2 * Copyright 2001-2010 Internet2
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file saml/saml2/metadata/Metadata.h
20 * XMLObjects representing the SAML 2.0 Metadata schema.
23 #ifndef __saml2_metadata_h__
24 #define __saml2_metadata_h__
26 #include <saml/saml2/core/Assertions.h>
29 #include <xercesc/util/XMLUniDefs.hpp>
30 #include <xmltooling/util/Predicates.h>
33 #define DECL_SAML2MDOBJECTBUILDER(cname) \
34 DECL_XMLOBJECTBUILDER(SAML_API,cname,samlconstants::SAML20MD_NS,samlconstants::SAML20MD_PREFIX)
36 namespace xmltooling {
37 class XMLTOOL_API Credential;
38 class XMLTOOL_API CredentialResolver;
41 namespace xmlencryption {
42 class XMLTOOL_API EncryptionMethod;
48 * @namespace opensaml::saml2md
49 * SAML 2.0 metadata namespace
53 class SAML_API DigestMethod;
54 class SAML_API SigningMethod;
57 * Base class for metadata objects that feature a cacheDuration attribute.
59 class SAML_API CacheableSAMLObject : public virtual xmltooling::XMLObject
62 CacheableSAMLObject() {}
64 ~CacheableSAMLObject() {}
65 DECL_DATETIME_ATTRIB(CacheDuration,CACHEDURATION);
69 * Base class for metadata objects that feature a validUntil attribute.
71 class SAML_API TimeBoundSAMLObject : public virtual xmltooling::XMLObject
74 TimeBoundSAMLObject() {}
76 ~TimeBoundSAMLObject() {}
77 DECL_DATETIME_ATTRIB(ValidUntil,VALIDUNTIL);
78 /** Returns true iff the object is valid at the current time. */
79 bool isValid() const {
80 return time(nullptr) <= getValidUntilEpoch();
82 /** Returns true iff the object is valid at the supplied time. */
83 bool isValid(time_t t) const {
84 return t <= getValidUntilEpoch();
88 DECL_XMLOBJECT_SIMPLE(SAML_API,AffiliateMember,ID,SAML 2.0 AffiliateMember element);
89 DECL_XMLOBJECT_SIMPLE(SAML_API,AttributeProfile,ProfileURI,SAML 2.0 AttributeProfile element);
90 DECL_XMLOBJECT_SIMPLE(SAML_API,Company,Name,SAML 2.0 Company element);
91 DECL_XMLOBJECT_SIMPLE(SAML_API,EmailAddress,Address,SAML 2.0 EmailAddress element);
92 DECL_XMLOBJECT_SIMPLE(SAML_API,GivenName,Name,SAML 2.0 GivenName element);
93 DECL_XMLOBJECT_SIMPLE(SAML_API,NameIDFormat,Format,SAML 2.0 NameIDFormat element);
94 DECL_XMLOBJECT_SIMPLE(SAML_API,SurName,Name,SAML 2.0 SurName element);
95 DECL_XMLOBJECT_SIMPLE(SAML_API,TelephoneNumber,Number,SAML 2.0 TelephoneNumber element);
97 DECL_XMLOBJECT_SIMPLE(SAML_API,ActionNamespace,Namespace,SAML 2.0 Metadata Extension ActionNamespace element);
99 BEGIN_XMLOBJECT(SAML_API,localizedNameType,xmltooling::XMLObject,SAML 2.0 localizedNameType type);
100 DECL_STRING_ATTRIB(Lang,LANG);
101 /** localizedNameType local name */
102 static const XMLCh TYPE_NAME[];
105 BEGIN_XMLOBJECT(SAML_API,localizedURIType,xmltooling::XMLObject,SAML 2.0 localizedURIType type);
106 DECL_STRING_ATTRIB(Lang,LANG);
107 /** localizedURIType local name */
108 static const XMLCh TYPE_NAME[];
111 BEGIN_XMLOBJECT(SAML_API,OrganizationName,localizedNameType,SAML 2.0 OrganizationName element);
112 DECL_SIMPLE_CONTENT(Name);
115 BEGIN_XMLOBJECT(SAML_API,OrganizationDisplayName,localizedNameType,SAML 2.0 OrganizationDisplayName element);
116 DECL_SIMPLE_CONTENT(Name);
119 BEGIN_XMLOBJECT(SAML_API,OrganizationURL,localizedURIType,SAML 2.0 OrganizationURL element);
120 DECL_SIMPLE_CONTENT(URL);
123 BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementExtensibleXMLObject,SAML 2.0 Extensions element);
124 /** ExtensionsType local name */
125 static const XMLCh TYPE_NAME[];
128 BEGIN_XMLOBJECT(SAML_API,Organization,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 Organization element);
129 DECL_TYPED_CHILD(Extensions);
130 DECL_TYPED_CHILDREN(OrganizationName);
131 DECL_TYPED_CHILDREN(OrganizationDisplayName);
132 DECL_TYPED_CHILDREN(OrganizationURL);
133 /** OrganizationType local name */
134 static const XMLCh TYPE_NAME[];
137 BEGIN_XMLOBJECT(SAML_API,ContactPerson,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 ContactPerson element);
