-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | OASIS Security Assertion Markup Language (SAML) V2.0
--   
--   Direct implementation of the SAML XML standard
--   (https:/<i>www.oasis-open.org</i>standards#samlv2.0), along with some
--   related dependencies. This is currently partial, as the standard is
--   quite extensive, but is sufficient to build a functioning SP and fully
--   validate responses. The module layout basically follows the standard
--   definition documentation. Its use still requires a fairly extensive
--   understanding of SAML.
@package hsaml2
@version 0.1


-- | General Considerations
--   
--   <a>saml-bindings-2.0-os</a> §3.1
module SAML2.Bindings.General
type RelayState = ByteString

-- | The name of the parameter used by many protocols for the message
--   itself for requests (False) or responses (True). Often combined with
--   <a>isSAMLResponse</a>.
protocolParameter :: IsString a => Bool -> a
relayStateParameter :: IsString a => a


-- | SAML Versioning
--   
--   <a>saml-core-2.0-os</a> §4
module SAML2.Core.Versioning
data SAMLVersion
SAML10 :: SAMLVersion
SAML11 :: SAMLVersion
SAML20 :: SAMLVersion
samlVersion :: SAMLVersion -> Version
instance GHC.Enum.Bounded SAML2.Core.Versioning.SAMLVersion
instance GHC.Enum.Enum SAML2.Core.Versioning.SAMLVersion
instance GHC.Classes.Ord SAML2.Core.Versioning.SAMLVersion
instance GHC.Classes.Eq SAML2.Core.Versioning.SAMLVersion
instance GHC.Show.Show SAML2.Core.Versioning.SAMLVersion
instance GHC.Read.Read SAML2.Core.Versioning.SAMLVersion
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Versioning.SAMLVersion


-- | Schema Organization and Namespaces
--   
--   <a>saml-core-2.0-os</a> §1.2
module SAML2.Core.Namespaces
samlURN :: SAMLVersion -> [String] -> URI
samlURNIdentifier :: String -> (SAMLVersion, String) -> URI


-- | XML Schema Datatypes
--   
--   <a>http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/</a> (selected
--   portions)
module SAML2.XML.Schema.Datatypes

-- | §3.2.1
type String = [Char]
xpString :: PU String

-- | §3.2.1
type Boolean = Bool
xpBoolean :: PU Boolean

-- | §3.2.6 specifies a complete ISO8601 6-component duration; for SAML2
--   purposes we don't overly care
type Duration = NominalDiffTime
xpDuration :: PU Duration

-- | §3.2.7 theoretically allows timezones, but SAML2 does not use them
type DateTime = UTCTime
xpDateTime :: PU DateTime

-- | §3.2.16
type Base64Binary = ByteString
xpBase64Binary :: PU Base64Binary

-- | §3.2.17
type AnyURI = URI
xpAnyURI :: PU AnyURI

-- | §3.3.1
type NormalizedString = String

-- | §3.3.2
type Token = NormalizedString

-- | §3.3.3
type Language = Token
xpLanguage :: PU Language

-- | §3.3.4
type NMTOKEN = Token
isNMTOKEN :: Token -> Bool
xpNMTOKEN :: PU NMTOKEN

-- | §3.3.5
type NMTOKENS = [NMTOKEN]
xpNMTOKENS :: PU NMTOKENS

-- | §3.3.8
type ID = String
type NCName = String
xpNCName :: PU NCName
xpID :: PU ID

-- | §3.3.13
xpInteger :: PU Integer

-- | §3.3.20
type NonNegativeInteger = Word
xpNonNegativeInteger :: PU NonNegativeInteger

-- | §3.3.23
type UnsignedShort = Word16
xpUnsignedShort :: PU UnsignedShort

-- | §3.3.20
type PositiveInteger = NonNegativeInteger
xpPositiveInteger :: PU PositiveInteger


-- | Common Data Types
--   
--   <a>saml-core-2.0-os</a> §1.3
module SAML2.Core.Datatypes

-- | §1.3.1
type XString = String

-- | §1.3.2
type AnyURI = AnyURI

-- | §1.3.3
type DateTime = DateTime

-- | §1.3.4
type ID = ID

-- | §1.3.4
type NCName = NCName

module SAML2.XML.Types
type Node = XmlTree
type Nodes = XmlTrees
type List1 a = NonEmpty a
xpList1 :: PU a -> PU (List1 a)
type QName = QName
data Namespace
Namespace :: !String -> !URI -> !String -> Namespace
[namespacePrefix] :: Namespace -> !String
[namespaceURI] :: Namespace -> !URI
[namespaceURIString] :: Namespace -> !String
mkNamespace :: String -> URI -> Namespace
mkNName :: Namespace -> String -> QName
httpURI :: String -> String -> String -> String -> URI
xmlNS :: Namespace
xmlnsNS :: Namespace

module SAML2.XML.Schema
ns :: Namespace

module SAML2.XML.ASN1
xpASN1 :: PU [ASN1]
xpASN1Object :: ASN1Object a => PU a
xpX509Signed :: (Show a, Eq a, ASN1Object a) => PU (SignedExact a)

module SAML2.XML

-- | Represents a general universal resource identifier using its component
--   parts.
--   
--   For example, for the URI
--   
--   <pre>
--   foo://anonymous@www.haskell.org:42/ghc?query#frag
--   </pre>
--   
--   the components are:
data URI :: *
xpTrimAnyElem :: PU XmlTree
xpTrimElemNS :: Namespace -> String -> PU a -> PU a
xpXmlLang :: PU Language
type IP = String
xpIP :: PU IP
data Identified b a
Identified :: !a -> Identified b a
Unidentified :: !b -> Identified b a
class Eq b => Identifiable b a | a -> b
identifier :: Identifiable b a => a -> b
identifiedValues :: Identifiable b a => [a]
identifiedValues :: (Identifiable b a, Bounded a, Enum a) => [a]
reidentify :: Identifiable b a => b -> Identified b a
unidentify :: Identifiable b a => Identified b a -> b
xpIdentified :: Identifiable b a => PU b -> PU (Identified b a)
xpIdentifier :: Identifiable b a => PU b -> String -> PU a
type IdentifiedURI = Identified URI
samlToDoc :: XmlPickler a => a -> XmlTree
samlToXML :: XmlPickler a => a -> ByteString
docToSAML :: XmlPickler a => XmlTree -> Either String a
docToXML :: XmlTree -> ByteString
xmlToSAML :: XmlPickler a => ByteString -> Either String a
xmlToDoc :: ByteString -> Maybe XmlTree
instance (GHC.Show.Show b, GHC.Show.Show a) => GHC.Show.Show (SAML2.XML.Identified b a)
instance (GHC.Classes.Eq b, GHC.Classes.Eq a) => GHC.Classes.Eq (SAML2.XML.Identified b a)
instance SAML2.XML.Identifiable Network.URI.URI a => Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler (SAML2.XML.Identified Network.URI.URI a)
instance Data.Default.Class.Default a => Data.Default.Class.Default (SAML2.XML.Identified b a)


-- | XML Canonicalization
--   
--   For <a>http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/</a> §6.5
module SAML2.XML.Canonical

-- | §6.5
data CanonicalizationAlgorithm

-- | §6.5.1 <a>xml-c14n</a>
CanonicalXML10 :: Bool -> CanonicalizationAlgorithm
[canonicalWithComments] :: CanonicalizationAlgorithm -> Bool

-- | §6.5.2 <a>xml-c14n11</a>
CanonicalXML11 :: Bool -> CanonicalizationAlgorithm
[canonicalWithComments] :: CanonicalizationAlgorithm -> Bool

-- | <a>xml-exc-c14n</a>
CanonicalXMLExcl10 :: Bool -> CanonicalizationAlgorithm
[canonicalWithComments] :: CanonicalizationAlgorithm -> Bool
newtype InclusiveNamespaces
InclusiveNamespaces :: NMTOKENS -> InclusiveNamespaces
[inclusiveNamespacesPrefixList] :: InclusiveNamespaces -> NMTOKENS

-- | Canonicalize and serialize an XML document
canonicalize :: CanonicalizationAlgorithm -> Maybe InclusiveNamespaces -> Maybe String -> XmlTree -> IO ByteString
instance GHC.Show.Show SAML2.XML.Canonical.InclusiveNamespaces
instance GHC.Classes.Eq SAML2.XML.Canonical.InclusiveNamespaces
instance GHC.Show.Show SAML2.XML.Canonical.CanonicalizationAlgorithm
instance GHC.Classes.Eq SAML2.XML.Canonical.CanonicalizationAlgorithm
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Canonical.InclusiveNamespaces
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Canonical.CanonicalizationAlgorithm


-- | XML Signature Syntax and Processing
--   
--   <a>http://www.w3.org/TR/xmldsig-core1/</a> (selected portions)
module SAML2.XML.Signature.Types
nsFrag :: String -> URI
nsFrag11 :: String -> URI
ns :: Namespace
ns11 :: Namespace
xpElem :: String -> PU a -> PU a
xpElem11 :: String -> PU a -> PU a

