-/*
-* Copyright 2001-2007 Internet2
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
*
-* Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
/**
#include "exceptions.h"
#include "saml2/core/Assertions.h"
+#include <xmltooling/validation/Validator.h>
#include <xmltooling/validation/ValidatorSuite.h>
using namespace opensaml::saml2;
}
END_XMLOBJECTVALIDATOR;
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Delegate);
+ int count=0;
+ if (ptr->getBaseID())
+ count++;
+ if (ptr->getNameID())
+ count++;
+ if (ptr->getEncryptedID())
+ count++;
+ if (count != 1)
+ throw ValidationException("Delegate must contain exactly one identifier element.");
+ END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,DelegationRestrictionType);
+ XMLOBJECTVALIDATOR_NONEMPTY(DelegationRestrictionType,Delegate);
+ END_XMLOBJECTVALIDATOR;
+
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Conditions);
- if (!ptr->hasChildren()) {
- XMLOBJECTVALIDATOR_ONEOF(Conditions,NotBefore,NotOnOrAfter);
+ if (ptr->getOneTimeUses().size() > 1) {
+ throw ValidationException("Multiple OneTimeUse condition elements are not permitted.");
+ }
+ else if (ptr->getProxyRestrictions().size() > 1) {
+ throw ValidationException("Multiple ProxyRestriction condition elements are not permitted.");
}
END_XMLOBJECTVALIDATOR;
REGISTER_TYPE(Subject);
REGISTER_TYPE(SubjectConfirmation);
REGISTER_TYPE(SubjectLocality);
+
+ q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,Delegate::LOCAL_NAME);
+ XMLObjectBuilder::registerBuilder(q,new DelegateBuilder());
+ SchemaValidators.registerValidator(q,new DelegateSchemaValidator());
+ q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,Delegate::TYPE_NAME);
+ XMLObjectBuilder::registerBuilder(q,new DelegateBuilder());
+ SchemaValidators.registerValidator(q,new DelegateSchemaValidator());
+
+ q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,DelegationRestrictionType::TYPE_NAME);
+ XMLObjectBuilder::registerBuilder(q,new DelegationRestrictionTypeBuilder());
+ SchemaValidators.registerValidator(q,new DelegationRestrictionTypeSchemaValidator());
}