1# zxid/sg/liberty-metadata-v2.0.sg
2# Slightly edited, 5.9.2006, Sampo Kellomaki (sampo@iki.fi)
3# $Id: liberty-metadata-v2.0.sg,v 1.5 2009-09-05 02:23:41 sampo Exp $
4#
5# N.B. Older Liberty metadata, liberty-metadata-1.0-errata-v2.0.xsd,
6# urn:liberty:metadata:2003-08, is nearly identical to this one except
7# for the actual namespace URI. We therfore adopt convention of using
8# this new metadata even where strictly speaking the old one should be used.
9
10target(m20, urn:liberty:metadata:2004-12)
11import(ds,  http://www.w3.org/2000/09/xmldsig#,   http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd)
12
13import(xs,  http://www.w3.org/2001/XMLSchema, http://www.w3.org/2001/xml.xsd)
14#import(xs,  http://www.w3.org/XML/1998/namespace, http://www.w3.org/2001/xml.xsd)
15# include(liberty-idwsf-utility-v2.0.xsd)
16
17Extension        -> %m20:extensionType
18%extensionType:
19  any+  ns(##other)  processContents(lax)
20  ;
21
22%entityIDType:	 base(xs:anyURI) ;
23
24%additionalMetadataLocationType:	 base(xs:anyURI)
25  @namespace?	 -> %xs:anyURI
26  ;
27
28%organizationNameType:	 base(xs:string)
29  @lang -> %xs:string  #@xml:lang   ***
30  ;
31
32%organizationDisplayNameType:	 base(xs:string)
33  @lang -> %xs:string  #@xml:lang   ***
34  ;
35
36%organizationType:
37  m20:OrganizationName+         -> %m20:organizationNameType
38  m20:OrganizationDisplayName+  -> %m20:organizationDisplayNameType
39  m20:OrganizationURL+          -> %m20:localizedURIType
40  m20:Extension?
41  ;
42
43%localizedURIType:	 base(xs:anyURI)
44  @lang -> %xs:string  #@xml:lang   ***
45  ;
46
47%contactType:
48  m20:Company?         -> %xs:string
49  m20:GivenName?       -> %xs:string
50  m20:SurName?         -> %xs:string
51  m20:EmailAddress*    -> %xs:anyURI
52  m20:TelephoneNumber* -> %xs:string
53  m20:Extension?
54  @libertyPrincipalIdentifier?	 -> %m20:entityIDType
55  @contactType	 -> %m20:attrContactType
56  ;
57
58%attrContactType: enum( technical administrative billing other ) ;
59
60%keyTypes:        enum( encryption signing ) ;
61
62%providerDescriptorType:
63  m20:KeyDescriptor*
64  m20:SoapEndpoint?	 -> %xs:anyURI
65  m20:SingleLogoutServiceURL?                           -> %xs:anyURI
66  m20:SingleLogoutServiceReturnURL?                     -> %xs:anyURI
67  m20:FederationTerminationServiceURL?                  -> %xs:anyURI
68  m20:FederationTerminationServiceReturnURL?            -> %xs:anyURI
69  m20:FederationTerminationNotificationProtocolProfile* -> %xs:anyURI
70  m20:SingleLogoutProtocolProfile*                      -> %xs:anyURI
71  m20:RegisterNameIdentifierProtocolProfile*            -> %xs:anyURI
72  m20:RegisterNameIdentifierServiceURL?                 -> %xs:anyURI
73  m20:RegisterNameIdentifierServiceReturnURL?           -> %xs:anyURI
74  m20:NameIdentifierMappingProtocolProfile*             -> %xs:anyURI
75  m20:NameIdentifierMappingEncryptionProfile*           -> %xs:anyURI
76  m20:Organization?                                     -> %m20:organizationType
77  m20:ContactPerson*                                    -> %m20:contactType
78  m20:AdditionalMetaLocation*	 -> %m20:additionalMetadataLocationType
79  m20:Extension?
80  ds:Signature?
81  @protocolSupportEnumeration -> %xs:string
82  @id?                        -> %xs:ID
83  @validUntil?                -> %xs:dateTime
84  @cacheDuration?             -> %xs:duration
85  ;
86
87KeyDescriptor	 -> %m20:keyDescriptorType
88%keyDescriptorType:
89  m20:EncryptionMethod?  -> %xs:anyURI
90  m20:KeySize?           -> %xs:integer
91  ds:KeyInfo?
92  m20:Extension?
93  @use?	 -> %keyTypes
94  ;
95
96EntitiesDescriptor -> %m20:entitiesDescriptorType
97%entitiesDescriptorType:
98  m20:EntityDescriptor{2,unbounded}
99  ;
100
101EntityDescriptor -> %m20:entityDescriptorType
102%entityDescriptorType:
103  m20:IDPDescriptor*          -> %m20:IDPDescriptorType
104  m20:SPDescriptor*           -> %m20:SPDescriptorType
105  m20:AffiliationDescriptor*  -> %m20:affiliationDescriptorType
106  m20:ContactPerson?          -> %m20:contactType
107  m20:Organization?           -> %m20:organizationType
108  m20:Extension?
109  ds:Signature?
110  @providerID                 -> %m20:entityIDType
111  @id?                        -> %xs:ID
112  @validUntil?                -> %xs:dateTime
113  @cacheDuration?             -> %xs:duration
114  ;
115
116%SPDescriptorType:	 base(m20:providerDescriptorType)
117    m20:AssertionConsumerServiceURL+:	 base(xs:anyURI)
118      @id          -> %xs:ID
119      @isDefault?  -> %xs:boolean  default (false)
120      ;
121    m20:AuthnRequestsSigned	 -> %xs:boolean
122  ;
123
124%IDPDescriptorType:	 base(m20:providerDescriptorType)
125    m20:SingleSignOnServiceURL        -> %xs:anyURI
126    m20:SingleSignOnProtocolProfile+  -> %xs:anyURI
127    m20:AuthnServiceURL?              -> %xs:anyURI
128  ;
129
130%affiliationDescriptorType:
131  m20:AffiliateMember+	 -> %m20:entityIDType
132  m20:Extension?
133  m20:KeyDescriptor*	 -> %m20:keyDescriptorType
134  ds:Signature?
135  @affiliationOwnerID	 -> %m20:entityIDType
136  @validUntil?	         -> %xs:dateTime
137  @cacheDuration?	 -> %xs:duration
138  @id?	 -> %xs:ID
139  ;
140
141#EOF
142