--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>\r
+<schema\r
+ targetNamespace="urn:oasis:names:tc:SAML:2.0:protocol"\r
+ xmlns="http://www.w3.org/2001/XMLSchema"\r
+ xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"\r
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"\r
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"\r
+ elementFormDefault="unqualified"\r
+ attributeFormDefault="unqualified"\r
+ blockDefault="substitution"\r
+ version="2.0">\r
+ <import namespace="urn:oasis:names:tc:SAML:2.0:assertion"\r
+ schemaLocation="saml-schema-assertion-2.0.xsd"/>\r
+ <import namespace="http://www.w3.org/2000/09/xmldsig#"\r
+ schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>\r
+ <annotation>\r
+ <documentation>\r
+ Document identifier: saml-schema-protocol-2.0\r
+ Location: http://docs.oasis-open.org/security/saml/v2.0/\r
+ Revision history:\r
+ V1.0 (November, 2002):\r
+ Initial Standard Schema.\r
+ V1.1 (September, 2003):\r
+ Updates within the same V1.0 namespace.\r
+ V2.0 (March, 2005):\r
+ New protocol schema based in a SAML V2.0 namespace.\r
+ </documentation>\r
+ </annotation>\r
+ <complexType name="RequestAbstractType" abstract="true">\r
+ <sequence>\r
+ <element ref="saml:Issuer" minOccurs="0"/>\r
+ <element ref="ds:Signature" minOccurs="0"/>\r
+ <element ref="samlp:Extensions" minOccurs="0"/>\r
+ </sequence>\r
+ <attribute name="ID" type="ID" use="required"/>\r
+ <attribute name="Version" type="string" use="required"/>\r
+ <attribute name="IssueInstant" type="dateTime" use="required"/>\r
+ <attribute name="Destination" type="anyURI" use="optional"/>\r
+ <attribute name="Consent" type="anyURI" use="optional"/>\r
+ </complexType>\r
+ <element name="Extensions" type="samlp:ExtensionsType"/>\r
+ <complexType name="ExtensionsType">\r
+ <sequence>\r
+ <any namespace="##other" processContents="lax" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ </complexType>\r
+ <complexType name="StatusResponseType">\r
+ <sequence>\r
+ <element ref="saml:Issuer" minOccurs="0"/>\r
+ <element ref="ds:Signature" minOccurs="0"/>\r
+ <element ref="samlp:Extensions" minOccurs="0"/>\r
+ <element ref="samlp:Status"/>\r
+ </sequence>\r
+ <attribute name="ID" type="ID" use="required"/>\r
+ <attribute name="InResponseTo" type="NCName" use="optional"/>\r
+ <attribute name="Version" type="string" use="required"/>\r
+ <attribute name="IssueInstant" type="dateTime" use="required"/>\r
+ <attribute name="Destination" type="anyURI" use="optional"/>\r
+ <attribute name="Consent" type="anyURI" use="optional"/>\r
+ </complexType>\r
+ <element name="Status" type="samlp:StatusType"/>\r
+ <complexType name="StatusType">\r
+ <sequence>\r
+ <element ref="samlp:StatusCode"/>\r
+ <element ref="samlp:StatusMessage" minOccurs="0"/>\r
+ <element ref="samlp:StatusDetail" minOccurs="0"/>\r
+ </sequence>\r
+ </complexType>\r
+ <element name="StatusCode" type="samlp:StatusCodeType"/>\r
+ <complexType name="StatusCodeType">\r
+ <sequence>\r
+ <element ref="samlp:StatusCode" minOccurs="0"/>\r
+ </sequence>\r
+ <attribute name="Value" type="anyURI" use="required"/>\r
+ </complexType>\r
+ <element name="StatusMessage" type="string"/>\r
+ <element name="StatusDetail" type="samlp:StatusDetailType"/>\r
+ <complexType name="StatusDetailType">\r
+ <sequence>\r
+ <any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ </complexType>\r
+ <element name="AssertionIDRequest" type="samlp:AssertionIDRequestType"/>\r
+ <complexType name="AssertionIDRequestType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <element ref="saml:AssertionIDRef" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="SubjectQuery" type="samlp:SubjectQueryAbstractType"/>\r
