X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=saml%2Fsaml2%2Fcore%2FProtocols.h;h=2ab5ab45f61e89c0d8a1d155cc84bf6dbdb291a4;hb=544c9a92232f5a33bb2ad2001ca1f17a85d44bbe;hp=fbd7485ca1e0100ae6a650d2170aa8478f86cdc5;hpb=1bba6a0dd83e3a9fa1cf86879bdb17071daab1c9;p=shibboleth%2Fopensaml2.git diff --git a/saml/saml2/core/Protocols.h b/saml/saml2/core/Protocols.h index fbd7485..2ab5ab4 100644 --- a/saml/saml2/core/Protocols.h +++ b/saml/saml2/core/Protocols.h @@ -37,8 +37,6 @@ namespace opensaml { */ namespace saml2p { - //TODO sync C++ and Java class/interface names, e.g. -Type or no -Type, etc - DECL_XMLOBJECT_SIMPLE(SAML_API,Artifact,Artifact,SAML 2.0 Artifact element); DECL_XMLOBJECT_SIMPLE(SAML_API,GetComplete,GetComplete,SAML 2.0 GetComplete element); DECL_XMLOBJECT_SIMPLE(SAML_API,NewID,NewID,SAML 2.0 NewID element); @@ -46,12 +44,14 @@ namespace opensaml { DECL_XMLOBJECT_SIMPLE(SAML_API,SessionIndex,SessionIndex,SAML 2.0 SessionIndex element); DECL_XMLOBJECT_SIMPLE(SAML_API,StatusMessage,Message,SAML 2.0 StatusMessage element); + DECL_XMLOBJECT_SIMPLE(SAML_API,RespondTo,Name,SAML 2.0 third-party request RespondTo extension element); + BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementProxy,SAML 2.0 protocol Extensions element); /** ExtensionsType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,Request,SignableObject,SAML 2.0 Request element); + BEGIN_XMLOBJECT(SAML_API,RequestAbstractType,SignableObject,SAML 2.0 RequestAbstractType base type); DECL_STRING_ATTRIB(ID,ID); DECL_STRING_ATTRIB(Version,VER); DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT); @@ -69,6 +69,62 @@ namespace opensaml { DECL_TYPED_CHILD(StatusCode); /** StatusCodeType local name */ static const XMLCh TYPE_NAME[]; + + /** + * @name StatusCode Value Attribute URI Reference Constants + * + * SAML 2.0 Core, section 3.2.2.2, predefines several URI + * references for use in the Value attribue of the StatusCode + * element. Other values may be defined elsewhere. + */ + /*@{*/ + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Success' */ + static const XMLCh SUCCESS[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Requester' */ + static const XMLCh REQUESTER[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Responder' */ + static const XMLCh RESPONDER[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch' */ + static const XMLCh VERSION_MISMATCH[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:AuthnFailed' */ + static const XMLCh AUTHN_FAILED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue' */ + static const XMLCh INVALID_ATTR_NAME_OR_VALUE[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy' */ + static const XMLCh INVALID_NAMEID_POLICY[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext' */ + static const XMLCh NO_AUTHN_CONTEXT[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP' */ + static const XMLCh NO_AVAILABLE_IDP[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoPassive' */ + static const XMLCh NO_PASSIVE[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP' */ + static const XMLCh NO_SUPPORTED_IDP[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout' */ + static const XMLCh PARTIAL_LOGOUT[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded' */ + static const XMLCh PROXY_COUNT_EXCEEDED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestDenied' */ + static const XMLCh REQUEST_DENIED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported' */ + static const XMLCh REQUEST_UNSUPPORTED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated' */ + static const XMLCh REQUEST_VERSION_DEPRECATED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh' */ + static const XMLCh REQUEST_VERSION_TOO_HIGH[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow' */ + static const XMLCh REQUEST_VERSION_TOO_LOW[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized' */ + static const XMLCh RESOURCE_NOT_RECOGNIZED[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:TooManyResponses' */ + static const XMLCh TOO_MANY_RESPONSES[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile' */ + static const XMLCh UNKNOWN_ATTR_PROFILE[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal' */ + static const XMLCh UNKNOWN_PRINCIPAL[]; + /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding' */ + static const XMLCh UNSUPPORTED_BINDING[]; + /*@{*/ END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,StatusDetail,xmltooling::XMLObject,SAML 