saml/saml2/core/Assertions.h

   1 /*
   2  *  Copyright 2001-2009 Internet2
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 /**
  18  * @file saml/saml2/core/Assertions.h
  19  *
  20  * XMLObjects representing the SAML 2.0 Assertions schema.
  21  */
  22
  23 #ifndef __saml2_assertions_h__
  24 #define __saml2_assertions_h__
  25
  26 #include <saml/Assertion.h>
  27 #include <saml/util/SAMLConstants.h>
  28
  29 #include <xmltooling/ConcreteXMLObjectBuilder.h>
  30 #include <xmltooling/ElementProxy.h>
  31
  32 #define DECL_SAML2OBJECTBUILDER(cname) \
  33     DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML20_NS,samlconstants::SAML20_PREFIX)
  34
  35 namespace xmltooling {
  36     class XMLTOOL_API CredentialCriteria;
  37     class XMLTOOL_API CredentialResolver;
  38     class XMLTOOL_API DateTime;
  39 };
  40
  41 namespace xmlencryption {
  42     class XMLTOOL_API EncryptedData;
  43     class XMLTOOL_API EncryptedKey;
  44 };
  45
  46 namespace xmlsignature {
  47     class XMLTOOL_API KeyInfo;
  48     class XMLTOOL_API Signature;
  49 };
  50
  51 namespace opensaml {
  52
  53     namespace saml2md {
  54         class SAML_API MetadataProvider;
  55         class SAML_API MetadataCredentialCriteria;
  56     };
  57
  58     /**
  59      * @namespace opensaml::saml2
  60      * SAML 2.0 assertion namespace
  61      */
  62     namespace saml2 {
  63
  64         // Forward references
  65         class SAML_API Assertion;
  66         class SAML_API EncryptedAssertion;
  67
  68         /**
  69          * Marker interface for SAML types that can be encrypted.
  70          */
  71         class SAML_API EncryptableObject : public virtual xmltooling::XMLObject
  72         {
  73         protected:
  74             EncryptableObject() {}
  75             virtual ~EncryptableObject() {}
  76         };
  77
  78         DECL_XMLOBJECT_SIMPLE(SAML_API,AssertionIDRef,AssertionID,SAML 2.0 AssertionIDRef element);
  79         DECL_XMLOBJECT_SIMPLE(SAML_API,AssertionURIRef,AssertionURI,SAML 2.0 AssertionURIRef element);
  80         DECL_XMLOBJECT_SIMPLE(SAML_API,Audience,AudienceURI,SAML 2.0 Audience element);
  81         DECL_XMLOBJECT_SIMPLE(SAML_API,AuthnContextClassRef,Reference,SAML 2.0 AuthnContextClassRef element);
  82         DECL_XMLOBJECT_SIMPLE(SAML_API,AuthnContextDeclRef,Reference,SAML 2.0 AuthnContextDeclRef element);
  83         DECL_XMLOBJECT_SIMPLE(SAML_API,AuthenticatingAuthority,ID,SAML 2.0 AuthenticatingAuthority element);
  84
  85         BEGIN_XMLOBJECT(SAML_API,EncryptedElementType,xmltooling::XMLObject,SAML 2.0 EncryptedElementType type);
  86             DECL_TYPED_FOREIGN_CHILD(EncryptedData,xmlencryption);
  87             DECL_TYPED_FOREIGN_CHILDREN(EncryptedKey,xmlencryption);
  88             /** EncryptedElementType local name */
  89             static const XMLCh TYPE_NAME[];
  90
  91             /**
  92              * Encrypts an object to a single recipient using this object as a container.
  93              *
  94              * @param xmlObject         object to encrypt
  95              * @param metadataProvider  a locked MetadataProvider to supply encryption keys
  96              * @param criteria          metadata-based CredentialCriteria to use
  97              * @param compact           true iff compact KeyInfo should be used
  98              * @param algorithm         optionally specifies data encryption algorithm if none can be determined from metadata
  99              * @return  the encrypted object
 100              */
 101             virtual void encrypt(
 102                 const EncryptableObject& xmlObject,
 103                 const saml2md::MetadataProvider& metadataProvider,
 104                 saml2md::MetadataCredentialCriteria& criteria,
 105                 bool compact=false,
 106                 const XMLCh* algorithm=NULL
 107                 );
 108
 109             /**
 110              * Encrypts an object to multiple recipients using this object as a container.