138 DECL_STRING_ATTRIB(ContactType,CONTACTTYPE);
139 DECL_TYPED_CHILD(Extensions);
140 DECL_TYPED_CHILD(Company);
141 DECL_TYPED_CHILD(GivenName);
142 DECL_TYPED_CHILD(SurName);
143 DECL_TYPED_CHILDREN(EmailAddress);
144 DECL_TYPED_CHILDREN(TelephoneNumber);
145 /** ContactType local name */
146 static const XMLCh TYPE_NAME[];
147 /** technical Contact Type */
148 static const XMLCh CONTACT_TECHNICAL[];
149 /** support Contact Type */
150 static const XMLCh CONTACT_SUPPORT[];
151 /** administrative Contact Type */
152 static const XMLCh CONTACT_ADMINISTRATIVE[];
153 /** billing Contact Type */
154 static const XMLCh CONTACT_BILLING[];
155 /** other Contact Type */
156 static const XMLCh CONTACT_OTHER[];
159 BEGIN_XMLOBJECT(SAML_API,AdditionalMetadataLocation,xmltooling::XMLObject,SAML 2.0 AdditionalMetadataLocation element);
160 DECL_STRING_ATTRIB(Namespace,NAMESPACE);
161 DECL_SIMPLE_CONTENT(Location);
162 /** AdditionalMetadataLocationType local name */
163 static const XMLCh TYPE_NAME[];
166 BEGIN_XMLOBJECT(SAML_API,KeyDescriptor,xmltooling::XMLObject,SAML 2.0 KeyDescriptor element);
167 DECL_STRING_ATTRIB(Use,USE);
168 DECL_TYPED_FOREIGN_CHILD(KeyInfo,xmlsignature);
169 DECL_TYPED_FOREIGN_CHILDREN(EncryptionMethod,xmlencryption);
170 /** KeyDescriptorType local name */
171 static const XMLCh TYPE_NAME[];
172 /** encryption Key Type */
173 static const XMLCh KEYTYPE_ENCRYPTION[];
174 /** signing Key Type */
175 static const XMLCh KEYTYPE_SIGNING[];
178 BEGIN_XMLOBJECT4(SAML_API,RoleDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
179 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 RoleDescriptor abstract element);
180 DECL_STRING_ATTRIB(ID,ID);
181 DECL_STRING_ATTRIB(ProtocolSupportEnumeration,PROTOCOLSUPPORTENUMERATION);
182 /** Searches the ProtocolSupportEnumeration attribute for the indicated protocol. */
183 virtual bool hasSupport(const XMLCh* protocol) const=0;
184 /** Adds the indicated protocol to the ProtocolSupportEnumeration attribute. */
185 virtual void addSupport(const XMLCh* protocol)=0;
186 DECL_STRING_ATTRIB(ErrorURL,ERRORURL);
187 DECL_TYPED_CHILD(Extensions);
188 DECL_TYPED_CHILDREN(KeyDescriptor);
189 DECL_TYPED_CHILD(Organization);
190 DECL_TYPED_CHILDREN(ContactPerson);
191 /** Returns the first digest method supported by the role and the underlying implementation, if any. */
192 virtual const DigestMethod* getDigestMethod() const;
193 /** Returns the first signing method supported by the role and the underlying implementation, if any, along with a matching credential. */
194 virtual std::pair<const SigningMethod*,const xmltooling::Credential*> getSigningMethod(
195 const xmltooling::CredentialResolver& resolver, xmltooling::CredentialCriteria& cc
199 BEGIN_XMLOBJECT2(SAML_API,RoleDescriptorType,RoleDescriptor,xmltooling::ElementExtensibleXMLObject,SAML 2.0 RoleDescriptor extension);
202 BEGIN_XMLOBJECT(SAML_API,EndpointType,xmltooling::ElementProxy,SAML 2.0 EndpointType type);
203 DECL_STRING_ATTRIB(Binding,BINDING);
204 DECL_STRING_ATTRIB(Location,LOCATION);
205 DECL_STRING_ATTRIB(ResponseLocation,RESPONSELOCATION);
206 /** EndpointType local name */
207 static const XMLCh TYPE_NAME[];
210 BEGIN_XMLOBJECT(SAML_API,IndexedEndpointType,EndpointType,SAML 2.0 IndexedEndpointType type);
211 DECL_INTEGER_ATTRIB(Index,INDEX);
212 DECL_BOOLEAN_ATTRIB(isDefault,ISDEFAULT,false);
213 /** IndexedEndpointType local name */
214 static const XMLCh TYPE_NAME[];
217 BEGIN_XMLOBJECT(SAML_API,ArtifactResolutionService,IndexedEndpointType,SAML 2.0 ArtifactResolutionService element);
220 BEGIN_XMLOBJECT(SAML_API,SingleLogoutService,EndpointType,SAML 2.0 SingleLogoutService element);
223 BEGIN_XMLOBJECT(SAML_API,ManageNameIDService,EndpointType,SAML 2.0 ManageNameIDService element);
226 BEGIN_XMLOBJECT(SAML_API,SSODescriptorType,RoleDescriptor,SAML 2.0 SSODescriptorType abstract type);
