2 * Copyright 2001-2009 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file saml/saml2/core/Protocols.h
20 * XMLObjects representing the SAML 2.0 Protocols schema
23 #ifndef __saml2_protocols_h__
24 #define __saml2_protocols_h__
26 #include <saml/saml2/core/Assertions.h>
28 #include <xercesc/util/XMLUniDefs.hpp>
30 #define DECL_SAML2POBJECTBUILDER(cname) \
31 DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML20P_NS,samlconstants::SAML20P_PREFIX)
36 * @namespace opensaml::saml2p
37 * SAML 2.0 protocol namespace
41 DECL_XMLOBJECT_SIMPLE(SAML_API,Artifact,Artifact,SAML 2.0 Artifact element);
42 DECL_XMLOBJECT_SIMPLE(SAML_API,GetComplete,GetComplete,SAML 2.0 GetComplete element);
43 DECL_XMLOBJECT_SIMPLE(SAML_API,RequesterID,RequesterID,SAML 2.0 RequesterID element);
44 DECL_XMLOBJECT_SIMPLE(SAML_API,SessionIndex,SessionIndex,SAML 2.0 SessionIndex element);
45 DECL_XMLOBJECT_SIMPLE(SAML_API,StatusMessage,Message,SAML 2.0 StatusMessage element);
47 DECL_XMLOBJECT_SIMPLE(SAML_API,RespondTo,Name,SAML 2.0 third-party request RespondTo extension element);
49 BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementExtensibleXMLObject,SAML 2.0 protocol Extensions element);
50 /** ExtensionsType local name */
51 static const XMLCh TYPE_NAME[];
54 BEGIN_XMLOBJECT(SAML_API,RequestAbstractType,saml2::RootObject,SAML 2.0 RequestAbstractType base type);
55 DECL_INHERITED_STRING_ATTRIB(ID,ID);
56 DECL_INHERITED_STRING_ATTRIB(Version,VER);
57 DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
58 DECL_STRING_ATTRIB(Destination,DESTINATION);
59 DECL_STRING_ATTRIB(Consent,CONSENT);
60 DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
61 DECL_TYPED_CHILD(Extensions);
62 /** RequestAbstractType local name */
63 static const XMLCh TYPE_NAME[];
66 BEGIN_XMLOBJECT(SAML_API,StatusCode,xmltooling::XMLObject,SAML 2.0 StatusCode element);
67 DECL_STRING_ATTRIB(Value,VALUE);
68 DECL_TYPED_CHILD(StatusCode);
69 /** StatusCodeType local name */
70 static const XMLCh TYPE_NAME[];
73 * @name StatusCode Value Attribute URI Reference Constants
75 * SAML 2.0 Core, section 3.2.2.2, predefines several URI
76 * references for use in the Value attribue of the StatusCode
77 * element. Other values may be defined elsewhere.
80 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Success' */
81 static const XMLCh SUCCESS[];
82 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Requester' */
83 static const XMLCh REQUESTER[];
84 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Responder' */
85 static const XMLCh RESPONDER[];
86 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch' */
87 static const XMLCh VERSION_MISMATCH[];
88 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:AuthnFailed' */
89 static const XMLCh AUTHN_FAILED[];
90 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue' */
91 static const XMLCh INVALID_ATTR_NAME_OR_VALUE[];
92 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy' */
93 static const XMLCh INVALID_NAMEID_POLICY[];
94 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext' */
95 static const XMLCh NO_AUTHN_CONTEXT[];
96 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP' */
97 static const XMLCh NO_AVAILABLE_IDP[];
98 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoPassive' */
99 static const XMLCh NO_PASSIVE[];
100 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP' */
101 static const XMLCh NO_SUPPORTED_IDP[];
102 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout' */
103 static const XMLCh PARTIAL_LOGOUT[];
104 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded' */
105 static const XMLCh PROXY_COUNT_EXCEEDED[];
106 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestDenied' */
107 static const XMLCh REQUEST_DENIED[];
108 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported' */
109 static const XMLCh REQUEST_UNSUPPORTED[];
110 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated' */
111 static const XMLCh REQUEST_VERSION_DEPRECATED[];
112 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh' */
113 static const XMLCh REQUEST_VERSION_TOO_HIGH[];