 111              *
 112              * @param xmlObject     object to encrypt
 113              * @param recipients    pairs containing a locked MetadataProvider to supply encryption keys,
 114              *                      and a metadata-based CredentialCriteria to use
 115              * @param compact       true iff compact KeyInfo should be used
 116              * @param algorithm     optionally specifies data encryption algorithm if none can be determined from metadata
 117              * @return  the encrypted object
 118              */
 119             virtual void encrypt(
 120                 const EncryptableObject& xmlObject,
 121                 const std::vector< std::pair<const saml2md::MetadataProvider*, saml2md::MetadataCredentialCriteria*> >& recipients,
 122                 bool compact=false,
 123                 const XMLCh* algorithm=NULL
 124                 );
 125
 126             /**
 127              * Decrypts the element using the supplied CredentialResolver.
 128              *
 129              * <p>The object returned will be unmarshalled around the decrypted DOM element in a
 130              * new Document owned by the object.
 131              *
 132              * @param credResolver  locked resolver supplying decryption keys
 133              * @param recipient     identifier naming the recipient (the entity performing the decryption)
 134              * @param criteria      optional external criteria to use with resolver
 135              * @return  the decrypted and unmarshalled object
 136              */
 137             virtual xmltooling::XMLObject* decrypt(
 138                 const xmltooling::CredentialResolver& credResolver, const XMLCh* recipient, xmltooling::CredentialCriteria* criteria=NULL
 139                 ) const;
 140         END_XMLOBJECT;
 141
 142         BEGIN_XMLOBJECT(SAML_API,EncryptedID,EncryptedElementType,SAML 2.0 EncryptedID element);
 143         END_XMLOBJECT;
 144
 145         BEGIN_XMLOBJECT(SAML_API,BaseID,EncryptableObject,SAML 2.0 BaseID abstract element);
 146             DECL_STRING_ATTRIB(NameQualifier,NAMEQUALIFIER);
 147             DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER);
 148         END_XMLOBJECT;
 149
 150         BEGIN_XMLOBJECT(SAML_API,NameIDType,xmltooling::XMLObject,SAML 2.0 NameIDType type);
 151             DECL_STRING_ATTRIB(NameQualifier,NAMEQUALIFIER);
 152             DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER);
 153             DECL_STRING_ATTRIB(Format,FORMAT);
 154             DECL_STRING_ATTRIB(SPProvidedID,SPPROVIDEDID);
 155             DECL_SIMPLE_CONTENT(Name);
 156             /** NameIDType local name */
 157             static const XMLCh TYPE_NAME[];
 158             /** Unspecified name format ID */
 159             static const XMLCh UNSPECIFIED[];
 160             /** Email address name format ID */
 161             static const XMLCh EMAIL[];
 162             /** X.509 subject name format ID */
 163             static const XMLCh X509_SUBJECT[];
 164             /** Windows domain qualified name format ID */
 165             static const XMLCh WIN_DOMAIN_QUALIFIED[];
 166             /** Kerberos principal name format ID */
 167             static const XMLCh KERBEROS[];
 168             /** Entity identifier name format ID */
 169             static const XMLCh ENTITY[];
 170             /** Persistent identifier name format ID */
 171             static const XMLCh PERSISTENT[];
 172             /** Transient identifier name format ID */
 173             static const XMLCh TRANSIENT[];
 174         END_XMLOBJECT;
 175
