JBossSAMLConstants.java
/*
* Copyright 2016 Red Hat, Inc. and/or its affiliates
* and other contributors as indicated by the @author tags.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.keycloak.saml.common.constants;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.xml.namespace.QName;
import static org.keycloak.saml.common.constants.JBossSAMLURIConstants.*;
/**
* SAML Constants
*
* @since Dec 10, 2008
*/
public enum JBossSAMLConstants {
// saml-schema-protocol-2.0.xsd
ARTIFACT(PROTOCOL_NSURI, "Artifact"),
ARTIFACT_RESOLVE(PROTOCOL_NSURI, "ArtifactResolve"),
ARTIFACT_RESPONSE(PROTOCOL_NSURI, "ArtifactResponse"),
ASSERTION_ID_REQUEST(PROTOCOL_NSURI, "AssertionIDRequest"),
ATTRIBUTE_QUERY(PROTOCOL_NSURI, "AttributeQuery"),
AUTHN_QUERY(PROTOCOL_NSURI, "AuthnQuery"),
AUTHN_REQUEST(PROTOCOL_NSURI, "AuthnRequest"),
AUTHZ_DECISION_QUERY(PROTOCOL_NSURI, "AuthzDecisionQuery"),
EXTENSIONS__PROTOCOL(PROTOCOL_NSURI, "Extensions"),
GET_COMPLETE(PROTOCOL_NSURI, "GetComplete"),
IDP_ENTRY(PROTOCOL_NSURI, "IDPEntry"),
IDP_LIST(PROTOCOL_NSURI, "IDPList"),
LOGOUT_REQUEST(PROTOCOL_NSURI, "LogoutRequest"),
LOGOUT_RESPONSE(PROTOCOL_NSURI, "LogoutResponse"),
MANAGE_NAMEID_REQUEST(PROTOCOL_NSURI, "ManageNameIDRequest"),
MANAGE_NAMEID_RESPONSE(PROTOCOL_NSURI, "ManageNameIDResponse"),
NAMEID_MAPPING_REQUEST(PROTOCOL_NSURI, "NameIDMappingRequest"),
NAMEID_MAPPING_RESPONSE(PROTOCOL_NSURI, "NameIDMappingResponse"),
NAMEID_POLICY(PROTOCOL_NSURI, "NameIDPolicy"),
NEW_ENCRYPTEDID(PROTOCOL_NSURI, "NewEncryptedID"),
NEWID(PROTOCOL_NSURI, "NewID"),
REQUESTED_AUTHN_CONTEXT(PROTOCOL_NSURI, "RequestedAuthnContext"),
REQUESTERID(PROTOCOL_NSURI, "RequesterID"),
RESPONSE__PROTOCOL(PROTOCOL_NSURI, "Response"),
SCOPING(PROTOCOL_NSURI, "Scoping"),
SESSION_INDEX(PROTOCOL_NSURI, "SessionIndex"),
STATUS_CODE(PROTOCOL_NSURI, "StatusCode"),
STATUS_DETAIL(PROTOCOL_NSURI, "StatusDetail"),
STATUS_MESSAGE(PROTOCOL_NSURI, "StatusMessage"),
STATUS(PROTOCOL_NSURI, "Status"),
SUBJECT_QUERY(PROTOCOL_NSURI, "SubjectQuery"),
TERMINATE(PROTOCOL_NSURI, "Terminate"),
// saml-schema-assertion-2.0.xsd
ACTION(ASSERTION_NSURI, "Action"),
ADVICE(ASSERTION_NSURI, "Advice"),
ASSERTION(ASSERTION_NSURI, "Assertion"),
ASSERTION_ID_REF(ASSERTION_NSURI, "AssertionIDRef"),
ASSERTION_URI_REF(ASSERTION_NSURI, "AssertionURIRef"),
ATTRIBUTE(ASSERTION_NSURI, "Attribute"),
ATTRIBUTE_STATEMENT(ASSERTION_NSURI, "AttributeStatement"),
ATTRIBUTE_VALUE(ASSERTION_NSURI, "AttributeValue"),
AUDIENCE(ASSERTION_NSURI, "Audience"),
AUDIENCE_RESTRICTION(ASSERTION_NSURI, "AudienceRestriction"),
AUTHENTICATING_AUTHORITY(ASSERTION_NSURI, "AuthenticatingAuthority"),
AUTHN_CONTEXT(ASSERTION_NSURI, "AuthnContext"),
AUTHN_CONTEXT_CLASS_REF(ASSERTION_NSURI, "AuthnContextClassRef"),
AUTHN_CONTEXT_DECL(ASSERTION_NSURI, "AuthnContextDecl"),
AUTHN_CONTEXT_DECL_REF(ASSERTION_NSURI, "AuthnContextDeclRef"),
AUTHN_STATEMENT(ASSERTION_NSURI, "AuthnStatement"),
