECL_STRING_ATTRIB(AttributeName,ATTRIBUTENAME); + DECL_STRING_ATTRIB(AttributeNamespace,ATTRIBUTENAMESPACE); + /** AttributeDesignatorType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,Attribute,AttributeDesignator,SAML 1.x Attribute element); + DECL_XMLOBJECT_CHILDREN(AttributeValue); + /** AttributeType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,AttributeValue,xmltooling::ElementProxy,SAML 1.x AttributeValue element); + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,AttributeStatement,SubjectStatement,SAML 1.x AttributeStatement element); + DECL_TYPED_CHILDREN(Attribute); + /** AttributeStatementType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,Advice,xmltooling::XMLObject,SAML 1.x Advice element); + BEGIN_XMLOBJECT(SAML_API,Advice,xmltooling::ElementExtensibleXMLObject,SAML 1.x Advice element); DECL_TYPED_CHILDREN(AssertionIDReference); DECL_TYPED_CHILDREN(Assertion); - DECL_XMLOBJECT_CHILDREN(Other); /** AdviceType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,Assertion,xmltooling::XMLObject,SAML 1.x Assertion element); + BEGIN_XMLOBJECT(SAML_API,Assertion,opensaml::Assertion,SAML 1.x Assertion element); DECL_INTEGER_ATTRIB(MinorVersion,MINORVERSION); DECL_STRING_ATTRIB(AssertionID,ASSERTIONID); DECL_STRING_ATTRIB(Issuer,ISSUER); - DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT); + DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT); DECL_TYPED_CHILD(Conditions); DECL_TYPED_CHILD(Advice); DECL_TYPED_CHILDREN(Statement); DECL_TYPED_CHILDREN(SubjectStatement); DECL_TYPED_CHILDREN(AuthenticationStatement); - DECL_TYPED_FOREIGN_CHILD(Signature,xmlsignature); + DECL_TYPED_CHILDREN(AttributeStatement); + DECL_TYPED_CHILDREN(AuthorizationDecisionStatement); /** AssertionType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; + DECL_SAML1OBJECTBUILDER(Action); DECL_SAML1OBJECTBUILDER(Advice); DECL_SAML1OBJECTBUILDER(Assertion); DECL_SAML1OBJECTBUILDER(AssertionIDReference); + DECL_SAML1OBJECTBUILDER(Attribute); + DECL_SAML1OBJECTBUILDER(AttributeDesignator); + DECL_SAML1OBJECTBUILDER(AttributeStatement); + DECL_SAML1OBJECTBUILDER(AttributeValue); DECL_SAML1OBJECTBUILDER(Audience); DECL_SAML1OBJECTBUILDER(AudienceRestrictionCondition); DECL_SAML1OBJECTBUILDER(AuthenticationStatement); + DECL_SAML1OBJECTBUILDER(AuthorizationDecisionStatement); DECL_SAML1OBJECTBUILDER(AuthorityBinding); - DECL_SAML1OBJECTBUILDER(DoNotCacheCondition); DECL_SAML1OBJECTBUILDER(Conditions); DECL_SAML1OBJECTBUILDER(ConfirmationMethod); + DECL_SAML1OBJECTBUILDER(DoNotCacheCondition); + DECL_SAML1OBJECTBUILDER(Evidence); DECL_SAML1OBJECTBUILDER(NameIdentifier); DECL_SAML1OBJECTBUILDER(Subject); DECL_SAML1OBJECTBUILDER(SubjectConfirmation); DECL_SAML1OBJECTBUILDER(SubjectConfirmationData); DECL_SAML1OBJECTBUILDER(SubjectLocality); - + + /** + * Builder for Condition extension objects. + * + * This is customized to force the schema type to be specified. + */ + class SAML_API ConditionBuilder : public xmltooling::XMLObjectBuilder { + public: + virtual ~ConditionBuilder() {} + /** Builder that allows element/type override. */ +#ifdef HAVE_COVARIANT_RETURNS + virtual Condition* buildObject( +#else + virtual xmltooling::XMLObject* buildObject( +#endif + const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr + ) const; + + /** Singleton builder. */ + static Condition* buildCondition(const xmltooling::QName& schemaType) { + const ConditionBuilder* b = dynamic_cast( + XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML1_NS,Condition::LOCAL_NAME)) + ); + if (b) { +#ifdef HAVE_COVARIANT_RETURNS + return b->buildObject(samlconstants::SAML1_NS, Condition::LOCAL_NAME, samlconstants::SAML1_PREFIX, &schemaType); +#else + return dynamic_cast(b->buildObject(samlconstants::SAML1_NS, Condition::LOCAL_NAME, samlconstants::SAML1_PREFIX, &schemaType)); +#endif + } + throw xmltooling::XMLObjectException("Unable to obtain typed builder for Condition."); + } + }; + + /** + * Builder for Statement extension objects. + * + * This is customized to force the schema type to be specified. + */ + class SAML_API StatementBuilder : public xmltooling::XMLObjectBuilder { + public: + virtual ~StatementBuilder() {} + /** Builder that allows element/type override. */ +#ifdef HAVE_COVARIANT_RETURNS + virtual Statement* buildObject( +#else + virtual xmltooling::XMLObject* buildObject( +#endif + const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr + ) const; + + /** Singleton builder. */ + static Statement* buildStatement(const xmltooling::QName& schemaType) { + const StatementBuilder* b = dynamic_cast( + XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML1_NS,Statement::LOCAL_NAME)) + ); + if (b) { +#ifdef HAVE_COVARIANT_RETURNS + return b->buildObject(samlconstants::SAML1_NS, Statement::LOCAL_NAME, samlconstants::SAML1_PREFIX, &schemaType); +#else + return dynamic_cast(b->buildObject(samlconstants::SAML1_NS, Statement::LOCAL_NAME, samlconstants::SAML1_PREFIX, &schemaType)); +#endif + } + throw xmltooling::XMLObjectException("Unable to obtain typed builder for Statement."); + } + }; + /** - * Registers builders and validators for Assertion classes into the runtime. + * Registers builders and validators for SAML 1.x Assertion classes into the runtime. */ void SAML_API registerAssertionClasses(); }; }; -#endif /* __saml_assertions_h__ */ +#endif /* __saml1_assertions_h__ */