 176         BEGIN_XMLOBJECT2(SAML_API,NameID,NameIDType,EncryptableObject,SAML 2.0 NameID element);
 177         END_XMLOBJECT;
 178
 179         BEGIN_XMLOBJECT(SAML_API,Issuer,NameIDType,SAML 2.0 Issuer element);
 180         END_XMLOBJECT;
 181
 182         BEGIN_XMLOBJECT(SAML_API,Condition,xmltooling::XMLObject,SAML 2.0 Condition element);
 183         END_XMLOBJECT;
 184
 185         BEGIN_XMLOBJECT(SAML_API,AudienceRestriction,Condition,SAML 2.0 AudienceRestriction element);
 186             DECL_TYPED_CHILDREN(Audience);
 187             /** AudienceRestrictionType local name */
 188             static const XMLCh TYPE_NAME[];
 189         END_XMLOBJECT;
 190
 191         BEGIN_XMLOBJECT(SAML_API,OneTimeUse,Condition,SAML 2.0 OneTimeUse element);
 192             /** OneTimeUseType local name */
 193             static const XMLCh TYPE_NAME[];
 194         END_XMLOBJECT;
 195
 196         BEGIN_XMLOBJECT(SAML_API,ProxyRestriction,Condition,SAML 2.0 ProxyRestriction element);
 197             DECL_INTEGER_ATTRIB(Count,COUNT);
 198             DECL_TYPED_CHILDREN(Audience);
 199             /** ProxyRestrictionType local name */
 200             static const XMLCh TYPE_NAME[];
 201         END_XMLOBJECT;
 202
 203         BEGIN_XMLOBJECT(SAML_API,Delegate,xmltooling::XMLObject,SAML 2.0 Delegation Restriction Condition Delegate element);
 204             DECL_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD);
 205             DECL_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT);
 206             DECL_TYPED_CHILD(BaseID);
 207             DECL_TYPED_CHILD(NameID);
 208             DECL_TYPED_CHILD(EncryptedID);
 209             /** DelegateType local name */
 210             static const XMLCh TYPE_NAME[];
 211         END_XMLOBJECT;
 212
 213         BEGIN_XMLOBJECT(SAML_API,DelegationRestrictionType,Condition,SAML 2.0 Delegation Restriction Condition type);
 214             DECL_TYPED_CHILDREN(Delegate);
 215             /** DelegationRestrictionType local name */
 216             static const XMLCh TYPE_NAME[];
 217         END_XMLOBJECT;
 218
 219         BEGIN_XMLOBJECT(SAML_API,Conditions,xmltooling::XMLObject,SAML 2.0 Conditions element);
 220             DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE);
 221             DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
 222             DECL_TYPED_CHILDREN(AudienceRestriction);
 223             DECL_TYPED_CHILDREN(OneTimeUse);
 224             DECL_TYPED_CHILDREN(ProxyRestriction);
 225             DECL_TYPED_CHILDREN(Condition);
 226             /** ConditionsType local name */
 227             static const XMLCh TYPE_NAME[];
 228         END_XMLOBJECT;
 229
 230         BEGIN_XMLOBJECT(SAML_API,SubjectConfirmationDataType,xmltooling::XMLObject,SAML 2.0 SubjectConfirmationDataType base type);
 231             DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE);
 232             DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
 233             DECL_STRING_ATTRIB(Recipient,RECIPIENT);
 234             DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
 235             DECL_STRING_ATTRIB(Address,ADDRESS);
 236         END_XMLOBJECT;
 237
 238         BEGIN_XMLOBJECT2(SAML_API,SubjectConfirmationData,SubjectConfirmationDataType,xmltooling::ElementProxy,SAML 2.0 SubjectConfirmationData element);
 239             DECL_SIMPLE_CONTENT(Data);
 240         END_XMLOBJECT;
 241
 242         BEGIN_XMLOBJECT2(SAML_API,KeyInfoConfirmationDataType,SubjectConfirmationDataType,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 KeyInfoConfirmationDataType type);
