From 48857ad9a82c4695800123ecef931e7f8d9de199 Mon Sep 17 00:00:00 2001 From: Scott Cantor Date: Wed, 1 Apr 2009 17:33:50 +0000 Subject: [PATCH] Add XML objects for DelegationRestriction and EntityAttributes extensions. --- .cproject | 5 +- saml/saml2/core/Assertions.h | 70 +++++++++++- saml/saml2/core/impl/Assertions20Impl.cpp | 118 ++++++++++++++++++++- .../core/impl/Assertions20SchemaValidators.cpp | 27 +++++ saml/saml2/metadata/Metadata.h | 10 +- saml/saml2/metadata/impl/MetadataImpl.cpp | 52 ++++++++- .../metadata/impl/MetadataSchemaValidators.cpp | 17 ++- saml/util/SAMLConstants.cpp | 36 ++++++- saml/util/SAMLConstants.h | 64 +++++++---- 9 files changed, 364 insertions(+), 35 deletions(-) diff --git a/.cproject b/.cproject index 55b779c..8b4607c 100644 --- a/.cproject +++ b/.cproject @@ -69,12 +69,13 @@ - + + - + diff --git a/saml/saml2/core/Assertions.h b/saml/saml2/core/Assertions.h index c72ebde..4b2b896 100644 --- a/saml/saml2/core/Assertions.h +++ b/saml/saml2/core/Assertions.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -188,6 +188,22 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; + BEGIN_XMLOBJECT(SAML_API,Delegate,xmltooling::XMLObject,SAML 2.0 Delegation Restriction Condition Delegate element); + DECL_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD); + DECL_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT); + DECL_TYPED_CHILD(BaseID); + DECL_TYPED_CHILD(NameID); + DECL_TYPED_CHILD(EncryptedID); + /** DelegateType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + + BEGIN_XMLOBJECT(SAML_API,DelegationRestrictionType,Condition,SAML 2.0 Delegation Restriction Condition type); + DECL_TYPED_CHILDREN(Delegate); + /** DelegationRestrictionType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + BEGIN_XMLOBJECT(SAML_API,Conditions,xmltooling::XMLObject,SAML 2.0 Conditions element); DECL_DATETIME_ATTRIB(NotBefore,NOTBEFORE); DECL_DATETIME_ATTRIB(NotOnOrAfter,NOTONORAFTER); @@ -417,6 +433,8 @@ namespace opensaml { DECL_SAML2OBJECTBUILDER(SubjectConfirmationData); DECL_SAML2OBJECTBUILDER(SubjectLocality); + DECL_XMLOBJECTBUILDER(SAML_API,Delegate,samlconstants::SAML20_DELEGATION_CONDITION_NS,samlconstants::SAML20_DELEGATION_CONDITION_PREFIX); + /** * Builder for NameIDType objects. * @@ -485,6 +503,56 @@ namespace opensaml { }; /** + * Builder for DelegationRestrictionType objects. + * + * This is customized to return a Condition element with an xsi:type of DelegationRestrictionType. + */ + class SAML_API DelegationRestrictionTypeBuilder : public xmltooling::ConcreteXMLObjectBuilder { + public: + virtual ~DelegationRestrictionTypeBuilder() {} + /** Default builder. */ +#ifdef HAVE_COVARIANT_RETURNS + virtual DelegationRestrictionType* buildObject() const { +#else + virtual xmltooling::XMLObject* buildObject() const { +#endif + xmltooling::QName schemaType( + samlconstants::SAML20_DELEGATION_CONDITION_NS, + DelegationRestrictionType::TYPE_NAME, + samlconstants::SAML20_DELEGATION_CONDITION_PREFIX + ); + return buildObject( + samlconstants::SAML20_DELEGATION_CONDITION_NS, + DelegationRestrictionType::LOCAL_NAME, + samlconstants::SAML20_DELEGATION_CONDITION_PREFIX, + &schemaType + ); + } + /** Builder that allows element/type override. */ +#ifdef HAVE_COVARIANT_RETURNS + virtual DelegationRestrictionType* buildObject( +#else + virtual xmltooling::XMLObject* buildObject( +#endif + const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix=NULL, const xmltooling::QName* schemaType=NULL + ) const; + + /** Singleton builder. */ + static DelegationRestrictionType* buildDelegationRestrictionType() { + const DelegationRestrictionTypeBuilder* b = dynamic_cast( + XMLObjectBuilder::getBuilder(xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,DelegationRestrictionType::TYPE_NAME)) + ); + if (b) +#ifdef HAVE_COVARIANT_RETURNS + return b->buildObject(); +#else + return dynamic_cast(b->buildObject()); +#endif + throw xmltooling::XMLObjectException("Unable to obtain typed builder for DelegationRestrictionType."); + } + }; + + /** * Builder for KeyInfoConfirmationDataType objects. * * This is customized to return a SubjectConfirmationData element with an diff --git a/saml/saml2/core/impl/Assertions20Impl.cpp b/saml/saml2/core/impl/Assertions20Impl.cpp index fd9a54a..d5a9b5e 100644 --- a/saml/saml2/core/impl/Assertions20Impl.cpp +++ b/saml/saml2/core/impl/Assertions20Impl.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -45,6 +45,7 @@ using xmlconstants::XMLSIG_NS; using xmlconstants::XMLENC_NS; using xmlconstants::XML_BOOL_NULL; using samlconstants::SAML20_NS; +using samlconstants::SAML20_DELEGATION_CONDITION_NS; #if defined (_MSC_VER) @@ -345,6 +346,113 @@ namespace opensaml { } }; + class SAML_DLLLOCAL DelegateImpl : public virtual Delegate, + public AbstractComplexElement, + public AbstractDOMCachingXMLObject, + public AbstractXMLObjectMarshaller, + public AbstractXMLObjectUnmarshaller + { + void init() { + m_ConfirmationMethod=NULL; + m_DelegationInstant=NULL; + m_BaseID=NULL; + m_NameID=NULL; + m_EncryptedID=NULL; + m_children.push_back(NULL); + m_children.push_back(NULL); + m_children.push_back(NULL); + m_pos_BaseID=m_children.begin(); + m_pos_NameID=m_pos_BaseID; + ++m_pos_NameID; + m_pos_EncryptedID=m_pos_NameID; + ++m_pos_EncryptedID; + } + public: + virtual ~DelegateImpl() { + XMLString::release(&m_ConfirmationMethod); + delete m_DelegationInstant; + } + + DelegateImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) + : AbstractXMLObject(nsURI, localName, prefix, schemaType) { + init(); + } + + DelegateImpl(const DelegateImpl& src) + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { + init(); + setConfirmationMethod(src.getConfirmationMethod()); + setDelegationInstant(src.getDelegationInstant()); + if (src.getBaseID()) + setBaseID(src.getBaseID()->cloneBaseID()); + if (src.getNameID()) + setNameID(src.getNameID()->cloneNameID()); + if (src.getEncryptedID()) + setEncryptedID(src.getEncryptedID()->cloneEncryptedID()); + } + + IMPL_XMLOBJECT_CLONE(Delegate); + IMPL_STRING_ATTRIB(ConfirmationMethod); + IMPL_DATETIME_ATTRIB(DelegationInstant,0); + IMPL_TYPED_CHILD(NameID); + IMPL_TYPED_CHILD(BaseID); + IMPL_TYPED_CHILD(EncryptedID); + + protected: + void marshallAttributes(DOMElement* domElement) const { + MARSHALL_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD,NULL); + MARSHALL_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT,NULL); + } + + void processChildElement(XMLObject* childXMLObject, const DOMElement* root) { + PROC_TYPED_CHILD(BaseID,SAML20_NS,false); + PROC_TYPED_CHILD(NameID,SAML20_NS,false); + PROC_TYPED_CHILD(EncryptedID,SAML20_NS,false); + AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root); + } + + void processAttribute(const