/*
-* Copyright 2001-2006 Internet2
- *
+* Copyright 2001-2009 Internet2
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* ProtocolsSchemaValidators.cpp
- *
+ *
* Schema-based validators for SAML 1.x Protocols classes
*/
#include "exceptions.h"
#include "saml1/core/Protocols.h"
+#include <xmltooling/validation/Validator.h>
+#include <xmltooling/validation/ValidatorSuite.h>
+
+using namespace opensaml::saml1p;
using namespace opensaml::saml1;
using namespace opensaml;
using namespace xmltooling;
using namespace std;
+using samlconstants::SAML1P_NS;
namespace opensaml {
- namespace saml1 {
-
+ namespace saml1p {
+
XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,AssertionArtifact);
XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,StatusMessage);
-
+
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,RespondWith);
XMLOBJECTVALIDATOR_REQUIRE(RespondWith,QName);
END_XMLOBJECTVALIDATOR;
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Request);
XMLOBJECTVALIDATOR_REQUIRE(Request,RequestID);
XMLOBJECTVALIDATOR_REQUIRE(Request,IssueInstant);
- int count=0;
+ pair<bool,int> minor=ptr->getMinorVersion();
+ if (!minor.first)
+ throw ValidationException("Request must have MinorVersion");
+ int count=0;
if (ptr->getQuery()!=NULL)
count++;
if (!ptr->getAssertionIDReferences().empty())
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,StatusCode);
XMLOBJECTVALIDATOR_REQUIRE(StatusCode,Value);
END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Status);
+ XMLOBJECTVALIDATOR_REQUIRE(Status,StatusCode);
+ const xmltooling::QName* value=ptr->getStatusCode()->getValue();
+ if (!value || (*value!=StatusCode::SUCCESS && *value!=StatusCode::REQUESTER &&
+ *value!=StatusCode::RESPONDER && *value!=StatusCode::VERSIONMISMATCH))
+ throw ValidationException("Top-level status code not one of the allowable values.");
+ END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Response);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,ResponseID);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,IssueInstant);
+ XMLOBJECTVALIDATOR_REQUIRE(Response,Status);
+ pair<bool,int> minor=ptr->getMinorVersion();
+ if (!minor.first)
+ throw ValidationException("Response must have MinorVersion");
+ END_XMLOBJECTVALIDATOR;
};
};
#define REGISTER_ELEMENT(cname) \
- q=QName(SAMLConstants::SAML1P_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML1P_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
- Validator::registerValidator(q,new cname##SchemaValidator())
-
+ SchemaValidators.registerValidator(q,new cname##SchemaValidator())
+
#define REGISTER_TYPE(cname) \
- q=QName(SAMLConstants::SAML1P_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML1P_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
- Validator::registerValidator(q,new cname##SchemaValidator())
+ SchemaValidators.registerValidator(q,new cname##SchemaValidator())
#define REGISTER_ELEMENT_NOVAL(cname) \
- q=QName(SAMLConstants::SAML1P_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML1P_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
-
+
#define REGISTER_TYPE_NOVAL(cname) \
- q=QName(SAMLConstants::SAML1P_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML1P_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
-void opensaml::saml1::registerProtocolClasses() {
- QName q;
+void opensaml::saml1p::registerProtocolClasses() {
+ xmltooling::QName q;
REGISTER_ELEMENT(AssertionArtifact);
REGISTER_ELEMENT(AttributeQuery);
REGISTER_ELEMENT(AuthenticationQuery);
REGISTER_ELEMENT(AuthorizationDecisionQuery);
+ REGISTER_ELEMENT_NOVAL(Query);
REGISTER_ELEMENT(Request);
REGISTER_ELEMENT(RespondWith);
+ REGISTER_ELEMENT(Response);
+ REGISTER_ELEMENT(Status);
REGISTER_ELEMENT(StatusCode);
REGISTER_ELEMENT_NOVAL(StatusDetail);
REGISTER_ELEMENT(StatusMessage);
REGISTER_TYPE(AuthenticationQuery);
REGISTER_TYPE(AuthorizationDecisionQuery);
REGISTER_TYPE(Request);
+ REGISTER_TYPE(Response);
+ REGISTER_TYPE(Status);
REGISTER_TYPE(StatusCode);
REGISTER_TYPE_NOVAL(StatusDetail);
}