*/
/**
- * @file Protocols.h
+ * @file saml/saml2/core/Protocols.h
*
* XMLObjects representing the SAML 2.0 Protocols schema
*/
namespace opensaml {
/**
- * @namespace saml2p
+ * @namespace opensaml::saml2p
* SAML 2.0 protocol namespace
*/
namespace saml2p {
DECL_XMLOBJECT_SIMPLE(SAML_API,SessionIndex,SessionIndex,SAML 2.0 SessionIndex element);
DECL_XMLOBJECT_SIMPLE(SAML_API,StatusMessage,Message,SAML 2.0 StatusMessage element);
+ DECL_XMLOBJECT_SIMPLE(SAML_API,RespondTo,Name,SAML 2.0 third-party request RespondTo extension element);
+
BEGIN_XMLOBJECT(SAML_API,Extensions,xmltooling::ElementProxy,SAML 2.0 protocol Extensions element);
/** ExtensionsType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,Request,SignableObject,SAML 2.0 Request element);
+ BEGIN_XMLOBJECT(SAML_API,RequestAbstractType,SignableObject,SAML 2.0 RequestAbstractType base type);
DECL_STRING_ATTRIB(ID,ID);
DECL_STRING_ATTRIB(Version,VER);
DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_TYPED_CHILD(StatusCode);
/** StatusCodeType local name */
static const XMLCh TYPE_NAME[];
+
+ /**
+ * @name StatusCode Value Attribute URI Reference Constants
+ *
+ * SAML 2.0 Core, section 3.2.2.2, predefines several URI
+ * references for use in the Value attribue of the StatusCode
+ * element. Other values may be defined elsewhere.
+ */
+ /*@{*/
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Success' */
+ static const XMLCh SUCCESS[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Requester' */
+ static const XMLCh REQUESTER[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:Responder' */
+ static const XMLCh RESPONDER[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch' */
+ static const XMLCh VERSION_MISMATCH[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:AuthnFailed' */
+ static const XMLCh AUTHN_FAILED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue' */
+ static const XMLCh INVALID_ATTR_NAME_OR_VALUE[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy' */
+ static const XMLCh INVALID_NAMEID_POLICY[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext' */
+ static const XMLCh NO_AUTHN_CONTEXT[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP' */
+ static const XMLCh NO_AVAILABLE_IDP[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoPassive' */
+ static const XMLCh NO_PASSIVE[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP' */
+ static const XMLCh NO_SUPPORTED_IDP[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout' */
+ static const XMLCh PARTIAL_LOGOUT[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded' */
+ static const XMLCh PROXY_COUNT_EXCEEDED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestDenied' */
+ static const XMLCh REQUEST_DENIED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported' */
+ static const XMLCh REQUEST_UNSUPPORTED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated' */
+ static const XMLCh REQUEST_VERSION_DEPRECATED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh' */
+ static const XMLCh REQUEST_VERSION_TOO_HIGH[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow' */
+ static const XMLCh REQUEST_VERSION_TOO_LOW[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized' */
+ static const XMLCh RESOURCE_NOT_RECOGNIZED[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:TooManyResponses' */
+ static const XMLCh TOO_MANY_RESPONSES[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile' */
+ static const XMLCh UNKNOWN_ATTR_PROFILE[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal' */
+ static const XMLCh UNKNOWN_PRINCIPAL[];
+ /** StatusCode Value 'urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding' */
+ static const XMLCh UNSUPPORTED_BINDING[];
+ /*@{*/
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,StatusDetail,xmltooling::XMLObject,SAML 2.0 StatusDetail element);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,StatusResponse,SignableObject,SAML 2.0 StatusResponse element);
