2 * Licensed to the University Corporation for Advanced Internet
3 * Development, Inc. (UCAID) under one or more contributor license
4 * agreements. See the NOTICE file distributed with this work for
5 * additional information regarding copyright ownership.
7 * UCAID licenses this file to you under the Apache License,
8 * Version 2.0 (the "License"); you may not use this file except
9 * in compliance with the License. You may obtain a copy of the
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
17 * either express or implied. See the License for the specific
18 * language governing permissions and limitations under the License.
22 * @file saml/saml2/metadata/Metadata.h
24 * XMLObjects representing the SAML 2.0 Metadata schema.
27 #ifndef __saml2_metadata_h__
28 #define __saml2_metadata_h__
30 #include <saml/saml2/core/Assertions.h>
33 #include <xercesc/util/XMLUniDefs.hpp>
34 #include <xmltooling/util/Predicates.h>
37 #define DECL_SAML2MDOBJECTBUILDER(cname) \
38 DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML20MD_NS,samlconstants::SAML20MD_PREFIX)
40 namespace xmltooling {
41 class XMLTOOL_API Credential;
42 class XMLTOOL_API CredentialResolver;
45 namespace xmlencryption {
46 class XMLTOOL_API EncryptionMethod;
52 * @namespace opensaml::saml2md
53 * SAML 2.0 metadata namespace
57 class SAML_API DigestMethod;
58 class SAML_API SigningMethod;
61 * Base class for metadata objects that feature a cacheDuration attribute.
63 class SAML_API CacheableSAMLObject : public virtual xmltooling::XMLObject
66 CacheableSAMLObject() {}
68 ~CacheableSAMLObject() {}
69 DECL_DATETIME_ATTRIB(CacheDuration,CACHEDURATION);
73 * Base class for metadata objects that feature a validUntil attribute.
75 class SAML_API TimeBoundSAMLObject : public virtual xmltooling::XMLObject
78 TimeBoundSAMLObject() {}
80 ~TimeBoundSAMLObject() {}
81 DECL_DATETIME_ATTRIB(ValidUntil,VALIDUNTIL);
82 /** Returns true iff the object is valid at the current time. */
83 bool isValid() const {
84 return time(nullptr) <= getValidUntilEpoch();
87 * Returns true iff the object is valid at the supplied time.
89 * @param t the time to check against
91 bool isValid(time_t t) const {
92 return t <= getValidUntilEpoch();
96 DECL_XMLOBJECT_SIMPLE(SAML_API,AffiliateMember,ID,SAML 2.0 AffiliateMember element);
97 DECL_XMLOBJECT_SIMPLE(SAML_API,AttributeProfile,ProfileURI,SAML 2.0 AttributeProfile element);
98 DECL_XMLOBJECT_SIMPLE(SAML_API,Company,Name,SAML 2.0 Company element);
99 DECL_XMLOBJECT_SIMPLE(SAML_API,EmailAddress,Address,SAML 2.0 EmailAddress element);
100 DECL_XMLOBJECT_SIMPLE(SAML_API,GivenName,Name,SAML 2.0 GivenName element);
101 DECL_XMLOBJECT_SIMPLE(SAML_API,NameIDFormat,Format,SAML 2.0 NameIDFormat element);
102 DECL_XMLOBJECT_SIMPLE(SAML_API,SurName,Name,SAML 2.0 SurName element);
103 DECL_XMLOBJECT_SIMPLE(SAML_API,TelephoneNumber,Number,SAML 2.0 TelephoneNumber element);
105 DECL_XMLOBJECT_SIMPLE(SAML_API,ActionNamespace,Namespace,SAML 2.0 Metadata Extension ActionNamespace element);
107 BEGIN_XMLOBJECT(SAML_API,localizedNameType,xmltooling::XMLObject,SAML 2.0 localizedNameType type);
108 /** xml:lang attribute name. */
109 static const XMLCh LANG_ATTRIB_NAME[];
112 * Sets the xml:lang attribute.
114 * @param Lang the value to set
116 virtual void setLang(const XMLCh* Lang)=0;
118 /** localizedNameType local name */
119 static const XMLCh TYPE_NAME[];
122 BEGIN_XMLOBJECT(SAML_API,localizedURIType,xmltooling::XMLObject,SAML 2.0 localizedURIType type);
123 /** xml:lang attribute name. */
124 static const XMLCh LANG_ATTRIB_NAME[];
127 * Sets the xml:lang attribute.
