From 7960a4d0b7147bea207118a8f5e30eb69fcd67f6 Mon Sep 17 00:00:00 2001
From: Scott Cantor <cantor.2@osu.edu>
Date: Sat, 9 Oct 2010 21:18:37 +0000
Subject: [PATCH] Add schemas, metadata extension code for discovery and
 request initiator endpoints.

---
 cpp-opensaml2.sln                         |  2 ++
 saml/saml2/metadata/Metadata.h            |  8 +++++++
 saml/saml2/metadata/impl/MetadataImpl.cpp | 39 +++++++++++++++++++++++++++++++
 saml/util/SAMLConstants.cpp               | 28 ++++++++++++++++++++--
 saml/util/SAMLConstants.h                 | 16 +++++++++++--
 schemas/Makefile.am                       |  2 ++
 schemas/saml20-catalog.xml.in             |  8 ++++---
 schemas/sstc-request-initiation.xsd       | 23 ++++++++++++++++++
 schemas/sstc-saml-idp-discovery.xsd       | 22 +++++++++++++++++
 9 files changed, 141 insertions(+), 7 deletions(-)
 create mode 100644 schemas/sstc-request-initiation.xsd
 create mode 100644 schemas/sstc-saml-idp-discovery.xsd

diff --git a/cpp-opensaml2.sln b/cpp-opensaml2.sln
index 1eea365..4aa84e1 100644
--- a/cpp-opensaml2.sln
+++ b/cpp-opensaml2.sln
@@ -45,8 +45,10 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Schemas", "Schemas", "{5548
 		schemas\saml11-catalog.xml.in = schemas\saml11-catalog.xml.in
 		schemas\saml20-catalog.xml.in = schemas\saml20-catalog.xml.in
 		schemas\sstc-metadata-attr.xsd = schemas\sstc-metadata-attr.xsd
+		schemas\sstc-request-initiation.xsd = schemas\sstc-request-initiation.xsd
 		schemas\sstc-saml-attribute-ext.xsd = schemas\sstc-saml-attribute-ext.xsd
 		schemas\sstc-saml-delegation.xsd = schemas\sstc-saml-delegation.xsd
+		schemas\sstc-saml-idp-discovery.xsd = schemas\sstc-saml-idp-discovery.xsd
 		schemas\sstc-saml-metadata-algsupport.xsd = schemas\sstc-saml-metadata-algsupport.xsd
 		schemas\sstc-saml-metadata-ext-query.xsd = schemas\sstc-saml-metadata-ext-query.xsd
 		schemas\sstc-saml-metadata-ui.xsd = schemas\sstc-saml-metadata-ui.xsd
diff --git a/saml/saml2/metadata/Metadata.h b/saml/saml2/metadata/Metadata.h
index 1213fc1..9526066 100644
--- a/saml/saml2/metadata/Metadata.h
+++ b/saml/saml2/metadata/Metadata.h
@@ -405,6 +405,12 @@ namespace opensaml {
 
         DECL_XMLOBJECT_SIMPLE(SAML_API,SourceID,ID,SAML 1.x Metadata Profile SourceID element);
 
+        BEGIN_XMLOBJECT(SAML_API,DiscoveryResponse,IndexedEndpointType,Identity Provider Discovery Protocol DiscoveryResponse element);
+        END_XMLOBJECT;
+
+        BEGIN_XMLOBJECT(SAML_API,RequestInitiator,EndpointType,Service Provider Request Initiation RequestInitiator element);
+        END_XMLOBJECT;
+
         BEGIN_XMLOBJECT(SAML_API,EntityAttributes,xmltooling::XMLObject,SAML Metadata Extension for Entity Attributes element);
             DECL_TYPED_FOREIGN_CHILDREN(Attribute,saml2);
             DECL_TYPED_FOREIGN_CHILDREN(Assertion,saml2);
@@ -570,6 +576,8 @@ namespace opensaml {
 