+ BEGIN_XMLOBJECT(SAML_API,StatusResponseType,SignableObject,SAML 2.0 StatusResponseType base type);
DECL_STRING_ATTRIB(ID,ID);
DECL_STRING_ATTRIB(InResponseTo,INRESPONSETO);
DECL_STRING_ATTRIB(Version,VER);
DECL_DATETIME_ATTRIB(IssueInstant,ISSUEINSTANT);
DECL_STRING_ATTRIB(Destination,DESTINATION);
DECL_STRING_ATTRIB(Consent,CONSENT);
+
DECL_TYPED_FOREIGN_CHILD(Issuer,saml2);
DECL_TYPED_FOREIGN_CHILD(Signature,xmlsignature);
DECL_TYPED_CHILD(Extensions);
DECL_TYPED_CHILD(Status);
+
/** StatusResponseType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,Request,SAML 2.0 AssertionIDRequest element);
+ BEGIN_XMLOBJECT(SAML_API,AssertionIDRequest,RequestAbstractType,SAML 2.0 AssertionIDRequest element);
DECL_TYPED_FOREIGN_CHILDREN(AssertionIDRef,saml2);
/** AssertionIDRequest local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,SubjectQuery,Request,SAML 2.0 SubjectQuery element);
+ BEGIN_XMLOBJECT(SAML_API,SubjectQuery,RequestAbstractType,SAML 2.0 SubjectQuery abstract element);
DECL_TYPED_FOREIGN_CHILD(Subject,saml2);
- /** SubjectQueryType local name */
+ /** SubjectQueryAbstractType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
DECL_STRING_ATTRIB(Comparison,COMPARISON);
DECL_TYPED_FOREIGN_CHILDREN(AuthnContextClassRef,saml2);
DECL_TYPED_FOREIGN_CHILDREN(AuthnContextDeclRef,saml2);
- /** exact Comparison */
+
+ /** RequestedAuthnContextType local name */
+ static const XMLCh TYPE_NAME[];
+
+ /**
+ * @name RequestedAuthnContext Comparison Attribute Constants
+ *
+ * These are the allowed values for the Comparison attribute of
+ * the RequestedAuthnContext element, as defined by SAML 2.0 Core.
+ */
+ /*@{*/
+ /** 'exact' Comparison */
static const XMLCh COMPARISON_EXACT[];
- /** minimum Comparison */
+ /** 'minimum' Comparison */
static const XMLCh COMPARISON_MINIMUM[];
- /** maximum Comparison */
+ /** 'maximum' Comparison */
static const XMLCh COMPARISON_MAXIMUM[];
- /** better Comparison */
+ /** 'better' Comparison */
static const XMLCh COMPARISON_BETTER[];
- /** RequestedAuthnContextType local name */
- static const XMLCh TYPE_NAME[];
+ /*@}*/
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,AuthnQuery,SubjectQuery,SAML 2.0 AuthnQuery element);
BEGIN_XMLOBJECT(SAML_API,NameIDPolicy,xmltooling::XMLObject,SAML 2.0 NameIDPolicy element);
DECL_STRING_ATTRIB(Format,FORMAT);
DECL_STRING_ATTRIB(SPNameQualifier,SPNAMEQUALIFIER);
- DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE);
+ DECL_BOOLEAN_ATTRIB(AllowCreate,ALLOWCREATE,false);
/** NameIDPolicyType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
END_XMLOBJECT;
BEGIN_XMLOBJECT(SAML_API,IDPList,xmltooling::XMLObject,SAML 2.0 IDPList element);
- DECL_TYPED_CHILD(IDPEntry);
+ DECL_TYPED_CHILDREN(IDPEntry);
DECL_TYPED_CHILD(GetComplete);
/** IDPListType local name */
static const XMLCh TYPE_NAME[];
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,AuthnRequest,Request,SAML 2.0 AuthnRequest element);
- DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN);
- DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE);
+ BEGIN_XMLOBJECT(SAML_API,AuthnRequest,RequestAbstractType,SAML 2.0 AuthnRequest element);
+ DECL_BOOLEAN_ATTRIB(ForceAuthn,FORCEAUTHN,false);
+ DECL_BOOLEAN_ATTRIB(IsPassive,ISPASSIVE,false);
DECL_STRING_ATTRIB(ProtocolBinding,PROTOCOLBINDING);
DECL_INTEGER_ATTRIB(AssertionConsumerServiceIndex,ASSERTIONCONSUMERSERVICEINDEX);
DECL_STRING_ATTRIB(AssertionConsumerServiceURL,ASSERTIONCONSUMERSERVICEURL);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,Response,StatusResponse,SAML 2.0 Response element);
+ BEGIN_XMLOBJECT(SAML_API,Response,StatusResponseType,SAML 2.0 Response element);
DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
DECL_TYPED_FOREIGN_CHILDREN(EncryptedAssertion,saml2);