 243             DECL_TYPED_FOREIGN_CHILDREN(KeyInfo,xmlsignature);
 244             /** KeyInfoConfirmationDataType local name */
 245             static const XMLCh TYPE_NAME[];
 246         END_XMLOBJECT;
 247
 248         BEGIN_XMLOBJECT(SAML_API,SubjectConfirmation,xmltooling::XMLObject,SAML 2.0 SubjectConfirmation element);
 249             DECL_STRING_ATTRIB(Method,METHOD);
 250             DECL_TYPED_CHILD(BaseID);
 251             DECL_TYPED_CHILD(NameID);
 252             DECL_TYPED_CHILD(EncryptedID);
 253             DECL_XMLOBJECT_CHILD(SubjectConfirmationData);
 254             /** SubjectConfirmationType local name */
 255             static const XMLCh TYPE_NAME[];
 256             /** Bearer confirmation method */
 257             static const XMLCh BEARER[];
 258             /** Holder of key confirmation method */
 259             static const XMLCh HOLDER_KEY[];
 260             /** Sender vouches confirmation method */
 261             static const XMLCh SENDER_VOUCHES[];
 262         END_XMLOBJECT;
 263
 264         BEGIN_XMLOBJECT(SAML_API,Subject,xmltooling::XMLObject,SAML 2.0 Subject element);
 265             DECL_TYPED_CHILD(BaseID);
 266             DECL_TYPED_CHILD(NameID);
 267             DECL_TYPED_CHILD(EncryptedID);
 268             DECL_TYPED_CHILDREN(SubjectConfirmation);
 269             /** SubjectType local name */
 270             static const XMLCh TYPE_NAME[];
 271         END_XMLOBJECT;
 272
 273         BEGIN_XMLOBJECT(SAML_API,Statement,xmltooling::XMLObject,SAML 2.0 Statement element);
 274         END_XMLOBJECT;
 275
 276         BEGIN_XMLOBJECT(SAML_API,SubjectLocality,xmltooling::XMLObject,SAML 2.0 SubjectLocality element);
 277             DECL_STRING_ATTRIB(Address,ADDRESS);
 278             DECL_STRING_ATTRIB(DNSName,DNSNAME);
 279             /** SubjectLocalityType local name */
 280             static const XMLCh TYPE_NAME[];
 281         END_XMLOBJECT;
 282
 283         BEGIN_XMLOBJECT(SAML_API,AuthnContextDecl,xmltooling::ElementProxy,SAML 2.0 AuthnContextDecl element);
 284         END_XMLOBJECT;
 285
 286         BEGIN_XMLOBJECT(SAML_API,AuthnContext,xmltooling::XMLObject,SAML 2.0 AuthnContext element);
 287             DECL_TYPED_CHILD(AuthnContextClassRef);
 288             DECL_XMLOBJECT_CHILD(AuthnContextDecl);
 289             DECL_TYPED_CHILD(AuthnContextDeclRef);
 290             DECL_TYPED_CHILDREN(AuthenticatingAuthority);
 291             /** AuthnContextType local name */
 292             static const XMLCh TYPE_NAME[];
 293         END_XMLOBJECT;
 294
 295         BEGIN_XMLOBJECT(SAML_API,AuthnStatement,Statement,SAML 2.0 AuthnStatement element);
 296             DECL_DATETIME_ATTRIB(AuthnInstant,AUTHNINSTANT);
 297             DECL_STRING_ATTRIB(SessionIndex,SESSIONINDEX);
 298             DECL_DATETIME_ATTRIB(SessionNotOnOrAfter,SESSIONNOTONORAFTER);
 299             DECL_TYPED_CHILD(SubjectLocality);
 300             DECL_TYPED_CHILD(AuthnContext);
 301             /** AuthnStatementType local name */
 302             static const XMLCh TYPE_NAME[];
 303         END_XMLOBJECT;
 304
 305         BEGIN_XMLOBJECT(SAML_API,Action,xmltooling::XMLObject,SAML 2.0 Action element);
 306             DECL_STRING_ATTRIB(Namespace,NAMESPACE);
 307             DECL_SIMPLE_CONTENT(Action);
 308             /** ActionType local name */
 309             static const XMLCh TYPE_NAME[];
 310             /** Read/Write/Execute/Delete/Control Action Namespace */
 311             static const XMLCh RWEDC_NEG_ACTION_NAMESPACE[];
 312             /** Read/Write/Execute/Delete/Control with Negation Action Namespace */
 313             static const XMLCh RWEDC_ACTION_NAMESPACE[];