+ <complexType name="SubjectQueryAbstractType" abstract="true">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <element ref="saml:Subject"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="AuthnQuery" type="samlp:AuthnQueryType"/>\r
+ <complexType name="AuthnQueryType">\r
+ <complexContent>\r
+ <extension base="samlp:SubjectQueryAbstractType">\r
+ <sequence>\r
+ <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>\r
+ </sequence>\r
+ <attribute name="SessionIndex" type="string" use="optional"/>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="RequestedAuthnContext" type="samlp:RequestedAuthnContextType"/>\r
+ <complexType name="RequestedAuthnContextType">\r
+ <choice>\r
+ <element ref="saml:AuthnContextClassRef" maxOccurs="unbounded"/>\r
+ <element ref="saml:AuthnContextDeclRef" maxOccurs="unbounded"/>\r
+ </choice>\r
+ <attribute name="Comparison" type="samlp:AuthnContextComparisonType" use="optional"/>\r
+ </complexType>\r
+ <simpleType name="AuthnContextComparisonType">\r
+ <restriction base="string">\r
+ <enumeration value="exact"/>\r
+ <enumeration value="minimum"/>\r
+ <enumeration value="maximum"/>\r
+ <enumeration value="better"/>\r
+ </restriction>\r
+ </simpleType>\r
+ <element name="AttributeQuery" type="samlp:AttributeQueryType"/>\r
+ <complexType name="AttributeQueryType">\r
+ <complexContent>\r
+ <extension base="samlp:SubjectQueryAbstractType">\r
+ <sequence>\r
+ <element ref="saml:Attribute" minOccurs="0" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="AuthzDecisionQuery" type="samlp:AuthzDecisionQueryType"/>\r
+ <complexType name="AuthzDecisionQueryType">\r
+ <complexContent>\r
+ <extension base="samlp:SubjectQueryAbstractType">\r
+ <sequence>\r
+ <element ref="saml:Action" maxOccurs="unbounded"/>\r
+ <element ref="saml:Evidence" minOccurs="0"/>\r
+ </sequence>\r
+ <attribute name="Resource" type="anyURI" use="required"/>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="AuthnRequest" type="samlp:AuthnRequestType"/>\r
+ <complexType name="AuthnRequestType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <element ref="saml:Subject" minOccurs="0"/>\r
+ <element ref="samlp:NameIDPolicy" minOccurs="0"/>\r
+ <element ref="saml:Conditions" minOccurs="0"/>\r
+ <element ref="samlp:RequestedAuthnContext" minOccurs="0"/>\r
+ <element ref="samlp:Scoping" minOccurs="0"/>\r
+ </sequence>\r
+ <attribute name="ForceAuthn" type="boolean" use="optional"/>\r
+ <attribute name="IsPassive" type="boolean" use="optional"/>\r
+ <attribute name="ProtocolBinding" type="anyURI" use="optional"/>\r
+ <attribute name="AssertionConsumerServiceIndex" type="unsignedShort" use="optional"/>\r
+ <attribute name="AssertionConsumerServiceURL" type="anyURI" use="optional"/>\r
+ <attribute name="AttributeConsumingServiceIndex" type="unsignedShort" use="optional"/>\r
+ <attribute name="ProviderName" type="string" use="optional"/>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="NameIDPolicy" type="samlp:NameIDPolicyType"/>\r
+ <complexType name="NameIDPolicyType">\r
+ <attribute name="Format" type="anyURI" use="optional"/>\r
+ <attribute name="SPNameQualifier" type="string" use="optional"/>\r
+ <attribute name="AllowCreate" type="boolean" use="optional"/>\r
+ </complexType>\r
+ <element name="Scoping" type="samlp:ScopingType"/>\r
+ <complexType name="ScopingType">\r
+ <sequence>\r
+ <element ref="samlp:IDPList" minOccurs="0"/>\r
+ <element ref="samlp:RequesterID" minOccurs="0" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ <attribute name="ProxyCount" type="nonNegativeInteger" use="optional"/>\r
+ </complexType>\r
+ <element name="RequesterID" type="anyURI"/>\r
+ <element name="IDPList" type="samlp:IDPListType"/>\r
