/*
- * Copyright 2001-2006 Internet2
+ * Copyright 2001-2007 Internet2
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#ifndef __saml2_assertions_h__
#define __saml2_assertions_h__
-#include <saml/RootObject.h>
+#include <saml/Assertion.h>
#include <saml/util/SAMLConstants.h>
-#include <xmltooling/AttributeExtensibleXMLObject.h>
-#include <xmltooling/ElementProxy.h>
#include <xmltooling/XMLObjectBuilder.h>
#include <xmltooling/encryption/Encryption.h>
-#include <xmltooling/signature/KeyResolver.h>
+#include <xmltooling/security/CredentialCriteria.h>
+#include <xmltooling/security/CredentialResolver.h>
#include <xmltooling/signature/Signature.h>
#include <xmltooling/util/DateTime.h>
static const XMLCh TYPE_NAME[];
/**
- * Decrypts the element using a standard approach based on a wrapped decryption key
- * inside the message. The key decryption key should be supplied using the provided
- * resolver. The recipient name may be used when multiple encrypted keys are found.
- * The object returned will be unmarshalled around the decrypted DOM element, but the
- * DOM itself will be released.
+ * Decrypts the element using the supplied CredentialResolver.
+ *
+ * <p>The object returned will be unmarshalled around the decrypted DOM element, but the
+ * DOM itself will be released.
*
- * @param KEKresolver resolver supplying key decryption key
+ * @param credResolver locked resolver supplying decryption keys
* @param recipient identifier naming the recipient (the entity performing the decryption)
+ * @param criteria optional external criteria to use with resolver
* @return the decrypted and unmarshalled object
*/
- virtual xmltooling::XMLObject* decrypt(xmlsignature::KeyResolver* KEKresolver, const XMLCh* recipient) const=0;
+ virtual xmltooling::XMLObject* decrypt(
+ const xmltooling::CredentialResolver& credResolver, const XMLCh* recipient, xmltooling::CredentialCriteria* criteria=NULL
+ ) const=0;
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,EncryptedID,EncryptedElementType,SAML 2.0 EncryptedID element);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT2(SAML_API,SubjectConfirmationData,xmltooling::ElementProxy,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 SubjectConfirmationData element);
+ BEGIN_XMLOBJECT(SAML_API,SubjectConfirmationDataType,xmltooling::XMLObject,SAML 2.0 SubjectConfirmationDataType base type);
DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE);
DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
DECL_STRING_ATTRIB(Recipient,RECIPIENT);
DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
DECL_STRING_ATTRIB(Address,ADDRESS);
+ END_XMLOBJECT;
+
+ BEGIN_XMLOBJECT2(SAML_API,SubjectConfirmationData,SubjectConfirmationDataType,xmltooling::ElementProxy,SAML 2.0 SubjectConfirmationData element);
DECL_SIMPLE_CONTENT(Data);
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,KeyInfoConfirmationDataType,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 KeyInfoConfirmationDataType type);
- DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE);
- DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
- DECL_STRING_ATTRIB(Recipient,RECIPIENT);
- DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
- DECL_STRING_ATTRIB(Address,ADDRESS);
+ BEGIN_XMLOBJECT2(SAML_API,KeyInfoConfirmationDataType,SubjectConfirmationDataType,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 KeyInfoConfirmationDataType type);
DECL_TYPED_FOREIGN_CHILDREN(KeyInfo,xmlsignature);
/** KeyInfoConfirmationDataType local name */
static const XMLCh TYPE_NAME[];
DECL_TYPED_CHILD(NameID);
DECL_TYPED_CHILD(EncryptedID);
DECL_XMLOBJECT_CHILD(SubjectConfirmationData);
- DECL_TYPED_CHILD(KeyInfoConfirmationDataType);
/** SubjectConfirmationType local name */