 314             /** Get/Head/Put/Post Action Namespace */
 315             static const XMLCh GHPP_ACTION_NAMESPACE[];
 316             /** UNIX File Permissions Action Namespace */
 317             static const XMLCh UNIX_ACTION_NAMESPACE[];
 318         END_XMLOBJECT;
 319
 320         BEGIN_XMLOBJECT(SAML_API,Evidence,xmltooling::XMLObject,SAML 2.0 Evidence element);
 321             DECL_TYPED_CHILDREN(AssertionIDRef);
 322             DECL_TYPED_CHILDREN(AssertionURIRef);
 323             DECL_TYPED_CHILDREN(Assertion);
 324             DECL_TYPED_CHILDREN(EncryptedAssertion);
 325             /** EvidenceType local name */
 326             static const XMLCh TYPE_NAME[];
 327         END_XMLOBJECT;
 328
 329         BEGIN_XMLOBJECT(SAML_API,AuthzDecisionStatement,Statement,SAML 2.0 AuthzDecisionStatement element);
 330             DECL_STRING_ATTRIB(Resource,RESOURCE);
 331             DECL_STRING_ATTRIB(Decision,DECISION);
 332             DECL_TYPED_CHILDREN(Action);
 333             DECL_TYPED_CHILD(Evidence);
 334             /** AuthzDecisionStatementType local name */
 335             static const XMLCh TYPE_NAME[];
 336             /** Permit Decision */
 337             static const XMLCh DECISION_PERMIT[];
 338             /** Deny Decision */
 339             static const XMLCh DECISION_DENY[];
 340             /** Indeterminate Decision */
 341             static const XMLCh DECISION_INDETERMINATE[];
 342         END_XMLOBJECT;
 343
 344         BEGIN_XMLOBJECT(SAML_API,AttributeValue,xmltooling::ElementProxy,SAML 2.0 AttributeValue element);
 345         END_XMLOBJECT;
 346
 347         BEGIN_XMLOBJECT2(SAML_API,Attribute,xmltooling::AttributeExtensibleXMLObject,EncryptableObject,SAML 2.0 Attribute element);
 348             DECL_STRING_ATTRIB(Name,NAME);
 349             DECL_STRING_ATTRIB(NameFormat,NAMEFORMAT);
 350             DECL_STRING_ATTRIB(FriendlyName,FRIENDLYNAME);
 351             DECL_XMLOBJECT_CHILDREN(AttributeValue);
 352             /** AttributeType local name */
 353             static const XMLCh TYPE_NAME[];
 354             /** Unspecified attribute name format ID */
 355             static const XMLCh UNSPECIFIED[];
 356             /** URI reference attribute name format ID */
 357             static const XMLCh URI_REFERENCE[];
 358             /** Basic attribute name format ID */
 359             static const XMLCh BASIC[];
 360         END_XMLOBJECT;
 361
 362         BEGIN_XMLOBJECT(SAML_API,EncryptedAttribute,EncryptedElementType,SAML 2.0 EncryptedAttribute element);
 363         END_XMLOBJECT;
 364
 365         BEGIN_XMLOBJECT(SAML_API,AttributeStatement,Statement,SAML 2.0 AttributeStatement element);
 366             DECL_TYPED_CHILDREN(Attribute);
 367             DECL_TYPED_CHILDREN(EncryptedAttribute);
 368             /** AttributeStatementType local name */
 369             static const XMLCh TYPE_NAME[];
 370         END_XMLOBJECT;
 371
 372         BEGIN_XMLOBJECT(SAML_API,EncryptedAssertion,EncryptedElementType,SAML 2.0 EncryptedAssertion element);
 373         END_XMLOBJECT;
 374
 375         BEGIN_XMLOBJECT(SAML_API,Advice,xmltooling::ElementExtensibleXMLObject,SAML 2.0 Advice element);
 376             DECL_TYPED_CHILDREN(AssertionIDRef);
 377             DECL_TYPED_CHILDREN(AssertionURIRef);
 378             DECL_TYPED_CHILDREN(Assertion);
 379             DECL_TYPED_CHILDREN(EncryptedAssertion);
 380             /** AdviceType local name */
 381             static const XMLCh TYPE_NAME[];
 382         END_XMLOBJECT;
 383
 384         /**
 385          * SAML 2.0 assertion or protocol message.