DOMAttr* attribute) { + PROC_STRING_ATTRIB(ConfirmationMethod,CONFIRMATIONMETHOD,NULL); + PROC_DATETIME_ATTRIB(DelegationInstant,DELEGATIONINSTANT,NULL); + AbstractXMLObjectUnmarshaller::processAttribute(attribute); + } + }; + + class SAML_DLLLOCAL DelegationRestrictionTypeImpl : public virtual DelegationRestrictionType, + public AbstractComplexElement, + public AbstractDOMCachingXMLObject, + public AbstractXMLObjectMarshaller, + public AbstractXMLObjectUnmarshaller + { + public: + virtual ~DelegationRestrictionTypeImpl() {} + + DelegationRestrictionTypeImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) + : AbstractXMLObject(nsURI, localName, prefix, schemaType) { + } + + DelegationRestrictionTypeImpl(const DelegationRestrictionTypeImpl& src) + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { + VectorOf(Delegate) v=getDelegates(); + for (vector::const_iterator i=src.m_Delegates.begin(); i!=src.m_Delegates.end(); i++) { + if (*i) { + v.push_back((*i)->cloneDelegate()); + } + } + } + + IMPL_XMLOBJECT_CLONE(DelegationRestrictionType); + Condition* cloneCondition() const { + return cloneDelegationRestrictionType(); + } + IMPL_TYPED_CHILDREN(Delegate,m_children.end()); + + protected: + void processChildElement(XMLObject* childXMLObject, const DOMElement* root) { + PROC_TYPED_CHILDREN(Delegate,SAML20_DELEGATION_CONDITION_NS,false); + AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root); + } + }; class SAML_DLLLOCAL ConditionsImpl : public virtual Conditions, public AbstractComplexElement, @@ -1551,6 +1659,8 @@ IMPL_XMLOBJECTBUILDER(AuthnStatement); IMPL_XMLOBJECTBUILDER(AuthzDecisionStatement); IMPL_XMLOBJECTBUILDER(Condition); IMPL_XMLOBJECTBUILDER(Conditions); +IMPL_XMLOBJECTBUILDER(Delegate); +IMPL_XMLOBJECTBUILDER(DelegationRestrictionType); IMPL_XMLOBJECTBUILDER(EncryptedAssertion); IMPL_XMLOBJECTBUILDER(EncryptedAttribute); IMPL_XMLOBJECTBUILDER(EncryptedID); @@ -1617,6 +1727,12 @@ const XMLCh Conditions::LOCAL_NAME[] = UNICODE_LITERAL_10(C,o,n,d,i const XMLCh Conditions::TYPE_NAME[] = UNICODE_LITERAL_14(C,o,n,d,i,t,i,o,n,s,T,y,p,e); const XMLCh Conditions::NOTBEFORE_ATTRIB_NAME[] = UNICODE_LITERAL_9(N,o,t,B,e,f,o,r,e); const XMLCh Conditions::NOTONORAFTER_ATTRIB_NAME[] =UNICODE_LITERAL_12(N,o,t,O,n,O,r,A,f,t,e,r); +const XMLCh Delegate::LOCAL_NAME[] = UNICODE_LITERAL_8(D,e,l,e,g,a,t,e); +const XMLCh Delegate::TYPE_NAME[] = UNICODE_LITERAL_12(D,e,l,e,g,a,t,e,T,y,p,e); +const XMLCh Delegate::CONFIRMATIONMETHOD_ATTRIB_NAME[] = UNICODE_LITERAL_18(C,o,n,f,i,r,m,a,t,i,o,n,M,e,t,h,o,d); +const XMLCh Delegate::DELEGATIONINSTANT_ATTRIB_NAME[] = UNICODE_LITERAL_17(D,e,l,e,g,a,t,i,o,n,I,n,s,t,a,n,t); +const XMLCh DelegationRestrictionType::LOCAL_NAME[] = UNICODE_LITERAL_9(C,o,n,d,i,t,i,o,n); +const XMLCh DelegationRestrictionType::TYPE_NAME[] =UNICODE_LITERAL_21(D,e,l,e,g,a,t,i,o,n,R,e,s,t,r,i,c,t,i,o,n); const XMLCh EncryptedAssertion::LOCAL_NAME[] = UNICODE_LITERAL_18(E,n,c,r,y,p,t,e,d,A,s,s,e,r,t,i,o,n); const XMLCh EncryptedAttribute::LOCAL_NAME[] = UNICODE_LITERAL_18(E,n,c,r,y,p,t,e,d,A,t,t,r,i,b,u,t,e); const XMLCh EncryptedElementType::LOCAL_NAME[] = {chNull}; diff --git a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp index 458b5b1..70b02e5 100644 --- a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp +++ b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp @@ -72,6 +72,22 @@ namespace opensaml { } END_XMLOBJECTVALIDATOR; + BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Delegate); + int