Safe Haskell | None |
---|---|
Language | Haskell2010 |
Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0
- samlURN :: SAMLVersion -> [String] -> URI
- type XString = String
- type AnyURI = AnyURI
- type DateTime = DateTime
- type ID = ID
- type NCName = NCName
- ns :: Namespace
- data BaseID id = BaseID {
- baseNameQualifier :: Maybe XString
- baseSPNameQualifier :: Maybe XString
- baseID :: !id
- data NameID = NameID {}
- simpleNameID :: NameIDFormat -> XString -> NameID
- type EncryptedNameID = EncryptedElement NameID
- data Identifier
- type EncryptedID = EncryptedElement Identifier
- data EncryptedElement a = EncryptedElement {}
- data PossiblyEncrypted a
- = NotEncrypted !a
- | SoEncrypted (EncryptedElement a)
- data AssertionRef
- newtype Issuer = Issuer {}
- newtype AssertionIDRef = AssertionIDRef {
- assertionIDRef :: ID
- data Assertion = Assertion {}
- type EncryptedAssertion = EncryptedElement Assertion
- data Subject = Subject {}
- noSubject :: Subject
- data SubjectConfirmation = SubjectConfirmation {}
- data SubjectConfirmationData = SubjectConfirmationData {}
- data Conditions = Conditions {}
- data Condition
- newtype Audience = Audience {}
- type Advice = [AdviceElement]
- data AdviceElement
- data Statement
- data AuthnStatement = AuthnStatement {}
- data SubjectLocality = SubjectLocality {}
- data AuthnContext = AuthnContext {}
- data AuthnContextDecl
- newtype AttributeStatement = AttributeStatement {}
- data Attribute = Attribute {}
- type EncryptedAttribute = EncryptedElement Attribute
- data AuthzDecisionStatement = AuthzDecisionStatement {}
- data DecisionType
- data Action = Action {}
- newtype Evidence = Evidence {
- evidence :: [AssertionRef]
- nsP :: Namespace
- data ProtocolType = ProtocolType {}
- newtype RequestAbstractType = RequestAbstractType {}
- data StatusResponseType = StatusResponseType {}
- data Status = Status {}
- data StatusCode = StatusCode {}
- data StatusCode1
- data StatusCode2
- = StatusAuthnFailed
- | StatusInvalidAttrNameOrValue
- | StatusInvalidNameIDPolicy
- | StatusNoAuthnContext
- | StatusNoAvailableIDP
- | StatusNoPassive
- | StatusNoSupportedIDP
- | StatusPartialLogout
- | StatusProxyCountExceeded
- | StatusRequestDenied
- | StatusRequestUnsupported
- | StatusRequestVersionDeprecated
- | StatusRequestVersionTooHigh
- | StatusRequestVersionTooLow
- | StatusResourceNotRecognized
- | StatusTooManyResponses
- | StatusUnknownAttrProfile
- | StatusUnknownPrincipal
- | StatusUnsupportedBinding
- successStatus :: Status
- data AssertionIDRequest = AssertionIDRequest {}
- data SubjectQueryAbstractType = SubjectQueryAbstractType {}
- data AuthnQuery = AuthnQuery {}
- data RequestedAuthnContext = RequestedAuthnContext {}
- data AuthnContextRefs
- data AuthnContextComparisonType
- data AttributeQuery = AttributeQuery {}
- data AuthzDecisionQuery = AuthzDecisionQuery {}
- data Response = Response {}
- data AuthnRequest = AuthnRequest {
- authnRequest :: !RequestAbstractType
- authnRequestForceAuthn :: Boolean
- authnRequestIsPassive :: Boolean
- authnRequestAssertionConsumerService :: AssertionConsumerService
- authnRequestAssertionConsumingServiceIndex :: Maybe UnsignedShort
- authnRequestProviderName :: Maybe XString
- authnRequestSubject :: Maybe Subject
- authnRequestNameIDPolicy :: Maybe NameIDPolicy
- authnRequestConditions :: Maybe Conditions
- authnRequestRequestedAuthnContext :: Maybe RequestedAuthnContext
- authnRequestScoping :: Maybe Scoping
- data AssertionConsumerService
- data NameIDPolicy = NameIDPolicy {}
- data Scoping = Scoping {}
- data IDPList = IDPList {}
- data IDPEntry = IDPEntry {}
- data ArtifactResolve = ArtifactResolve {}
- data ArtifactResponse = ArtifactResponse {}
- data ManageNameIDRequest = ManageNameIDRequest {}
- newtype NewID = NewID {}
- type NewEncryptedID = EncryptedElement NewID
- newtype ManageNameIDResponse = ManageNameIDResponse {}