129 * @param Lang the value to set
131 virtual void setLang(const XMLCh* Lang)=0;
133 /** localizedURIType local name */
134 static const XMLCh TYPE_NAME[];
137 BEGIN_XMLOBJECT(SAML_API,OrganizationName,localizedNameType,SAML 2.0 OrganizationName element);
138 DECL_SIMPLE_CONTENT(Name);
141 BEGIN_XMLOBJECT(SAML_API,OrganizationDisplayName,localizedNameType,SAML 2.0 OrganizationDisplayName element);
142 DECL_SIMPLE_CONTENT(Name);
145 BEGIN_XMLOBJECT(SAML_API,OrganizationURL,localizedURIType,SAML 2.0 OrganizationURL element);
146 DECL_SIMPLE_CONTENT(URL);
149 BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementExtensibleXMLObject,SAML 2.0 Extensions element);
150 /** ExtensionsType local name */
151 static const XMLCh TYPE_NAME[];
154 BEGIN_XMLOBJECT(SAML_API,Organization,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 Organization element);
155 DECL_TYPED_CHILD(Extensions);
156 DECL_TYPED_CHILDREN(OrganizationName);
157 DECL_TYPED_CHILDREN(OrganizationDisplayName);
158 DECL_TYPED_CHILDREN(OrganizationURL);
159 /** OrganizationType local name */
160 static const XMLCh TYPE_NAME[];
163 BEGIN_XMLOBJECT(SAML_API,ContactPerson,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 ContactPerson element);
164 DECL_STRING_ATTRIB(ContactType,CONTACTTYPE);
165 DECL_TYPED_CHILD(Extensions);
166 DECL_TYPED_CHILD(Company);
167 DECL_TYPED_CHILD(GivenName);
168 DECL_TYPED_CHILD(SurName);
169 DECL_TYPED_CHILDREN(EmailAddress);
170 DECL_TYPED_CHILDREN(TelephoneNumber);
171 /** ContactType local name */
172 static const XMLCh TYPE_NAME[];
173 /** technical Contact Type */
174 static const XMLCh CONTACT_TECHNICAL[];
175 /** support Contact Type */
176 static const XMLCh CONTACT_SUPPORT[];
177 /** administrative Contact Type */
178 static const XMLCh CONTACT_ADMINISTRATIVE[];
179 /** billing Contact Type */
180 static const XMLCh CONTACT_BILLING[];
181 /** other Contact Type */
182 static const XMLCh CONTACT_OTHER[];
185 BEGIN_XMLOBJECT(SAML_API,AdditionalMetadataLocation,xmltooling::XMLObject,SAML 2.0 AdditionalMetadataLocation element);
186 DECL_STRING_ATTRIB(Namespace,NAMESPACE);
187 DECL_SIMPLE_CONTENT(Location);
188 /** AdditionalMetadataLocationType local name */
189 static const XMLCh TYPE_NAME[];
192 BEGIN_XMLOBJECT(SAML_API,KeyDescriptor,xmltooling::XMLObject,SAML 2.0 KeyDescriptor element);
193 DECL_STRING_ATTRIB(Use,USE);
194 DECL_TYPED_FOREIGN_CHILD(KeyInfo,xmlsignature);
195 DECL_TYPED_FOREIGN_CHILDREN(EncryptionMethod,xmlencryption);
196 /** KeyDescriptorType local name */
197 static const XMLCh TYPE_NAME[];
198 /** encryption Key Type */
199 static const XMLCh KEYTYPE_ENCRYPTION[];
200 /** signing Key Type */
201 static const XMLCh KEYTYPE_SIGNING[];
204 BEGIN_XMLOBJECT4(SAML_API,RoleDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
205 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 RoleDescriptor abstract element);
206 DECL_STRING_ATTRIB(ID,ID);
207 DECL_STRING_ATTRIB(ProtocolSupportEnumeration,PROTOCOLSUPPORTENUMERATION);
208 /** Searches the ProtocolSupportEnumeration attribute for the indicated protocol. */
209 virtual bool hasSupport(const XMLCh* protocol) const=0;
210 /** Adds the indicated protocol to the ProtocolSupportEnumeration attribute. */
211 virtual void addSupport(const XMLCh* protocol)=0;
212 DECL_STRING_ATTRIB(ErrorURL,ERRORURL);
213 DECL_TYPED_CHILD(Extensions);
214 DECL_TYPED_CHILDREN(KeyDescriptor);
215 DECL_TYPED_CHILD(Organization);
216 DECL_TYPED_CHILDREN(ContactPerson);
217 /** Returns the first digest method supported by the role and the underlying implementation, if any. */
218 virtual const DigestMethod* getDigestMethod() const;
219 /** Returns the first signing method supported by the role and the underlying implementation, if any, along with a matching credential. */
220 virtual std::pair<const SigningMethod*,const xmltooling::Credential*> getSigningMethod(
221 const xmltooling::CredentialResolver& resolver, xmltooling::CredentialCriteria& cc
225 BEGIN_XMLOBJECT2(SAML_API,RoleDescriptorType,RoleDescriptor,xmltooling::ElementExtensibleXMLObject,SAML 2.0 RoleDescriptor extension);
228 BEGIN_XMLOBJECT(SAML_API,EndpointType,xmltooling::ElementProxy,SAML 2.0 EndpointType type);