AUTHZ_DECISION_STATEMENT(ASSERTION_NSURI, "AuthzDecisionStatement"),
BASEID(ASSERTION_NSURI, "BaseID"),
CONDITION(ASSERTION_NSURI, "Condition"),
CONDITIONS(ASSERTION_NSURI, "Conditions"),
ENCRYPTED_ASSERTION(ASSERTION_NSURI, "EncryptedAssertion"),
ENCRYPTED_ATTRIBUTE(ASSERTION_NSURI, "EncryptedAttribute"),
ENCRYPTED_ID(ASSERTION_NSURI, "EncryptedID"),
EVIDENCE(ASSERTION_NSURI, "Evidence"),
ISSUER(ASSERTION_NSURI, "Issuer"),
NAMEID(ASSERTION_NSURI, "NameID"),
ONE_TIME_USE(ASSERTION_NSURI, "OneTimeUse"),
PROXY_RESTRICTION(ASSERTION_NSURI, "ProxyRestriction"),
STATEMENT(ASSERTION_NSURI, "Statement"),
SUBJECT_CONFIRMATION_DATA(ASSERTION_NSURI, "SubjectConfirmationData"),
SUBJECT_CONFIRMATION(ASSERTION_NSURI, "SubjectConfirmation"),
SUBJECT_LOCALITY(ASSERTION_NSURI, "SubjectLocality"),
SUBJECT(ASSERTION_NSURI, "Subject"),
// saml-schema-metadata-2.0.xsd
ADDITIONAL_METADATA_LOCATION(METADATA_NSURI, "AdditionalMetadataLocation"),
AFFILIATE_MEMBER(METADATA_NSURI, "AffiliateMember"),
AFFILIATION_DESCRIPTOR(METADATA_NSURI, "AffiliationDescriptor"),
ARTIFACT_RESOLUTION_SERVICE(METADATA_NSURI, "ArtifactResolutionService"),
ASSERTION_CONSUMER_SERVICE(METADATA_NSURI, "AssertionConsumerService"),
ASSERTION_ID_REQUEST_SERVICE(METADATA_NSURI, "AssertionIDRequestService"),
ATTRIBUTE_AUTHORITY_DESCRIPTOR(METADATA_NSURI, "AttributeAuthorityDescriptor"),
ATTRIBUTE_CONSUMING_SERVICE(METADATA_NSURI, "AttributeConsumingService"),
ATTRIBUTE_PROFILE(METADATA_NSURI, "AttributeProfile"),
ATTRIBUTE_SERVICE(METADATA_NSURI, "AttributeService"),
AUTHN_AUTHORITY_DESCRIPTOR(METADATA_NSURI, "AuthnAuthorityDescriptor"),
AUTHN_QUERY_SERVICE(METADATA_NSURI, "AuthnQueryService"),
AUTHZ_SERVICE(METADATA_NSURI, "AuthzService"),
COMPANY(METADATA_NSURI, "Company"),
CONTACT_PERSON(METADATA_NSURI, "ContactPerson"),
EMAIL_ADDRESS(METADATA_NSURI, "EmailAddress"),
ENCRYPTION_METHOD(METADATA_NSURI, "EncryptionMethod"),
ENTITIES_DESCRIPTOR(METADATA_NSURI, "EntitiesDescriptor"),
ENTITY_DESCRIPTOR(METADATA_NSURI, "EntityDescriptor"),
EXTENSIONS__METADATA(METADATA_NSURI, "Extensions"),
GIVEN_NAME(METADATA_NSURI, "GivenName"),
IDP_SSO_DESCRIPTOR(METADATA_NSURI, "IDPSSODescriptor"),
KEY_DESCRIPTOR(METADATA_NSURI, "KeyDescriptor"),
MANAGE_NAMEID_SERVICE(METADATA_NSURI, "ManageNameIDService"),
NAMEID_FORMAT(METADATA_NSURI, "NameIDFormat"),
NAMEID_MAPPING_SERVICE(METADATA_NSURI, "NameIDMappingService"),
ORGANIZATION_DISPLAY_NAME(METADATA_NSURI, "OrganizationDisplayName"),
ORGANIZATION_NAME(METADATA_NSURI, "OrganizationName"),
ORGANIZATION(METADATA_NSURI, "Organization"),
ORGANIZATION_URL(METADATA_NSURI, "OrganizationURL"),
ORGANIZATION_URL_ALT(METADATA_NSURI, "OrganizationUrl"), // non-standard: KEYCLOAK-4040
PDP_DESCRIPTOR(METADATA_NSURI, "PDPDescriptor"),
REQUESTED_ATTRIBUTE(METADATA_NSURI, "RequestedAttribute"),
ROLE_DESCRIPTOR(METADATA_NSURI, "RoleDescriptor"),
SERVICE_DESCRIPTION(METADATA_NSURI, "ServiceDescription"),
SERVICE_NAME(METADATA_NSURI, "ServiceName"),