-- | §4.1
type CryptoBinary = Integer
xpCryptoBinary :: PU CryptoBinary

-- | §4.2
data Signature
Signature :: Maybe ID -> SignedInfo -> SignatureValue -> Maybe KeyInfo -> [Object] -> Signature
[signatureId] :: Signature -> Maybe ID
[signatureSignedInfo] :: Signature -> SignedInfo
[signatureSignatureValue] :: Signature -> SignatureValue
[signatureKeyInfo] :: Signature -> Maybe KeyInfo
[signatureObject] :: Signature -> [Object]
class Signable a
signature' :: Signable a => Lens' a (Maybe Signature)
signedID :: Signable a => a -> ID

-- | §4.3
data SignatureValue
SignatureValue :: Maybe ID -> Base64Binary -> SignatureValue
[signatureValueId] :: SignatureValue -> Maybe ID
[signatureValue] :: SignatureValue -> Base64Binary

-- | §4.4
data SignedInfo
SignedInfo :: Maybe ID -> CanonicalizationMethod -> SignatureMethod -> List1 Reference -> SignedInfo
[signedInfoId] :: SignedInfo -> Maybe ID
[signedInfoCanonicalizationMethod] :: SignedInfo -> CanonicalizationMethod
[signedInfoSignatureMethod] :: SignedInfo -> SignatureMethod
[signedInfoReference] :: SignedInfo -> List1 Reference

-- | §4.4.1
data CanonicalizationMethod
CanonicalizationMethod :: IdentifiedURI CanonicalizationAlgorithm -> Maybe InclusiveNamespaces -> Nodes -> CanonicalizationMethod
[canonicalizationMethodAlgorithm] :: CanonicalizationMethod -> IdentifiedURI CanonicalizationAlgorithm
[canonicalizationMethodInclusiveNamespaces] :: CanonicalizationMethod -> Maybe InclusiveNamespaces
[canonicalizationMethod] :: CanonicalizationMethod -> Nodes
simpleCanonicalization :: CanonicalizationAlgorithm -> CanonicalizationMethod

-- | §4.4.2
data SignatureMethod
SignatureMethod :: IdentifiedURI SignatureAlgorithm -> Maybe Int -> Nodes -> SignatureMethod
[signatureMethodAlgorithm] :: SignatureMethod -> IdentifiedURI SignatureAlgorithm
[signatureMethodHMACOutputLength] :: SignatureMethod -> Maybe Int
[signatureMethod] :: SignatureMethod -> Nodes

-- | §4.4.3
data Reference
Reference :: Maybe ID -> Maybe AnyURI -> Maybe AnyURI -> Maybe Transforms -> DigestMethod -> Base64Binary -> Reference
[referenceId] :: Reference -> Maybe ID
[referenceURI] :: Reference -> Maybe AnyURI
[referenceType] :: Reference -> Maybe AnyURI
[referenceTransforms] :: Reference -> Maybe Transforms
[referenceDigestMethod] :: Reference -> DigestMethod

-- | §4.3.3.6
[referenceDigestValue] :: Reference -> Base64Binary

-- | §4.4.3.4
newtype Transforms
Transforms :: List1 Transform -> Transforms
[transforms] :: Transforms -> List1 Transform
data Transform
Transform :: IdentifiedURI TransformAlgorithm -> Maybe InclusiveNamespaces -> [TransformElement] -> Transform
[transformAlgorithm] :: Transform -> IdentifiedURI TransformAlgorithm
[transformInclusiveNamespaces] :: Transform -> Maybe InclusiveNamespaces
[transform] :: Transform -> [TransformElement]
simpleTransform :: TransformAlgorithm -> Transform
data TransformElement
TransformElementXPath :: XString -> TransformElement
TransformElement :: Node -> TransformElement

-- | §4.4.3.5
data DigestMethod
DigestMethod :: IdentifiedURI DigestAlgorithm -> [Node] -> DigestMethod
[digestAlgorithm] :: DigestMethod -> IdentifiedURI DigestAlgorithm
[digest] :: DigestMethod -> [Node]
simpleDigest :: DigestAlgorithm -> DigestMethod

-- | §4.5
data KeyInfo
KeyInfo :: Maybe ID -> List1 KeyInfoElement -> KeyInfo
[keyInfoId] :: KeyInfo -> Maybe ID
[keyInfoElements] :: KeyInfo -> List1 KeyInfoElement
xpKeyInfoType :: PU KeyInfo
data KeyInfoElement

-- | §4.5.1
KeyName :: XString -> KeyInfoElement

-- | §4.5.2
KeyInfoKeyValue :: KeyValue -> KeyInfoElement

-- | §4.5.3
RetrievalMethod :: URI -> Maybe URI -> Maybe Transforms -> KeyInfoElement
[retrievalMethodURI] :: KeyInfoElement -> URI
[retrievalMethodType] :: KeyInfoElement -> Maybe URI
[retrievalMethodTransforms] :: KeyInfoElement -> Maybe Transforms

-- | §4.5.4
X509Data :: List1 X509Element -> KeyInfoElement
[x509Data] :: KeyInfoElement -> List1 X509Element

-- | §4.5.5
PGPData :: Maybe Base64Binary -> Maybe Base64Binary -> Nodes -> KeyInfoElement
[pgpKeyID] :: KeyInfoElement -> Maybe Base64Binary
[pgpKeyPacket] :: KeyInfoElement -> Maybe Base64Binary
[pgpData] :: KeyInfoElement -> Nodes

-- | §4.5.6
SPKIData :: List1 SPKIElement -> KeyInfoElement
[spkiData] :: KeyInfoElement -> List1 SPKIElement

-- | §4.5.7
MgmtData :: XString -> KeyInfoElement
KeyInfoElement :: Node -> KeyInfoElement

-- | §4.5.2
data KeyValue

-- | §4.5.2.1
DSAKeyValue :: Maybe (CryptoBinary, CryptoBinary) -> Maybe CryptoBinary -> CryptoBinary -> Maybe CryptoBinary -> Maybe (CryptoBinary, CryptoBinary) -> KeyValue
[dsaKeyValuePQ] :: KeyValue -> Maybe (CryptoBinary, CryptoBinary)
[dsaKeyValueG] :: KeyValue -> Maybe CryptoBinary
[dsaKeyValueY] :: KeyValue -> CryptoBinary
[dsaKeyValueJ] :: KeyValue -> Maybe CryptoBinary
[dsaKeyValueSeedPgenCounter] :: KeyValue -> Maybe (CryptoBinary, CryptoBinary)

-- | §4.5.2.2
RSAKeyValue :: CryptoBinary -> KeyValue
[rsaKeyValueModulus, rsaKeyValueExponent] :: KeyValue -> CryptoBinary

-- | §4.5.2.3
ECKeyValue :: Maybe ID -> ECKeyValue -> ECPoint -> KeyValue
[ecKeyValueId] :: KeyValue -> Maybe ID
[ecKeyValue] :: KeyValue -> ECKeyValue
[ecKeyValuePublicKey] :: KeyValue -> ECPoint
KeyValue :: Node -> KeyValue
data ECKeyValue

-- | §4.5.2.3.1
ECParameters :: ECFieldID -> ECCurve -> ECPoint -> CryptoBinary -> Maybe Integer -> Maybe ECValidationData -> ECKeyValue
[ecParametersFieldID] :: ECKeyValue -> ECFieldID
[ecParametersCurve] :: ECKeyValue -> ECCurve
[ecParametersBase] :: ECKeyValue -> ECPoint
[ecParametersOrder] :: ECKeyValue -> CryptoBinary
[ecParametersCoFactor] :: ECKeyValue -> Maybe Integer
[ecParametersValidationData] :: ECKeyValue -> Maybe ECValidationData
ECNamedCurve :: AnyURI -> ECKeyValue
[ecNamedCurveURI] :: ECKeyValue -> AnyURI
type ECPoint = CryptoBinary
data ECFieldID
ECPrime :: CryptoBinary -> ECFieldID
[ecP] :: ECFieldID -> CryptoBinary
ECTnB :: PositiveInteger -> PositiveInteger -> ECFieldID
[ecM] :: ECFieldID -> PositiveInteger
[ecK] :: ECFieldID -> PositiveInteger
ECPnB :: PositiveInteger -> PositiveInteger -> ECFieldID
[ecM] :: ECFieldID -> PositiveInteger
[ecK1, ecK2, ecK3] :: ECFieldID -> PositiveInteger
ECGnB :: PositiveInteger -> ECFieldID
[ecM] :: ECFieldID -> PositiveInteger
ECFieldID :: Node -> ECFieldID
data ECCurve
ECCurve :: CryptoBinary -> ECCurve
[ecCurveA, ecCurveB] :: ECCurve -> CryptoBinary
data ECValidationData
ECValidationData :: AnyURI -> CryptoBinary -> ECValidationData
[ecValidationDataHashAlgorithm] :: ECValidationData -> AnyURI
[ecValidationDataSeed] :: ECValidationData -> CryptoBinary