229 DECL_STRING_ATTRIB(Binding,BINDING);
230 DECL_STRING_ATTRIB(Location,LOCATION);
231 DECL_STRING_ATTRIB(ResponseLocation,RESPONSELOCATION);
232 /** EndpointType local name */
233 static const XMLCh TYPE_NAME[];
236 BEGIN_XMLOBJECT(SAML_API,IndexedEndpointType,EndpointType,SAML 2.0 IndexedEndpointType type);
237 DECL_INTEGER_ATTRIB(Index,INDEX);
238 DECL_BOOLEAN_ATTRIB(isDefault,ISDEFAULT,false);
239 /** IndexedEndpointType local name */
240 static const XMLCh TYPE_NAME[];
243 BEGIN_XMLOBJECT(SAML_API,ArtifactResolutionService,IndexedEndpointType,SAML 2.0 ArtifactResolutionService element);
246 BEGIN_XMLOBJECT(SAML_API,SingleLogoutService,EndpointType,SAML 2.0 SingleLogoutService element);
249 BEGIN_XMLOBJECT(SAML_API,ManageNameIDService,EndpointType,SAML 2.0 ManageNameIDService element);
252 BEGIN_XMLOBJECT(SAML_API,SSODescriptorType,RoleDescriptor,SAML 2.0 SSODescriptorType abstract type);
253 DECL_TYPED_CHILDREN(ArtifactResolutionService);
254 DECL_TYPED_CHILDREN(SingleLogoutService);
255 DECL_TYPED_CHILDREN(ManageNameIDService);
256 DECL_TYPED_CHILDREN(NameIDFormat);
257 /** SSODescriptorType local name */
258 static const XMLCh TYPE_NAME[];
261 BEGIN_XMLOBJECT(SAML_API,SingleSignOnService,EndpointType,SAML 2.0 SingleSignOnService element);
264 BEGIN_XMLOBJECT(SAML_API,NameIDMappingService,EndpointType,SAML 2.0 NameIDMappingService element);
267 BEGIN_XMLOBJECT(SAML_API,AssertionIDRequestService,EndpointType,SAML 2.0 AssertionIDRequestService element);
270 BEGIN_XMLOBJECT(SAML_API,IDPSSODescriptor,SSODescriptorType,SAML 2.0 IDPSSODescriptor element);
271 DECL_BOOLEAN_ATTRIB(WantAuthnRequestsSigned,WANTAUTHNREQUESTSSIGNED,false);
272 DECL_TYPED_CHILDREN(SingleSignOnService);
273 DECL_TYPED_CHILDREN(NameIDMappingService);
274 DECL_TYPED_CHILDREN(AssertionIDRequestService);
275 DECL_TYPED_CHILDREN(AttributeProfile);
276 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
277 /** IDPSSODescriptorType local name */
278 static const XMLCh TYPE_NAME[];
282 BEGIN_XMLOBJECT(SAML_API,ServiceName,localizedNameType,SAML 2.0 ServiceName element);
283 DECL_SIMPLE_CONTENT(Name);
286 BEGIN_XMLOBJECT(SAML_API,ServiceDescription,localizedNameType,SAML 2.0 ServiceDescription element);
287 DECL_SIMPLE_CONTENT(Description);
290 BEGIN_XMLOBJECT(SAML_API,RequestedAttribute,saml2::Attribute,SAML 2.0 RequestedAttribute element);
291 DECL_BOOLEAN_ATTRIB(isRequired,ISREQUIRED,false);
292 /** RequestedAttributeType local name */
293 static const XMLCh TYPE_NAME[];
296 BEGIN_XMLOBJECT(SAML_API,AttributeConsumingService,xmltooling::XMLObject,SAML 2.0 AttributeConsumingService element);
297 DECL_INTEGER_ATTRIB(Index,INDEX);
298 DECL_BOOLEAN_ATTRIB(isDefault,ISDEFAULT,false);
299 DECL_TYPED_CHILDREN(ServiceName);
300 DECL_TYPED_CHILDREN(ServiceDescription);
301 DECL_TYPED_CHILDREN(RequestedAttribute);
302 /** AttributeConsumingServiceType local name */
303 static const XMLCh TYPE_NAME[];
306 BEGIN_XMLOBJECT(SAML_API,AssertionConsumerService,IndexedEndpointType,SAML 2.0 AssertionConsumerService element);
309 BEGIN_XMLOBJECT(SAML_API,SPSSODescriptor,SSODescriptorType,SAML 2.0 SPSSODescriptor element);
310 DECL_BOOLEAN_ATTRIB(AuthnRequestsSigned,AUTHNREQUESTSSIGNED,false);
311 DECL_BOOLEAN_ATTRIB(WantAssertionsSigned,WANTASSERTIONSSIGNED,false);
312 DECL_TYPED_CHILDREN(AssertionConsumerService);
313 DECL_TYPED_CHILDREN(AttributeConsumingService);
314 /** SPSSODescriptorType local name */
315 static const XMLCh TYPE_NAME[];
319 BEGIN_XMLOBJECT(SAML_API,AuthnQueryService,EndpointType,SAML 2.0 AuthnQueryService element);
322 BEGIN_XMLOBJECT(SAML_API,AuthnAuthorityDescriptor,RoleDescriptor,SAML 2.0 AuthnAuthorityDescriptor element);
323 DECL_TYPED_CHILDREN(AuthnQueryService);
324 DECL_TYPED_CHILDREN(AssertionIDRequestService);
325 DECL_TYPED_CHILDREN(NameIDFormat);
326 /** AuthnAuthorityDescriptorType local name */
327 static const XMLCh TYPE_NAME[];
331 BEGIN_XMLOBJECT(SAML_API,AuthzService,EndpointType,SAML 2.0 AuthzService element);
334 BEGIN_XMLOBJECT(SAML_API,PDPDescriptor,RoleDescriptor,SAML 2.0 PDPDescriptor element);
335 DECL_TYPED_CHILDREN(AuthzService);