count=0; + if (ptr->getBaseID()) + count++; + if (ptr->getNameID()) + count++; + if (ptr->getEncryptedID()) + count++; + if (count != 1) + throw ValidationException("Delegate must contain exactly one identifier element."); + END_XMLOBJECTVALIDATOR; + + BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,DelegationRestrictionType); + XMLOBJECTVALIDATOR_NONEMPTY(DelegationRestrictionType,Delegate); + END_XMLOBJECTVALIDATOR; + BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,Conditions); if (!ptr->hasChildren()) { XMLOBJECTVALIDATOR_ONEOF(Conditions,NotBefore,NotOnOrAfter); @@ -249,4 +265,15 @@ void opensaml::saml2::registerAssertionClasses() { REGISTER_TYPE(Subject); REGISTER_TYPE(SubjectConfirmation); REGISTER_TYPE(SubjectLocality); + + q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,Delegate::LOCAL_NAME); + XMLObjectBuilder::registerBuilder(q,new DelegateBuilder()); + SchemaValidators.registerValidator(q,new DelegateSchemaValidator()); + q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,Delegate::TYPE_NAME); + XMLObjectBuilder::registerBuilder(q,new DelegateBuilder()); + SchemaValidators.registerValidator(q,new DelegateSchemaValidator()); + + q=xmltooling::QName(samlconstants::SAML20_DELEGATION_CONDITION_NS,DelegationRestrictionType::TYPE_NAME); + XMLObjectBuilder::registerBuilder(q,new DelegationRestrictionTypeBuilder()); + SchemaValidators.registerValidator(q,new DelegationRestrictionTypeSchemaValidator()); } diff --git a/saml/saml2/metadata/Metadata.h b/saml/saml2/metadata/Metadata.h index 79f94dc..5d16df0 100644 --- a/saml/saml2/metadata/Metadata.h +++ b/saml/saml2/metadata/Metadata.h @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -382,6 +382,13 @@ namespace opensaml { static const XMLCh TYPE_NAME[]; END_XMLOBJECT; + BEGIN_XMLOBJECT(SAML_API,EntityAttributes,xmltooling::XMLObject,SAML Metadata Extension for Entity Attributes element); + DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2); + DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2); + /** EntityAttributesType local name */ + static const XMLCh TYPE_NAME[]; + END_XMLOBJECT; + /** * Predicate to test a role for validity and protocol support. */ @@ -479,6 +486,7 @@ namespace opensaml { DECL_XMLOBJECTBUILDER(SAML_API,ActionNamespace,samlconstants::SAML20MD_QUERY_EXT_NS,samlconstants::SAML20MD_QUERY_EXT_PREFIX); DECL_XMLOBJECTBUILDER(SAML_API,SourceID,samlconstants::SAML1MD_NS,samlconstants::SAML1MD_PREFIX); + DECL_XMLOBJECTBUILDER(SAML_API,EntityAttributes,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_PREFIX); /** * Builder for localizedNameType objects. diff --git a/saml/saml2/metadata/impl/MetadataImpl.cpp b/saml/saml2/metadata/impl/MetadataImpl.cpp index aad9bf3..ae0ce08 100644 --- a/saml/saml2/metadata/impl/MetadataImpl.cpp +++ b/saml/saml2/metadata/impl/MetadataImpl.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2001-2007 Internet2 + * Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ /** * MetadataImpl.cpp * - * Implementation classes for SAML 2.0 Assertions schema + * Implementation classes for SAML 2.0 Metadata schema */ #include "internal.h" @@ -37,7 +37,6 @@ using namespace samlconstants; using namespace opensaml::saml2md; using namespace opensaml::saml2; -using namespace opensaml; using namespace xmlencryption; using namespace xmlsignature; using namespace xmltooling; @@ -2432,6 +2431,50 @@ namespace opensaml { } }; + class