-- | §4.5.4.1
type X509DistinguishedName = XString
xpX509DistinguishedName :: PU X509DistinguishedName
data X509Element
X509IssuerSerial :: X509DistinguishedName -> Int -> X509Element
[x509IssuerName] :: X509Element -> X509DistinguishedName
[x509SerialNumber] :: X509Element -> Int
X509SKI :: Base64Binary -> X509Element
X509SubjectName :: X509DistinguishedName -> X509Element
X509Certificate :: SignedCertificate -> X509Element
X509CRL :: SignedCRL -> X509Element
X509Digest :: IdentifiedURI DigestAlgorithm -> Base64Binary -> X509Element
[x509DigestAlgorithm] :: X509Element -> IdentifiedURI DigestAlgorithm
[x509Digest] :: X509Element -> Base64Binary
X509Element :: Node -> X509Element

-- | §4.4.6
data SPKIElement
SPKISexp :: Base64Binary -> SPKIElement
SPKIElement :: Node -> SPKIElement

-- | §4.5
data Object
Object :: Maybe ID -> Maybe XString -> Maybe (IdentifiedURI EncodingAlgorithm) -> [ObjectElement] -> Object
[objectId] :: Object -> Maybe ID
[objectMimeType] :: Object -> Maybe XString
[objectEncoding] :: Object -> Maybe (IdentifiedURI EncodingAlgorithm)
[objectXML] :: Object -> [ObjectElement]
data ObjectElement
ObjectSignature :: Signature -> ObjectElement
ObjectSignatureProperties :: SignatureProperties -> ObjectElement
ObjectManifest :: Manifest -> ObjectElement
ObjectElement :: Node -> ObjectElement

-- | §5.1
data Manifest
Manifest :: Maybe ID -> List1 Reference -> Manifest
[manifestId] :: Manifest -> Maybe ID
[manifestReferences] :: Manifest -> List1 Reference

-- | §5.2
data SignatureProperties
SignatureProperties :: Maybe ID -> List1 SignatureProperty -> SignatureProperties
[signaturePropertiesId] :: SignatureProperties -> Maybe ID
[signatureProperties] :: SignatureProperties -> List1 SignatureProperty
data SignatureProperty
SignatureProperty :: Maybe ID -> AnyURI -> List1 Node -> SignatureProperty
[signaturePropertyId] :: SignatureProperty -> Maybe ID
[signaturePropertyTarget] :: SignatureProperty -> AnyURI
[signatureProperty] :: SignatureProperty -> List1 Node

-- | §6.1
data EncodingAlgorithm
EncodingBase64 :: EncodingAlgorithm

-- | §6.2
data DigestAlgorithm

-- | §6.2.1
DigestSHA1 :: DigestAlgorithm

-- | §6.2.2
DigestSHA224 :: DigestAlgorithm

-- | §6.2.3
DigestSHA256 :: DigestAlgorithm

-- | §6.2.4
DigestSHA384 :: DigestAlgorithm

-- | §6.2.5
DigestSHA512 :: DigestAlgorithm

-- | xmlenc §5.7.4
DigestRIPEMD160 :: DigestAlgorithm

-- | §6.3
data MACAlgorithm

-- | §6.3.1
MACHMAC_SHA1 :: MACAlgorithm

-- | §6.4
data SignatureAlgorithm
SignatureDSA_SHA1 :: SignatureAlgorithm
SignatureDSA_SHA256 :: SignatureAlgorithm
SignatureRSA_SHA1 :: SignatureAlgorithm
SignatureRSA_SHA224 :: SignatureAlgorithm
SignatureRSA_SHA256 :: SignatureAlgorithm
SignatureRSA_SHA384 :: SignatureAlgorithm
SignatureRSA_SHA512 :: SignatureAlgorithm
SignatureECDSA_SHA1 :: SignatureAlgorithm
SignatureECDSA_SHA224 :: SignatureAlgorithm
SignatureECDSA_SHA256 :: SignatureAlgorithm
SignatureECDSA_SHA384 :: SignatureAlgorithm
SignatureECDSA_SHA512 :: SignatureAlgorithm

-- | §6.6
data TransformAlgorithm

-- | §6.6.1
TransformCanonicalization :: CanonicalizationAlgorithm -> TransformAlgorithm

-- | §6.6.2
TransformBase64 :: TransformAlgorithm

-- | §6.6.3
TransformXPath :: TransformAlgorithm

-- | §6.6.4
TransformEnvelopedSignature :: TransformAlgorithm

-- | §6.6.5
TransformXSLT :: TransformAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.ObjectElement
instance GHC.Classes.Eq SAML2.XML.Signature.Types.ObjectElement
instance GHC.Show.Show SAML2.XML.Signature.Types.Object
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Object
instance GHC.Show.Show SAML2.XML.Signature.Types.Signature
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Signature
instance GHC.Show.Show SAML2.XML.Signature.Types.SignedInfo
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignedInfo
instance GHC.Show.Show SAML2.XML.Signature.Types.Manifest
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Manifest
instance GHC.Show.Show SAML2.XML.Signature.Types.Reference
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Reference
instance GHC.Show.Show SAML2.XML.Signature.Types.KeyInfo
instance GHC.Classes.Eq SAML2.XML.Signature.Types.KeyInfo
instance GHC.Show.Show SAML2.XML.Signature.Types.KeyInfoElement
instance GHC.Classes.Eq SAML2.XML.Signature.Types.KeyInfoElement
instance GHC.Show.Show SAML2.XML.Signature.Types.Transforms
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Transforms
instance GHC.Show.Show SAML2.XML.Signature.Types.Transform
instance GHC.Classes.Eq SAML2.XML.Signature.Types.Transform
instance GHC.Show.Show SAML2.XML.Signature.Types.TransformAlgorithm
instance GHC.Classes.Eq SAML2.XML.Signature.Types.TransformAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.SignatureMethod
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignatureMethod
instance GHC.Show.Show SAML2.XML.Signature.Types.SignatureAlgorithm
instance GHC.Enum.Enum SAML2.XML.Signature.Types.SignatureAlgorithm
instance GHC.Enum.Bounded SAML2.XML.Signature.Types.SignatureAlgorithm
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignatureAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.MACAlgorithm
instance GHC.Enum.Enum SAML2.XML.Signature.Types.MACAlgorithm
instance GHC.Enum.Bounded SAML2.XML.Signature.Types.MACAlgorithm
instance GHC.Classes.Eq SAML2.XML.Signature.Types.MACAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.DigestMethod
instance GHC.Classes.Eq SAML2.XML.Signature.Types.DigestMethod
instance GHC.Show.Show SAML2.XML.Signature.Types.X509Element
instance GHC.Classes.Eq SAML2.XML.Signature.Types.X509Element
instance GHC.Show.Show SAML2.XML.Signature.Types.DigestAlgorithm
instance GHC.Enum.Enum SAML2.XML.Signature.Types.DigestAlgorithm
instance GHC.Enum.Bounded SAML2.XML.Signature.Types.DigestAlgorithm
instance GHC.Classes.Eq SAML2.XML.Signature.Types.DigestAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.EncodingAlgorithm
instance GHC.Enum.Enum SAML2.XML.Signature.Types.EncodingAlgorithm
instance GHC.Enum.Bounded SAML2.XML.Signature.Types.EncodingAlgorithm
instance GHC.Classes.Eq SAML2.XML.Signature.Types.EncodingAlgorithm
instance GHC.Show.Show SAML2.XML.Signature.Types.SignatureProperties
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignatureProperties
instance GHC.Show.Show SAML2.XML.Signature.Types.SignatureProperty
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignatureProperty
instance GHC.Show.Show SAML2.XML.Signature.Types.SPKIElement
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SPKIElement
instance GHC.Show.Show SAML2.XML.Signature.Types.KeyValue
instance GHC.Classes.Eq SAML2.XML.Signature.Types.KeyValue
instance GHC.Show.Show SAML2.XML.Signature.Types.ECKeyValue
instance GHC.Classes.Eq SAML2.XML.Signature.Types.ECKeyValue
instance GHC.Show.Show SAML2.XML.Signature.Types.ECValidationData
instance GHC.Classes.Eq SAML2.XML.Signature.Types.ECValidationData
instance GHC.Show.Show SAML2.XML.Signature.Types.ECCurve
instance GHC.Classes.Eq SAML2.XML.Signature.Types.ECCurve
instance GHC.Show.Show SAML2.XML.Signature.Types.ECFieldID
instance GHC.Classes.Eq SAML2.XML.Signature.Types.ECFieldID
instance GHC.Show.Show SAML2.XML.Signature.Types.TransformElement
instance GHC.Classes.Eq SAML2.XML.Signature.Types.TransformElement
instance GHC.Show.Show SAML2.XML.Signature.Types.CanonicalizationMethod
instance GHC.Classes.Eq SAML2.XML.Signature.Types.CanonicalizationMethod
instance GHC.Show.Show SAML2.XML.Signature.Types.SignatureValue
instance GHC.Classes.Eq SAML2.XML.Signature.Types.SignatureValue
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Signature
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Object
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.ObjectElement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SignedInfo
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Manifest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Reference
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.KeyInfo
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.KeyInfoElement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Transforms
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.Transform
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Signature.Types.TransformAlgorithm
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SignatureMethod
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Signature.Types.SignatureAlgorithm
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Signature.Types.MACAlgorithm
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.DigestMethod
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.X509Element
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Signature.Types.DigestAlgorithm
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Signature.Types.EncodingAlgorithm
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SignatureProperties
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SignatureProperty
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SPKIElement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.KeyValue
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.ECKeyValue
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.ECValidationData
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.ECCurve
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.ECFieldID
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.TransformElement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.CanonicalizationMethod
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Signature.Types.SignatureValue