 386          */
 387         class SAML_API RootObject : virtual public opensaml::RootObject
 388         {
 389         protected:
 390             RootObject() {}
 391         public:
 392             virtual ~RootObject() {}
 393
 394             /** Gets the Version attribute. */
 395             virtual const XMLCh* getVersion() const=0;
 396
 397             /** Gets the Issuer. */
 398             virtual Issuer* getIssuer() const=0;
 399         };
 400
 401         BEGIN_XMLOBJECT3(SAML_API,Assertion,saml2::RootObject,opensaml::Assertion,EncryptableObject,SAML 2.0 Assertion element);
 402             DECL_INHERITED_STRING_ATTRIB(Version,VER);
 403             DECL_INHERITED_STRING_ATTRIB(ID,ID);
 404             DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
 405             DECL_INHERITED_TYPED_CHILD(Issuer);
 406             DECL_TYPED_CHILD(Subject);
 407             DECL_TYPED_CHILD(Conditions);
 408             DECL_TYPED_CHILD(Advice);
 409             DECL_TYPED_CHILDREN(Statement);
 410             DECL_TYPED_CHILDREN(AuthnStatement);
 411             DECL_TYPED_CHILDREN(AttributeStatement);
 412             DECL_TYPED_CHILDREN(AuthzDecisionStatement);
 413             /** AssertionType local name */
 414             static const XMLCh TYPE_NAME[];
 415         END_XMLOBJECT;
 416
 417         DECL_SAML2OBJECTBUILDER(Action);
 418         DECL_SAML2OBJECTBUILDER(Advice);
 419         DECL_SAML2OBJECTBUILDER(Assertion);
 420         DECL_SAML2OBJECTBUILDER(AssertionIDRef);
 421         DECL_SAML2OBJECTBUILDER(AssertionURIRef);
 422         DECL_SAML2OBJECTBUILDER(Attribute);
 423         DECL_SAML2OBJECTBUILDER(AttributeStatement);
 424         DECL_SAML2OBJECTBUILDER(AttributeValue);
 425         DECL_SAML2OBJECTBUILDER(Audience);
 426         DECL_SAML2OBJECTBUILDER(AudienceRestriction);
 427         DECL_SAML2OBJECTBUILDER(AuthenticatingAuthority);
 428         DECL_SAML2OBJECTBUILDER(AuthnContext);
 429         DECL_SAML2OBJECTBUILDER(AuthnContextClassRef);
 430         DECL_SAML2OBJECTBUILDER(AuthnContextDecl);
 431         DECL_SAML2OBJECTBUILDER(AuthnContextDeclRef);
 432         DECL_SAML2OBJECTBUILDER(AuthnStatement);
 433         DECL_SAML2OBJECTBUILDER(AuthzDecisionStatement);
 434         DECL_SAML2OBJECTBUILDER(Conditions);
 435         DECL_SAML2OBJECTBUILDER(EncryptedAssertion);
 436         DECL_SAML2OBJECTBUILDER(EncryptedAttribute);
 437         DECL_SAML2OBJECTBUILDER(EncryptedID);
 438         DECL_SAML2OBJECTBUILDER(Evidence);
 439         DECL_SAML2OBJECTBUILDER(Issuer);
 440         DECL_SAML2OBJECTBUILDER(NameID);
 441         DECL_SAML2OBJECTBUILDER(OneTimeUse);
 442         DECL_SAML2OBJECTBUILDER(ProxyRestriction);
 443         DECL_SAML2OBJECTBUILDER(Subject);
 444         DECL_SAML2OBJECTBUILDER(SubjectConfirmation);
 445         DECL_SAML2OBJECTBUILDER(SubjectConfirmationData);
 446         DECL_SAML2OBJECTBUILDER(SubjectLocality);
 447
 448         DECL_XMLOBJECTBUILDER(SAML_API,Delegate,samlconstants::SAML20_DELEGATION_CONDITION_NS,samlconstants::SAML20_DELEGATION_CONDITION_PREFIX);
 449
 450         /**
 451          * Builder for NameIDType objects.
 452          *
 453          * This is customized to force the element name to be specified.
