-/*
-* Copyright 2001-2006 Internet2
- *
-* Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+/**
+ * Licensed to the University Corporation for Advanced Internet
+ * Development, Inc. (UCAID) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License. You may obtain a copy of the
+ * License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
*/
/**
* Protocols20SchemaValidators.cpp
*
- * Schema-based validators for SAML 2.0 Protocols classes
+ * Schema-based validators for SAML 2.0 Protocols classes.
*/
#include "internal.h"
#include "exceptions.h"
#include "saml2/core/Protocols.h"
+#include <xmltooling/validation/Validator.h>
+#include <xmltooling/validation/ValidatorSuite.h>
+
using namespace opensaml::saml2p;
using namespace opensaml::saml2;
using namespace opensaml;
using namespace xmltooling;
using namespace std;
+using samlconstants::SAML20P_NS;
namespace opensaml {
namespace saml2p {
public:
void operator()(const XMLObject* xmlObject) const {
const XMLCh* ns=xmlObject->getElementQName().getNamespaceURI();
- if (XMLString::equals(ns,SAMLConstants::SAML20P_NS) || !ns || !*ns) {
+ if (XMLString::equals(ns,SAML20P_NS) || !ns || !*ns) {
throw ValidationException(
"Object contains an illegal extension child element ($1).",
params(1,xmlObject->getElementQName().toString().c_str())
}
};
- BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Request);
- XMLOBJECTVALIDATOR_REQUIRE(Request,ID);
- XMLOBJECTVALIDATOR_REQUIRE(Request,Version);
- XMLOBJECTVALIDATOR_REQUIRE(Request,IssueInstant);
- if (!XMLString::equals(SAMLConstants::SAML20_VERSION, ptr->getVersion()))
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,RequestAbstractType);
+ XMLOBJECTVALIDATOR_REQUIRE(RequestAbstractType,ID);
+ XMLOBJECTVALIDATOR_REQUIRE(RequestAbstractType,Version);
+ XMLOBJECTVALIDATOR_REQUIRE(RequestAbstractType,IssueInstant);
+ if (!XMLString::equals(samlconstants::SAML20_VERSION, ptr->getVersion()))
throw ValidationException("Request has wrong SAML Version.");
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,SubjectQuery,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,SubjectQuery,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_REQUIRE(SubjectQuery,Subject);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,StatusResponse);
- XMLOBJECTVALIDATOR_REQUIRE(StatusResponse,ID);
- XMLOBJECTVALIDATOR_REQUIRE(StatusResponse,Version);
- XMLOBJECTVALIDATOR_REQUIRE(StatusResponse,IssueInstant);
- XMLOBJECTVALIDATOR_REQUIRE(StatusResponse,Status);
- if (!XMLString::equals(SAMLConstants::SAML20_VERSION, ptr->getVersion()))
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,StatusResponseType);
+ XMLOBJECTVALIDATOR_REQUIRE(StatusResponseType,ID);
+ XMLOBJECTVALIDATOR_REQUIRE(StatusResponseType,Version);
+ XMLOBJECTVALIDATOR_REQUIRE(StatusResponseType,IssueInstant);
+ XMLOBJECTVALIDATOR_REQUIRE(StatusResponseType,Status);
+ if (!XMLString::equals(samlconstants::SAML20_VERSION, ptr->getVersion()))
throw ValidationException("StatusResponse has wrong SAML Version.");
END_XMLOBJECTVALIDATOR;
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Extensions);
if (!ptr->hasChildren())
throw ValidationException("Extensions must have at least one child element.");
- const list<XMLObject*>& anys=ptr->getXMLObjects();
+ const vector<XMLObject*>& anys=ptr->getUnknownXMLObjects();
for_each(anys.begin(),anys.end(),checkWildcardNS());
END_XMLOBJECTVALIDATOR;
//TODO test this !!!
// If this is a top-level StatusCode (ie. parent is a Status),
// then there are only 4 valid values per SAML Core.