336 DECL_TYPED_CHILDREN(AssertionIDRequestService);
337 DECL_TYPED_CHILDREN(NameIDFormat);
338 /** PDPDescriptorType local name */
339 static const XMLCh TYPE_NAME[];
343 BEGIN_XMLOBJECT(SAML_API,AttributeService,EndpointType,SAML 2.0 AttributeService element);
346 BEGIN_XMLOBJECT(SAML_API,AttributeAuthorityDescriptor,RoleDescriptor,SAML 2.0 AttributeAuthorityDescriptor element);
347 DECL_TYPED_CHILDREN(AttributeService);
348 DECL_TYPED_CHILDREN(AssertionIDRequestService);
349 DECL_TYPED_CHILDREN(NameIDFormat);
350 DECL_TYPED_CHILDREN(AttributeProfile);
351 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
352 /** AttributeAuthorityDescriptorType local name */
353 static const XMLCh TYPE_NAME[];
357 BEGIN_XMLOBJECT(SAML_API,QueryDescriptorType,RoleDescriptor,SAML 2.0 QueryDescriptorType abstract type);
358 DECL_BOOLEAN_ATTRIB(WantAssertionsSigned,WANTASSERTIONSSIGNED,false);
359 DECL_TYPED_CHILDREN(NameIDFormat);
360 /** QueryDescriptorType local name */
361 static const XMLCh TYPE_NAME[];
364 BEGIN_XMLOBJECT(SAML_API,AuthnQueryDescriptorType,QueryDescriptorType,SAML 2.0 AuthnQueryDescriptorType extension type);
365 /** AuthnQueryDescriptorType local name */
366 static const XMLCh TYPE_NAME[];
370 BEGIN_XMLOBJECT(SAML_API,AttributeQueryDescriptorType,QueryDescriptorType,SAML 2.0 AttributeQueryDescriptorType extension type);
371 DECL_TYPED_CHILDREN(AttributeConsumingService);
372 /** AttributeQueryDescriptorType local name */
373 static const XMLCh TYPE_NAME[];
377 BEGIN_XMLOBJECT(SAML_API,AuthzDecisionQueryDescriptorType,QueryDescriptorType,SAML 2.0 AuthzDecisionQueryDescriptorType extension type);
378 DECL_TYPED_CHILDREN(ActionNamespace);
379 /** AuthzDecisionQueryDescriptorType local name */
380 static const XMLCh TYPE_NAME[];
384 BEGIN_XMLOBJECT4(SAML_API,AffiliationDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
385 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 AffiliationDescriptor element);
386 DECL_STRING_ATTRIB(ID,ID);
387 DECL_STRING_ATTRIB(AffiliationOwnerID,AFFILIATIONOWNERID);
388 DECL_TYPED_CHILD(Extensions);
389 DECL_TYPED_CHILDREN(AffiliateMember);
390 DECL_TYPED_CHILDREN(KeyDescriptor);
391 /** AffiliationDescriptorType local name */
392 static const XMLCh TYPE_NAME[];
395 BEGIN_XMLOBJECT4(SAML_API,EntityDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
396 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 EntityDescriptor element);
397 DECL_STRING_ATTRIB(ID,ID);
398 DECL_STRING_ATTRIB(EntityID,ENTITYID);
399 DECL_TYPED_CHILD(Extensions);
400 DECL_TYPED_CHILD(AffiliationDescriptor);
401 DECL_TYPED_CHILDREN(RoleDescriptor);
402 DECL_TYPED_CHILDREN(IDPSSODescriptor);
403 DECL_TYPED_CHILDREN(SPSSODescriptor);
404 DECL_TYPED_CHILDREN(AuthnAuthorityDescriptor);
405 DECL_TYPED_CHILDREN(AttributeAuthorityDescriptor);
406 DECL_TYPED_CHILDREN(PDPDescriptor);
407 DECL_TYPED_CHILDREN(AuthnQueryDescriptorType);
408 DECL_TYPED_CHILDREN(AttributeQueryDescriptorType);
409 DECL_TYPED_CHILDREN(AuthzDecisionQueryDescriptorType);
410 DECL_TYPED_CHILD(Organization);
411 DECL_TYPED_CHILDREN(ContactPerson);
412 DECL_TYPED_CHILDREN(AdditionalMetadataLocation);
413 /** Finds an arbitrary role type supporting a given protocol. */
414 virtual const RoleDescriptor* getRoleDescriptor(const xmltooling::QName& qname, const XMLCh* protocol) const=0;
415 /** EntityDescriptorType local name */
416 static const XMLCh TYPE_NAME[];
419 BEGIN_XMLOBJECT3(SAML_API,EntitiesDescriptor,SignableObject,CacheableSAMLObject,
420 TimeBoundSAMLObject,SAML 2.0 EntitiesDescriptor element);
421 DECL_STRING_ATTRIB(ID,ID);
422 DECL_STRING_ATTRIB(Name,NAME);
423 DECL_TYPED_CHILD(Extensions);
424 DECL_TYPED_CHILDREN(EntityDescriptor);
425 DECL_TYPED_CHILDREN(EntitiesDescriptor);
426 /** EntitiesDescriptorType local name */
427 static const XMLCh TYPE_NAME[];
430 // Known Metadata Extensions
432 DECL_XMLOBJECT_SIMPLE(SAML_API,SourceID,ID,SAML 1.x Metadata Profile SourceID element);
434 BEGIN_XMLOBJECT(SAML_API,DiscoveryResponse,IndexedEndpointType,Identity Provider Discovery Protocol DiscoveryResponse element);
437 BEGIN_XMLOBJECT(SAML_API,RequestInitiator,EndpointType,Service Provider Request Initiation RequestInitiator element);