2.0 StatusDetail element); @@ -85,7 +141,7 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,StatusResponse,SignableObject,SAML 2.0 StatusResponse element); + BEGIN_XMLOBJECT(SAML_API,StatusResponseType,SignableObject,SAML 2.0 StatusResponseType base type); DECL_STRING_ATTRIB(ID,ID); DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO); DECL_STRING_ATTRIB(Version,VER); @@ -102,15 +158,15 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,Request,SAML 2.0 AssertionIDRequest element); + BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,RequestAbstractType,SAML 2.0 AssertionIDRequest element); DECL_TYPED_FOREIGN_CHILDREN(AssertionIDRef,saml2); /** AssertionIDRequest local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,SubjectQuery,Request,SAML 2.0 SubjectQuery element); + BEGIN_XMLOBJECT(SAML_API,SubjectQuery,RequestAbstractType,SAML 2.0 SubjectQuery abstract element); DECL_TYPED_FOREIGN_CHILD(Subject,saml2); - /** SubjectQueryType local name */ + /** SubjectQueryAbstractType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; @@ -119,16 +175,26 @@ namespace opensaml { DECL_STRING_ATTRIB(Comparison,COMPARISON); DECL_TYPED_FOREIGN_CHILDREN(AuthnContextClassRef,saml2); DECL_TYPED_FOREIGN_CHILDREN(AuthnContextDeclRef,saml2); - /** exact Comparison */ + + /** RequestedAuthnContextType local name */ + static const XMLCh TYPE_NAME[]; + + /** + * @name RequestedAuthnContext Comparison Attribute Constants + * + * These are the allowed values for the Comparison attribute of + * the RequestedAuthnContext element, as defined by SAML 2.0 Core. + */ + /*@{*/ + /** 'exact' Comparison */ static const XMLCh COMPARISON_EXACT[]; - /** minimum Comparison */ + /** 'minimum' Comparison */ static const XMLCh COMPARISON_MINIMUM[]; - /** maximum Comparison */ + /** 'maximum' Comparison */ static const XMLCh COMPARISON_MAXIMUM[]; - /** better Comparison */ + /** 'better' Comparison */ static const XMLCh COMPARISON_BETTER[]; - /** RequestedAuthnContextType local name */ - static const XMLCh TYPE_NAME[]; + /*@}*/ END_XMLOBJECT; BEGIN_XMLOBJECT(SAML_API,AuthnQuery,SubjectQuery,SAML 2.0 AuthnQuery element); @@ -155,7 +221,7 @@ namespace opensaml { BEGIN_XMLOBJECT(SAML_API,NameIDPolicy,xmltooling::XMLObject,SAML 2.0 NameIDPolicy element); DECL_STRING_ATTRIB(Format,FORMAT); DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER); - DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE); + DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE,false); /** NameIDPolicyType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; @@ -181,13 +247,11 @@ namespace opensaml { DECL_TYPED_CHILDREN(RequesterID); /** ScopingType local name */ static const XMLCh TYPE_NAME[]; - /** ProxyCount value to express no restriction*/ - static const int NO_PROXY_COUNT; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,AuthnRequest,Request,SAML 2.0 AuthnRequest element); - DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN); - DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE); + BEGIN_XMLOBJECT(SAML_API,AuthnRequest,RequestAbstractType,SAML 2.0 AuthnRequest element); + DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN,false); + DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE,false); DECL_STRING_ATTRIB(ProtocolBinding,PROTOCOLBINDING); DECL_INTEGER_ATTRIB(AssertionConsumerServiceIndex,ASSERTIONCONSUMERSERVICEINDEX); DECL_STRING_ATTRIB(AssertionConsumerServiceURL,ASSERTIONCONSUMERSERVICEURL); @@ -203,20 +267,20 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,Response,StatusResponse,SAML 2.0 Response element); + BEGIN_XMLOBJECT(SAML_API,Response,StatusResponseType,SAML 2.0 Response element); DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2); DECL_TYPED_FOREIGN_CHILDREN(EncryptedAssertion,saml2); /** ResponseType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,Request,SAML 2.0 ArtifactResolve element); + BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,RequestAbstractType,SAML 2.0 ArtifactResolve element); DECL_TYPED_CHILD(Artifact); /** ArtifiactResolveType local name */ static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponse,SAML 2.0 ArtifactResponse element); + BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponseType,SAML 2.0 ArtifactResponse element); DECL_XMLOBJECT_CHILD(Payload); /** ArtifiactResponseType local name */ static const XMLCh TYPE_NAME[]; @@ -230,7 +294,7 @@ namespace opensaml { BEGIN_XMLOBJECT(SAML_API,NewEncryptedID,saml2::EncryptedElementType,SAML 2.0 NewEncryptedID element); END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,Request,SAML 2.0 ManageNameIDRequest element); + BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,RequestAbstractType,SAML 2.0 ManageNameIDRequest element); DECL_TYPED_FOREIGN_CHILD(NameID,saml2); DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2); DECL_TYPED_CHILD(NewID); @@ -240,24 +304,42 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponse,SAML 2.0 ManageNameIDResponse element); + BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponseType,SAML 2.0 ManageNameIDResponse element); END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,LogoutRequest,Request,SAML 2.0 LogoutRequest element); + BEGIN_XMLOBJECT(SAML_API,LogoutRequest,RequestAbstractType,SAML 2.0 LogoutRequest element); DECL_STRING_ATTRIB(Reason,REASON); DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER); DECL_TYPED_FOREIGN_CHILD(BaseID,saml2); DECL_TYPED_FOREIGN_CHILD(NameID,saml2); DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2); DECL_TYPED_CHILDREN(SessionIndex); + /** LogoutRequestType local name */ static const XMLCh TYPE_NAME[]; + + /** + * @name LogoutRequest Reason URI Constants + * + * URI Constants for the Reason attribute of the LogoutRequest + * element as defined by SAML 2.0 Core, section 3.7.3. + */ + /*@{*/ + /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:user' */ + static const XMLCh REASON_USER[]; + /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:admin' */ + static const XMLCh REASON_ADMIN[]; + /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:global-timeout' */ + static const XMLCh REASON_GLOBAL_TIMEOUT[]; + /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:sp-timeout' */ + static const XMLCh REASON_SP_TIMEOUT[]; + /*@}*/ END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponse,SAML 2.0 LogoutResponse element); + BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponseType,SAML 2.0 LogoutResponse element); END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,Request,SAML 2.0 NameIDMappingRequest element); + BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,RequestAbstractType,SAML 2.0 NameIDMappingRequest element); DECL_TYPED_FOREIGN_CHILD(BaseID,saml2); DECL_TYPED_FOREIGN_CHILD(NameID,saml2); DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2); @@ -266,7 +348,7 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; - BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponse,SAML 2.0 NameIDMappingResponse element); + BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponseType,SAML 2.0 NameIDMappingResponse element); DECL_TYPED_FOREIGN_CHILD(NameID,saml2); DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2); /** NameIDMappingResponseType local name */ @@ -306,47 +388,13 @@ namespace opensaml { DECL_SAML2POBJECTBUILDER(StatusDetail); DECL_SAML2POBJECTBUILDER(StatusMessage); DECL_SAML2POBJECTBUILDER(Terminate); - - // - // Custom builders - // - - /** - * Builder for StatusResponse objects. - * - * This is customized to force the element name to be specified. - */ - class SAML_API StatusResponseBuilder : public xmltooling::XMLObjectBuilder { - public: - virtual ~StatusResponseBuilder() {} - /** Builder that allows element/type override. */ - virtual StatusResponse* buildObject( - const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL - ) const; - /** Singleton builder. */ - static StatusResponse* buildStatusResponse(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL) { - const StatusResponseBuilder* b = dynamic_cast( - XMLObjectBuilder::getBuilder(xmltooling::QName(SAMLConstants::SAML20P_NS,StatusResponse::TYPE_NAME)) - ); - if (b) { - xmltooling::QName schemaType(SAMLConstants::SAML20P_NS,StatusResponse::TYPE_NAME,SAMLConstants::SAML20P_PREFIX); - return b->buildObject(nsURI, localName, prefix, &schemaType); - } - throw xmltooling::XMLObjectException("Unable to obtain typed builder for StatusResponse."); - } - }; + DECL_XMLOBJECTBUILDER(SAML_API,RespondTo,opensaml::SAMLConstants::SAML20P_THIRDPARTY_EXT_NS,opensaml::SAMLConstants::SAML20P_THIRDPARTY_EXT_PREFIX); - /** * Registers builders and validators for SAML 2.0 Protocol classes into the runtime. */ void SAML_API registerProtocolClasses(); - - /** - * Validator suite for SAML 2.0 Protocol schema validation. - */ - extern SAML_API xmltooling::ValidatorSuite ProtocolSchemaValidators; }; };