227 DECL_TYPED_CHILDREN(ArtifactResolutionService);
228 DECL_TYPED_CHILDREN(SingleLogoutService);
229 DECL_TYPED_CHILDREN(ManageNameIDService);
230 DECL_TYPED_CHILDREN(NameIDFormat);
231 /** SSODescriptorType local name */
232 static const XMLCh TYPE_NAME[];
235 BEGIN_XMLOBJECT(SAML_API,SingleSignOnService,EndpointType,SAML 2.0 SingleSignOnService element);
238 BEGIN_XMLOBJECT(SAML_API,NameIDMappingService,EndpointType,SAML 2.0 NameIDMappingService element);
241 BEGIN_XMLOBJECT(SAML_API,AssertionIDRequestService,EndpointType,SAML 2.0 AssertionIDRequestService element);
244 BEGIN_XMLOBJECT(SAML_API,IDPSSODescriptor,SSODescriptorType,SAML 2.0 IDPSSODescriptor element);
245 DECL_BOOLEAN_ATTRIB(WantAuthnRequestsSigned,WANTAUTHNREQUESTSSIGNED,false);
246 DECL_TYPED_CHILDREN(SingleSignOnService);
247 DECL_TYPED_CHILDREN(NameIDMappingService);
248 DECL_TYPED_CHILDREN(AssertionIDRequestService);
249 DECL_TYPED_CHILDREN(AttributeProfile);
250 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
251 /** IDPSSODescriptorType local name */
252 static const XMLCh TYPE_NAME[];
256 BEGIN_XMLOBJECT(SAML_API,ServiceName,localizedNameType,SAML 2.0 ServiceName element);
257 DECL_SIMPLE_CONTENT(Name);
260 BEGIN_XMLOBJECT(SAML_API,ServiceDescription,localizedNameType,SAML 2.0 ServiceDescription element);
261 DECL_SIMPLE_CONTENT(Description);
264 BEGIN_XMLOBJECT(SAML_API,RequestedAttribute,saml2::Attribute,SAML 2.0 RequestedAttribute element);
265 DECL_BOOLEAN_ATTRIB(isRequired,ISREQUIRED,false);
266 /** RequestedAttributeType local name */
267 static const XMLCh TYPE_NAME[];
270 BEGIN_XMLOBJECT(SAML_API,AttributeConsumingService,xmltooling::XMLObject,SAML 2.0 AttributeConsumingService element);
271 DECL_INTEGER_ATTRIB(Index,INDEX);
272 DECL_BOOLEAN_ATTRIB(isDefault,ISDEFAULT,false);
273 DECL_TYPED_CHILDREN(ServiceName);
274 DECL_TYPED_CHILDREN(ServiceDescription);
275 DECL_TYPED_CHILDREN(RequestedAttribute);
276 /** AttributeConsumingServiceType local name */
277 static const XMLCh TYPE_NAME[];
280 BEGIN_XMLOBJECT(SAML_API,AssertionConsumerService,IndexedEndpointType,SAML 2.0 AssertionConsumerService element);
283 BEGIN_XMLOBJECT(SAML_API,SPSSODescriptor,SSODescriptorType,SAML 2.0 SPSSODescriptor element);
284 DECL_BOOLEAN_ATTRIB(AuthnRequestsSigned,AUTHNREQUESTSSIGNED,false);
285 DECL_BOOLEAN_ATTRIB(WantAssertionsSigned,WANTASSERTIONSSIGNED,false);
286 DECL_TYPED_CHILDREN(AssertionConsumerService);
287 DECL_TYPED_CHILDREN(AttributeConsumingService);
288 /** SPSSODescriptorType local name */
289 static const XMLCh TYPE_NAME[];
293 BEGIN_XMLOBJECT(SAML_API,AuthnQueryService,EndpointType,SAML 2.0 AuthnQueryService element);
296 BEGIN_XMLOBJECT(SAML_API,AuthnAuthorityDescriptor,RoleDescriptor,SAML 2.0 AuthnAuthorityDescriptor element);
297 DECL_TYPED_CHILDREN(AuthnQueryService);
298 DECL_TYPED_CHILDREN(AssertionIDRequestService);
299 DECL_TYPED_CHILDREN(NameIDFormat);
300 /** AuthnAuthorityDescriptorType local name */
301 static const XMLCh TYPE_NAME[];
305 BEGIN_XMLOBJECT(SAML_API,AuthzService,EndpointType,SAML 2.0 AuthzService element);
308 BEGIN_XMLOBJECT(SAML_API,PDPDescriptor,RoleDescriptor,SAML 2.0 PDPDescriptor element);
309 DECL_TYPED_CHILDREN(AuthzService);
310 DECL_TYPED_CHILDREN(AssertionIDRequestService);
311 DECL_TYPED_CHILDREN(NameIDFormat);
312 /** PDPDescriptorType local name */
313 static const XMLCh TYPE_NAME[];
317 BEGIN_XMLOBJECT(SAML_API,AttributeService,EndpointType,SAML 2.0 AttributeService element);
320 BEGIN_XMLOBJECT(SAML_API,AttributeAuthorityDescriptor,RoleDescriptor,SAML 2.0 AttributeAuthorityDescriptor element);
321 DECL_TYPED_CHILDREN(AttributeService);
322 DECL_TYPED_CHILDREN(AssertionIDRequestService);
323 DECL_TYPED_CHILDREN(NameIDFormat);
324 DECL_TYPED_CHILDREN(AttributeProfile);
325 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
326 /** AttributeAuthorityDescriptorType local name */