440 BEGIN_XMLOBJECT(SAML_API,EntityAttributes,xmltooling::XMLObject,SAML Metadata Extension for Entity Attributes element);
441 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
442 DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
443 /** EntityAttributesType local name */
444 static const XMLCh TYPE_NAME[];
447 BEGIN_XMLOBJECT(SAML_API,DigestMethod,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Algorithm Support DigestMethod element);
448 DECL_STRING_ATTRIB(Algorithm,ALGORITHM);
449 /** DigestMethodType local name */
450 static const XMLCh TYPE_NAME[];
453 BEGIN_XMLOBJECT(SAML_API,SigningMethod,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Algorithm Support SigningMethod element);
454 DECL_STRING_ATTRIB(Algorithm,ALGORITHM);
455 DECL_INTEGER_ATTRIB(MinKeySize,MINKEYSIZE);
456 DECL_INTEGER_ATTRIB(MaxKeySize,MAXKEYSIZE);
457 /** SigningMethodType local name */
458 static const XMLCh TYPE_NAME[];
461 BEGIN_XMLOBJECT(SAML_API,DisplayName,localizedNameType,SAML Metadata Extension for Login UI DisplayName element);
462 DECL_SIMPLE_CONTENT(Name);
465 BEGIN_XMLOBJECT(SAML_API,Description,localizedNameType,SAML Metadata Extension for Login UI Description element);
466 DECL_SIMPLE_CONTENT(Description);
469 BEGIN_XMLOBJECT(SAML_API,Keywords,xmltooling::XMLObject,SAML Metadata Extension for Login UI Keywords element);
470 /** xml:lang attribute name. */
471 static const XMLCh LANG_ATTRIB_NAME[];
474 * Sets the xml:lang attribute.
476 * @param Lang the value to set
478 virtual void setLang(const XMLCh* Lang)=0;
480 DECL_SIMPLE_CONTENT(Values);
481 /** KeywordsType local name */
482 static const XMLCh TYPE_NAME[];
485 BEGIN_XMLOBJECT(SAML_API,Logo,xmltooling::XMLObject,SAML Metadata Extension for Login UI Logo element);
486 /** xml:lang attribute name. */
487 static const XMLCh LANG_ATTRIB_NAME[];
490 * Sets the xml:lang attribute.
492 * @param Lang the value to set
494 virtual void setLang(const XMLCh* Lang)=0;
496 DECL_INTEGER_ATTRIB(Height,HEIGHT);
497 DECL_INTEGER_ATTRIB(Width,WIDTH);
498 DECL_SIMPLE_CONTENT(URL);
499 /** LogoType local name */
500 static const XMLCh TYPE_NAME[];
503 BEGIN_XMLOBJECT(SAML_API,InformationURL,localizedURIType,SAML Metadata Extension for Login UI InformationURL element);
504 DECL_SIMPLE_CONTENT(URL);
507 BEGIN_XMLOBJECT(SAML_API,PrivacyStatementURL,localizedURIType,SAML Metadata Extension for Login UI PrivacyStatementURL element);
508 DECL_SIMPLE_CONTENT(URL);
511 BEGIN_XMLOBJECT(SAML_API,UIInfo,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Login UI UIInfo element);
512 DECL_TYPED_CHILDREN(DisplayName);
513 DECL_TYPED_CHILDREN(Description);
514 DECL_TYPED_CHILDREN(Keywords);
515 DECL_TYPED_CHILDREN(Logo);
516 DECL_TYPED_CHILDREN(InformationURL);
517 DECL_TYPED_CHILDREN(PrivacyStatementURL);
518 /** UIInfoType local name */
519 static const XMLCh TYPE_NAME[];
522 DECL_XMLOBJECT_SIMPLE(SAML_API,IPHint,Hint,SAML Metadata Extension for Login UI IPHint element);
523 DECL_XMLOBJECT_SIMPLE(SAML_API,DomainHint,Hint,SAML Metadata Extension for Login UI DomainHint element);
524 DECL_XMLOBJECT_SIMPLE(SAML_API,GeolocationHint,Hint,SAML Metadata Extension for Login UI GeolocationHint element);
526 BEGIN_XMLOBJECT(SAML_API,DiscoHints,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Login UI DiscoHints element);
527 DECL_TYPED_CHILDREN(IPHint);
528 DECL_TYPED_CHILDREN(DomainHint);
529 DECL_TYPED_CHILDREN(GeolocationHint);
530 /** DiscoHintsType local name */
531 static const XMLCh TYPE_NAME[];
535 * Predicate to test a role for validity and protocol support.
537 class isValidForProtocol
543 * @param protocol support constant to test for
545 isValidForProtocol(const XMLCh* protocol) : m_time(time(nullptr)), m_protocol(protocol) {
549 * Returns true iff the supplied role is valid now and supports the right protocol.
551 * @param role role to test
552 * @return result of predicate
554 bool operator()(const RoleDescriptor* role) const {
555 return role ? (role->isValid(m_time) && role->hasSupport(m_protocol)) : false;
560 const XMLCh* m_protocol;
564 * Predicate to test a role for type equivalence, validity, and protocol support.