SAML_DLLLOCAL EntityAttributesImpl : public virtual EntityAttributes, + public AbstractComplexElement, + public AbstractDOMCachingXMLObject, + public AbstractXMLObjectMarshaller, + public AbstractXMLObjectUnmarshaller + { + public: + virtual ~EntityAttributesImpl() {} + + EntityAttributesImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType) + : AbstractXMLObject(nsURI, localName, prefix, schemaType) { + } + + EntityAttributesImpl(const EntityAttributesImpl& src) + : AbstractXMLObject(src), AbstractComplexElement(src), AbstractDOMCachingXMLObject(src) { + for (list::const_iterator i=src.m_children.begin(); i!=src.m_children.end(); i++) { + if (*i) { + Attribute* a=dynamic_cast(*i); + if (a) { + getAttributes().push_back(a->cloneAttribute()); + continue; + } + + saml2::Assertion* as=dynamic_cast(*i); + if (as) { + getAssertions().push_back(as->cloneAssertion()); + continue; + } + } + } + } + + IMPL_XMLOBJECT_CLONE(EntityAttributes); + + IMPL_TYPED_FOREIGN_CHILDREN(Attribute,saml2,m_children.end()); + IMPL_TYPED_FOREIGN_CHILDREN(Assertion,saml2,m_children.end()); + + protected: + void processChildElement(XMLObject* childXMLObject, const DOMElement* root) { + PROC_TYPED_FOREIGN_CHILDREN(Attribute,saml2,SAML20_NS,false); + PROC_TYPED_FOREIGN_CHILDREN(Assertion,saml2,SAML20_NS,false); + AbstractXMLObjectUnmarshaller::processChildElement(childXMLObject,root); + } + }; }; }; @@ -2498,6 +2541,7 @@ IMPL_XMLOBJECTBUILDER(TelephoneNumber); IMPL_XMLOBJECTBUILDER(ActionNamespace); IMPL_XMLOBJECTBUILDER(SourceID); +IMPL_XMLOBJECTBUILDER(EntityAttributes); #ifdef HAVE_COVARIANT_RETURNS RoleDescriptor* RoleDescriptorBuilder::buildObject( @@ -2564,6 +2608,8 @@ const XMLCh EntityDescriptor::LOCAL_NAME[] = UNICODE_LITERAL_16(E,n,t const XMLCh EntityDescriptor::TYPE_NAME[] = UNICODE_LITERAL_20(E,n,t,i,t,y,D,e,s,c,r,i,p,t,o,r,T,y,p,e); const XMLCh EntityDescriptor::ID_ATTRIB_NAME[] = UNICODE_LITERAL_2(I,D); const XMLCh EntityDescriptor::ENTITYID_ATTRIB_NAME[] = UNICODE_LITERAL_8(e,n,t,i,t,y,I,D); +const XMLCh EntityAttributes::LOCAL_NAME[] = UNICODE_LITERAL_16(E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,s); +const XMLCh EntityAttributes::TYPE_NAME[] = UNICODE_LITERAL_20(E,n,t,i,t,y,A,t,t,r,i,b,u,t,e,s,T,y,p,e); const XMLCh Extensions::LOCAL_NAME[] = UNICODE_LITERAL_10(E,x,t,e,n,s,i,o,n,s); const XMLCh Extensions::TYPE_NAME[] = UNICODE_LITERAL_14(E,x,t,e,n,s,i,o,n,s,T,y,p,e); const XMLCh GivenName::LOCAL_NAME[] = UNICODE_LITERAL_9(G,i,v,e,n,N,a,m,e); diff --git a/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp b/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp index 80c72cd..c5d751c 100644 --- a/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp +++ b/saml/saml2/metadata/impl/MetadataSchemaValidators.cpp @@ -1,5 +1,5 @@ /* -* Copyright 2001-2007 Internet2 +* Copyright 2001-2009 Internet2 * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -33,6 +33,7 @@ using namespace xmltooling; using namespace std; using samlconstants::SAML20MD_NS; using samlconstants::SAML20MD_QUERY_EXT_NS; +using samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS; namespace opensaml { namespace saml2md { @@ -245,6 +246,12 @@ namespace opensaml { if (ptr->getEntityDescriptors().empty() && ptr->getEntitiesDescriptors().empty()) throw ValidationException("EntitiesDescriptor must contain at least one child