114 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow' */
115 static const XMLCh REQUEST_VERSION_TOO_LOW[];
116 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized' */
117 static const XMLCh RESOURCE_NOT_RECOGNIZED[];
118 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:TooManyResponses' */
119 static const XMLCh TOO_MANY_RESPONSES[];
120 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile' */
121 static const XMLCh UNKNOWN_ATTR_PROFILE[];
122 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal' */
123 static const XMLCh UNKNOWN_PRINCIPAL[];
124 /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding' */
125 static const XMLCh UNSUPPORTED_BINDING[];
129 BEGIN_XMLOBJECT(SAML_API,StatusDetail,xmltooling::ElementExtensibleXMLObject,SAML 2.0 StatusDetail element);
130 /** StatusDetailType local name */
131 static const XMLCh TYPE_NAME[];
134 BEGIN_XMLOBJECT(SAML_API,Status,xmltooling::XMLObject,SAML 2.0 Status element);
135 DECL_TYPED_CHILD(StatusCode);
136 DECL_TYPED_CHILD(StatusMessage);
137 DECL_TYPED_CHILD(StatusDetail);
138 /** StatusType local name */
139 static const XMLCh TYPE_NAME[];
142 BEGIN_XMLOBJECT(SAML_API,StatusResponseType,saml2::RootObject,SAML 2.0 StatusResponseType base type);
143 DECL_INHERITED_STRING_ATTRIB(ID,ID);
144 DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
145 DECL_INHERITED_STRING_ATTRIB(Version,VER);
146 DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
147 DECL_STRING_ATTRIB(Destination,DESTINATION);
148 DECL_STRING_ATTRIB(Consent,CONSENT);
149 DECL_INHERITED_TYPED_FOREIGN_CHILD(Issuer,saml2);
150 DECL_TYPED_CHILD(Extensions);
151 DECL_TYPED_CHILD(Status);
152 /** StatusResponseType local name */
153 static const XMLCh TYPE_NAME[];
156 BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,RequestAbstractType,SAML 2.0 AssertionIDRequest element);
157 DECL_TYPED_FOREIGN_CHILDREN(AssertionIDRef,saml2);
158 /** AssertionIDRequest local name */
159 static const XMLCh TYPE_NAME[];
162 BEGIN_XMLOBJECT(SAML_API,SubjectQuery,RequestAbstractType,SAML 2.0 SubjectQuery abstract element);
163 DECL_TYPED_FOREIGN_CHILD(Subject,saml2);
164 /** SubjectQueryAbstractType local name */
165 static const XMLCh TYPE_NAME[];
168 BEGIN_XMLOBJECT(SAML_API,RequestedAuthnContext,xmltooling::XMLObject,SAML 2.0 RequestedAuthnContext element);
169 //TODO whether, and how, to enforce the controlled vocabulary (schema enumeration) for the Comparison attrib, as in the Java ?
170 DECL_STRING_ATTRIB(Comparison,COMPARISON);
171 DECL_TYPED_FOREIGN_CHILDREN(AuthnContextClassRef,saml2);
172 DECL_TYPED_FOREIGN_CHILDREN(AuthnContextDeclRef,saml2);
173 /** RequestedAuthnContextType local name */
174 static const XMLCh TYPE_NAME[];
177 * @name RequestedAuthnContext Comparison Attribute Constants
179 * These are the allowed values for the Comparison attribute of
180 * the RequestedAuthnContext element, as defined by SAML 2.0 Core.
183 /** 'exact' Comparison */
184 static const XMLCh COMPARISON_EXACT[];
185 /** 'minimum' Comparison */
186 static const XMLCh COMPARISON_MINIMUM[];
187 /** 'maximum' Comparison */
188 static const XMLCh COMPARISON_MAXIMUM[];
189 /** 'better' Comparison */
190 static const XMLCh COMPARISON_BETTER[];
194 BEGIN_XMLOBJECT(SAML_API,AuthnQuery,SubjectQuery,SAML 2.0 AuthnQuery element);
195 DECL_STRING_ATTRIB(SessionIndex,SESSIONINDEX);
196 DECL_TYPED_CHILD(RequestedAuthnContext);
197 /** AuthnQueryType local name */
198 static const XMLCh TYPE_NAME[];
201 BEGIN_XMLOBJECT(SAML_API,AttributeQuery,SubjectQuery,SAML 2.0 AttributeQuery element);
202 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
203 /** AttributeQueryType local name */
204 static const XMLCh TYPE_NAME[];
207 BEGIN_XMLOBJECT(SAML_API,AuthzDecisionQuery,SubjectQuery,SAML 2.0 AuthzDecisionQuery element);
208 DECL_STRING_ATTRIB(Resource,RESOURCE);
209 DECL_TYPED_FOREIGN_CHILDREN(Action,saml2);
210 DECL_TYPED_FOREIGN_CHILD(Evidence,saml2);
211 /** AuthzDecisionQueryType local name */
212 static const XMLCh TYPE_NAME[];
215 BEGIN_XMLOBJECT(SAML_API,NameIDPolicy,xmltooling::XMLObject,SAML 2.0 NameIDPolicy element);
216 DECL_STRING_ATTRIB(Format,FORMAT);