 454          */
 455         class SAML_API NameIDTypeBuilder : public xmltooling::XMLObjectBuilder {
 456         public:
 457             virtual ~NameIDTypeBuilder() {}
 458             /** Builder that allows element/type override. */
 459 #ifdef HAVE_COVARIANT_RETURNS
 460             virtual NameIDType* buildObject(
 461 #else
 462             virtual xmltooling::XMLObject* buildObject(
 463 #endif
 464                 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
 465                 ) const;
 466
 467             /** Singleton builder. */
 468             static NameIDType* buildNameIDType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL) {
 469                 const NameIDTypeBuilder* b = dynamic_cast<const NameIDTypeBuilder*>(
 470                     XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_NS,NameIDType::TYPE_NAME))
 471                     );
 472                 if (b) {
 473                     xmltooling::QName schemaType(samlconstants::SAML20_NS,NameIDType::TYPE_NAME,samlconstants::SAML20_PREFIX);
 474 #ifdef HAVE_COVARIANT_RETURNS
 475                     return b->buildObject(nsURI, localName, prefix, &schemaType);
 476 #else
 477                     return dynamic_cast<NameIDType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
 478 #endif
 479                 }
 480                 throw xmltooling::XMLObjectException("Unable to obtain typed builder for NameIDType.");
 481             }
 482         };
 483
 484         /**
 485          * Builder for Condition extension objects.
 486          *
 487          * This is customized to force the schema type to be specified.
 488          */
 489         class SAML_API ConditionBuilder : public xmltooling::XMLObjectBuilder {
 490         public:
 491             virtual ~ConditionBuilder() {}
 492             /** Builder that allows element/type override. */
 493 #ifdef HAVE_COVARIANT_RETURNS
 494             virtual Condition* buildObject(
 495 #else
 496             virtual xmltooling::XMLObject* buildObject(
 497 #endif
 498                 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
 499                 ) const;
 500
 501             /** Singleton builder. */
 502             static Condition* buildCondition(const xmltooling::QName& schemaType) {
 503                 const ConditionBuilder* b = dynamic_cast<const ConditionBuilder*>(
 504                     XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_NS,Condition::LOCAL_NAME))
 505                     );
 506                 if (b) {
 507 #ifdef HAVE_COVARIANT_RETURNS
 508                     return b->buildObject(samlconstants::SAML20_NS, Condition::LOCAL_NAME, samlconstants::SAML20_PREFIX, &schemaType);
 509 #else
 510                     return dynamic_cast<Condition*>(b->buildObject(samlconstants::SAML20_NS, Condition::LOCAL_NAME, samlconstants::SAML20_PREFIX, &schemaType));
 511 #endif
 512                 }
 513                 throw xmltooling::XMLObjectException("Unable to obtain typed builder for Condition.");
 514             }
 515         };
 516
 517         /**
 518          * Builder for DelegationRestrictionType objects.
 519          *
 520          * This is customized to return a Condition element with an xsi:type of DelegationRestrictionType.
 521          */
 522         class SAML_API DelegationRestrictionTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
 523         public:
 524             virtual ~DelegationRestrictionTypeBuilder() {}
 525             /** Default builder. */
 526 #ifdef HAVE_COVARIANT_RETURNS
 527             virtual DelegationRestrictionType* buildObject() const {
 528 #else
 529             virtual xmltooling::XMLObject* buildObject() const {
 530 #endif
 531                 xmltooling::QName schemaType(
 532                     samlconstants::SAML20_DELEGATION_CONDITION_NS,
 533                     DelegationRestrictionType::TYPE_NAME,
 534                     samlconstants::SAML20_DELEGATION_CONDITION_PREFIX
 535                     );
 536                 return buildObject(
 537                     samlconstants::SAML20_DELEGATION_CONDITION_NS,
 538                     DelegationRestrictionType::LOCAL_NAME,
 539                     samlconstants::SAML20_DELEGATION_CONDITION_PREFIX,
 540                     &schemaType
 541                     );
 542             }
 543             /** Builder that allows element/type override. */
 544 #ifdef HAVE_COVARIANT_RETURNS
 545             virtual DelegationRestrictionType* buildObject(
 546 #else
 547             virtual xmltooling::XMLObject* buildObject(
 548 #endif
 549                 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
 550                 ) const;
 551
 552             /** Singleton builder. */
 553             static DelegationRestrictionType* buildDelegationRestrictionType() {
 554                 const DelegationRestrictionTypeBuilder* b = dynamic_cast<const DelegationRestrictionTypeBuilder*>(
 555                     XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,DelegationRestrictionType::TYPE_NAME))
 556                     );
 557                 if (b)
 558 #ifdef HAVE_COVARIANT_RETURNS
 559                     return b->buildObject();
 560 #else
 561                     return dynamic_cast<DelegationRestrictionType*>(b->buildObject());
 562 #endif
 563                 throw xmltooling::XMLObjectException("Unable to obtain typed builder for DelegationRestrictionType.");
 564             }
 565         };
 566
 567         /**
 568          * Builder for KeyInfoConfirmationDataType objects.