-- | XML Encryption Syntax and Processing
--   
--   <a>http://www.w3.org/TR/xmlenc-core1/</a> (selected portions)
module SAML2.XML.Encryption
nsFrag :: String -> URI
ns :: Namespace
xpElem :: String -> PU a -> PU a

-- | §3.1
data EncryptedType
EncryptedType :: Maybe ID -> Maybe AnyURI -> Maybe XString -> Maybe (IdentifiedURI EncodingAlgorithm) -> Maybe EncryptionMethod -> Maybe KeyInfo -> CipherData -> Maybe EncryptionProperties -> EncryptedType
[encryptedID] :: EncryptedType -> Maybe ID
[encryptedType] :: EncryptedType -> Maybe AnyURI
[encryptedMimeType] :: EncryptedType -> Maybe XString
[encryptedEncoding] :: EncryptedType -> Maybe (IdentifiedURI EncodingAlgorithm)
[encryptedEncryptionMethod] :: EncryptedType -> Maybe EncryptionMethod
[encryptedKeyInfo] :: EncryptedType -> Maybe KeyInfo
[encryptedCipherData] :: EncryptedType -> CipherData
[encryptedEncryptionProperties] :: EncryptedType -> Maybe EncryptionProperties

-- | §3.2
data EncryptionMethod
EncryptionMethod :: IdentifiedURI EncryptionAlgorithm -> Maybe Int -> Maybe Base64Binary -> Maybe DigestMethod -> Nodes -> EncryptionMethod
[encryptionAlgorithm] :: EncryptionMethod -> IdentifiedURI EncryptionAlgorithm
[encryptionKeySize] :: EncryptionMethod -> Maybe Int
[encryptionOAEPparams] :: EncryptionMethod -> Maybe Base64Binary
[encryptionDigestMethod] :: EncryptionMethod -> Maybe DigestMethod
[encryption] :: EncryptionMethod -> Nodes
xpEncryptionMethodType :: PU EncryptionMethod

-- | §3.3
data CipherData
CipherValue :: Base64Binary -> CipherData
CipherReference :: AnyURI -> List1 Transform -> CipherData
[cipherURI] :: CipherData -> AnyURI
[cipherTransforms] :: CipherData -> List1 Transform

-- | §3.4
newtype EncryptedData
EncryptedData :: EncryptedType -> EncryptedData
[encryptedData] :: EncryptedData -> EncryptedType

-- | §3.5.1
data EncryptedKey
EncryptedKey :: !EncryptedType -> Maybe XString -> [Reference] -> Maybe XString -> EncryptedKey
[encryptedKey] :: EncryptedKey -> !EncryptedType
[encryptedKeyRecipient] :: EncryptedKey -> Maybe XString

-- | empty for missing
[encryptedKeyReferenceList] :: EncryptedKey -> [Reference]
[encryptedKeyCarriedKeyName] :: EncryptedKey -> Maybe XString

-- | §3.6
data Reference
DataReference :: URI -> Nodes -> Reference
[referenceURI] :: Reference -> URI
[reference] :: Reference -> Nodes
KeyReference :: URI -> Nodes -> Reference
[referenceURI] :: Reference -> URI
[reference] :: Reference -> Nodes

-- | §3.7
data EncryptionProperties
EncryptionProperties :: Maybe ID -> List1 EncryptionProperty -> EncryptionProperties
[encryptionPropertiesId] :: EncryptionProperties -> Maybe ID
[encryptionProperties] :: EncryptionProperties -> List1 EncryptionProperty
data EncryptionProperty
EncryptionProperty :: Maybe ID -> Maybe AnyURI -> Nodes -> EncryptionProperty
[encryptionPropertyId] :: EncryptionProperty -> Maybe ID
[encryptionPropertyTarget] :: EncryptionProperty -> Maybe AnyURI
[encryptionProperty] :: EncryptionProperty -> Nodes

-- | §5.1
data EncryptionAlgorithm

-- | §5.2.2
BlockEncryptionTripleDES :: EncryptionAlgorithm

-- | §5.2.3
BlockEncryptionAES128 :: EncryptionAlgorithm

-- | §5.2.3
BlockEncryptionAES192 :: EncryptionAlgorithm

-- | §5.2.3
BlockEncryptionAES256 :: EncryptionAlgorithm

-- | §5.2.4
BlockEncryptionAES128GCM :: EncryptionAlgorithm

-- | §5.2.4
BlockEncryptionAES192GCM :: EncryptionAlgorithm

-- | §5.2.4
BlockEncryptionAES256GCM :: EncryptionAlgorithm

-- | §5.5.1
KeyTransportRSA1_5 :: EncryptionAlgorithm

-- | §5.5.2
KeyTransportRSAOAEPMGF1P :: EncryptionAlgorithm

-- | §5.5.2
KeyTransportRSAOAEP :: EncryptionAlgorithm

-- | §5.5
data AgreementMethod
AgreementMethod :: IdentifiedURI EncryptionAlgorithm -> Maybe Base64Binary -> Maybe DigestMethod -> Maybe KeyInfo -> Maybe KeyInfo -> AgreementMethod
[agreementMethodAlgorithm] :: AgreementMethod -> IdentifiedURI EncryptionAlgorithm
[agreementMethodKA_Nonce] :: AgreementMethod -> Maybe Base64Binary
[agreementMethodDigestMethod] :: AgreementMethod -> Maybe DigestMethod
[agreementMethodOriginatorKeyInfo] :: AgreementMethod -> Maybe KeyInfo
[agreementMethodRecipientKeyInfo] :: AgreementMethod -> Maybe KeyInfo
instance GHC.Show.Show SAML2.XML.Encryption.EncryptedData
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptedData
instance GHC.Show.Show SAML2.XML.Encryption.EncryptedKey
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptedKey
instance GHC.Show.Show SAML2.XML.Encryption.EncryptedType
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptedType
instance GHC.Show.Show SAML2.XML.Encryption.EncryptionMethod
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptionMethod
instance GHC.Show.Show SAML2.XML.Encryption.EncryptionAlgorithm
instance GHC.Enum.Enum SAML2.XML.Encryption.EncryptionAlgorithm
instance GHC.Enum.Bounded SAML2.XML.Encryption.EncryptionAlgorithm
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptionAlgorithm
instance GHC.Show.Show SAML2.XML.Encryption.EncryptionProperties
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptionProperties
instance GHC.Show.Show SAML2.XML.Encryption.EncryptionProperty
instance GHC.Classes.Eq SAML2.XML.Encryption.EncryptionProperty
instance GHC.Show.Show SAML2.XML.Encryption.Reference
instance GHC.Classes.Eq SAML2.XML.Encryption.Reference
instance GHC.Show.Show SAML2.XML.Encryption.CipherData
instance GHC.Classes.Eq SAML2.XML.Encryption.CipherData
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.AgreementMethod
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptedData
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptedKey
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptedType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptionMethod
instance SAML2.XML.Identifiable Network.URI.URI SAML2.XML.Encryption.EncryptionAlgorithm
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptionProperties
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.EncryptionProperty
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.Reference
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.XML.Encryption.CipherData


-- | XML Signature Syntax and Processing
--   
--   <a>http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/</a> (selected
--   portions)
module SAML2.XML.Signature
generateReference :: Reference -> XmlTree -> IO Reference
data SigningKey
SigningKeyDSA :: KeyPair -> SigningKey
SigningKeyRSA :: KeyPair -> SigningKey
data PublicKeys
PublicKeys :: Maybe PublicKey -> Maybe PublicKey -> PublicKeys
[publicKeyDSA] :: PublicKeys -> Maybe PublicKey
[publicKeyRSA] :: PublicKeys -> Maybe PublicKey
signingKeySignatureAlgorithm :: SigningKey -> SignatureAlgorithm
signBase64 :: SigningKey -> ByteString -> IO ByteString
verifyBase64 :: PublicKeys -> IdentifiedURI SignatureAlgorithm -> ByteString -> ByteString -> Maybe Bool
generateSignature :: SigningKey -> SignedInfo -> IO Signature
verifySignature :: PublicKeys -> String -> XmlTree -> IO (Maybe Bool)
instance GHC.Show.Show SAML2.XML.Signature.PublicKeys
instance GHC.Classes.Eq SAML2.XML.Signature.PublicKeys
instance GHC.Show.Show SAML2.XML.Signature.SigningKey
instance GHC.Classes.Eq SAML2.XML.Signature.SigningKey
instance GHC.Base.Monoid SAML2.XML.Signature.PublicKeys