217 DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER);
218 DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE,false);
219 /** NameIDPolicyType local name */
220 static const XMLCh TYPE_NAME[];
223 BEGIN_XMLOBJECT(SAML_API,IDPEntry,xmltooling::XMLObject,SAML2.0 IDPEntry element);
224 DECL_STRING_ATTRIB(ProviderID,PROVIDERID);
225 DECL_STRING_ATTRIB(Name,NAME);
226 DECL_STRING_ATTRIB(Loc,LOC);
227 /** IDPEntryType local name */
228 static const XMLCh TYPE_NAME[];
231 BEGIN_XMLOBJECT(SAML_API,IDPList,xmltooling::XMLObject,SAML 2.0 IDPList element);
232 DECL_TYPED_CHILDREN(IDPEntry);
233 DECL_TYPED_CHILD(GetComplete);
234 /** IDPListType local name */
235 static const XMLCh TYPE_NAME[];
238 BEGIN_XMLOBJECT(SAML_API,Scoping,xmltooling::XMLObject,SAML 2.0 Scoping element);
239 DECL_INTEGER_ATTRIB(ProxyCount,PROXYCOUNT);
240 DECL_TYPED_CHILD(IDPList);
241 DECL_TYPED_CHILDREN(RequesterID);
242 /** ScopingType local name */
243 static const XMLCh TYPE_NAME[];
246 BEGIN_XMLOBJECT(SAML_API,AuthnRequest,RequestAbstractType,SAML 2.0 AuthnRequest element);
247 DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN,false);
248 DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE,false);
249 DECL_STRING_ATTRIB(ProtocolBinding,PROTOCOLBINDING);
250 DECL_INTEGER_ATTRIB(AssertionConsumerServiceIndex,ASSERTIONCONSUMERSERVICEINDEX);
251 DECL_STRING_ATTRIB(AssertionConsumerServiceURL,ASSERTIONCONSUMERSERVICEURL);
252 DECL_INTEGER_ATTRIB(AttributeConsumingServiceIndex,ATTRIBUTECONSUMINGSERVICEINDEX);
253 DECL_STRING_ATTRIB(ProviderName,PROVIDERNAME);
255 DECL_TYPED_FOREIGN_CHILD(Subject,saml2);
256 DECL_TYPED_CHILD(NameIDPolicy);
257 DECL_TYPED_FOREIGN_CHILD(Conditions,saml2);
258 DECL_TYPED_CHILD(RequestedAuthnContext);
259 DECL_TYPED_CHILD(Scoping);
260 /** AuthnRequestType local name */
261 static const XMLCh TYPE_NAME[];
264 BEGIN_XMLOBJECT(SAML_API,Response,StatusResponseType,SAML 2.0 Response element);
265 DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
266 DECL_TYPED_FOREIGN_CHILDREN(EncryptedAssertion,saml2);
267 /** ResponseType local name */
268 static const XMLCh TYPE_NAME[];
271 BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,RequestAbstractType,SAML 2.0 ArtifactResolve element);
272 DECL_TYPED_CHILD(Artifact);
273 /** ArtifiactResolveType local name */
274 static const XMLCh TYPE_NAME[];
277 BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponseType,SAML 2.0 ArtifactResponse element);
278 DECL_XMLOBJECT_CHILD(Payload);
279 /** ArtifiactResponseType local name */
280 static const XMLCh TYPE_NAME[];
283 BEGIN_XMLOBJECT(SAML_API,Terminate,xmltooling::XMLObject,SAML 2.0 Terminate element);
284 /** TerminateType local name */
285 static const XMLCh TYPE_NAME[];
288 BEGIN_XMLOBJECT(SAML_API,NewID,saml2::EncryptableObject,SAML 2.0 NewID element);
289 DECL_SIMPLE_CONTENT(NewID);
292 BEGIN_XMLOBJECT(SAML_API,NewEncryptedID,saml2::EncryptedElementType,SAML 2.0 NewEncryptedID element);
295 BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,RequestAbstractType,SAML 2.0 ManageNameIDRequest element);
296 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
297 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
298 DECL_TYPED_CHILD(NewID);
299 DECL_TYPED_CHILD(NewEncryptedID);
300 DECL_TYPED_CHILD(Terminate);
301 /** ManageNameIDRequestType local name */
302 static const XMLCh TYPE_NAME[];
305 BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponseType,SAML 2.0 ManageNameIDResponse element);
308 BEGIN_XMLOBJECT(SAML_API,LogoutRequest,RequestAbstractType,SAML 2.0 LogoutRequest element);
309 DECL_STRING_ATTRIB(Reason,REASON);
310 DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
311 DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
312 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
313 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
314 DECL_TYPED_CHILDREN(SessionIndex);
316 /** LogoutRequestType local name */
317 static const XMLCh TYPE_NAME[];
320 * @name LogoutRequest Reason URI Constants
322 * URI Constants for the Reason attribute of the LogoutRequest
323 * element as defined by SAML 2.0 Core, section 3.7.3.