- if (ptr->getParent()!=NULL && ptr->getParent()->getElementQName().hasLocalPart())
+ if (ptr->getParent()!=nullptr && ptr->getParent()->getElementQName().hasLocalPart())
{
- QName pq = ptr->getParent()->getElementQName();
+ xmltooling::QName pq = ptr->getParent()->getElementQName();
- if ( XMLString::equals(pq.getNamespaceURI(), SAMLConstants::SAML20P_NS) &&
+ if ( XMLString::equals(pq.getNamespaceURI(), SAML20P_NS) &&
XMLString::equals(pq.getLocalPart(), Status::LOCAL_NAME))
{
const XMLCh* code = ptr->getValue();
XMLOBJECTVALIDATOR_REQUIRE(Status,StatusCode);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,AssertionIDRequest,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,AssertionIDRequest,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_NONEMPTY(AssertionIDRequest,AssertionIDRef);
END_XMLOBJECTVALIDATOR;
throw xmltooling::ValidationException("ProxyCount attribute on Scoping element must be non-negative");
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,AuthnRequest,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,AuthnRequest,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
if (ptr->getAssertionConsumerServiceIndex().first
- && (ptr->getAssertionConsumerServiceURL()!=NULL || ptr->getProtocolBinding()!=NULL))
+ && (ptr->getAssertionConsumerServiceURL()!=nullptr || ptr->getProtocolBinding()!=nullptr))
throw xmltooling::ValidationException("On AuthnRequest AssertionConsumerServiceIndex is mutually exclusive with both AssertionConsumerServiceURL and ProtocolBinding");
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,Response,StatusResponse);
- StatusResponseSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,Response,StatusResponseType);
+ StatusResponseTypeSchemaValidator::validate(xmlObject);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ArtifactResolve,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ArtifactResolve,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_REQUIRE(ArtifactResolve,Artifact);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ArtifactResponse,StatusResponse);
- StatusResponseSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ArtifactResponse,StatusResponseType);
+ StatusResponseTypeSchemaValidator::validate(xmlObject);
END_XMLOBJECTVALIDATOR;
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,NewEncryptedID);
XMLOBJECTVALIDATOR_REQUIRE(NewEncryptedID,EncryptedData);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ManageNameIDRequest,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ManageNameIDRequest,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_ONLYONEOF(ManageNameIDRequest,NameID,EncryptedID);
XMLOBJECTVALIDATOR_ONLYONEOF3(ManageNameIDRequest,NewID,NewEncryptedID,Terminate);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ManageNameIDResponse,StatusResponse);
- StatusResponseSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,ManageNameIDResponse,StatusResponseType);
+ StatusResponseTypeSchemaValidator::validate(xmlObject);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,LogoutRequest,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,LogoutRequest,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_ONLYONEOF3(LogoutRequest,BaseID,NameID,EncryptedID);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,LogoutResponse,StatusResponse);
- StatusResponseSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,LogoutResponse,StatusResponseType);
+ StatusResponseTypeSchemaValidator::validate(xmlObject);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,NameIDMappingRequest,Request);
- RequestSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,NameIDMappingRequest,RequestAbstractType);
+ RequestAbstractTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_ONLYONEOF3(NameIDMappingRequest,BaseID,NameID,EncryptedID);
XMLOBJECTVALIDATOR_REQUIRE(NameIDMappingRequest,NameIDPolicy);
END_XMLOBJECTVALIDATOR;
- BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,NameIDMappingResponse,StatusResponse);
- StatusResponseSchemaValidator::validate(xmlObject);
+ BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,NameIDMappingResponse,StatusResponseType);
+ StatusResponseTypeSchemaValidator::validate(xmlObject);
XMLOBJECTVALIDATOR_ONLYONEOF(NameIDMappingResponse,NameID,EncryptedID);
END_XMLOBJECTVALIDATOR;
};
#define REGISTER_ELEMENT(cname) \
- q=QName(SAMLConstants::SAML20P_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML20P_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
- ProtocolSchemaValidators.registerValidator(q,new cname##SchemaValidator())
+ SchemaValidators.registerValidator(q,new cname##SchemaValidator())
#define REGISTER_TYPE(cname) \
- q=QName(SAMLConstants::SAML20P_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML20P_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
- ProtocolSchemaValidators.registerValidator(q,new cname##SchemaValidator())
+ SchemaValidators.registerValidator(q,new cname##SchemaValidator())
#define REGISTER_ELEMENT_NOVAL(cname) \
- q=QName(SAMLConstants::SAML20P_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML20P_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
#define REGISTER_TYPE_NOVAL(cname) \
- q=QName(SAMLConstants::SAML20P_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML20P_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
-ValidatorSuite opensaml::saml2p::ProtocolSchemaValidators("ProtocolSchemaValidators");
-
void opensaml::saml2p::registerProtocolClasses() {
- QName q;
+ xmltooling::QName q;
REGISTER_ELEMENT(Artifact);
REGISTER_ELEMENT(ArtifactResolve);
REGISTER_ELEMENT(ArtifactResponse);
REGISTER_TYPE(Scoping);
REGISTER_TYPE(Status);
REGISTER_TYPE(StatusCode);
- REGISTER_TYPE(StatusResponse);
REGISTER_TYPE_NOVAL(StatusDetail);
REGISTER_TYPE_NOVAL(Terminate);
- q=QName(SAMLConstants::SAML20P_THIRDPARTY_EXT_NS,RespondTo::LOCAL_NAME);
+ q=xmltooling::QName(samlconstants::SAML20P_THIRDPARTY_EXT_NS,RespondTo::LOCAL_NAME);
XMLObjectBuilder::registerBuilder(q,new RespondToBuilder());
- ProtocolSchemaValidators.registerValidator(q,new RespondToSchemaValidator());
+ SchemaValidators.registerValidator(q,new RespondToSchemaValidator());
+
+ q=xmltooling::QName(samlconstants::SAML20P_ASYNCSLO_EXT_NS,Asynchronous::LOCAL_NAME);
+ XMLObjectBuilder::registerBuilder(q,new AsynchronousBuilder());
+ q=xmltooling::QName(samlconstants::SAML20P_ASYNCSLO_EXT_NS,Asynchronous::TYPE_NAME);
+ XMLObjectBuilder::registerBuilder(q,new AsynchronousBuilder());
}