566 class ofTypeValidForProtocol : public isValidForProtocol, public xmltooling::hasSchemaType
572 * @param q schema type to test for
573 * @param protocol support constant to test for
575 ofTypeValidForProtocol(const xmltooling::QName& q, const XMLCh* protocol)
576 : isValidForProtocol(protocol), xmltooling::hasSchemaType(q) {
580 * Returns true iff the supplied role is of the right type, valid now, and supports the right protocol.
582 * @param role role to test
583 * @return result of predicate
585 bool operator()(const RoleDescriptor* role) const {
586 return xmltooling::hasSchemaType::operator()(role) && isValidForProtocol::operator()(role);
590 DECL_SAML2MDOBJECTBUILDER(AdditionalMetadataLocation);
591 DECL_SAML2MDOBJECTBUILDER(AffiliateMember);
592 DECL_SAML2MDOBJECTBUILDER(AffiliationDescriptor);
593 DECL_SAML2MDOBJECTBUILDER(ArtifactResolutionService);
594 DECL_SAML2MDOBJECTBUILDER(AssertionConsumerService);
595 DECL_SAML2MDOBJECTBUILDER(AssertionIDRequestService);
596 DECL_SAML2MDOBJECTBUILDER(AttributeAuthorityDescriptor);
597 DECL_SAML2MDOBJECTBUILDER(AttributeConsumingService);
598 DECL_SAML2MDOBJECTBUILDER(AttributeProfile);
599 DECL_SAML2MDOBJECTBUILDER(AttributeService);
600 DECL_SAML2MDOBJECTBUILDER(AuthnAuthorityDescriptor);
601 DECL_SAML2MDOBJECTBUILDER(AuthnQueryService);
602 DECL_SAML2MDOBJECTBUILDER(AuthzService);
603 DECL_SAML2MDOBJECTBUILDER(Company);
604 DECL_SAML2MDOBJECTBUILDER(ContactPerson);
605 DECL_SAML2MDOBJECTBUILDER(EmailAddress);
606 DECL_SAML2MDOBJECTBUILDER(EntitiesDescriptor);
607 DECL_SAML2MDOBJECTBUILDER(EntityDescriptor);
608 DECL_SAML2MDOBJECTBUILDER(Extensions);
609 DECL_SAML2MDOBJECTBUILDER(GivenName);
610 DECL_SAML2MDOBJECTBUILDER(IDPSSODescriptor);
611 DECL_SAML2MDOBJECTBUILDER(KeyDescriptor);
612 DECL_SAML2MDOBJECTBUILDER(ManageNameIDService);
613 DECL_SAML2MDOBJECTBUILDER(NameIDFormat);
614 DECL_SAML2MDOBJECTBUILDER(NameIDMappingService);
615 DECL_SAML2MDOBJECTBUILDER(Organization);
616 DECL_SAML2MDOBJECTBUILDER(OrganizationName);
617 DECL_SAML2MDOBJECTBUILDER(OrganizationDisplayName);
618 DECL_SAML2MDOBJECTBUILDER(OrganizationURL);
619 DECL_SAML2MDOBJECTBUILDER(PDPDescriptor);
620 DECL_SAML2MDOBJECTBUILDER(RequestedAttribute);
621 DECL_SAML2MDOBJECTBUILDER(ServiceDescription);
622 DECL_SAML2MDOBJECTBUILDER(ServiceName);
623 DECL_SAML2MDOBJECTBUILDER(SingleLogoutService);
624 DECL_SAML2MDOBJECTBUILDER(SingleSignOnService);
625 DECL_SAML2MDOBJECTBUILDER(SPSSODescriptor);
626 DECL_SAML2MDOBJECTBUILDER(SurName);
627 DECL_SAML2MDOBJECTBUILDER(TelephoneNumber);
629 DECL_XMLOBJECTBUILDER(SAML_API,ActionNamespace,samlconstants::SAML20MD_QUERY_EXT_NS,samlconstants::SAML20MD_QUERY_EXT_PREFIX);
630 DECL_XMLOBJECTBUILDER(SAML_API,SourceID,samlconstants::SAML1MD_NS,samlconstants::SAML1MD_PREFIX);
631 DECL_XMLOBJECTBUILDER(SAML_API,DiscoveryResponse,samlconstants::IDP_DISCOVERY_PROTOCOL_NS,samlconstants::IDP_DISCOVERY_PROTOCOL_PREFIX);
632 DECL_XMLOBJECTBUILDER(SAML_API,RequestInitiator,samlconstants::SP_REQUEST_INIT_NS,samlconstants::SP_REQUEST_INIT_PREFIX);
633 DECL_XMLOBJECTBUILDER(SAML_API,EntityAttributes,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_PREFIX);
634 DECL_XMLOBJECTBUILDER(SAML_API,DigestMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
635 DECL_XMLOBJECTBUILDER(SAML_API,SigningMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
637 DECL_XMLOBJECTBUILDER(SAML_API,UIInfo,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
638 DECL_XMLOBJECTBUILDER(SAML_API,DisplayName,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
639 DECL_XMLOBJECTBUILDER(SAML_API,Description,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
640 DECL_XMLOBJECTBUILDER(SAML_API,Keywords,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
641 DECL_XMLOBJECTBUILDER(SAML_API,Logo,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
642 DECL_XMLOBJECTBUILDER(SAML_API,InformationURL,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
643 DECL_XMLOBJECTBUILDER(SAML_API,PrivacyStatementURL,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
644 DECL_XMLOBJECTBUILDER(SAML_API,DiscoHints,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
645 DECL_XMLOBJECTBUILDER(SAML_API,IPHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
646 DECL_XMLOBJECTBUILDER(SAML_API,DomainHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
647 DECL_XMLOBJECTBUILDER(SAML_API,GeolocationHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
650 * Builder for localizedNameType objects.
