/*
-* Copyright 2001-2006 Internet2
- *
+* Copyright 2001-2009 Internet2
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
/**
* MetadataSchemaValidators.cpp
- *
+ *
* Schema-based validators for SAML 2.0 Metadata classes
*/
using namespace opensaml;
using namespace xmltooling;
using namespace std;
+using samlconstants::SAML20MD_NS;
+using samlconstants::SAML20MD_QUERY_EXT_NS;
+using samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS;
namespace opensaml {
namespace saml2md {
-
+
XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,ActionNamespace);
XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,AffiliateMember);
XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,AttributeProfile);
END_XMLOBJECTVALIDATOR;
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,localizedURIType);
- XMLOBJECTVALIDATOR_REQUIRE(localizedNameType,TextContent);
+ XMLOBJECTVALIDATOR_REQUIRE(localizedURIType,TextContent);
XMLOBJECTVALIDATOR_REQUIRE(localizedURIType,Lang);
END_XMLOBJECTVALIDATOR;
-
+
BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,OrganizationName,localizedNameType);
localizedNameTypeSchemaValidator::validate(xmlObject);
END_XMLOBJECTVALIDATOR;
public:
void operator()(const XMLObject* xmlObject) const {
const XMLCh* ns=xmlObject->getElementQName().getNamespaceURI();
- if (XMLString::equals(ns,SAMLConstants::SAML20MD_NS) || !ns || !*ns) {
+ if (XMLString::equals(ns,SAML20MD_NS) || !ns || !*ns) {
throw ValidationException(
"Object contains an illegal extension child element ($1).",
params(1,xmlObject->getElementQName().toString().c_str())
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Extensions);
if (!ptr->hasChildren())
throw ValidationException("Extensions must have at least one child element.");
- const list<XMLObject*>& anys=ptr->getXMLObjects();
+ const vector<XMLObject*>& anys=ptr->getUnknownXMLObjects();
for_each(anys.begin(),anys.end(),checkWildcardNS());
END_XMLOBJECTVALIDATOR;
-
+
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Organization);
XMLOBJECTVALIDATOR_NONEMPTY(Organization,OrganizationName);
XMLOBJECTVALIDATOR_NONEMPTY(Organization,OrganizationDisplayName);
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,EndpointType);
XMLOBJECTVALIDATOR_REQUIRE(EndpointType,Binding);
XMLOBJECTVALIDATOR_REQUIRE(EndpointType,Location);
- const list<XMLObject*>& anys=ptr->getXMLObjects();
+ const vector<XMLObject*>& anys=ptr->getUnknownXMLObjects();
for_each(anys.begin(),anys.end(),checkWildcardNS());
END_XMLOBJECTVALIDATOR;
ptr->getAuthnAuthorityDescriptors().empty() &&
ptr->getAttributeAuthorityDescriptors().empty() &&
ptr->getPDPDescriptors().empty()) {
-
+
if (!ptr->getAffiliationDescriptor())
throw ValidationException("EntityDescriptor must have at least one child role or affiliation descriptor.");
}
BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,EntitiesDescriptor);
if (ptr->getEntityDescriptors().empty() && ptr->getEntitiesDescriptors().empty())
- throw ValidationException("EntitiesDescriptor must contain at least one child descriptor.");
+ throw ValidationException("EntitiesDescriptor must contain at least one child descriptor.");
+ END_XMLOBJECTVALIDATOR;
+
+ BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,EntityAttributes);
+ if (!ptr->hasChildren())
+ throw ValidationException("EntityAttributes must contain at least one child element.");
END_XMLOBJECTVALIDATOR;
+
};
};
#define REGISTER_ELEMENT(cname) \