/** ResponseType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,Request,SAML 2.0 ArtifactResolve element);
+ BEGIN_XMLOBJECT(SAML_API,ArtifactResolve,RequestAbstractType,SAML 2.0 ArtifactResolve element);
DECL_TYPED_CHILD(Artifact);
/** ArtifiactResolveType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponse,SAML 2.0 ArtifactResponse element);
+ BEGIN_XMLOBJECT(SAML_API,ArtifactResponse,StatusResponseType,SAML 2.0 ArtifactResponse element);
+ DECL_XMLOBJECT_CHILD(Payload);
/** ArtifiactResponseType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,NewEncryptedID,saml2::EncryptedElementType,SAML 2.0 EncryptedNewID element);
+ BEGIN_XMLOBJECT(SAML_API,NewEncryptedID,saml2::EncryptedElementType,SAML 2.0 NewEncryptedID element);
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,Request,SAML 2.0 ManageNameIDRequest element);
+ BEGIN_XMLOBJECT(SAML_API,ManageNameIDRequest,RequestAbstractType,SAML 2.0 ManageNameIDRequest element);
DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
DECL_TYPED_CHILD(NewID);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponse,SAML 2.0 ManageNameIDResponse element);
+ BEGIN_XMLOBJECT(SAML_API,ManageNameIDResponse,StatusResponseType,SAML 2.0 ManageNameIDResponse element);
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,LogoutRequest,Request,SAML 2.0 LogoutRequest element);
+ BEGIN_XMLOBJECT(SAML_API,LogoutRequest,RequestAbstractType,SAML 2.0 LogoutRequest element);
DECL_STRING_ATTRIB(Reason,REASON);
DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER);
DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
DECL_TYPED_CHILDREN(SessionIndex);
+
/** LogoutRequestType local name */
static const XMLCh TYPE_NAME[];
+
+ /**
+ * @name LogoutRequest Reason URI Constants
+ *
+ * URI Constants for the Reason attribute of the LogoutRequest
+ * element as defined by SAML 2.0 Core, section 3.7.3.
+ */
+ /*@{*/
+ /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:user' */
+ static const XMLCh REASON_USER[];
+ /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:admin' */
+ static const XMLCh REASON_ADMIN[];
+ /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:global-timeout' */
+ static const XMLCh REASON_GLOBAL_TIMEOUT[];
+ /** Reason value 'urn:oasis:names:tc:SAML:2.0:logout:sp-timeout' */
+ static const XMLCh REASON_SP_TIMEOUT[];
+ /*@}*/
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponse,SAML 2.0 LogoutResponse element);
+ BEGIN_XMLOBJECT(SAML_API,LogoutResponse,StatusResponseType,SAML 2.0 LogoutResponse element);
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,Request,SAML 2.0 NameIDMappingRequest element);
+ BEGIN_XMLOBJECT(SAML_API,NameIDMappingRequest,RequestAbstractType,SAML 2.0 NameIDMappingRequest element);
DECL_TYPED_FOREIGN_CHILD(BaseID,saml2);
DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponse,SAML 2.0 NameIDMappingResponse element);
+ BEGIN_XMLOBJECT(SAML_API,NameIDMappingResponse,StatusResponseType,SAML 2.0 NameIDMappingResponse element);
DECL_TYPED_FOREIGN_CHILD(NameID,saml2);
DECL_TYPED_FOREIGN_CHILD(EncryptedID,saml2);
/** NameIDMappingResponseType local name */
static const XMLCh TYPE_NAME[];
END_XMLOBJECT;
- //TODO custom builders, if any
// Builders
DECL_SAML2POBJECTBUILDER(Artifact);
DECL_SAML2POBJECTBUILDER(StatusDetail);
DECL_SAML2POBJECTBUILDER(StatusMessage);
DECL_SAML2POBJECTBUILDER(Terminate);
-
+ DECL_XMLOBJECTBUILDER(SAML_API,RespondTo,opensaml::SAMLConstants::SAML20P_THIRDPARTY_EXT_NS,opensaml::SAMLConstants::SAML20P_THIRDPARTY_EXT_PREFIX);
+
/**
- * Registers builders and validators for Protocol classes into the runtime.
+ * Registers builders and validators for SAML 2.0 Protocol classes into the runtime.
*/
void SAML_API registerProtocolClasses();
+
+ /**
+ * Validator suite for SAML 2.0 Protocol schema validation.
+ */
+ extern SAML_API xmltooling::ValidatorSuite ProtocolSchemaValidators;
};
};