ReplayCache, some decoder work, and merged schema validators into one suite.

[shibboleth/opensaml2.git] / saml / saml2 / core / impl / Assertions20SchemaValidators.cpp

diff --git a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp
index e839e69..4aaeadf 100644 (file)
--- a/saml/saml2/core/impl/Assertions20SchemaValidators.cpp
+++ b/saml/saml2/core/impl/Assertions20SchemaValidators.cpp
@@ -15,7 +15,7 @@
  */
 
 /**
- * AssertionsSchemaValidators.cpp
+ * Assertions20SchemaValidators.cpp
  * 
  * Schema-based validators for SAML 2.0 Assertions classes
  */
@@ -43,13 +43,29 @@ namespace opensaml {
         XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,NameID);
         XMLOBJECTVALIDATOR_SIMPLE(SAML_DLLLOCAL,Issuer);
 
+        BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,EncryptedElementType);
+            XMLOBJECTVALIDATOR_REQUIRE(EncryptedElementType,EncryptedData);
+        END_XMLOBJECTVALIDATOR;
+        
+        BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,EncryptedID,EncryptedElementType);
+            EncryptedElementTypeSchemaValidator::validate(xmlObject);
+        END_XMLOBJECTVALIDATOR;
+
+        BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,EncryptedAttribute,EncryptedElementType);
+            EncryptedElementTypeSchemaValidator::validate(xmlObject);
+        END_XMLOBJECTVALIDATOR;
+
+        BEGIN_XMLOBJECTVALIDATOR_SUB(SAML_DLLLOCAL,EncryptedAssertion,EncryptedElementType);
+            EncryptedElementTypeSchemaValidator::validate(xmlObject);
+        END_XMLOBJECTVALIDATOR;
+
         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,AudienceRestriction);
             XMLOBJECTVALIDATOR_NONEMPTY(AudienceRestriction,Audience);
         END_XMLOBJECTVALIDATOR;
 
         BEGIN_XMLOBJECTVALIDATOR(SAML_DLLLOCAL,ProxyRestriction);
             if (ptr->getAudiences().empty()) {
-                XMLOBJECTVALIDATOR_REQUIRE(ProxyRestriction,Count);
+                XMLOBJECTVALIDATOR_REQUIRE_INTEGER(ProxyRestriction,Count);
             }
         END_XMLOBJECTVALIDATOR;
 
@@ -70,8 +86,8 @@ namespace opensaml {
                 count++;
             if (ptr->getNameID())
                 count++;
-            //if (ptr->getEncryptedID())
-                //count++;
+            if (ptr->getEncryptedID())
+                count++;
             if (count > 1)
                 throw ValidationException("SubjectConfirmation cannot contain multiple identifier elements.");
         END_XMLOBJECTVALIDATOR;
@@ -82,8 +98,8 @@ namespace opensaml {
                 count++;
             if (ptr->getNameID())
                 count++;
-            //if (ptr->getEncryptedID())
-                //count++;
+            if (ptr->getEncryptedID())
+                count++;
             if (count > 1)
                 throw ValidationException("Subject cannot contain multiple identifier elements.");
         END_XMLOBJECTVALIDATOR;
@@ -161,12 +177,12 @@ namespace opensaml {
 #define REGISTER_ELEMENT(cname) \
     q=QName(SAMLConstants::SAML20_NS,cname::LOCAL_NAME); \
     XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
-    Validator::registerValidator(q,new cname##SchemaValidator())
+    SchemaValidators.registerValidator(q,new cname##SchemaValidator())
     
 #define REGISTER_TYPE(cname) \
     q=QName(SAMLConstants::SAML20_NS,cname::TYPE_NAME); \
     XMLObjectBuilder::registerBuilder(q,new cname##Builder()); \
-    Validator::registerValidator(q,new cname##SchemaValidator())
+    SchemaValidators.registerValidator(q,new cname##SchemaValidator())
 
 #define REGISTER_ELEMENT_NOVAL(cname) \
     q=QName(SAMLConstants::SAML20_NS,cname::LOCAL_NAME); \
@@ -196,6 +212,9 @@ void opensaml::saml2::registerAssertionClasses() {
     REGISTER_ELEMENT(AuthnStatement);
     REGISTER_ELEMENT(AuthzDecisionStatement);
     REGISTER_ELEMENT(Conditions);
+    REGISTER_ELEMENT(EncryptedAssertion);
+    REGISTER_ELEMENT(EncryptedAttribute);
+    REGISTER_ELEMENT(EncryptedID);
     REGISTER_ELEMENT(Evidence);
     REGISTER_ELEMENT(Issuer);
     REGISTER_ELEMENT(NameID);