- q=QName(SAMLConstants::SAML20MD_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML20MD_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
SchemaValidators.registerValidator(q,new cname##SchemaValidator())
-
+
#define REGISTER_TYPE(cname) \
- q=QName(SAMLConstants::SAML20MD_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML20MD_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
SchemaValidators.registerValidator(q,new cname##SchemaValidator())
#define REGISTER_ELEMENT_NOVAL(cname) \
- q=QName(SAMLConstants::SAML20MD_NS,cname::LOCAL_NAME); \
+ q=xmltooling::QName(SAML20MD_NS,cname::LOCAL_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
-
+
#define REGISTER_TYPE_NOVAL(cname) \
- q=QName(SAMLConstants::SAML20MD_NS,cname::TYPE_NAME); \
+ q=xmltooling::QName(SAML20MD_NS,cname::TYPE_NAME); \
XMLObjectBuilder::registerBuilder(q,new cname##Builder());
void opensaml::saml2md::registerMetadataClasses() {
- QName q;
+ xmltooling::QName q;
REGISTER_ELEMENT(AdditionalMetadataLocation);
REGISTER_ELEMENT(AffiliateMember);
REGISTER_ELEMENT(AffiliationDescriptor);
REGISTER_ELEMENT(OrganizationURL);
REGISTER_ELEMENT(PDPDescriptor);
REGISTER_ELEMENT(RequestedAttribute);
+ REGISTER_ELEMENT(RoleDescriptor);
REGISTER_ELEMENT(ServiceDescription);
REGISTER_ELEMENT(ServiceName);
REGISTER_ELEMENT(SingleLogoutService);
REGISTER_TYPE(RequestedAttribute);
REGISTER_TYPE(SPSSODescriptor);
- q=QName(SAMLConstants::SAML1MD_NS,SourceID::LOCAL_NAME);
+ q=xmltooling::QName(SAML20MD_NS,xmlencryption::EncryptionMethod::LOCAL_NAME);
+ XMLObjectBuilder::registerBuilder(q,new xmlencryption::EncryptionMethodBuilder());
+
+ q=xmltooling::QName(samlconstants::SAML1MD_NS,SourceID::LOCAL_NAME);
XMLObjectBuilder::registerBuilder(q,new SourceIDBuilder());
SchemaValidators.registerValidator(q,new SourceIDSchemaValidator());
- q=QName(SAMLConstants::SAML20MD_QUERY_EXT_NS,ActionNamespace::LOCAL_NAME);
+ q=xmltooling::QName(SAML20MD_QUERY_EXT_NS,ActionNamespace::LOCAL_NAME);
XMLObjectBuilder::registerBuilder(q,new ActionNamespaceBuilder());
SchemaValidators.registerValidator(q,new ActionNamespaceSchemaValidator());
- q=QName(SAMLConstants::SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME);
+ q=xmltooling::QName(SAML20MD_QUERY_EXT_NS,AuthnQueryDescriptorType::TYPE_NAME);
XMLObjectBuilder::registerBuilder(q,new AuthnQueryDescriptorTypeBuilder());
SchemaValidators.registerValidator(q,new RoleDescriptorSchemaValidator());
- q=QName(SAMLConstants::SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME);
+ q=xmltooling::QName(SAML20MD_QUERY_EXT_NS,AttributeQueryDescriptorType::TYPE_NAME);
XMLObjectBuilder::registerBuilder(q,new AttributeQueryDescriptorTypeBuilder());
SchemaValidators.registerValidator(q,new RoleDescriptorSchemaValidator());
- q=QName(SAMLConstants::SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME);
+ q=xmltooling::QName(SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME);
XMLObjectBuilder::registerBuilder(q,new AuthzDecisionQueryDescriptorTypeBuilder());
SchemaValidators.registerValidator(q,new RoleDescriptorSchemaValidator());
+
+ q=xmltooling::QName(SAML20MD_ENTITY_ATTRIBUTE_NS,EntityAttributes::LOCAL_NAME);
+ XMLObjectBuilder::registerBuilder(q,new EntityAttributesBuilder());
+ SchemaValidators.registerValidator(q,new EntityAttributesSchemaValidator());
+
+ q=xmltooling::QName(SAML20MD_ENTITY_ATTRIBUTE_NS,EntityAttributes::TYPE_NAME);
+ XMLObjectBuilder::registerBuilder(q,new EntityAttributesBuilder());
+ SchemaValidators.registerValidator(q,new EntityAttributesSchemaValidator());
}