 569          *
 570          * This is customized to return a SubjectConfirmationData element with an
 571          * xsi:type of KeyInfoConfirmationDataType.
 572          */
 573         class SAML_API KeyInfoConfirmationDataTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
 574         public:
 575             virtual ~KeyInfoConfirmationDataTypeBuilder() {}
 576             /** Default builder. */
 577 #ifdef HAVE_COVARIANT_RETURNS
 578             virtual KeyInfoConfirmationDataType* buildObject() const {
 579 #else
 580             virtual xmltooling::XMLObject* buildObject() const {
 581 #endif
 582                 xmltooling::QName schemaType(
 583                     samlconstants::SAML20_NS,KeyInfoConfirmationDataType::TYPE_NAME,samlconstants::SAML20_PREFIX
 584                     );
 585                 return buildObject(
 586                     samlconstants::SAML20_NS,KeyInfoConfirmationDataType::LOCAL_NAME,samlconstants::SAML20_PREFIX,&schemaType
 587                     );
 588             }
 589             /** Builder that allows element/type override. */
 590 #ifdef HAVE_COVARIANT_RETURNS
 591             virtual KeyInfoConfirmationDataType* buildObject(
 592 #else
 593             virtual xmltooling::XMLObject* buildObject(
 594 #endif
 595                 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
 596                 ) const;
 597
 598             /** Singleton builder. */
 599             static KeyInfoConfirmationDataType* buildKeyInfoConfirmationDataType() {
 600                 const KeyInfoConfirmationDataTypeBuilder* b = dynamic_cast<const KeyInfoConfirmationDataTypeBuilder*>(
 601                     XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_NS,KeyInfoConfirmationDataType::TYPE_NAME))
 602                     );
 603                 if (b)
 604 #ifdef HAVE_COVARIANT_RETURNS
 605                     return b->buildObject();
 606 #else
 607                     return dynamic_cast<KeyInfoConfirmationDataType*>(b->buildObject());
 608 #endif
 609                 throw xmltooling::XMLObjectException("Unable to obtain typed builder for KeyInfoConfirmationDataType.");
 610             }
 611         };
 612
 613         /**
 614          * Builder for Statement extension objects.
 615          *
 616          * This is customized to force the schema type to be specified.
 617          */
 618         class SAML_API StatementBuilder : public xmltooling::XMLObjectBuilder {
 619         public:
 620             virtual ~StatementBuilder() {}
 621             /** Builder that allows element/type override. */
 622 #ifdef HAVE_COVARIANT_RETURNS
 623             virtual Statement* buildObject(
 624 #else
 625             virtual xmltooling::XMLObject* buildObject(
 626 #endif
 627                 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
 628                 ) const;
 629
 630             /** Singleton builder. */
 631             static Statement* buildStatement(const xmltooling::QName& schemaType) {
 632                 const StatementBuilder* b = dynamic_cast<const StatementBuilder*>(
 633                     XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_NS,Statement::LOCAL_NAME))
 634                     );
 635                 if (b) {
 636 #ifdef HAVE_COVARIANT_RETURNS
 637                     return b->buildObject(samlconstants::SAML20_NS, Statement::LOCAL_NAME, samlconstants::SAML20_PREFIX, &schemaType);
 638 #else
 639                     return dynamic_cast<Statement*>(b->buildObject(samlconstants::SAML20_NS, Statement::LOCAL_NAME, samlconstants::SAML20_PREFIX, &schemaType));
 640 #endif
 641                 }
 642                 throw xmltooling::XMLObjectException("Unable to obtain typed builder for Statement.");
 643             }
 644         };
 645
 646         /**
 647          * Registers builders and validators for SAML 2.0 Assertion classes into the runtime.
 648          */
 649         void SAML_API registerAssertionClasses();
 650     };
 651 };
 652
 653 #endif /* __saml2_assertions_h__ */