327 static const XMLCh TYPE_NAME[];
331 BEGIN_XMLOBJECT(SAML_API,QueryDescriptorType,RoleDescriptor,SAML 2.0 QueryDescriptorType abstract type);
332 DECL_BOOLEAN_ATTRIB(WantAssertionsSigned,WANTASSERTIONSSIGNED,false);
333 DECL_TYPED_CHILDREN(NameIDFormat);
334 /** QueryDescriptorType local name */
335 static const XMLCh TYPE_NAME[];
338 BEGIN_XMLOBJECT(SAML_API,AuthnQueryDescriptorType,QueryDescriptorType,SAML 2.0 AuthnQueryDescriptorType extension type);
339 /** AuthnQueryDescriptorType local name */
340 static const XMLCh TYPE_NAME[];
344 BEGIN_XMLOBJECT(SAML_API,AttributeQueryDescriptorType,QueryDescriptorType,SAML 2.0 AttributeQueryDescriptorType extension type);
345 DECL_TYPED_CHILDREN(AttributeConsumingService);
346 /** AttributeQueryDescriptorType local name */
347 static const XMLCh TYPE_NAME[];
351 BEGIN_XMLOBJECT(SAML_API,AuthzDecisionQueryDescriptorType,QueryDescriptorType,SAML 2.0 AuthzDecisionQueryDescriptorType extension type);
352 DECL_TYPED_CHILDREN(ActionNamespace);
353 /** AuthzDecisionQueryDescriptorType local name */
354 static const XMLCh TYPE_NAME[];
358 BEGIN_XMLOBJECT4(SAML_API,AffiliationDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
359 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 AffiliationDescriptor element);
360 DECL_STRING_ATTRIB(ID,ID);
361 DECL_STRING_ATTRIB(AffiliationOwnerID,AFFILIATIONOWNERID);
362 DECL_TYPED_CHILD(Extensions);
363 DECL_TYPED_CHILDREN(AffiliateMember);
364 DECL_TYPED_CHILDREN(KeyDescriptor);
365 /** AffiliationDescriptorType local name */
366 static const XMLCh TYPE_NAME[];
369 BEGIN_XMLOBJECT4(SAML_API,EntityDescriptor,xmltooling::AttributeExtensibleXMLObject,SignableObject,
370 CacheableSAMLObject,TimeBoundSAMLObject,SAML 2.0 EntityDescriptor element);
371 DECL_STRING_ATTRIB(ID,ID);
372 DECL_STRING_ATTRIB(EntityID,ENTITYID);
373 DECL_TYPED_CHILD(Extensions);
374 DECL_TYPED_CHILD(AffiliationDescriptor);
375 DECL_TYPED_CHILDREN(RoleDescriptor);
376 DECL_TYPED_CHILDREN(IDPSSODescriptor);
377 DECL_TYPED_CHILDREN(SPSSODescriptor);
378 DECL_TYPED_CHILDREN(AuthnAuthorityDescriptor);
379 DECL_TYPED_CHILDREN(AttributeAuthorityDescriptor);
380 DECL_TYPED_CHILDREN(PDPDescriptor);
381 DECL_TYPED_CHILDREN(AuthnQueryDescriptorType);
382 DECL_TYPED_CHILDREN(AttributeQueryDescriptorType);
383 DECL_TYPED_CHILDREN(AuthzDecisionQueryDescriptorType);
384 DECL_TYPED_CHILD(Organization);
385 DECL_TYPED_CHILDREN(ContactPerson);
386 DECL_TYPED_CHILDREN(AdditionalMetadataLocation);
387 /** Finds an arbitrary role type supporting a given protocol. */
388 virtual const RoleDescriptor* getRoleDescriptor(const xmltooling::QName& qname, const XMLCh* protocol) const=0;
389 /** EntityDescriptorType local name */
390 static const XMLCh TYPE_NAME[];
393 BEGIN_XMLOBJECT3(SAML_API,EntitiesDescriptor,SignableObject,CacheableSAMLObject,
394 TimeBoundSAMLObject,SAML 2.0 EntitiesDescriptor element);
395 DECL_STRING_ATTRIB(ID,ID);
396 DECL_STRING_ATTRIB(Name,NAME);
397 DECL_TYPED_CHILD(Extensions);
398 DECL_TYPED_CHILDREN(EntityDescriptor);
399 DECL_TYPED_CHILDREN(EntitiesDescriptor);
400 /** EntitiesDescriptorType local name */
401 static const XMLCh TYPE_NAME[];
404 // Known Metadata Extensions
406 DECL_XMLOBJECT_SIMPLE(SAML_API,SourceID,ID,SAML 1.x Metadata Profile SourceID element);
408 BEGIN_XMLOBJECT(SAML_API,DiscoveryResponse,IndexedEndpointType,Identity Provider Discovery Protocol DiscoveryResponse element);
411 BEGIN_XMLOBJECT(SAML_API,RequestInitiator,EndpointType,Service Provider Request Initiation RequestInitiator element);
414 BEGIN_XMLOBJECT(SAML_API,EntityAttributes,xmltooling::XMLObject,SAML Metadata Extension for Entity Attributes element);
415 DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
416 DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
417 /** EntityAttributesType local name */
418 static const XMLCh TYPE_NAME[];