descriptor."); END_XMLOBJECTVALIDATOR; + + BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,EntityAttributes); + if (!ptr->hasChildren()) + throw ValidationException("EntityAttributes must contain at least one child element."); + END_XMLOBJECTVALIDATOR; + }; }; @@ -349,4 +356,12 @@ void opensaml::saml2md::registerMetadataClasses() { q=xmltooling::QName(SAML20MD_QUERY_EXT_NS,AuthzDecisionQueryDescriptorType::TYPE_NAME); XMLObjectBuilder::registerBuilder(q,new AuthzDecisionQueryDescriptorTypeBuilder()); SchemaValidators.registerValidator(q,new RoleDescriptorSchemaValidator()); + + q=xmltooling::QName(SAML20MD_ENTITY_ATTRIBUTE_NS,EntityAttributes::LOCAL_NAME); + XMLObjectBuilder::registerBuilder(q,new EntityAttributesBuilder()); + SchemaValidators.registerValidator(q,new EntityAttributesSchemaValidator()); + + q=xmltooling::QName(SAML20MD_ENTITY_ATTRIBUTE_NS,EntityAttributes::TYPE_NAME); + XMLObjectBuilder::registerBuilder(q,new EntityAttributesBuilder()); + SchemaValidators.registerValidator(q,new EntityAttributesSchemaValidator()); } diff --git a/saml/util/SAMLConstants.cpp b/saml/util/SAMLConstants.cpp index b43dfd4..aa8fe70 100644 --- a/saml/util/SAMLConstants.cpp +++ b/saml/util/SAMLConstants.cpp @@ -1,6 +1,6 @@ /* * Copyright 2001-2007 Internet2 - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -16,8 +16,8 @@ /** * SAMLConstants.cpp - * - * SAML XML namespace constants + * + * SAML XML namespace constants */ @@ -184,6 +184,36 @@ const XMLCh samlconstants::SAML20P_THIRDPARTY_EXT_NS[] = // urn:oasis:names:tc:S const XMLCh samlconstants::SAML20P_THIRDPARTY_EXT_PREFIX[] = UNICODE_LITERAL_6(t,h,r,p,t,y); +const XMLCh samlconstants::SAML20_ATTRIBUTE_EXT_NS[] = // urn:oasis:names:tc:SAML:attribute:ext +{ chLatin_u, chLatin_r, chLatin_n, chColon, chLatin_o, chLatin_a, chLatin_s, chLatin_i, chLatin_s, chColon, + chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_s, chColon, chLatin_t, chLatin_c, chColon, + chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon, + chLatin_a, chLatin_t, chLatin_t, chLatin_r, chLatin_i, chLatin_b, chLatin_u, chLatin_t, chLatin_e, chColon, + chLatin_e, chLatin_x, chLatin_t, chNull +}; + +const XMLCh samlconstants::SAML20_ATTRIBUTE_EXT_PREFIX[] = UNICODE_LITERAL_3(e,x,t); + +const XMLCh samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS[] = // urn:oasis:names:tc:SAML:metadata:attribute +{ chLatin_u, chLatin_r, chLatin_n, chColon, chLatin_o, chLatin_a, chLatin_s, chLatin_i, chLatin_s, chColon, + chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_s, chColon, chLatin_t, chLatin_c, chColon, + chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon, + chLatin_m, chLatin_e, chLatin_t, chLatin_a, chLatin_d, chLatin_a, chLatin_t, chLatin_a, chColon, + chLatin_a, chLatin_t, chLatin_t, chLatin_r, chLatin_i, chLatin_b, chLatin_u, chLatin_t, chLatin_e, chNull +}; + +const XMLCh samlconstants::SAML20MD_ENTITY_ATTRIBUTE_PREFIX[] = UNICODE_LITERAL_6(m,d,a,t,t,r); + +const XMLCh samlconstants::SAML20_DELEGATION_CONDITION_NS[] = // urn:oasis:names:tc:SAML:2.0:conditions:delegation +{ chLatin_u, chLatin_r, chLatin_n, chColon, chLatin_o, chLatin_a, chLatin_s, chLatin_i, chLatin_s, chColon, + chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_s, chColon, chLatin_t, chLatin_c, chColon, + chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon, chDigit_2, chDigit_0, chColon, + chLatin_c, chLatin_o, chLatin_n, chLatin_d, chLatin_i, chLatin_t, chLatin_i, chLatin_o, chLatin_n, chLatin_s, chColon, + chLatin_d, chLatin_e, chLatin_l, chLatin_e, chLatin_g, chLatin_a, chLatin_t, chLatin_i, chLatin_o, chLatin_n, chNull +}; + +const XMLCh samlconstants::SAML20_DELEGATION_CONDITION_PREFIX[] = UNICODE_LITERAL_3(d,e,l); + const char samlconstants::SAML1_BINDING_SOAP[] = "urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"; const char samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT[] = "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"; diff --git a/saml/util/SAMLConstants.h b/saml/util/SAMLConstants.h index 5b6774c..618ae34 100644 --- a/saml/util/SAMLConstants.h +++ b/saml/util/SAMLConstants.h @@ -1,6 +1,6 @@ /* - * Copyright 2001-2007 Internet2 - * + * Copyright 2001-2009 Internet2 + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at @@ -16,8 +16,8 @@ /** * @file saml/util/SAMLConstants.h - * - * SAML XML namespace constants + * + * SAML XML namespace constants */ #ifndef __saml_xmlconstants_h__ @@ -29,10 +29,10 @@ * SAML related constants. */ namespace samlconstants { - + /** Liberty PAOS XML Namespace ("urn:liberty:paos:2003-08") */ extern SAML_API const XMLCh PAOS_NS[]; - + /** Liberty PAOS QName prefix ("paos") */ extern SAML_API const XMLCh PAOS_PREFIX[]; @@ -41,16 +41,16 @@ namespace samlconstants { /** SAML 1.X Protocol XML namespace ("urn:oasis:names:tc:SAML:1.0:protocol") */ extern SAML_API const XMLCh SAML1P_NS[]; - + /** SAML 1.X Assertion QName prefix ("saml") */ extern SAML_API const XMLCh SAML1_PREFIX[]; /** SAML 1.X Protocol QName prefix ("samlp") */ extern SAML_API const XMLCh SAML1P_PREFIX[]; - + /** SAML 2.0 Version ("2.0") */ extern SAML_API const XMLCh SAML20_VERSION[]; - + /** SAML 2.0 Assertion XML namespace ("urn:oasis:names:tc:SAML:2.0:assertion") */ extern SAML_API const XMLCh SAML20_NS[]; @@ -62,7 +62,7 @@ namespace samlconstants { /** SAML 2.0 AuthnContext XML namespace ("urn:oasis:names:tc:SAML:2.0:ac") */ extern SAML_API const XMLCh SAML20AC_NS[]; - + /** SAML 2.0 Assertion QName prefix ("saml") */ extern SAML_API const XMLCh SAML20_PREFIX[]; @@ -77,52 +77,70 @@ namespace samlconstants { /** SAML 2.0 Enhanced Client/Proxy SSO Profile XML Namespace ("urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp") */ extern SAML_API const XMLCh SAML20ECP_NS[]; - + /** SAML 2.0 Enhanced Client/Proxy SSO Profile QName prefix ("ecp") */ extern SAML_API const XMLCh SAML20ECP_PREFIX[]; /** SAML 2.0 DCE PAC Attribute Profile XML Namespace ("urn:oasis:names:tc:SAML:2.0:profiles:attribute:DCE") */ extern SAML_API const XMLCh SAML20DCE_NS[]; - + /** SAML 2.0 DCE PAC Attribute Profile QName prefix ("DCE") */ extern SAML_API const XMLCh SAML20DCE_PREFIX[]; /** SAML 2.0 X.500 Attribute Profile XML Namespace ("urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500") */ extern SAML_API const XMLCh SAML20X500_NS[]; - + /** SAML 2.0 X.500 Attribute Profile QName prefix ("x500") */ extern SAML_API const XMLCh SAML20X500_PREFIX[]; /** SAML 2.0 XACML Attribute Profile XML Namespace ("urn:oasis:names:tc:SAML:2.0:profiles:attribute:XACML") */ extern SAML_API const XMLCh SAML20XACML_NS[]; - + /** SAML 2.0 XACML Attribute Profile QName prefix ("xacmlprof") */ extern SAML_API const XMLCh SAML20XACML_PREFIX[]; /** SAML 1.x Metadata Profile XML Namespace ("urn:oasis:names:tc:SAML:profiles:v1metadata") */ extern SAML_API const XMLCh SAML1MD_NS[]; - + /** SAML 1.x Metadata Profile