SINGLE_LOGOUT_SERVICE(METADATA_NSURI, "SingleLogoutService"),
SINGLE_SIGNON_SERVICE(METADATA_NSURI, "SingleSignOnService"),
SP_SSO_DESCRIPTOR(METADATA_NSURI, "SPSSODescriptor"),
SURNAME(METADATA_NSURI, "SurName"),
TELEPHONE_NUMBER(METADATA_NSURI, "TelephoneNumber"),
// saml-schema-ecp-2.0.xsd
RELAY_STATE(ECP_PROFILE, "RelayState"),
REQUEST(ECP_PROFILE, "Request"),
RESPONSE__ECP(ECP_PROFILE, "Response"),
SIGNATURE(XMLDSIG_NSURI, "Signature"),
DSA_KEY_VALUE(XMLDSIG_NSURI, "DSAKeyValue"),
KEY_INFO(XMLDSIG_NSURI, "KeyInfo"),
KEY_VALUE(XMLDSIG_NSURI, "KeyValue"),
RSA_KEY_VALUE(XMLDSIG_NSURI, "RSAKeyValue"),
X509_CERT(XMLDSIG_NSURI, "X509Certificate"),
X509_DATA(XMLDSIG_NSURI, "X509Data"),
// Attribute names and other constants
ADDRESS("Address"),
ALGORITHM("Algorithm"),
ALLOW_CREATE("AllowCreate"),
ASSERTION_CONSUMER_SERVICE_URL("AssertionConsumerServiceURL"),
ASSERTION_CONSUMER_SERVICE_INDEX("AssertionConsumerServiceIndex"),
ATTRIBUTE_CONSUMING_SERVICE_INDEX("AttributeConsumingServiceIndex"),
AUTHN_INSTANT("AuthnInstant"),
AUTHN_REQUESTS_SIGNED("AuthnRequestsSigned"),
BINDING("Binding"),
CACHE_DURATION("cacheDuration"),
COMPARISON("Comparison"),
CONSENT("Consent"),
CONTACT_TYPE("contactType"),
DESTINATION("Destination"),
DNS_NAME("DNSName"),
ENCODING("Encoding"),
ENCRYPTED_KEY("EncryptedKey"),
ENTITY_ID("entityID"),
FORMAT("Format"),
FRIENDLY_NAME("FriendlyName"),
FORCE_AUTHN("ForceAuthn"),
ID("ID"),
INDEX("index"),
INPUT_CONTEXT_ONLY("InputContextOnly"),
IN_RESPONSE_TO("InResponseTo"),
ISDEFAULT("isDefault"),
IS_REQUIRED("isRequired"),
IS_PASSIVE("IsPassive"),
ISSUE_INSTANT("IssueInstant"),
LOCATION("Location"),
METHOD("Method"),
NAME("Name"),
NAME_FORMAT("NameFormat"),
NAME_QUALIFIER("NameQualifier"),
NOT_BEFORE("NotBefore"),
NOT_ON_OR_AFTER("NotOnOrAfter"),
PROTOCOL_BINDING("ProtocolBinding"),
PROTOCOL_SUPPORT_ENUMERATION("protocolSupportEnumeration"),
PROVIDER_NAME("ProviderName"),
REASON("Reason"),
RECIPIENT("Recipient"),
REQUEST_ABSTRACT("RequestAbstract"),
RESPONSE_LOCATION("ResponseLocation"),
RETURN_CONTEXT("ReturnContext"),
SP_PROVIDED_ID("SPProvidedID"),
SP_NAME_QUALIFIER("SPNameQualifier"),
STATUS_RESPONSE_TYPE("StatusResponseType"),
TYPE("type"),
USE("use"),
VALUE("Value"),
VALID_UNTIL("validUntil"),
VERSION("Version"),
WANT_AUTHN_REQUESTS_SIGNED("WantAuthnRequestsSigned"),
WANT_ASSERTIONS_SIGNED("WantAssertionsSigned"),
XACML_AUTHZ_DECISION_QUERY("XACMLAuthzDecisionQuery"),
XACML_AUTHZ_DECISION_QUERY_TYPE("XACMLAuthzDecisionQueryType"),
XACML_AUTHZ_DECISION_STATEMENT_TYPE("XACMLAuthzDecisionStatementType"),
REQUEST_AUTHENTICATED("RequestAuthenticated"),
UNSOLICITED_RESPONSE_TARGET("TARGET"),
UNSOLICITED_RESPONSE_SAML_VERSION("SAML_VERSION"),
UNSOLICITED_RESPONSE_SAML_BINDING("SAML_BINDING"),
LANG("lang"),
LANG_EN("en"),
METADATA_MIME("application/samlmetadata+xml"),
SIGNATURE_SHA1_WITH_DSA("http://www.w3.org/2000/09/xmldsig#dsa-sha1"),
SIGNATURE_SHA1_WITH_RSA("http://www.w3.org/2000/09/xmldsig#rsa-sha1"),