421 BEGIN_XMLOBJECT(SAML_API,DigestMethod,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Algorithm Support DigestMethod element);
422 DECL_STRING_ATTRIB(Algorithm,ALGORITHM);
423 /** DigestMethodType local name */
424 static const XMLCh TYPE_NAME[];
427 BEGIN_XMLOBJECT(SAML_API,SigningMethod,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Algorithm Support SigningMethod element);
428 DECL_STRING_ATTRIB(Algorithm,ALGORITHM);
429 DECL_INTEGER_ATTRIB(MinKeySize,MINKEYSIZE);
430 DECL_INTEGER_ATTRIB(MaxKeySize,MAXKEYSIZE);
431 /** SigningMethodType local name */
432 static const XMLCh TYPE_NAME[];
435 BEGIN_XMLOBJECT(SAML_API,DisplayName,localizedNameType,SAML Metadata Extension for Login UI DisplayName element);
436 DECL_SIMPLE_CONTENT(Name);
439 BEGIN_XMLOBJECT(SAML_API,Description,localizedNameType,SAML Metadata Extension for Login UI Description element);
440 DECL_SIMPLE_CONTENT(Description);
443 BEGIN_XMLOBJECT(SAML_API,Keywords,xmltooling::XMLObject,SAML Metadata Extension for Login UI Keywords element);
444 DECL_STRING_ATTRIB(Lang,LANG);
445 DECL_SIMPLE_CONTENT(Values);
446 /** KeywordsType local name */
447 static const XMLCh TYPE_NAME[];
450 BEGIN_XMLOBJECT(SAML_API,Logo,xmltooling::XMLObject,SAML Metadata Extension for Login UI Logo element);
451 DECL_STRING_ATTRIB(Lang,LANG);
452 DECL_INTEGER_ATTRIB(Height,HEIGHT);
453 DECL_INTEGER_ATTRIB(Width,WIDTH);
454 DECL_SIMPLE_CONTENT(URL);
455 /** LogoType local name */
456 static const XMLCh TYPE_NAME[];
459 BEGIN_XMLOBJECT(SAML_API,InformationURL,localizedURIType,SAML Metadata Extension for Login UI InformationURL element);
460 DECL_SIMPLE_CONTENT(URL);
463 BEGIN_XMLOBJECT(SAML_API,PrivacyStatementURL,localizedURIType,SAML Metadata Extension for Login UI PrivacyStatementURL element);
464 DECL_SIMPLE_CONTENT(URL);
467 BEGIN_XMLOBJECT(SAML_API,UIInfo,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Login UI UIInfo element);
468 DECL_TYPED_CHILDREN(DisplayName);
469 DECL_TYPED_CHILDREN(Description);
470 DECL_TYPED_CHILDREN(Keywords);
471 DECL_TYPED_CHILDREN(Logo);
472 DECL_TYPED_CHILDREN(InformationURL);
473 DECL_TYPED_CHILDREN(PrivacyStatementURL);
474 /** UIInfoType local name */
475 static const XMLCh TYPE_NAME[];
478 DECL_XMLOBJECT_SIMPLE(SAML_API,IPHint,Hint,SAML Metadata Extension for Login UI IPHint element);
479 DECL_XMLOBJECT_SIMPLE(SAML_API,DomainHint,Hint,SAML Metadata Extension for Login UI DomainHint element);
480 DECL_XMLOBJECT_SIMPLE(SAML_API,GeolocationHint,Hint,SAML Metadata Extension for Login UI GeolocationHint element);
482 BEGIN_XMLOBJECT(SAML_API,DiscoHints,xmltooling::ElementExtensibleXMLObject,SAML Metadata Extension for Login UI DiscoHints element);
483 DECL_TYPED_CHILDREN(IPHint);
484 DECL_TYPED_CHILDREN(DomainHint);
485 DECL_TYPED_CHILDREN(GeolocationHint);
486 /** DiscoHintsType local name */
487 static const XMLCh TYPE_NAME[];
491 * Predicate to test a role for validity and protocol support.
493 class isValidForProtocol
499 * @param protocol support constant to test for
501 isValidForProtocol(const XMLCh* protocol) : m_time(time(nullptr)), m_protocol(protocol) {
505 * Returns true iff the supplied role is valid now and supports the right protocol.
507 * @param role role to test
508 * @return result of predicate
510 bool operator()(const RoleDescriptor* role) const {
511 return role ? (role->isValid(m_time) && role->hasSupport(m_protocol)) : false;
516 const XMLCh* m_protocol;
520 * Predicate to test a role for type equivalence, validity, and protocol support.
522 class ofTypeValidForProtocol : public isValidForProtocol, public xmltooling::hasSchemaType
528 * @param q schema type to test for
529 * @param protocol support constant to test for
531 ofTypeValidForProtocol(const xmltooling::QName& q, const XMLCh* protocol)
532 : isValidForProtocol(protocol), xmltooling::hasSchemaType(q) {
536 * Returns true iff the supplied role is of the right type, valid now, and supports the right protocol.