QName prefix ("saml1md") */ extern SAML_API const XMLCh SAML1MD_PREFIX[]; /** SAML 1.0 Protocol Enumeration constant ("urn:oasis:names:tc:SAML:1.0:protocol") */ extern SAML_API const XMLCh SAML10_PROTOCOL_ENUM[]; - + /** SAML 1.1 Protocol Enumeration constant ("urn:oasis:names:tc:SAML:1.1:protocol") */ extern SAML_API const XMLCh SAML11_PROTOCOL_ENUM[]; /** SAML Query Requester Metadata Extension XML Namespace ("urn:oasis:names:tc:SAML:metadata:ext:query") */ extern SAML_API const XMLCh SAML20MD_QUERY_EXT_NS[]; - + /** SAML Query Requester Metadata Extension QName prefix ("query") */ extern SAML_API const XMLCh SAML20MD_QUERY_EXT_PREFIX[]; /** SAML Third-Party Request Protocol Extension XML Namespace ("urn:oasis:names:tc:SAML:protocol:ext:third-party") */ extern SAML_API const XMLCh SAML20P_THIRDPARTY_EXT_NS[]; - - /** SAML Third-Party Request Protocol Extension QName prefix ("query") */ + + /** SAML Third-Party Request Protocol Extension QName prefix ("thrpty") */ extern SAML_API const XMLCh SAML20P_THIRDPARTY_EXT_PREFIX[]; + /** SAML Attribute Extension XML Namespace ("urn:oasis:names:tc:SAML:attribute:ext") */ + extern SAML_API const XMLCh SAML20_ATTRIBUTE_EXT_NS[]; + + /** SAML Attribute Extension QName prefix ("ext") */ + extern SAML_API const XMLCh SAML20_ATTRIBUTE_EXT_PREFIX[]; + + /** SAML Metadata Extension for Entity Attributes XML Namespace ("urn:oasis:names:tc:SAML:metadata:attribute") */ + extern SAML_API const XMLCh SAML20MD_ENTITY_ATTRIBUTE_NS[]; + + /** SAML Metadata Extension for Entity Attributes QName prefix ("mdattr") */ + extern SAML_API const XMLCh SAML20MD_ENTITY_ATTRIBUTE_PREFIX[]; + + /** SAML Condition for Delegation Restriction XML Namespace ("urn:oasis:names:tc:SAML:2.0:conditions:delegation") */ + extern SAML_API const XMLCh SAML20_DELEGATION_CONDITION_NS[]; + + /** SAML Condition for Delegation Restriction QName prefix ("del") */ + extern SAML_API const XMLCh SAML20_DELEGATION_CONDITION_PREFIX[]; + /** SAML 1.x SOAP binding ("urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding") */ extern SAML_API const char SAML1_BINDING_SOAP[]; @@ -131,13 +149,13 @@ namespace samlconstants { /** SAML 1.x Browser POST profile ("urn:oasis:names:tc:SAML:1.0:profiles:browser-post") */ extern SAML_API const char SAML1_PROFILE_BROWSER_POST[]; - + /** SAML 2.0 SOAP binding ("urn:oasis:names:tc:SAML:2.0:bindings:SOAP") */ extern SAML_API const char SAML20_BINDING_SOAP[]; /** SAML 2.0 PAOS binding ("urn:oasis:names:tc:SAML:2.0:bindings:PAOS") */ extern SAML_API const char SAML20_BINDING_PAOS[]; - + /** SAML 2.0 URI binding ("urn:oasis:names:tc:SAML:2.0:bindings:URI") */ extern SAML_API const char SAML20_BINDING_URI[]; @@ -146,13 +164,13 @@ namespace samlconstants { /** SAML 2.0 HTTP-POST binding ("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST") */ extern SAML_API const char SAML20_BINDING_HTTP_POST[]; - + /** SAML 2.0 HTTP-POST-SimpleSign binding ("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign") */ extern SAML_API const char SAML20_BINDING_HTTP_POST_SIMPLESIGN[]; /** SAML 2.0 HTTP-Redirect binding ("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect") */ extern SAML_API const char SAML20_BINDING_HTTP_REDIRECT[]; - + /** SAML 2.0 HTTP-Redirect DEFLATE URL encoding ("urn:oasis:names:tc:SAML:2.0:bindings:URL-Encoding:DEFLATE") */ extern SAML_API const char SAML20_BINDING_URL_ENCODING_DEFLATE[]; }; -- 2.1.4