+ <complexType name="IDPListType">\r
+ <sequence>\r
+ <element ref="samlp:IDPEntry" maxOccurs="unbounded"/>\r
+ <element ref="samlp:GetComplete" minOccurs="0"/>\r
+ </sequence>\r
+ </complexType>\r
+ <element name="IDPEntry" type="samlp:IDPEntryType"/>\r
+ <complexType name="IDPEntryType">\r
+ <attribute name="ProviderID" type="anyURI" use="required"/>\r
+ <attribute name="Name" type="string" use="optional"/>\r
+ <attribute name="Loc" type="anyURI" use="optional"/>\r
+ </complexType>\r
+ <element name="GetComplete" type="anyURI"/>\r
+ <element name="Response" type="samlp:ResponseType"/>\r
+ <complexType name="ResponseType">\r
+ <complexContent>\r
+ <extension base="samlp:StatusResponseType">\r
+ <choice minOccurs="0" maxOccurs="unbounded">\r
+ <element ref="saml:Assertion"/>\r
+ <element ref="saml:EncryptedAssertion"/>\r
+ </choice>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="ArtifactResolve" type="samlp:ArtifactResolveType"/>\r
+ <complexType name="ArtifactResolveType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <element ref="samlp:Artifact"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="Artifact" type="string"/>\r
+ <element name="ArtifactResponse" type="samlp:ArtifactResponseType"/>\r
+ <complexType name="ArtifactResponseType">\r
+ <complexContent>\r
+ <extension base="samlp:StatusResponseType">\r
+ <sequence>\r
+ <any namespace="##any" processContents="lax" minOccurs="0"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="ManageNameIDRequest" type="samlp:ManageNameIDRequestType"/>\r
+ <complexType name="ManageNameIDRequestType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <choice>\r
+ <element ref="saml:NameID"/>\r
+ <element ref="saml:EncryptedID"/>\r
+ </choice>\r
+ <choice>\r
+ <element ref="samlp:NewID"/>\r
+ <element ref="samlp:NewEncryptedID"/>\r
+ <element ref="samlp:Terminate"/>\r
+ </choice>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="NewID" type="string"/>\r
+ <element name="NewEncryptedID" type="saml:EncryptedElementType"/>\r
+ <element name="Terminate" type="samlp:TerminateType"/>\r
+ <complexType name="TerminateType"/>\r
+ <element name="ManageNameIDResponse" type="samlp:StatusResponseType"/>\r
+ <element name="LogoutRequest" type="samlp:LogoutRequestType"/>\r
+ <complexType name="LogoutRequestType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <choice>\r
+ <element ref="saml:BaseID"/>\r
+ <element ref="saml:NameID"/>\r
+ <element ref="saml:EncryptedID"/>\r
+ </choice>\r
+ <element ref="samlp:SessionIndex" minOccurs="0" maxOccurs="unbounded"/>\r
+ </sequence>\r
+ <attribute name="Reason" type="string" use="optional"/>\r
+ <attribute name="NotOnOrAfter" type="dateTime" use="optional"/>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="SessionIndex" type="string"/>\r
+ <element name="LogoutResponse" type="samlp:StatusResponseType"/>\r
+ <element name="NameIDMappingRequest" type="samlp:NameIDMappingRequestType"/>\r
+ <complexType name="NameIDMappingRequestType">\r
+ <complexContent>\r
+ <extension base="samlp:RequestAbstractType">\r
+ <sequence>\r
+ <choice>\r
+ <element ref="saml:BaseID"/>\r
+ <element ref="saml:NameID"/>\r
+ <element ref="saml:EncryptedID"/>\r
+ </choice>\r
+ <element ref="samlp:NameIDPolicy"/>\r
+ </sequence>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+ <element name="NameIDMappingResponse" type="samlp:NameIDMappingResponseType"/>\r
+ <complexType name="NameIDMappingResponseType">\r
+ <complexContent>\r
+ <extension base="samlp:StatusResponseType">\r
+ <choice>\r
+ <element ref="saml:NameID"/>\r
+ <element ref="saml:EncryptedID"/>\r
+ </choice>\r
+ </extension>\r
+ </complexContent>\r
+ </complexType>\r
+</schema>\r