-- | Confirmation Method Identifiers
--   
--   <a>saml-profiles-2.0-os</a> §3
module SAML2.Profiles.ConfirmationMethod

-- | §3
data ConfirmationMethod
ConfirmationMethodHolderOfKey :: ConfirmationMethod
ConfirmationMethodSenderVouches :: ConfirmationMethod
ConfirmationMethodBearer :: ConfirmationMethod
instance GHC.Show.Show SAML2.Profiles.ConfirmationMethod.ConfirmationMethod
instance GHC.Enum.Bounded SAML2.Profiles.ConfirmationMethod.ConfirmationMethod
instance GHC.Enum.Enum SAML2.Profiles.ConfirmationMethod.ConfirmationMethod
instance GHC.Classes.Eq SAML2.Profiles.ConfirmationMethod.ConfirmationMethod
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Profiles.ConfirmationMethod.ConfirmationMethod


-- | Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0
--   
--   <a>saml-profiles-2.0-os</a>
module SAML2.Profiles


-- | SAML-Defined Identifiers
--   
--   <a>saml-core-2.0-os</a> §8
module SAML2.Core.Identifiers

-- | §8.1
data ActionNamespace

-- | §8.1.1: Read Write Execute Delete Control
ActionNamespaceRWEDC :: ActionNamespace

-- | §8.1.2: RWEDC ~RWEDC
ActionNamespaceRWEDCNegation :: ActionNamespace

-- | §8.1.3: GET HEAD PUT POST
ActionNamespaceGHPP :: ActionNamespace

-- | §8.1.4: octal
ActionNamespaceUNIX :: ActionNamespace

-- | §8.2
data AttributeNameFormat

-- | §8.2.1: Text
AttributeNameFormatUnspecified :: AttributeNameFormat

-- | §8.2.2: URI
AttributeNameFormatURI :: AttributeNameFormat

-- | §8.2.3: Name
AttributeNameFormatBasic :: AttributeNameFormat

-- | §8.3
data NameIDFormat

-- | §8.3.1: Text
NameIDFormatUnspecified :: NameIDFormat

-- | §8.3.2: rfc2822
NameIDFormatEmail :: NameIDFormat

-- | §8.3.3: XML signature
NameIDFormatX509 :: NameIDFormat

-- | §8.3.4: Maybe Domain, User
NameIDFormatWindows :: NameIDFormat

-- | §8.3.5: rfc1510
NameIDFormatKerberos :: NameIDFormat

-- | §8.3.6: SAML endpoint (BaseId and SPProvidedID must be Nothing)
NameIDFormatEntity :: NameIDFormat

-- | §8.3.7: String &lt;= 256 char (NameQualifier same as idp
--   ident<i>Nothing, SPNameQualifier same as sp ident</i>Nothing,
--   SPProvidedID alt ident from sp)
NameIDFormatPersistent :: NameIDFormat

-- | §8.3.8: String &lt;= 256 char
NameIDFormatTransient :: NameIDFormat

-- | §3.4.1.1: only for NameIDPolicy
NameIDFormatEncrypted :: NameIDFormat

-- | §8.4
data Consent

-- | §8.4.1
ConsentUnspecified :: Consent

-- | §8.4.2
ConsentObtained :: Consent

-- | §8.4.3
ConsentPrior :: Consent

-- | §8.4.4
ConsentImplicit :: Consent

-- | §8.4.5
ConsentExplicit :: Consent

-- | §8.4.6
ConsentUnavailable :: Consent

-- | §8.4.7
ConsentInapplicable :: Consent
instance GHC.Show.Show SAML2.Core.Identifiers.Consent
instance GHC.Enum.Bounded SAML2.Core.Identifiers.Consent
instance GHC.Enum.Enum SAML2.Core.Identifiers.Consent
instance GHC.Classes.Eq SAML2.Core.Identifiers.Consent
instance GHC.Show.Show SAML2.Core.Identifiers.NameIDFormat
instance GHC.Enum.Bounded SAML2.Core.Identifiers.NameIDFormat
instance GHC.Enum.Enum SAML2.Core.Identifiers.NameIDFormat
instance GHC.Classes.Eq SAML2.Core.Identifiers.NameIDFormat
instance GHC.Show.Show SAML2.Core.Identifiers.AttributeNameFormat
instance GHC.Enum.Bounded SAML2.Core.Identifiers.AttributeNameFormat
instance GHC.Enum.Enum SAML2.Core.Identifiers.AttributeNameFormat
instance GHC.Classes.Eq SAML2.Core.Identifiers.AttributeNameFormat
instance GHC.Show.Show SAML2.Core.Identifiers.ActionNamespace
instance GHC.Enum.Bounded SAML2.Core.Identifiers.ActionNamespace
instance GHC.Enum.Enum SAML2.Core.Identifiers.ActionNamespace
instance GHC.Classes.Eq SAML2.Core.Identifiers.ActionNamespace
instance Data.Default.Class.Default SAML2.Core.Identifiers.Consent
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Identifiers.Consent
instance Data.Default.Class.Default SAML2.Core.Identifiers.NameIDFormat
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Identifiers.NameIDFormat
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Identifiers.AttributeNameFormat
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Identifiers.ActionNamespace


-- | SAML Assertions
--   
--   <a>saml-core-2.0-os</a> §2
module SAML2.Core.Assertions
ns :: Namespace
xpElem :: String -> PU a -> PU a

-- | §2.2.1
data BaseID id
BaseID :: Maybe XString -> Maybe XString -> !id -> BaseID id
[baseNameQualifier] :: BaseID id -> Maybe XString
[baseSPNameQualifier] :: BaseID id -> Maybe XString
[baseID] :: BaseID id -> !id
xpBaseID :: PU id -> PU (BaseID id)

-- | §2.2.3
data NameID
NameID :: BaseID XString -> IdentifiedURI NameIDFormat -> Maybe XString -> NameID
[nameBaseID] :: NameID -> BaseID XString
[nameIDFormat] :: NameID -> IdentifiedURI NameIDFormat
[nameSPProvidedID] :: NameID -> Maybe XString
simpleNameID :: NameIDFormat -> XString -> NameID
xpNameIDDefaulting :: IdentifiedURI NameIDFormat -> PU NameID
xpNameID :: PU NameID
type EncryptedNameID = EncryptedElement NameID
data Identifier
IdentifierName :: NameID -> Identifier
IdentifierBase :: (BaseID Nodes) -> Identifier

-- | §2.2.4
type EncryptedID = EncryptedElement Identifier
data EncryptedElement a
EncryptedElement :: EncryptedData -> [EncryptedKey] -> EncryptedElement a
[encryptedData] :: EncryptedElement a -> EncryptedData
[encryptedKey] :: EncryptedElement a -> [EncryptedKey]
xpEncryptedElement :: PU (EncryptedElement a)
data PossiblyEncrypted a
NotEncrypted :: !a -> PossiblyEncrypted a
SoEncrypted :: (EncryptedElement a) -> PossiblyEncrypted a
xpPossiblyEncrypted :: (XmlPickler a, XmlPickler (EncryptedElement a)) => PU (PossiblyEncrypted a)
data AssertionRef
AssertionRefID :: AssertionIDRef -> AssertionRef

-- | §2.3.2
AssertionURIRef :: AnyURI -> AssertionRef
AssertionRef :: (PossiblyEncrypted Assertion) -> AssertionRef

-- | §2.2.5
newtype Issuer
Issuer :: NameID -> Issuer
[issuer] :: Issuer -> NameID

-- | §2.3.1
newtype AssertionIDRef
AssertionIDRef :: ID -> AssertionIDRef
[assertionIDRef] :: AssertionIDRef -> ID

-- | §2.3.3
data Assertion
Assertion :: SAMLVersion -> ID -> DateTime -> Issuer -> Maybe Signature -> Subject -> Maybe Conditions -> Maybe Advice -> [Statement] -> Assertion
[assertionVersion] :: Assertion -> SAMLVersion
[assertionID] :: Assertion -> ID
[assertionIssueInstant] :: Assertion -> DateTime
[assertionIssuer] :: Assertion -> Issuer
[assertionSignature] :: Assertion -> Maybe Signature

-- | use <a>noSubject</a> to omit
[assertionSubject] :: Assertion -> Subject
[assertionConditions] :: Assertion -> Maybe Conditions
[assertionAdvice] :: Assertion -> Maybe Advice
[assertionStatement] :: Assertion -> [Statement]

-- | §2.3.4
type EncryptedAssertion = EncryptedElement Assertion

-- | §2.4.1
data Subject
Subject :: Maybe (PossiblyEncrypted Identifier) -> [SubjectConfirmation] -> Subject
[subjectIdentifier] :: Subject -> Maybe (PossiblyEncrypted Identifier)
[subjectConfirmation] :: Subject -> [SubjectConfirmation]
noSubject :: Subject

-- | §2.4.1.1
data SubjectConfirmation
SubjectConfirmation :: IdentifiedURI ConfirmationMethod -> Maybe (PossiblyEncrypted Identifier) -> Maybe SubjectConfirmationData -> SubjectConfirmation
[subjectConfirmationMethod] :: SubjectConfirmation -> IdentifiedURI ConfirmationMethod
[subjectConfirmationIdentifier] :: SubjectConfirmation -> Maybe (PossiblyEncrypted Identifier)
[subjectConfirmationData] :: SubjectConfirmation -> Maybe SubjectConfirmationData