538 * @param role role to test
539 * @return result of predicate
541 bool operator()(const RoleDescriptor* role) const {
542 return xmltooling::hasSchemaType::operator()(role) && isValidForProtocol::operator()(role);
546 DECL_SAML2MDOBJECTBUILDER(AdditionalMetadataLocation);
547 DECL_SAML2MDOBJECTBUILDER(AffiliateMember);
548 DECL_SAML2MDOBJECTBUILDER(AffiliationDescriptor);
549 DECL_SAML2MDOBJECTBUILDER(ArtifactResolutionService);
550 DECL_SAML2MDOBJECTBUILDER(AssertionConsumerService);
551 DECL_SAML2MDOBJECTBUILDER(AssertionIDRequestService);
552 DECL_SAML2MDOBJECTBUILDER(AttributeAuthorityDescriptor);
553 DECL_SAML2MDOBJECTBUILDER(AttributeConsumingService);
554 DECL_SAML2MDOBJECTBUILDER(AttributeProfile);
555 DECL_SAML2MDOBJECTBUILDER(AttributeService);
556 DECL_SAML2MDOBJECTBUILDER(AuthnAuthorityDescriptor);
557 DECL_SAML2MDOBJECTBUILDER(AuthnQueryService);
558 DECL_SAML2MDOBJECTBUILDER(AuthzService);
559 DECL_SAML2MDOBJECTBUILDER(Company);
560 DECL_SAML2MDOBJECTBUILDER(ContactPerson);
561 DECL_SAML2MDOBJECTBUILDER(EmailAddress);
562 DECL_SAML2MDOBJECTBUILDER(EntitiesDescriptor);
563 DECL_SAML2MDOBJECTBUILDER(EntityDescriptor);
564 DECL_SAML2MDOBJECTBUILDER(Extensions);
565 DECL_SAML2MDOBJECTBUILDER(GivenName);
566 DECL_SAML2MDOBJECTBUILDER(IDPSSODescriptor);
567 DECL_SAML2MDOBJECTBUILDER(KeyDescriptor);
568 DECL_SAML2MDOBJECTBUILDER(ManageNameIDService);
569 DECL_SAML2MDOBJECTBUILDER(NameIDFormat);
570 DECL_SAML2MDOBJECTBUILDER(NameIDMappingService);
571 DECL_SAML2MDOBJECTBUILDER(Organization);
572 DECL_SAML2MDOBJECTBUILDER(OrganizationName);
573 DECL_SAML2MDOBJECTBUILDER(OrganizationDisplayName);
574 DECL_SAML2MDOBJECTBUILDER(OrganizationURL);
575 DECL_SAML2MDOBJECTBUILDER(PDPDescriptor);
576 DECL_SAML2MDOBJECTBUILDER(RequestedAttribute);
577 DECL_SAML2MDOBJECTBUILDER(ServiceDescription);
578 DECL_SAML2MDOBJECTBUILDER(ServiceName);
579 DECL_SAML2MDOBJECTBUILDER(SingleLogoutService);
580 DECL_SAML2MDOBJECTBUILDER(SingleSignOnService);
581 DECL_SAML2MDOBJECTBUILDER(SPSSODescriptor);
582 DECL_SAML2MDOBJECTBUILDER(SurName);
583 DECL_SAML2MDOBJECTBUILDER(TelephoneNumber);
585 DECL_XMLOBJECTBUILDER(SAML_API,ActionNamespace,samlconstants::SAML20MD_QUERY_EXT_NS,samlconstants::SAML20MD_QUERY_EXT_PREFIX);
586 DECL_XMLOBJECTBUILDER(SAML_API,SourceID,samlconstants::SAML1MD_NS,samlconstants::SAML1MD_PREFIX);
587 DECL_XMLOBJECTBUILDER(SAML_API,DiscoveryResponse,samlconstants::IDP_DISCOVERY_PROTOCOL_NS,samlconstants::IDP_DISCOVERY_PROTOCOL_PREFIX);
588 DECL_XMLOBJECTBUILDER(SAML_API,RequestInitiator,samlconstants::SP_REQUEST_INIT_NS,samlconstants::SP_REQUEST_INIT_PREFIX);
589 DECL_XMLOBJECTBUILDER(SAML_API,EntityAttributes,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_PREFIX);
590 DECL_XMLOBJECTBUILDER(SAML_API,DigestMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
591 DECL_XMLOBJECTBUILDER(SAML_API,SigningMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
593 DECL_XMLOBJECTBUILDER(SAML_API,UIInfo,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
594 DECL_XMLOBJECTBUILDER(SAML_API,DisplayName,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
595 DECL_XMLOBJECTBUILDER(SAML_API,Description,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
596 DECL_XMLOBJECTBUILDER(SAML_API,Keywords,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
597 DECL_XMLOBJECTBUILDER(SAML_API,Logo,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
598 DECL_XMLOBJECTBUILDER(SAML_API,InformationURL,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
599 DECL_XMLOBJECTBUILDER(SAML_API,PrivacyStatementURL,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
600 DECL_XMLOBJECTBUILDER(SAML_API,DiscoHints,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
601 DECL_XMLOBJECTBUILDER(SAML_API,IPHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
602 DECL_XMLOBJECTBUILDER(SAML_API,DomainHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
603 DECL_XMLOBJECTBUILDER(SAML_API,GeolocationHint,samlconstants::SAML20MD_UI_NS,samlconstants::SAML20MD_UI_PREFIX);
606 * Builder for localizedNameType objects.