static const XMLCh TYPE_NAME[];
/** Bearer confirmation method */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT2(SAML_API,AuthnContextDecl,xmltooling::ElementProxy,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 AuthnContextDecl element);
+ BEGIN_XMLOBJECT(SAML_API,AuthnContextDecl,xmltooling::ElementProxy,SAML 2.0 AuthnContextDecl element);
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,AuthnContext,xmltooling::XMLObject,SAML 2.0 AuthnContext element);
static const XMLCh DECISION_INDETERMINATE[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT2(SAML_API,AttributeValue,xmltooling::ElementProxy,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 AttributeValue element);
+ BEGIN_XMLOBJECT(SAML_API,AttributeValue,xmltooling::ElementProxy,SAML 2.0 AttributeValue element);
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,Attribute,xmltooling::AttributeExtensibleXMLObject,SAML 2.0 Attribute element);
BEGIN_XMLOBJECT(SAML_API,EncryptedAssertion,EncryptedElementType,SAML 2.0 EncryptedAssertion element);
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,Advice,xmltooling::XMLObject,SAML 2.0 Advice element);
+ BEGIN_XMLOBJECT(SAML_API,Advice,xmltooling::ElementExtensibleXMLObject,SAML 2.0 Advice element);
DECL_TYPED_CHILDREN(AssertionIDRef);
DECL_TYPED_CHILDREN(AssertionURIRef);
DECL_TYPED_CHILDREN(Assertion);
DECL_TYPED_CHILDREN(EncryptedAssertion);
- DECL_XMLOBJECT_CHILDREN(Other);
/** AdviceType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
virtual Issuer* getIssuer() const=0;
};
- BEGIN_XMLOBJECT(SAML_API,Assertion,saml2::RootObject,SAML 2.0 Assertion element);
+ BEGIN_XMLOBJECT2(SAML_API,Assertion,saml2::RootObject,opensaml::Assertion,SAML 2.0 Assertion element);
DECL_INHERITED_STRING_ATTRIB(Version,VER);
DECL_INHERITED_STRING_ATTRIB(ID,ID);
DECL_INHERITED_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_INHERITED_TYPED_CHILD(Issuer);
- DECL_INHERITED_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Subject);
DECL_TYPED_CHILD(Conditions);
DECL_TYPED_CHILD(Advice);
public:
virtual ~NameIDTypeBuilder() {}
/** Builder that allows element/type override. */
+#ifdef HAVE_COVARIANT_RETURNS
virtual NameIDType* buildObject(
+#else
+ virtual xmltooling::XMLObject* buildObject(
+#endif
const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
) const;
);
if (b) {
xmltooling::QName schemaType(samlconstants::SAML20_NS,NameIDType::TYPE_NAME,samlconstants::SAML20_PREFIX);
+#ifdef HAVE_COVARIANT_RETURNS
return b->buildObject(nsURI, localName, prefix, &schemaType);
+#else
+ return dynamic_cast<NameIDType*>(b->buildObject(nsURI, localName, prefix, &schemaType));
+#endif
}
throw xmltooling::XMLObjectException("Unable to obtain typed builder for NameIDType.");
}
public:
virtual ~KeyInfoConfirmationDataTypeBuilder() {}
/** Default builder. */
+#ifdef HAVE_COVARIANT_RETURNS
virtual KeyInfoConfirmationDataType* buildObject() const {
+#else
+ virtual xmltooling::XMLObject* buildObject() const {
+#endif
xmltooling::QName schemaType(
samlconstants::SAML20_NS,KeyInfoConfirmationDataType::TYPE_NAME,samlconstants::SAML20_PREFIX
);
);
}
/** Builder that allows element/type override. */
+#ifdef HAVE_COVARIANT_RETURNS
virtual KeyInfoConfirmationDataType* buildObject(
+#else
+ virtual xmltooling::XMLObject* buildObject(
+#endif
const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL
) const;
XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_NS,KeyInfoConfirmationDataType::TYPE_NAME))
);
if (b)
+#ifdef HAVE_COVARIANT_RETURNS
return b->buildObject();
+#else
+ return dynamic_cast<KeyInfoConfirmationDataType*>(b->buildObject());
+#endif
throw xmltooling::XMLObjectException("Unable to obtain typed builder for KeyInfoConfirmationDataType.");
}
};