         DECL_XMLOBJECTBUILDER(SAML_API,ActionNamespace,samlconstants::SAML20MD_QUERY_EXT_NS,samlconstants::SAML20MD_QUERY_EXT_PREFIX);
         DECL_XMLOBJECTBUILDER(SAML_API,SourceID,samlconstants::SAML1MD_NS,samlconstants::SAML1MD_PREFIX);
+        DECL_XMLOBJECTBUILDER(SAML_API,DiscoveryResponse,samlconstants::SP_REQUEST_INIT_NS,samlconstants::SP_REQUEST_INIT_PREFIX);
+        DECL_XMLOBJECTBUILDER(SAML_API,RequestInitiator,samlconstants::IDP_DISCOVERY_PROTOCOL_NS,samlconstants::IDP_DISCOVERY_PROTOCOL_PREFIX);
         DECL_XMLOBJECTBUILDER(SAML_API,EntityAttributes,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_NS,samlconstants::SAML20MD_ENTITY_ATTRIBUTE_PREFIX);
         DECL_XMLOBJECTBUILDER(SAML_API,DigestMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
         DECL_XMLOBJECTBUILDER(SAML_API,SigningMethod,samlconstants::SAML20MD_ALGSUPPORT_NS,samlconstants::SAML20MD_ALGSUPPORT_PREFIX);
diff --git a/saml/saml2/metadata/impl/MetadataImpl.cpp b/saml/saml2/metadata/impl/MetadataImpl.cpp
index ab28519..b80adf2 100644
--- a/saml/saml2/metadata/impl/MetadataImpl.cpp
+++ b/saml/saml2/metadata/impl/MetadataImpl.cpp
@@ -2463,6 +2463,41 @@ namespace opensaml {
             }
         };
 
+        class SAML_DLLLOCAL DiscoveryResponseImpl : public virtual DiscoveryResponse, public IndexedEndpointTypeImpl
+        {
+        public:
+            virtual ~DiscoveryResponseImpl() {}
+
+            DiscoveryResponseImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
+
+            DiscoveryResponseImpl(const DiscoveryResponseImpl& src) : AbstractXMLObject(src), IndexedEndpointTypeImpl(src) {}
+
+            IMPL_XMLOBJECT_CLONE(DiscoveryResponse);
+            IndexedEndpointType* cloneIndexedEndpointType() const {
+                return new DiscoveryResponseImpl(*this);
+            }
+            EndpointType* cloneEndpointType() const {
+                return new DiscoveryResponseImpl(*this);
+            }
+        };
+
+        class SAML_DLLLOCAL RequestInitiatorImpl : public virtual RequestInitiator, public EndpointTypeImpl
+        {
+        public:
+            virtual ~RequestInitiatorImpl() {}
+
+            RequestInitiatorImpl(const XMLCh* nsURI, const XMLCh* localName, const XMLCh* prefix, const xmltooling::QName* schemaType)
+                : AbstractXMLObject(nsURI, localName, prefix, schemaType) {}
+
+            RequestInitiatorImpl(const RequestInitiatorImpl& src) : AbstractXMLObject(src), EndpointTypeImpl(src) {}
+
+            IMPL_XMLOBJECT_CLONE(RequestInitiator);
+            EndpointType* cloneEndpointType() const {
+                return new RequestInitiatorImpl(*this);
+            }
+        };
+
         class SAML_DLLLOCAL EntityAttributesImpl : public virtual EntityAttributes,
             public AbstractComplexElement,
             public AbstractDOMCachingXMLObject,
@@ -2953,6 +2988,8 @@ IMPL_XMLOBJECTBUILDER(TelephoneNumber);
 