608 * This is customized to force the element name to be specified.
610 class SAML_API localizedNameTypeBuilder : public xmltooling::XMLObjectBuilder {
612 virtual ~localizedNameTypeBuilder() {}
613 /** Builder that allows element/type override. */
614 #ifdef HAVE_COVARIANT_RETURNS
615 virtual localizedNameType* buildObject(
617 virtual xmltooling::XMLObject* buildObject(
619 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
622 /** Singleton builder. */
623 static localizedNameType* buildlocalizedNameType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
624 const localizedNameTypeBuilder* b = dynamic_cast<const localizedNameTypeBuilder*>(
625 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,localizedNameType::TYPE_NAME))
628 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,localizedNameType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
629 #ifdef HAVE_COVARIANT_RETURNS
630 return b->buildObject(nsURI, localName, prefix, &schemaType);
632 return dynamic_cast<localizedNameType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
635 throw xmltooling::XMLObjectException("Unable to obtain typed builder for localizedNameType.");
640 * Builder for localizedURIType objects.
642 * This is customized to force the element name to be specified.
644 class SAML_API localizedURITypeBuilder : public xmltooling::XMLObjectBuilder {
646 virtual ~localizedURITypeBuilder() {}
647 /** Builder that allows element/type override. */
648 #ifdef HAVE_COVARIANT_RETURNS
649 virtual localizedURIType* buildObject(
651 virtual xmltooling::XMLObject* buildObject(
653 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
656 /** Singleton builder. */
657 static localizedURIType* buildlocalizedURIType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
658 const localizedURITypeBuilder* b = dynamic_cast<const localizedURITypeBuilder*>(
659 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,localizedURIType::TYPE_NAME))
662 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,localizedURIType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
663 #ifdef HAVE_COVARIANT_RETURNS
664 return b->buildObject(nsURI, localName, prefix, &schemaType);
666 return dynamic_cast<localizedURIType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
669 throw xmltooling::XMLObjectException("Unable to obtain typed builder for localizedURIType.");
674 * Builder for EndpointType objects.
676 * This is customized to force the element name to be specified.
678 class SAML_API EndpointTypeBuilder : public xmltooling::XMLObjectBuilder {
680 virtual ~EndpointTypeBuilder() {}
681 /** Builder that allows element/type override. */
682 #ifdef HAVE_COVARIANT_RETURNS
683 virtual EndpointType* buildObject(
685 virtual xmltooling::XMLObject* buildObject(
687 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
690 /** Singleton builder. */
691 static EndpointType* buildEndpointType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
692 const EndpointTypeBuilder* b = dynamic_cast<const EndpointTypeBuilder*>(
693 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,EndpointType::TYPE_NAME))
696 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,EndpointType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
697 #ifdef HAVE_COVARIANT_RETURNS
698 return b->buildObject(nsURI, localName, prefix, &schemaType);
700 return dynamic_cast<EndpointType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
703 throw xmltooling::XMLObjectException("Unable to obtain typed builder for EndpointType.");
708 * Builder for IndexedEndpointType objects.
710 * This is customized to force the element name to be specified.
712 class SAML_API IndexedEndpointTypeBuilder : public xmltooling::XMLObjectBuilder {
714 virtual ~IndexedEndpointTypeBuilder() {}
715 /** Builder that allows element/type override. */
716 #ifdef HAVE_COVARIANT_RETURNS
717 virtual IndexedEndpointType* buildObject(
719 virtual xmltooling::XMLObject* buildObject(
721 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
724 /** Singleton builder. */
725 static IndexedEndpointType* buildIndexedEndpointType(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr) {
726 const IndexedEndpointTypeBuilder* b = dynamic_cast<const IndexedEndpointTypeBuilder*>(
727 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,IndexedEndpointType::TYPE_NAME))
730 xmltooling::QName schemaType(samlconstants::SAML20MD_NS,IndexedEndpointType::TYPE_NAME,samlconstants::SAML20MD_PREFIX);
731 #ifdef HAVE_COVARIANT_RETURNS
732 return b->buildObject(nsURI, localName, prefix, &schemaType);
734 return dynamic_cast<IndexedEndpointType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
737 throw xmltooling::XMLObjectException("Unable to obtain typed builder for IndexedEndpointType.");
742 * Builder for RoleDescriptor extension objects.
744 * This is customized to force the schema type to be specified.
746 class SAML_API RoleDescriptorBuilder : public xmltooling::XMLObjectBuilder {
748 virtual ~RoleDescriptorBuilder() {}
749 /** Builder that allows element/type override. */
750 #ifdef HAVE_COVARIANT_RETURNS
751 virtual RoleDescriptor* buildObject(
753 virtual xmltooling::XMLObject* buildObject(
755 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
758 /** Singleton builder. */
759 static RoleDescriptor* buildRoleDescriptor(const xmltooling::QName& schemaType) {
760 const RoleDescriptorBuilder* b = dynamic_cast<const RoleDescriptorBuilder*>(
761 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_NS,RoleDescriptor::LOCAL_NAME))
764 #ifdef HAVE_COVARIANT_RETURNS
765 return b->buildObject(samlconstants::SAML20MD_NS, RoleDescriptor::LOCAL_NAME, samlconstants::SAML20MD_PREFIX, &schemaType);
767 return dynamic_cast<RoleDescriptor*>(b->buildObject(samlconstants::SAML20MD_NS, RoleDescriptor::LOCAL_NAME, samlconstants::SAML20MD_PREFIX, &schemaType));
770 throw xmltooling::XMLObjectException("Unable to obtain typed builder for RoleDescriptor.");
775 * Builder for AuthnQueryDescriptorType objects.
