saml/saml1/core/impl/ProtocolsSchemaValidators.cpp

   1 /*
   2 *  Copyright 2001-2006 Internet2
   3  *
   4 * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * ProtocolsSchemaValidators.cpp
  19  *
  20  * Schema-based validators for SAML 1.x Protocols classes
  21  */
  22
  23 #include "internal.h"
  24 #include "exceptions.h"
  25 #include "saml1/core/Protocols.h"
  26
  27 using namespace opensaml::saml1p;
  28 using namespace opensaml::saml1;
  29 using namespace opensaml;
  30 using namespace xmltooling;
  31 using namespace std;
  32
  33 namespace opensaml {
  34     namespace saml1p {
  35
  36         XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,AssertionArtifact);
  37         XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,StatusMessage);
  38
  39         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,RespondWith);
  40             XMLOBJECTVALIDATOR_REQUIRE(RespondWith,QName);
  41         END_XMLOBJECTVALIDATOR;
  42
  43         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,AuthenticationQuery);
  44             XMLOBJECTVALIDATOR_REQUIRE(AuthenticationQuery,AuthenticationMethod);
  45             XMLOBJECTVALIDATOR_REQUIRE(AuthenticationQuery,Subject);
  46         END_XMLOBJECTVALIDATOR;
  47
  48         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,AttributeQuery);
  49             XMLOBJECTVALIDATOR_REQUIRE(AttributeQuery,Subject);
  50         END_XMLOBJECTVALIDATOR;
  51
  52         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,AuthorizationDecisionQuery);
  53             XMLOBJECTVALIDATOR_REQUIRE(AuthorizationDecisionQuery,Subject);
  54             XMLOBJECTVALIDATOR_REQUIRE(AuthorizationDecisionQuery,Resource);
  55             XMLOBJECTVALIDATOR_NONEMPTY(AuthorizationDecisionQuery,Action);
  56         END_XMLOBJECTVALIDATOR;
  57
  58         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Request);
  59             XMLOBJECTVALIDATOR_REQUIRE(Request,RequestID);
  60             XMLOBJECTVALIDATOR_REQUIRE(Request,IssueInstant);
  61             int count=0;
  62             if (ptr->getQuery()!=NULL)
  63                 count++;
  64             if (!ptr->getAssertionIDReferences().empty())
  65                 count++;
  66             if (!ptr->getAssertionArtifacts().empty())
  67                 count++;
  68             if (count != 1)
  69                 throw ValidationException("Request must have either a query, >0 assertion references, or >0 artifacts.");
  70         END_XMLOBJECTVALIDATOR;
  71
  72         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,StatusCode);
  73             XMLOBJECTVALIDATOR_REQUIRE(StatusCode,Value);
  74         END_XMLOBJECTVALIDATOR;
  75
  76         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Status);
  77             XMLOBJECTVALIDATOR_REQUIRE(Status,StatusCode);
  78             const QName* value=ptr->getStatusCode()->getValue();
  79             if (!value || (*value!=StatusCode::SUCCESS && *value!=StatusCode::REQUESTER &&
  80                 *value!=StatusCode::RESPONDER && *value!=StatusCode::VERSIONMISMATCH))
  81                 throw ValidationException("Top-level status code not one of the allowable values.");
  82         END_XMLOBJECTVALIDATOR;
  83
  84         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Response);
  85             XMLOBJECTVALIDATOR_REQUIRE(Response,ResponseID);
  86             XMLOBJECTVALIDATOR_REQUIRE(Response,IssueInstant);
  87             XMLOBJECTVALIDATOR_REQUIRE(Response,Status);
  88         END_XMLOBJECTVALIDATOR;
  89     };
  90 };
  91
  92 #define REGISTER_ELEMENT(cname) \
  93     q=QName(SAMLConstants::SAML1P_NS,cname::LOCAL_NAME); \
  94     XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
  95     Validator::registerValidator(q,new cname##SchemaValidator())
  96
  97 #define REGISTER_TYPE(cname) \
  98     q=QName(SAMLConstants::SAML1P_NS,cname::TYPE_NAME); \
  99     XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
 100     Validator::registerValidator(q,new cname##SchemaValidator())
 101
 102 #define REGISTER_ELEMENT_NOVAL(cname) \
 103     q=QName(SAMLConstants::SAML1P_NS,cname::LOCAL_NAME); \
 104     XMLObjectBuilder::registerBuilder(q,new cname##Builder());
 105
 106 #define REGISTER_TYPE_NOVAL(cname) \
 107     q=QName(SAMLConstants::SAML1P_NS,cname::TYPE_NAME); \
 108     XMLObjectBuilder::registerBuilder(q,new cname##Builder());
 109
 110 void opensaml::saml1p::registerProtocolClasses() {
 111     QName q;
 112     REGISTER_ELEMENT(AssertionArtifact);
 113     REGISTER_ELEMENT(AttributeQuery);
 114     REGISTER_ELEMENT(AuthenticationQuery);
 115     REGISTER_ELEMENT(AuthorizationDecisionQuery);
 116     REGISTER_ELEMENT(Request);
 117     REGISTER_ELEMENT(RespondWith);
 118     REGISTER_ELEMENT(Response);
 119     REGISTER_ELEMENT(Status);
 120     REGISTER_ELEMENT(StatusCode);
 121     REGISTER_ELEMENT_NOVAL(StatusDetail);
 122     REGISTER_ELEMENT(StatusMessage);
 123     REGISTER_TYPE(AttributeQuery);
 124     REGISTER_TYPE(AuthenticationQuery);
 125     REGISTER_TYPE(AuthorizationDecisionQuery);
 126     REGISTER_TYPE(Request);
 127     REGISTER_TYPE(Response);
 128     REGISTER_TYPE(Status);
 129     REGISTER_TYPE(StatusCode);
 130     REGISTER_TYPE_NOVAL(StatusDetail);
 131 }