 IMPL_XMLOBJECTBUILDER(ActionNamespace);
 IMPL_XMLOBJECTBUILDER(SourceID);
+IMPL_XMLOBJECTBUILDER(DiscoveryResponse);
+IMPL_XMLOBJECTBUILDER(RequestInitiator);
 IMPL_XMLOBJECTBUILDER(EntityAttributes);
 IMPL_XMLOBJECTBUILDER(DigestMethod);
 IMPL_XMLOBJECTBUILDER(SigningMethod);
@@ -3119,6 +3156,7 @@ const XMLCh DigestMethod::TYPE_NAME[] =                 UNICODE_LITERAL_16(D,i,g
 const XMLCh DigestMethod::ALGORITHM_ATTRIB_NAME[] =     UNICODE_LITERAL_9(A,l,g,o,r,i,t,h,m);
 const XMLCh DiscoHints::LOCAL_NAME[] =                  UNICODE_LITERAL_10(D,i,s,c,o,H,i,n,t,s);
 const XMLCh DiscoHints::TYPE_NAME[] =                   UNICODE_LITERAL_14(D,i,s,c,o,H,i,n,t,s,T,y,p,e);
+const XMLCh DiscoveryResponse::LOCAL_NAME[] =           UNICODE_LITERAL_17(D,i,s,c,o,v,e,r,y,R,e,s,p,o,n,s,e);
 const XMLCh DisplayName::LOCAL_NAME[] =                 UNICODE_LITERAL_11(D,i,s,p,l,a,y,N,a,m,e);
 const XMLCh DomainHint::LOCAL_NAME[] =                  UNICODE_LITERAL_10(D,o,m,a,i,n,H,i,n,t);
 const XMLCh EmailAddress::LOCAL_NAME[] =                UNICODE_LITERAL_12(E,m,a,i,l,A,d,d,r,e,s,s);
@@ -3183,6 +3221,7 @@ const XMLCh QueryDescriptorType::WANTASSERTIONSSIGNED_ATTRIB_NAME[] =   UNICODE_
 const XMLCh RequestedAttribute::LOCAL_NAME[] =          UNICODE_LITERAL_18(R,e,q,u,e,s,t,e,d,A,t,t,r,i,b,u,t,e);
 const XMLCh RequestedAttribute::TYPE_NAME[] =           UNICODE_LITERAL_22(R,e,q,u,e,s,t,e,d,A,t,t,r,i,b,u,t,e,T,y,p,e);
 const XMLCh RequestedAttribute::ISREQUIRED_ATTRIB_NAME[] =  UNICODE_LITERAL_10(i,s,R,e,q,u,i,r,e,d);
+const XMLCh RequestInitiator::LOCAL_NAME[] =            UNICODE_LITERAL_16(R,e,q,u,e,s,t,I,n,i,t,i,a,t,o,r);
 const XMLCh RoleDescriptor::LOCAL_NAME[] =              UNICODE_LITERAL_14(R,o,l,e,D,e,s,c,r,i,p,t,o,r);
 const XMLCh RoleDescriptor::ID_ATTRIB_NAME[] =          UNICODE_LITERAL_2(I,D);
 const XMLCh RoleDescriptor::PROTOCOLSUPPORTENUMERATION_ATTRIB_NAME[] =  UNICODE_LITERAL_26(p,r,o,t,o,c,o,l,S,u,p,p,o,r,t,E,n,u,m,e,r,a,t,i,o,n);
diff --git a/saml/util/SAMLConstants.cpp b/saml/util/SAMLConstants.cpp
index ba18faa..1444273 100644
--- a/saml/util/SAMLConstants.cpp
+++ b/saml/util/SAMLConstants.cpp
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2007 Internet2
+ *  Copyright 2001-2010 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,7 +17,7 @@
 /**
  * SAMLConstants.cpp
  *
- * SAML XML namespace constants
+ * SAML-related constants.
  */
 
 
@@ -234,6 +234,30 @@ const XMLCh samlconstants::SAML20_DELEGATION_CONDITION_NS[] = // urn:oasis:names
 
 const XMLCh samlconstants::SAML20_DELEGATION_CONDITION_PREFIX[] = UNICODE_LITERAL_3(d,e,l);
 