777 * This is customized to return a RoleDescriptor element with an
778 * xsi:type of AuthnQueryDescriptorType.
780 class SAML_API AuthnQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
782 virtual ~AuthnQueryDescriptorTypeBuilder() {}
783 /** Default builder. */
784 #ifdef HAVE_COVARIANT_RETURNS
785 virtual AuthnQueryDescriptorType* buildObject() const {
787 virtual xmltooling::XMLObject* buildObject() const {
789 xmltooling::QName schemaType(
790 samlconstants::SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
793 samlconstants::SAML20MD_NS,AuthnQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
796 /** Builder that allows element/type override. */
797 #ifdef HAVE_COVARIANT_RETURNS
798 virtual AuthnQueryDescriptorType* buildObject(
800 virtual xmltooling::XMLObject* buildObject(
802 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
805 /** Singleton builder. */
806 static AuthnQueryDescriptorType* buildAuthnQueryDescriptorType() {
807 const AuthnQueryDescriptorTypeBuilder* b = dynamic_cast<const AuthnQueryDescriptorTypeBuilder*>(
808 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME))
811 #ifdef HAVE_COVARIANT_RETURNS
812 return b->buildObject();
814 return dynamic_cast<AuthnQueryDescriptorType*>(b->buildObject());
817 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AuthnQueryDescriptorType.");
822 * Builder for AttributeQueryDescriptorType objects.
824 * This is customized to return a RoleDescriptor element with an
825 * xsi:type of AttributeQueryDescriptorType.
827 class SAML_API AttributeQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
829 virtual ~AttributeQueryDescriptorTypeBuilder() {}
830 /** Default builder. */
831 #ifdef HAVE_COVARIANT_RETURNS
832 virtual AttributeQueryDescriptorType* buildObject() const {
834 virtual xmltooling::XMLObject* buildObject() const {
836 xmltooling::QName schemaType(
837 samlconstants::SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
840 samlconstants::SAML20MD_NS,AttributeQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
843 /** Builder that allows element/type override. */
844 #ifdef HAVE_COVARIANT_RETURNS
845 virtual AttributeQueryDescriptorType* buildObject(
847 virtual xmltooling::XMLObject* buildObject(
849 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
852 /** Singleton builder. */
853 static AttributeQueryDescriptorType* buildAttributeQueryDescriptorType() {
854 const AttributeQueryDescriptorTypeBuilder* b = dynamic_cast<const AttributeQueryDescriptorTypeBuilder*>(
855 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME))
858 #ifdef HAVE_COVARIANT_RETURNS
859 return b->buildObject();
861 return dynamic_cast<AttributeQueryDescriptorType*>(b->buildObject());
864 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AttributeQueryDescriptorType.");
869 * Builder for AuthzDecisionQueryDescriptorType objects.
871 * This is customized to return a RoleDescriptor element with an
872 * xsi:type of AuthzDecisionQueryDescriptorType.
874 class SAML_API AuthzDecisionQueryDescriptorTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder {
876 virtual ~AuthzDecisionQueryDescriptorTypeBuilder() {}
877 /** Default builder. */
878 #ifdef HAVE_COVARIANT_RETURNS
879 virtual AuthzDecisionQueryDescriptorType* buildObject() const {
881 virtual xmltooling::XMLObject* buildObject() const {
883 xmltooling::QName schemaType(
884 samlconstants::SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME,samlconstants::SAML20MD_QUERY_EXT_PREFIX
887 samlconstants::SAML20MD_NS,AuthzDecisionQueryDescriptorType::LOCAL_NAME,samlconstants::SAML20MD_PREFIX,&schemaType
890 /** Builder that allows element/type override. */
891 #ifdef HAVE_COVARIANT_RETURNS
892 virtual AuthzDecisionQueryDescriptorType* buildObject(
894 virtual xmltooling::XMLObject* buildObject(
896 const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=nullptr, const xmltooling::QName* schemaType=nullptr
899 /** Singleton builder. */
900 static AuthzDecisionQueryDescriptorType* buildAuthzDecisionQueryDescriptorType() {
901 const AuthzDecisionQueryDescriptorTypeBuilder* b = dynamic_cast<const AuthzDecisionQueryDescriptorTypeBuilder*>(
902 XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME))
905 #ifdef HAVE_COVARIANT_RETURNS
906 return b->buildObject();
908 return dynamic_cast<AuthzDecisionQueryDescriptorType*>(b->buildObject());
911 throw xmltooling::XMLObjectException("Unable to obtain typed builder for AuthzDecisionQueryDescriptorType.");
916 * Registers builders and validators for SAML 2.0 Metadata classes into the runtime.
918 void SAML_API registerMetadataClasses();
922 #endif /* __saml2_metadata_h__ */