652 * This is customized to force the element name to be specified.
654 class SAML_API localizedNameTypeBuilder : public xmltooling::XMLObjectBuilder {
656 virtual ~localizedNameTypeBuilder() {}
657 /** Builder that allows element/type override. */
658 #ifdef HAVE_COVARIANT_RETURNS
659 virtual localizedNameType* buildObject(
661 virtual xmltooling::XMLObject* buildObject(
663 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
666 /** Singleton builder. */
667 static localizedNameType* buildlocalizedNameType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
668 const localizedNameTypeBuilder* b = dynamic_cast<const localizedNameTypeBuilder*>(
669 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,localizedNameType::TYPE_NAME))
672 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,localizedNameType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
673 #ifdef HAVE_COVARIANT_RETURNS
674 return b->buildObject(nsURI, localName, prefix, &schemaType);
676 return dynamic_cast<localizedNameType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
679 throw xmltooling::XMLObjectException("Unable to obtain typed builder for localizedNameType.");
684 * Builder for localizedURIType objects.
686 * This is customized to force the element name to be specified.
688 class SAML_API localizedURITypeBuilder : public xmltooling::XMLObjectBuilder {
690 virtual ~localizedURITypeBuilder() {}
691 /** Builder that allows element/type override. */
692 #ifdef HAVE_COVARIANT_RETURNS
693 virtual localizedURIType* buildObject(
695 virtual xmltooling::XMLObject* buildObject(
697 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
700 /** Singleton builder. */
701 static localizedURIType* buildlocalizedURIType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
702 const localizedURITypeBuilder* b = dynamic_cast<const localizedURITypeBuilder*>(
703 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,localizedURIType::TYPE_NAME))
706 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,localizedURIType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
707 #ifdef HAVE_COVARIANT_RETURNS
708 return b->buildObject(nsURI, localName, prefix, &schemaType);
710 return dynamic_cast<localizedURIType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
713 throw xmltooling::XMLObjectException("Unable to obtain typed builder for localizedURIType.");
718 * Builder for EndpointType objects.
720 * This is customized to force the element name to be specified.
722 class SAML_API EndpointTypeBuilder : public xmltooling::XMLObjectBuilder {
724 virtual ~EndpointTypeBuilder() {}
725 /** Builder that allows element/type override. */
726 #ifdef HAVE_COVARIANT_RETURNS
727 virtual EndpointType* buildObject(
729 virtual xmltooling::XMLObject* buildObject(
731 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
734 /** Singleton builder. */
735 static EndpointType* buildEndpointType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
736 const EndpointTypeBuilder* b = dynamic_cast<const EndpointTypeBuilder*>(
737 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,EndpointType::TYPE_NAME))
740 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,EndpointType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
741 #ifdef HAVE_COVARIANT_RETURNS
742 return b->buildObject(nsURI, localName, prefix, &schemaType);
744 return dynamic_cast<EndpointType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
747 throw xmltooling::XMLObjectException("Unable to obtain typed builder for EndpointType.");
752 * Builder for IndexedEndpointType objects.
754 * This is customized to force the element name to be specified.
756 class SAML_API IndexedEndpointTypeBuilder : public xmltooling::XMLObjectBuilder {
758 virtual ~IndexedEndpointTypeBuilder() {}
759 /** Builder that allows element/type override. */
760 #ifdef HAVE_COVARIANT_RETURNS
761 virtual IndexedEndpointType* buildObject(
763 virtual xmltooling::XMLObject* buildObject(
765 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
768 /** Singleton builder. */
769 static IndexedEndpointType* buildIndexedEndpointType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
770 const IndexedEndpointTypeBuilder* b = dynamic_cast<const IndexedEndpointTypeBuilder*>(
771 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,IndexedEndpointType::TYPE_NAME))
774 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,IndexedEndpointType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
775 #ifdef HAVE_COVARIANT_RETURNS
776 return b->buildObject(nsURI, localName, prefix, &schemaType);
778 return dynamic_cast<IndexedEndpointType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
781 throw xmltooling::XMLObjectException("Unable to obtain typed builder for IndexedEndpointType.");
786 * Builder for RoleDescriptor extension objects.
788 * This is customized to force the schema type to be specified.