+const XMLCh samlconstants::IDP_DISCOVERY_PROTOCOL_NS[] = // urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol
+{ chLatin_u, chLatin_r, chLatin_n, chColon, chLatin_o, chLatin_a, chLatin_s, chLatin_i, chLatin_s, chColon,
+  chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_s, chColon, chLatin_t, chLatin_c, chColon,
+  chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon,
+  chLatin_p, chLatin_r, chLatin_o, chLatin_f, chLatin_i, chLatin_l, chLatin_e, chLatin_s, chColon,
+  chLatin_S, chLatin_S, chLatin_O, chColon, chLatin_i, chLatin_d, chLatin_p, chDash,
+  chLatin_d, chLatin_i, chLatin_s, chLatin_c, chLatin_o, chLatin_v, chLatin_e, chLatin_r, chLatin_y, chDash,
+  chLatin_p, chLatin_r, chLatin_o, chLatin_t, chLatin_o, chLatin_c, chLatin_o, chLatin_l, chNull
+};
+
+const XMLCh samlconstants::IDP_DISCOVERY_PROTOCOL_PREFIX[] = UNICODE_LITERAL_7(i,d,p,d,i,s,c);
+
+const XMLCh samlconstants::SP_REQUEST_INIT_NS[] = // urn:oasis:names:tc:SAML:profiles:SSO:request-init
+{ chLatin_u, chLatin_r, chLatin_n, chColon, chLatin_o, chLatin_a, chLatin_s, chLatin_i, chLatin_s, chColon,
+  chLatin_n, chLatin_a, chLatin_m, chLatin_e, chLatin_s, chColon, chLatin_t, chLatin_c, chColon,
+  chLatin_S, chLatin_A, chLatin_M, chLatin_L, chColon,
+  chLatin_p, chLatin_r, chLatin_o, chLatin_f, chLatin_i, chLatin_l, chLatin_e, chLatin_s, chColon,
+  chLatin_S, chLatin_S, chLatin_O, chColon,
+  chLatin_r, chLatin_e, chLatin_q, chLatin_u, chLatin_e, chLatin_s, chLatin_t, chDash,
+  chLatin_i, chLatin_n, chLatin_i, chLatin_t, chNull
+};
+
+const XMLCh samlconstants::SP_REQUEST_INIT_PREFIX[] = UNICODE_LITERAL_4(i,n,i,t);
+
 const char samlconstants::SAML1_BINDING_SOAP[] = "urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding";
 
 const char samlconstants::SAML1_PROFILE_BROWSER_ARTIFACT[] = "urn:oasis:names:tc:SAML:1.0:profiles:artifact-01";
diff --git a/saml/util/SAMLConstants.h b/saml/util/SAMLConstants.h
index 11b0470..55590ad 100644
--- a/saml/util/SAMLConstants.h
+++ b/saml/util/SAMLConstants.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2009 Internet2
+ *  Copyright 2001-2010 Internet2
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,7 +27,7 @@
 #include <xercesc/util/XercesDefs.hpp>
 
 /**
- * SAML related constants.
+ * SAML-related constants.
  */
 namespace samlconstants {
 
@@ -154,6 +154,18 @@ namespace samlconstants {
     /** SAML Condition for Delegation Restriction QName prefix ("del") */
     extern SAML_API const XMLCh SAML20_DELEGATION_CONDITION_PREFIX[];
 
+    /** Identity Provider Discovery Protocol and Profile XML Namespace ("urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol") */
+    extern SAML_API const XMLCh IDP_DISCOVERY_PROTOCOL_NS[];
+
+    /** Identity Provider Discovery Protocol and Profile QName prefix ("idpdisc") */
+    extern SAML_API const XMLCh IDP_DISCOVERY_PROTOCOL_PREFIX[];
+
+    /** Service Provider Request Initiation Protocol and Profile XML Namespace ("urn:oasis:names:tc:SAML:profiles:SSO:request-init") */
+    extern SAML_API const XMLCh SP_REQUEST_INIT_NS[];
+
+    /** Service Provider Request Initiation Protocol and Profile QName prefix ("init") */
+    extern SAML_API const XMLCh SP_REQUEST_INIT_PREFIX[];
+
     /** SAML 1.x SOAP binding ("urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding") */
     extern SAML_API const char SAML1_BINDING_SOAP[];
 
diff --git a/schemas/Makefile.am b/schemas/Makefile.am
index e0cc2c0..ebd6e13 100644
--- a/schemas/Makefile.am
+++ b/schemas/Makefile.am
@@ -48,6 +48,8 @@ schemafiles = \
 	sstc-saml-metadata-ext-query.xsd \
 	sstc-saml-metadata-algsupport.xsd \
 	sstc-saml-metadata-ui.xsd \
+	sstc-saml-idp-discovery.xsd \
+	sstc-request-initiation.xsd \
 	sstc-saml-protocol-ext-thirdparty.xsd
 