-- | §2.4.1.2
data SubjectConfirmationData
SubjectConfirmationData :: Maybe DateTime -> Maybe AnyURI -> Maybe ID -> Maybe IP -> [KeyInfo] -> Nodes -> SubjectConfirmationData
[subjectConfirmationNotBefore, subjectConfirmationNotOnOrAfter] :: SubjectConfirmationData -> Maybe DateTime
[subjectConfirmationRecipient] :: SubjectConfirmationData -> Maybe AnyURI
[subjectConfirmationInResponseTo] :: SubjectConfirmationData -> Maybe ID
[subjectConfirmationAddress] :: SubjectConfirmationData -> Maybe IP
[subjectConfirmationKeyInfo] :: SubjectConfirmationData -> [KeyInfo]

-- | anything
[subjectConfirmationXML] :: SubjectConfirmationData -> Nodes

-- | §2.5.1
data Conditions
Conditions :: Maybe DateTime -> [Condition] -> Conditions
[conditionsNotBefore, conditionsNotOnOrAfter] :: Conditions -> Maybe DateTime
[conditions] :: Conditions -> [Condition]
data Condition

-- | §2.5.1.3
Condition :: Node -> Condition

-- | §2.5.1.4
AudienceRestriction :: (List1 Audience) -> Condition

-- | §2.5.1.5
OneTimeUse :: Condition

-- | §2.5.1.6
ProxyRestriction :: Maybe NonNegativeInteger -> [Audience] -> Condition
[proxyRestrictionCount] :: Condition -> Maybe NonNegativeInteger
[proxyRestrictionAudience] :: Condition -> [Audience]

-- | §2.5.1.4
newtype Audience
Audience :: AnyURI -> Audience
[audience] :: Audience -> AnyURI

-- | §2.6.1
type Advice = [AdviceElement]
data AdviceElement
AdviceAssertion :: AssertionRef -> AdviceElement
Advice :: Node -> AdviceElement

-- | §2.7.1
data Statement
StatementAuthn :: AuthnStatement -> Statement
StatementAttribute :: AttributeStatement -> Statement
StatementAuthzDecision :: AuthzDecisionStatement -> Statement
Statement :: Node -> Statement

-- | §2.7.2
data AuthnStatement
AuthnStatement :: DateTime -> Maybe XString -> Maybe DateTime -> Maybe SubjectLocality -> AuthnContext -> AuthnStatement
[authnStatementInstant] :: AuthnStatement -> DateTime
[authnStatementSessionIndex] :: AuthnStatement -> Maybe XString
[authnStatementSessionNotOnOrAfter] :: AuthnStatement -> Maybe DateTime
[authnStatementSubjectLocality] :: AuthnStatement -> Maybe SubjectLocality
[authnStatementContext] :: AuthnStatement -> AuthnContext

-- | §2.7.2.1
data SubjectLocality
SubjectLocality :: Maybe IP -> Maybe XString -> SubjectLocality
[subjectLocalityAddress] :: SubjectLocality -> Maybe IP
[subjectLocalityDNSName] :: SubjectLocality -> Maybe XString

-- | §2.7.2.2
data AuthnContext
AuthnContext :: Maybe AnyURI -> Maybe AuthnContextDecl -> [AnyURI] -> AuthnContext
[authnContextClassRef] :: AuthnContext -> Maybe AnyURI
[authnContextDecl] :: AuthnContext -> Maybe AuthnContextDecl
[authnContextAuthenticatingAuthority] :: AuthnContext -> [AnyURI]
data AuthnContextDecl
AuthnContextDecl :: Nodes -> AuthnContextDecl
AuthnContextDeclRef :: AnyURI -> AuthnContextDecl

-- | §2.7.3
newtype AttributeStatement
AttributeStatement :: List1 (PossiblyEncrypted Attribute) -> AttributeStatement
[attributeStatement] :: AttributeStatement -> List1 (PossiblyEncrypted Attribute)

-- | §2.7.3.1
data Attribute
Attribute :: XString -> IdentifiedURI AttributeNameFormat -> Maybe XString -> Nodes -> [Nodes] -> Attribute
[attributeName] :: Attribute -> XString
[attributeNameFormat] :: Attribute -> IdentifiedURI AttributeNameFormat
[attributeFriendlyName] :: Attribute -> Maybe XString
[attributeAttrs] :: Attribute -> Nodes

-- | §2.7.3.1.1
[attributeValues] :: Attribute -> [Nodes]
xpAttributeType :: PU Attribute

-- | §2.7.3.2
type EncryptedAttribute = EncryptedElement Attribute

-- | §2.7.4
data AuthzDecisionStatement
AuthzDecisionStatement :: AnyURI -> DecisionType -> List1 Action -> Evidence -> AuthzDecisionStatement
[authzDecisionStatementResource] :: AuthzDecisionStatement -> AnyURI
[authzDecisionStatementDecision] :: AuthzDecisionStatement -> DecisionType
[authzDecisionStatementAction] :: AuthzDecisionStatement -> List1 Action
[authzDecisionStatementEvidence] :: AuthzDecisionStatement -> Evidence

-- | §2.7.4.1
data DecisionType
DecisionTypePermit :: DecisionType
DecisionTypeDeny :: DecisionType
DecisionTypeIndeterminate :: DecisionType

-- | §2.7.4.2
data Action
Action :: IdentifiedURI ActionNamespace -> XString -> Action
[actionNamespace] :: Action -> IdentifiedURI ActionNamespace
[action] :: Action -> XString

-- | §2.7.4.3
newtype Evidence
Evidence :: [AssertionRef] -> Evidence
[evidence] :: Evidence -> [AssertionRef]
instance GHC.Show.Show SAML2.Core.Assertions.AdviceElement
instance GHC.Classes.Eq SAML2.Core.Assertions.AdviceElement
instance GHC.Show.Show SAML2.Core.Assertions.AuthzDecisionStatement
instance GHC.Classes.Eq SAML2.Core.Assertions.AuthzDecisionStatement
instance GHC.Show.Show SAML2.Core.Assertions.Statement
instance GHC.Classes.Eq SAML2.Core.Assertions.Statement
instance GHC.Show.Show SAML2.Core.Assertions.Assertion
instance GHC.Classes.Eq SAML2.Core.Assertions.Assertion
instance GHC.Show.Show SAML2.Core.Assertions.AssertionRef
instance GHC.Classes.Eq SAML2.Core.Assertions.AssertionRef
instance GHC.Base.Monoid SAML2.Core.Assertions.Evidence
instance GHC.Show.Show SAML2.Core.Assertions.Evidence
instance GHC.Classes.Eq SAML2.Core.Assertions.Evidence
instance GHC.Show.Show SAML2.Core.Assertions.Action
instance GHC.Classes.Eq SAML2.Core.Assertions.Action
instance GHC.Show.Show SAML2.Core.Assertions.DecisionType
instance GHC.Enum.Bounded SAML2.Core.Assertions.DecisionType
instance GHC.Enum.Enum SAML2.Core.Assertions.DecisionType
instance GHC.Classes.Eq SAML2.Core.Assertions.DecisionType
instance GHC.Show.Show SAML2.Core.Assertions.AttributeStatement
instance GHC.Classes.Eq SAML2.Core.Assertions.AttributeStatement
instance GHC.Show.Show SAML2.Core.Assertions.Attribute
instance GHC.Classes.Eq SAML2.Core.Assertions.Attribute
instance GHC.Show.Show SAML2.Core.Assertions.AuthnStatement
instance GHC.Classes.Eq SAML2.Core.Assertions.AuthnStatement
instance GHC.Show.Show SAML2.Core.Assertions.AuthnContext
instance GHC.Classes.Eq SAML2.Core.Assertions.AuthnContext
instance GHC.Show.Show SAML2.Core.Assertions.AuthnContextDecl
instance GHC.Classes.Eq SAML2.Core.Assertions.AuthnContextDecl
instance GHC.Show.Show SAML2.Core.Assertions.SubjectLocality
instance GHC.Classes.Eq SAML2.Core.Assertions.SubjectLocality
instance GHC.Show.Show SAML2.Core.Assertions.Conditions
instance GHC.Classes.Eq SAML2.Core.Assertions.Conditions
instance GHC.Show.Show SAML2.Core.Assertions.Condition
instance GHC.Classes.Eq SAML2.Core.Assertions.Condition
instance GHC.Show.Show SAML2.Core.Assertions.Audience
instance GHC.Classes.Eq SAML2.Core.Assertions.Audience
instance GHC.Show.Show SAML2.Core.Assertions.Subject
instance GHC.Classes.Eq SAML2.Core.Assertions.Subject
instance GHC.Show.Show SAML2.Core.Assertions.SubjectConfirmation
instance GHC.Classes.Eq SAML2.Core.Assertions.SubjectConfirmation
instance GHC.Show.Show SAML2.Core.Assertions.SubjectConfirmationData
instance GHC.Classes.Eq SAML2.Core.Assertions.SubjectConfirmationData
instance GHC.Show.Show SAML2.Core.Assertions.AssertionIDRef
instance GHC.Classes.Eq SAML2.Core.Assertions.AssertionIDRef
instance GHC.Show.Show SAML2.Core.Assertions.Issuer
instance GHC.Classes.Eq SAML2.Core.Assertions.Issuer
instance GHC.Show.Show a => GHC.Show.Show (SAML2.Core.Assertions.PossiblyEncrypted a)
instance GHC.Classes.Eq a => GHC.Classes.Eq (SAML2.Core.Assertions.PossiblyEncrypted a)
instance GHC.Show.Show (SAML2.Core.Assertions.EncryptedElement a)
instance GHC.Classes.Eq (SAML2.Core.Assertions.EncryptedElement a)
instance GHC.Show.Show SAML2.Core.Assertions.Identifier
instance GHC.Classes.Eq SAML2.Core.Assertions.Identifier
instance GHC.Show.Show SAML2.Core.Assertions.NameID
instance GHC.Classes.Eq SAML2.Core.Assertions.NameID
instance GHC.Show.Show id => GHC.Show.Show (SAML2.Core.Assertions.BaseID id)
instance GHC.Classes.Eq id => GHC.Classes.Eq (SAML2.Core.Assertions.BaseID id)
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.EncryptedAssertion
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AssertionRef
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Assertion
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Assertions.Assertion
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AdviceElement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Statement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AuthzDecisionStatement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Evidence
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Action
instance SAML2.XML.Identifiable SAML2.Core.Datatypes.XString SAML2.Core.Assertions.DecisionType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.DecisionType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.EncryptedAttribute
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AttributeStatement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Attribute
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AuthnStatement
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AuthnContext
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AuthnContextDecl
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.SubjectLocality
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Conditions
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Condition
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Audience
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Subject
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.SubjectConfirmation
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.SubjectConfirmationData
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.AssertionIDRef
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Issuer
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.EncryptedNameID
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.EncryptedID
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.Identifier
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Assertions.NameID