326 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:user' */
327 static const XMLCh REASON_USER[];
328 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:admin' */
329 static const XMLCh REASON_ADMIN[];
330 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:global-timeout' */
331 static const XMLCh REASON_GLOBAL_TIMEOUT[];
332 /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:sp-timeout' */
333 static const XMLCh REASON_SP_TIMEOUT[];
337 BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponseType,SAML 2.0 LogoutResponse element);
340 BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,RequestAbstractType,SAML 2.0 NameIDMappingRequest element);
341 DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
342 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
343 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
344 DECL_TYPED_CHILD(NameIDPolicy);
345 /** NameIDMappingRequestType local name */
346 static const XMLCh TYPE_NAME[];
349 BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponseType,SAML 2.0 NameIDMappingResponse element);
350 DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
351 DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
352 /** NameIDMappingResponseType local name */
353 static const XMLCh TYPE_NAME[];
358 DECL_SAML2POBJECTBUILDER(Artifact);
359 DECL_SAML2POBJECTBUILDER(ArtifactResolve);
360 DECL_SAML2POBJECTBUILDER(ArtifactResponse);
361 DECL_SAML2POBJECTBUILDER(AssertionIDRequest);
362 DECL_SAML2POBJECTBUILDER(AttributeQuery);
363 DECL_SAML2POBJECTBUILDER(AuthnQuery);
364 DECL_SAML2POBJECTBUILDER(AuthnRequest);
365 DECL_SAML2POBJECTBUILDER(AuthzDecisionQuery);
366 DECL_SAML2POBJECTBUILDER(Extensions);
367 DECL_SAML2POBJECTBUILDER(GetComplete);
368 DECL_SAML2POBJECTBUILDER(IDPEntry);
369 DECL_SAML2POBJECTBUILDER(IDPList);
370 DECL_SAML2POBJECTBUILDER(LogoutRequest);
371 DECL_SAML2POBJECTBUILDER(LogoutResponse);
372 DECL_SAML2POBJECTBUILDER(ManageNameIDRequest);
373 DECL_SAML2POBJECTBUILDER(ManageNameIDResponse);
374 DECL_SAML2POBJECTBUILDER(NameIDMappingRequest);
375 DECL_SAML2POBJECTBUILDER(NameIDMappingResponse);
376 DECL_SAML2POBJECTBUILDER(NameIDPolicy);
377 DECL_SAML2POBJECTBUILDER(NewEncryptedID);
378 DECL_SAML2POBJECTBUILDER(NewID);
379 DECL_SAML2POBJECTBUILDER(RequestedAuthnContext);
380 DECL_SAML2POBJECTBUILDER(RequesterID);
381 DECL_SAML2POBJECTBUILDER(Response);
382 DECL_SAML2POBJECTBUILDER(Scoping);
383 DECL_SAML2POBJECTBUILDER(SessionIndex);
384 DECL_SAML2POBJECTBUILDER(Status);
385 DECL_SAML2POBJECTBUILDER(StatusCode);
386 DECL_SAML2POBJECTBUILDER(StatusDetail);
387 DECL_SAML2POBJECTBUILDER(StatusMessage);
388 DECL_SAML2POBJECTBUILDER(Terminate);
390 DECL_XMLOBJECTBUILDER(SAML_API,RespondTo,samlconstants::SAML20P_THIRDPARTY_EXT_NS,samlconstants::SAML20P_THIRDPARTY_EXT_PREFIX);
393 * Registers builders and validators for SAML 2.0 Protocol classes into the runtime.
395 void SAML_API registerProtocolClasses();
399 #endif /* __saml2_protocols_h__ */
projects / shibboleth / cpp-opensaml.git / blob