 pkgxml_DATA = \
diff --git a/schemas/saml20-catalog.xml.in b/schemas/saml20-catalog.xml.in
index e09b9c1..8db31dd 100644
--- a/schemas/saml20-catalog.xml.in
+++ b/schemas/saml20-catalog.xml.in
@@ -9,11 +9,13 @@
     <system systemId="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" uri="@-PKGXMLDIR-@/saml-schema-x500-2.0.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:2.0:profiles:attribute:XACML" uri="@-PKGXMLDIR-@/saml-schema-xacml-2.0.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:metadata:attribute" uri="@-PKGXMLDIR-@/sstc-metadata-attr.xsd"/>
-	<system systemId="urn:oasis:names:tc:SAML:profiles:v1metadata" uri="@-PKGXMLDIR-@/sstc-saml1x-metadata.xsd"/>
+    <system systemId="urn:oasis:names:tc:SAML:profiles:v1metadata" uri="@-PKGXMLDIR-@/sstc-saml1x-metadata.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:attribute:ext" uri="@-PKGXMLDIR-@/sstc-saml-attribute-ext.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:2.0:conditions:delegation" uri="@-PKGXMLDIR-@/sstc-saml-delegation.xsd"/>
-	<system systemId="urn:oasis:names:tc:SAML:metadata:ext:query" uri="@-PKGXMLDIR-@/sstc-saml-metadata-ext-query.xsd"/>
+    <system systemId="urn:oasis:names:tc:SAML:metadata:ext:query" uri="@-PKGXMLDIR-@/sstc-saml-metadata-ext-query.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:metadata:algsupport" uri="@-PKGXMLDIR-@/sstc-saml-metadata-algsupport.xsd"/>
     <system systemId="urn:oasis:names:tc:SAML:metadata:ui" uri="@-PKGXMLDIR-@/sstc-saml-metadata-ui.xsd"/>
-	<system systemId="urn:oasis:names:tc:SAML:protocol:ext:third-party" uri="@-PKGXMLDIR-@/sstc-saml-protocol-ext-thirdparty.xsd"/>
+    <system systemId="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" uri="@-PKGXMLDIR-@/sstc-saml-idp-discovery.xsd"/>
+    <system systemId="urn:oasis:names:tc:SAML:profiles:SSO:request-init" uri="@-PKGXMLDIR-@/sstc-request-initiation.xsd"/>
+    <system systemId="urn:oasis:names:tc:SAML:protocol:ext:third-party" uri="@-PKGXMLDIR-@/sstc-saml-protocol-ext-thirdparty.xsd"/>
 </catalog>
diff --git a/schemas/sstc-request-initiation.xsd b/schemas/sstc-request-initiation.xsd
new file mode 100644
index 0000000..10318f1
--- /dev/null
+++ b/schemas/sstc-request-initiation.xsd
@@ -0,0 +1,23 @@
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
+    xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
+    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="1.0">
+    <annotation>
+        <documentation>
+            Document identifier: sstc-request-initiation
+            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+            Revision history:
+            V1.0 (March 2010):
+              Initial version.
+        </documentation>
+    </annotation>
+    <import namespace="urn:oasis:names:tc:SAML:2.0:metadata"
+        schemaLocation="saml-schema-metadata-2.0.xsd"/>
+    <element name="RequestInitiator" type="md:EndpointType"/>
+</schema>
+
diff --git a/schemas/sstc-saml-idp-discovery.xsd b/schemas/sstc-saml-idp-discovery.xsd
new file mode 100644
index 0000000..a2c0382
--- /dev/null
+++ b/schemas/sstc-saml-idp-discovery.xsd
@@ -0,0 +1,22 @@
+<schema
+    targetNamespace="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+    xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+    xmlns="http://www.w3.org/2001/XMLSchema"
+    elementFormDefault="unqualified"
+    attributeFormDefault="unqualified"
+    blockDefault="substitution"
+    version="2.0">
+    <annotation>
+        <documentation>
+            Document identifier: sstc-saml-idp-discovery
+            Location: http://www.oasis-open.org/committees/documents.php?wg_abbrev=security
+            Revision history:
+            V1.0 (January 2007):
+              Initial version.
+        </documentation>
+    </annotation>
+    <import namespace="urn:oasis:names:tc:SAML:2.0:metadata"
+        schemaLocation="saml-schema-metadata-2.0.xsd"/>
+    <element name="DiscoveryResponse" type="md:IndexedEndpointType"/>
+</schema>
-- 
2.1.4