-- | Protocol Bindings identifiers
--   
--   <a>saml-bindings-2.0-os</a> §3.X.1
module SAML2.Bindings.Identifiers
data Binding

-- | §3.2
BindingSOAP :: Binding

-- | §3.3
BindingPAOS :: Binding

-- | §3.4
BindingHTTPRedirect :: Binding

-- | §3.5
BindingHTTPPOST :: Binding

-- | §3.6
BindingHTTPArtifact :: Binding

-- | §3.7
BindingURI :: Binding
instance GHC.Show.Show SAML2.Bindings.Identifiers.Binding
instance GHC.Enum.Enum SAML2.Bindings.Identifiers.Binding
instance GHC.Enum.Bounded SAML2.Bindings.Identifiers.Binding
instance GHC.Classes.Eq SAML2.Bindings.Identifiers.Binding
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Bindings.Identifiers.Binding


-- | Metadata for SAML V2.0
--   
--   <a>saml-metadata-2.0-os</a> §2
module SAML2.Metadata.Metadata
ns :: Namespace
xpElem :: String -> PU a -> PU a

-- | §2.2.1
type EntityID = AnyURI
xpEntityID :: PU EntityID

-- | §2.2.2
data Endpoint
Endpoint :: IdentifiedURI Binding -> AnyURI -> Maybe AnyURI -> Nodes -> Nodes -> Endpoint
[endpointBinding] :: Endpoint -> IdentifiedURI Binding
[endpointLocation] :: Endpoint -> AnyURI
[endpointResponseLocation] :: Endpoint -> Maybe AnyURI
[endpointAttrs] :: Endpoint -> Nodes
[endpointXML] :: Endpoint -> Nodes

-- | §2.2.3
data IndexedEndpoint
IndexedEndpoint :: Endpoint -> UnsignedShort -> Boolean -> IndexedEndpoint
[indexedEndpoint] :: IndexedEndpoint -> Endpoint
[indexedEndpointIndex] :: IndexedEndpoint -> UnsignedShort
[indexedEndpointIsDefault] :: IndexedEndpoint -> Boolean
data Localized a
Localized :: Language -> a -> Localized a
[localizedLang] :: Localized a -> Language
[localized] :: Localized a -> a
xpLocalized :: PU a -> PU (Localized a)

-- | §2.2.4
type LocalizedName = Localized String

-- | §2.2.5
type LocalizedURI = Localized AnyURI
data Metadata

-- | §2.3.2
EntityDescriptor :: EntityID -> Maybe ID -> Maybe DateTime -> Maybe Duration -> Nodes -> Maybe Signature -> Extensions -> Descriptors -> Maybe Organization -> [Contact] -> [AdditionalMetadataLocation] -> Metadata
[entityID] :: Metadata -> EntityID
[metadataID] :: Metadata -> Maybe ID
[metadataValidUntil] :: Metadata -> Maybe DateTime
[metadataCacheDuration] :: Metadata -> Maybe Duration
[entityAttrs] :: Metadata -> Nodes
[metadataSignature] :: Metadata -> Maybe Signature
[metadataExtensions] :: Metadata -> Extensions
[entityDescriptors] :: Metadata -> Descriptors
[entityOrganization] :: Metadata -> Maybe Organization
[entityContactPerson] :: Metadata -> [Contact]
[entityAditionalMetadataLocation] :: Metadata -> [AdditionalMetadataLocation]

-- | §2.3.1
EntitiesDescriptor :: Maybe ID -> Maybe DateTime -> Maybe Duration -> Maybe String -> Maybe Signature -> Extensions -> List1 Metadata -> Metadata
[metadataID] :: Metadata -> Maybe ID
[metadataValidUntil] :: Metadata -> Maybe DateTime
[metadataCacheDuration] :: Metadata -> Maybe Duration
[entitiesName] :: Metadata -> Maybe String
[metadataSignature] :: Metadata -> Maybe Signature
[metadataExtensions] :: Metadata -> Extensions
[entities] :: Metadata -> List1 Metadata

-- | §2.3.1 empty list means missing
newtype Extensions
Extensions :: Nodes -> Extensions
[extensions] :: Extensions -> Nodes
data Descriptors
Descriptors :: List1 Descriptor -> Descriptors
[descriptors] :: Descriptors -> List1 Descriptor

-- | §2.5
AffiliationDescriptor :: EntityID -> Maybe ID -> Maybe DateTime -> Maybe Duration -> Nodes -> Maybe Signature -> Extensions -> List1 EntityID -> [KeyDescriptor] -> Descriptors
[affiliationDescriptorAffiliationOwnerID] :: Descriptors -> EntityID
[affiliationDescriptorID] :: Descriptors -> Maybe ID
[affiliationDescriptorValidUntil] :: Descriptors -> Maybe DateTime
[affiliationDescriptorCacheDuration] :: Descriptors -> Maybe Duration
[affiliationDescriptorAttrs] :: Descriptors -> Nodes
[affiliationDescriptorSignature] :: Descriptors -> Maybe Signature
[affiliationDescriptorExtensions] :: Descriptors -> Extensions
[affiliationDescriptorAffiliateMember] :: Descriptors -> List1 EntityID
[affiliationDescriptorKeyDescriptor] :: Descriptors -> [KeyDescriptor]
data Descriptor

-- | §2.4.1
Descriptor :: !RoleDescriptor -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor

-- | §2.4.3
IDPSSODescriptor :: !RoleDescriptor -> !SSODescriptor -> Boolean -> List1 Endpoint -> [Endpoint] -> [Endpoint] -> [AnyURI] -> [Attribute] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorSSO] :: Descriptor -> !SSODescriptor
[descriptorWantAuthnRequestsSigned] :: Descriptor -> Boolean
[descriptorSingleSignOnService] :: Descriptor -> List1 Endpoint
[descriptorNameIDMappingService] :: Descriptor -> [Endpoint]
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorAttributeProfile] :: Descriptor -> [AnyURI]
[descriptorAttribute] :: Descriptor -> [Attribute]

-- | §2.4.4
SPSSODescriptor :: !RoleDescriptor -> !SSODescriptor -> Boolean -> Boolean -> List1 IndexedEndpoint -> [AttributeConsumingService] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorSSO] :: Descriptor -> !SSODescriptor
[descriptorAuthnRequestsSigned] :: Descriptor -> Boolean
[descriptorWantAssertionsSigned] :: Descriptor -> Boolean
[descriptorAssertionConsumerService] :: Descriptor -> List1 IndexedEndpoint
[descriptorAttributeConsumingService] :: Descriptor -> [AttributeConsumingService]

-- | §2.4.5
AuthnAuthorityDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAuthnQueryService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]

-- | §2.4.7
AttributeAuthorityDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> [AnyURI] -> [Attribute] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAttributeService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]
[descriptorAttributeProfile] :: Descriptor -> [AnyURI]
[descriptorAttribute] :: Descriptor -> [Attribute]

-- | §2.4.6
PDPDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAuthzService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]