- data LogoutRequest = LogoutRequest {}
- newtype LogoutResponse = LogoutResponse {}
- data LogoutReason
- data NameIDMappingRequest = NameIDMappingRequest {}
- data NameIDMappingResponse = NameIDMappingResponse {}
- data AnyRequest
- = RequestAssertionIDRequest !AssertionIDRequest
- | RequestAuthnQuery !AuthnQuery
- | RequestAttributeQuery !AttributeQuery
- | RequestAuthzDecisionQuery !AuthzDecisionQuery
- | RequestAuthnRequest !AuthnRequest
- | RequestArtifactResolve !ArtifactResolve
- | RequestManageNameIDRequest !ManageNameIDRequest
- | RequestLogoutRequest !LogoutRequest
- | RequestNameIDMappingRequest !NameIDMappingRequest
- data AnyResponse
- data AnyProtocol
- data SAMLVersion
- samlVersion :: SAMLVersion -> Version
- data ActionNamespace
- data AttributeNameFormat
- data NameIDFormat
- data Consent
§1
§2
§2.2.1
BaseID | |
|
§2.2.3
simpleNameID :: NameIDFormat -> XString -> NameID Source #
type EncryptedNameID = EncryptedElement NameID Source #
data Identifier Source #
type EncryptedID = EncryptedElement Identifier Source #
§2.2.4
data EncryptedElement a Source #
data PossiblyEncrypted a Source #
Eq a => Eq (PossiblyEncrypted a) Source # | |
Show a => Show (PossiblyEncrypted a) Source # | |
data AssertionRef Source #
§2.2.5
newtype AssertionIDRef Source #
§2.3.1
§2.3.3
type EncryptedAssertion = EncryptedElement Assertion Source #
§2.3.4
§2.4.1
data Conditions Source #
§2.5.1
Condition Node | §2.5.1.3 |
AudienceRestriction (List1 Audience) | §2.5.1.4 |
OneTimeUse | §2.5.1.5 |
ProxyRestriction | §2.5.1.6 |
§2.5.1.4
type Advice = [AdviceElement] Source #
§2.6.1
data AdviceElement Source #
§2.7.1
data SubjectLocality Source #
§2.7.2.1
data AuthnContextDecl Source #
newtype AttributeStatement Source #
§2.7.3
§2.7.3.1
Attribute | |
|
type EncryptedAttribute = EncryptedElement Attribute Source #
§2.7.3.2
data DecisionType Source #
§2.7.4.1
§2.7.4.2
§2.7.4.3
Evidence | |
|
§3
data ProtocolType Source #
ProtocolType | |
|
newtype RequestAbstractType Source #
§3.2.1
§3.2.2.1
Status | |
|
data StatusCode Source #
§3.2.2.2
data StatusCode1 Source #
data StatusCode2 Source #
data SubjectQueryAbstractType Source #
§3.3.2.1
data AuthnContextRefs Source #
data AttributeQuery Source #
§3.3.2.3
§3.3.3
data AuthnRequest Source #
§3.4.1
§3.4.1.2
§3.4.1.3
§3.4.1.3.1
data ArtifactResolve Source #
§3.5.1
data ArtifactResponse Source #
§3.5.2
type NewEncryptedID = EncryptedElement NewID Source #
newtype ManageNameIDResponse Source #
§3.6.2
newtype LogoutResponse Source #
§3.7.2
data LogoutReason Source #
§3.7.3
data AnyRequest Source #
data AnyResponse Source #
data AnyProtocol Source #
§4
data SAMLVersion Source #
samlVersion :: SAMLVersion -> Version Source #
§8
data ActionNamespace Source #
§8.1
ActionNamespaceRWEDC | §8.1.1: Read Write Execute Delete Control |
ActionNamespaceRWEDCNegation | §8.1.2: RWEDC ~RWEDC |
ActionNamespaceGHPP | §8.1.3: GET HEAD PUT POST |
ActionNamespaceUNIX | §8.1.4: octal |
data AttributeNameFormat Source #
§8.2
AttributeNameFormatUnspecified | §8.2.1: Text |
AttributeNameFormatURI | §8.2.2: URI |
AttributeNameFormatBasic | §8.2.3: Name |
data NameIDFormat Source #
§8.3
NameIDFormatUnspecified | §8.3.1: Text |
NameIDFormatEmail | §8.3.2: rfc2822 |
NameIDFormatX509 | §8.3.3: XML signature |
NameIDFormatWindows | §8.3.4: Maybe Domain, User |
NameIDFormatKerberos | §8.3.5: rfc1510 |
NameIDFormatEntity | §8.3.6: SAML endpoint (BaseId and SPProvidedID must be Nothing) |
NameIDFormatPersistent | §8.3.7: String <= 256 char (NameQualifier same as idp identNothing, SPNameQualifier same as sp identNothing, SPProvidedID alt ident from sp) |
NameIDFormatTransient | §8.3.8: String <= 256 char |
NameIDFormatEncrypted | §3.4.1.1: only for NameIDPolicy |
§8.4
ConsentUnspecified | §8.4.1 |
ConsentObtained | §8.4.2 |
ConsentPrior | §8.4.3 |
ConsentImplicit | §8.4.4 |
ConsentExplicit | §8.4.5 |
ConsentUnavailable | §8.4.6 |
ConsentInapplicable | §8.4.7 |