VERSION_2_0("2.0"),
/** @deprecated Use namespace-aware variant instead */
RESPONSE("Response"),
/** @deprecated Use namespace-aware variant instead */
EXTENSIONS("Extensions"),
UNKNOWN_VALUE(null)
;
private final QName asQName;
private final JBossSAMLURIConstants nsUri;
private static class ReverseLookup {
// Private class to make sure JBossSAMLURIConstants is fully initialized
private static final Map<QName, JBossSAMLConstants> QNAME_CONSTANTS;
private static final Map<String, JBossSAMLConstants> CONSTANTS;
static {
HashMap<QName, JBossSAMLConstants> q = new HashMap<>(JBossSAMLConstants.values().length);
HashMap<String, JBossSAMLConstants> m = new HashMap<>(JBossSAMLConstants.values().length);
JBossSAMLConstants old;
for (JBossSAMLConstants c : JBossSAMLConstants.values()) {
if ((old = q.put(c.getAsQName(), c)) != null) {
throw new IllegalStateException("Same name " + c.getAsQName() + " used for two distinct constants: " + c + ", " + old);
}
String key = c.get();
if ((old = m.put(key, c)) != null) {
// System.out.println("WARNING: " + old);
if (old != null && c.getAsQName().equals(old.getAsQName())) {
throw new IllegalStateException("Same name " + key + " used for two distinct constants: " + c + ", " + old);
}
m.put(key, null);
}
}
QNAME_CONSTANTS = Collections.unmodifiableMap(q);
CONSTANTS = Collections.unmodifiableMap(m);
}
public JBossSAMLConstants from(String key) {
return CONSTANTS.get(key);
}
public JBossSAMLConstants from(QName key) {
return QNAME_CONSTANTS.get(key);
}
}
private static final ReverseLookup REVERSE_LOOKUP = new ReverseLookup();
private JBossSAMLConstants(String name) {
this.asQName = name == null ? null : new QName(name);
this.nsUri = null;
}
private JBossSAMLConstants(JBossSAMLURIConstants namespaceUri, String name) {
this.nsUri = namespaceUri;
this.asQName = name == null ? null : new QName(namespaceUri.get(), name);
}
public String get() {
return this.asQName == null ? null : this.asQName.getLocalPart();
}
public QName getAsQName() {
return asQName;
}
public JBossSAMLURIConstants getNsUri() {
return nsUri;
}
/**
* Returns an enum constant based if known for the given {@code key}, or the {@code defaultValue} otherwise.
* @param key
* @return
*/
public static JBossSAMLConstants from(String key, JBossSAMLConstants defaultValue) {
final JBossSAMLConstants res = REVERSE_LOOKUP.from(key);
return res == null ? defaultValue : res;
}
/**
* Returns an enum constant based if known for the given {@code key}, or the {@code UNKNOWN_VALUE} otherwise.
* @param key
* @return
*/
public static JBossSAMLConstants from(String key) {
return from(key, UNKNOWN_VALUE);
}
/**
* Returns an enum constant based if known for the given {@code name} (namespace-aware), or the {@code UNKNOWN_VALUE} otherwise.
* @param key
* @return
*/
public static JBossSAMLConstants from(QName name) {
final JBossSAMLConstants res = REVERSE_LOOKUP.from(name);
return res == null ? UNKNOWN_VALUE : res;
}
}