790 class SAML_API RoleDescriptorBuilder : public xmltooling::XMLObjectBuilder {
792 virtual ~RoleDescriptorBuilder() {}
793 /** Builder that allows element/type override. */
794 #ifdef HAVE_COVARIANT_RETURNS
795 virtual RoleDescriptor* buildObject(
797 virtual xmltooling::XMLObject* buildObject(
799 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
802 /** Singleton builder. */
803 static RoleDescriptor* buildRoleDescriptor(const xmltooling::QName& schemaType) {
804 const RoleDescriptorBuilder* b = dynamic_cast<const RoleDescriptorBuilder*>(
805 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,RoleDescriptor::LOCAL_NAME))
808 #ifdef HAVE_COVARIANT_RETURNS
809 return b->buildObject(samlconstants::SAML20MD_NS, RoleDescriptor::LOCAL_NAME, samlconstants::SAML20MD_PREFIX, &schemaType);
811 return dynamic_cast<RoleDescriptor*>(b->buildObject(samlconstants::SAML20MD_NS, RoleDescriptor::LOCAL_NAME, samlconstants::SAML20MD_PREFIX, &schemaType));
814 throw xmltooling::XMLObjectException("Unable to obtain typed builder for RoleDescriptor.");
819 * Builder for AuthnQueryDescriptorType objects.
821 * This is customized to return a RoleDescriptor element with an
822 * xsi:type of AuthnQueryDescriptorType.
824 class SAML_API AuthnQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
826 virtual ~AuthnQueryDescriptorTypeBuilder() {}
827 /** Default builder. */
828 #ifdef HAVE_COVARIANT_RETURNS
829 virtual AuthnQueryDescriptorType* buildObject() const {
831 virtual xmltooling::XMLObject* buildObject() const {
833 xmltooling::QName schemaType(
834 samlconstants::SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
837 samlconstants::SAML20MD_NS,AuthnQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
840 /** Builder that allows element/type override. */
841 #ifdef HAVE_COVARIANT_RETURNS
842 virtual AuthnQueryDescriptorType* buildObject(
844 virtual xmltooling::XMLObject* buildObject(
846 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
849 /** Singleton builder. */
850 static AuthnQueryDescriptorType* buildAuthnQueryDescriptorType() {
851 const AuthnQueryDescriptorTypeBuilder* b = dynamic_cast<const AuthnQueryDescriptorTypeBuilder*>(
852 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME))
855 #ifdef HAVE_COVARIANT_RETURNS
856 return b->buildObject();
858 return dynamic_cast<AuthnQueryDescriptorType*>(b->buildObject());
861 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AuthnQueryDescriptorType.");
866 * Builder for AttributeQueryDescriptorType objects.
868 * This is customized to return a RoleDescriptor element with an
869 * xsi:type of AttributeQueryDescriptorType.
871 class SAML_API AttributeQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
873 virtual ~AttributeQueryDescriptorTypeBuilder() {}
874 /** Default builder. */
875 #ifdef HAVE_COVARIANT_RETURNS
876 virtual AttributeQueryDescriptorType* buildObject() const {
878 virtual xmltooling::XMLObject* buildObject() const {
880 xmltooling::QName schemaType(
881 samlconstants::SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
884 samlconstants::SAML20MD_NS,AttributeQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
887 /** Builder that allows element/type override. */
888 #ifdef HAVE_COVARIANT_RETURNS
889 virtual AttributeQueryDescriptorType* buildObject(
891 virtual xmltooling::XMLObject* buildObject(
893 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
896 /** Singleton builder. */
897 static AttributeQueryDescriptorType* buildAttributeQueryDescriptorType() {
898 const AttributeQueryDescriptorTypeBuilder* b = dynamic_cast<const AttributeQueryDescriptorTypeBuilder*>(
899 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME))
902 #ifdef HAVE_COVARIANT_RETURNS
903 return b->buildObject();
905 return dynamic_cast<AttributeQueryDescriptorType*>(b->buildObject());
908 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AttributeQueryDescriptorType.");
913 * Builder for AuthzDecisionQueryDescriptorType objects.
915 * This is customized to return a RoleDescriptor element with an
916 * xsi:type of AuthzDecisionQueryDescriptorType.
918 class SAML_API AuthzDecisionQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
920 virtual ~AuthzDecisionQueryDescriptorTypeBuilder() {}
921 /** Default builder. */
922 #ifdef HAVE_COVARIANT_RETURNS
923 virtual AuthzDecisionQueryDescriptorType* buildObject() const {
925 virtual xmltooling::XMLObject* buildObject() const {
927 xmltooling::QName schemaType(
928 samlconstants::SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
931 samlconstants::SAML20MD_NS,AuthzDecisionQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
934 /** Builder that allows element/type override. */
935 #ifdef HAVE_COVARIANT_RETURNS
936 virtual AuthzDecisionQueryDescriptorType* buildObject(
938 virtual xmltooling::XMLObject* buildObject(
940 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
943 /** Singleton builder. */
944 static AuthzDecisionQueryDescriptorType* buildAuthzDecisionQueryDescriptorType() {
945 const AuthzDecisionQueryDescriptorTypeBuilder* b = dynamic_cast<const AuthzDecisionQueryDescriptorTypeBuilder*>(
946 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME))
949 #ifdef HAVE_COVARIANT_RETURNS
950 return b->buildObject();
952 return dynamic_cast<AuthzDecisionQueryDescriptorType*>(b->buildObject());
955 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AuthzDecisionQueryDescriptorType.");
960 * Registers builders and validators for SAML 2.0 Metadata classes into the runtime.
962 void SAML_API registerMetadataClasses();
966 #endif /* __saml2_metadata_h__ */