-- | §2.3.2.1
data Organization
Organization :: Nodes -> Extensions -> List1 LocalizedName -> List1 LocalizedName -> List1 LocalizedURI -> Organization
[organizationAttrs] :: Organization -> Nodes
[organizationExtensions] :: Organization -> Extensions
[organizationName] :: Organization -> List1 LocalizedName
[organizationDisplayName] :: Organization -> List1 LocalizedName
[organizationURL] :: Organization -> List1 LocalizedURI

-- | §2.3.2.2
data Contact
ContactPerson :: ContactType -> Nodes -> Extensions -> Maybe String -> Maybe String -> Maybe String -> [AnyURI] -> [String] -> Contact
[contactType] :: Contact -> ContactType
[contactAttrs] :: Contact -> Nodes
[contactExtensions] :: Contact -> Extensions
[contactCompany] :: Contact -> Maybe String
[contactGivenName] :: Contact -> Maybe String
[contactSurName] :: Contact -> Maybe String
[contactEmailAddress] :: Contact -> [AnyURI]
[contactTelephoneNumber] :: Contact -> [String]
data ContactType
ContactTypeTechnical :: ContactType
ContactTypeSupport :: ContactType
ContactTypeAdministrative :: ContactType
ContactTypeBilling :: ContactType
ContactTypeOther :: ContactType

-- | §2.3.2.3
data AdditionalMetadataLocation
AdditionalMetadataLocation :: AnyURI -> AnyURI -> AdditionalMetadataLocation
[additionalMetadataLocationNamespace] :: AdditionalMetadataLocation -> AnyURI
[additionalMetadataLocation] :: AdditionalMetadataLocation -> AnyURI

-- | §2.4.1
data RoleDescriptor
RoleDescriptor :: Maybe ID -> Maybe DateTime -> Maybe Duration -> [AnyURI] -> Maybe AnyURI -> Nodes -> Maybe Signature -> Extensions -> [KeyDescriptor] -> Maybe Organization -> [Contact] -> RoleDescriptor
[roleDescriptorID] :: RoleDescriptor -> Maybe ID
[roleDescriptorValidUntil] :: RoleDescriptor -> Maybe DateTime
[roleDescriptorCacheDuration] :: RoleDescriptor -> Maybe Duration
[roleDescriptorProtocolSupportEnumeration] :: RoleDescriptor -> [AnyURI]
[roleDescriptorErrorURL] :: RoleDescriptor -> Maybe AnyURI
[roleDescriptorAttrs] :: RoleDescriptor -> Nodes
[roleDescriptorSignature] :: RoleDescriptor -> Maybe Signature
[roleDescriptorExtensions] :: RoleDescriptor -> Extensions
[roleDescriptorKeyDescriptor] :: RoleDescriptor -> [KeyDescriptor]
[roleDescriptorOrganization] :: RoleDescriptor -> Maybe Organization
[roleDescriptorContactPerson] :: RoleDescriptor -> [Contact]

-- | §2.4.1.1
data KeyDescriptor
KeyDescriptor :: KeyTypes -> KeyInfo -> [EncryptionMethod] -> KeyDescriptor
[keyDescriptorUse] :: KeyDescriptor -> KeyTypes
[keyDescriptorKeyInfo] :: KeyDescriptor -> KeyInfo
[keyDescriptorEncryptionMethod] :: KeyDescriptor -> [EncryptionMethod]
data KeyTypes
KeyTypeSigning :: KeyTypes
KeyTypeEncryption :: KeyTypes
KeyTypeBoth :: KeyTypes

-- | Does the second KeyTypes include the first type of use?
keyType :: KeyTypes -> KeyTypes -> Bool

-- | §2.4.2
data SSODescriptor
SSODescriptor :: [IndexedEndpoint] -> [Endpoint] -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> SSODescriptor
[ssoDescriptorArtifactResolutionService] :: SSODescriptor -> [IndexedEndpoint]
[ssoDescriptorSingleLogoutService] :: SSODescriptor -> [Endpoint]
[ssoDescriptorManageNameIDService] :: SSODescriptor -> [Endpoint]
[ssoDescriptorNameIDFormat] :: SSODescriptor -> [IdentifiedURI NameIDFormat]

-- | §2.4.4.1
data AttributeConsumingService
AttributeConsumingService :: UnsignedShort -> Bool -> List1 LocalizedName -> [LocalizedName] -> List1 RequestedAttribute -> AttributeConsumingService
[attributeConsumingServiceIndex] :: AttributeConsumingService -> UnsignedShort
[attributeConsumingServiceIsDefault] :: AttributeConsumingService -> Bool
[attributeConsumingServiceServiceName] :: AttributeConsumingService -> List1 LocalizedName
[attributeConsumingServiceServiceDescription] :: AttributeConsumingService -> [LocalizedName]
[attributeConsumingServiceRequestedAttribute] :: AttributeConsumingService -> List1 RequestedAttribute

-- | §2.4.4.1.1
data RequestedAttribute
RequestedAttribute :: !Attribute -> Bool -> RequestedAttribute
[requestedAttribute] :: RequestedAttribute -> !Attribute
[requestedAttributeIsRequired] :: RequestedAttribute -> Bool
instance GHC.Show.Show SAML2.Metadata.Metadata.Metadata
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Metadata
instance GHC.Show.Show SAML2.Metadata.Metadata.Descriptors
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Descriptors
instance GHC.Show.Show SAML2.Metadata.Metadata.Descriptor
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Descriptor
instance GHC.Show.Show SAML2.Metadata.Metadata.AttributeConsumingService
instance GHC.Classes.Eq SAML2.Metadata.Metadata.AttributeConsumingService
instance GHC.Show.Show SAML2.Metadata.Metadata.RequestedAttribute
instance GHC.Classes.Eq SAML2.Metadata.Metadata.RequestedAttribute
instance GHC.Show.Show SAML2.Metadata.Metadata.SSODescriptor
instance GHC.Classes.Eq SAML2.Metadata.Metadata.SSODescriptor
instance GHC.Show.Show SAML2.Metadata.Metadata.RoleDescriptor
instance GHC.Classes.Eq SAML2.Metadata.Metadata.RoleDescriptor
instance GHC.Show.Show SAML2.Metadata.Metadata.KeyDescriptor
instance GHC.Classes.Eq SAML2.Metadata.Metadata.KeyDescriptor
instance GHC.Show.Show SAML2.Metadata.Metadata.KeyTypes
instance GHC.Enum.Bounded SAML2.Metadata.Metadata.KeyTypes
instance GHC.Enum.Enum SAML2.Metadata.Metadata.KeyTypes
instance GHC.Classes.Eq SAML2.Metadata.Metadata.KeyTypes
instance GHC.Show.Show SAML2.Metadata.Metadata.AdditionalMetadataLocation
instance GHC.Classes.Eq SAML2.Metadata.Metadata.AdditionalMetadataLocation
instance GHC.Show.Show SAML2.Metadata.Metadata.Contact
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Contact
instance GHC.Show.Show SAML2.Metadata.Metadata.ContactType
instance GHC.Enum.Bounded SAML2.Metadata.Metadata.ContactType
instance GHC.Enum.Enum SAML2.Metadata.Metadata.ContactType
instance GHC.Classes.Eq SAML2.Metadata.Metadata.ContactType
instance GHC.Show.Show SAML2.Metadata.Metadata.Organization
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Organization
instance GHC.Base.Monoid SAML2.Metadata.Metadata.Extensions
instance GHC.Show.Show SAML2.Metadata.Metadata.Extensions
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Extensions
instance GHC.Show.Show a => GHC.Show.Show (SAML2.Metadata.Metadata.Localized a)
instance GHC.Classes.Eq a => GHC.Classes.Eq (SAML2.Metadata.Metadata.Localized a)
instance GHC.Show.Show SAML2.Metadata.Metadata.IndexedEndpoint
instance GHC.Classes.Eq SAML2.Metadata.Metadata.IndexedEndpoint
instance GHC.Show.Show SAML2.Metadata.Metadata.Endpoint
instance GHC.Classes.Eq SAML2.Metadata.Metadata.Endpoint
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Metadata
instance SAML2.XML.Signature.Types.Signable SAML2.Metadata.Metadata.Metadata
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Descriptors
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Descriptor
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.AttributeConsumingService
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.RequestedAttribute
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.SSODescriptor
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.RoleDescriptor
instance SAML2.XML.Signature.Types.Signable SAML2.Metadata.Metadata.RoleDescriptor
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.KeyDescriptor
instance SAML2.XML.Identifiable SAML2.Core.Datatypes.XString SAML2.Metadata.Metadata.KeyTypes
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.KeyTypes
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.AdditionalMetadataLocation
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Contact
instance SAML2.XML.Identifiable SAML2.Core.Datatypes.XString SAML2.Metadata.Metadata.ContactType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.ContactType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Organization
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Extensions
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.LocalizedURI
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.LocalizedName
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.IndexedEndpoint
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Metadata.Metadata.Endpoint


-- | SAML Protocols
--   
--   <a>saml-core-2.0-os</a> §3
module SAML2.Core.Protocols
ns :: Namespace
xpElem :: String -> PU a -> PU a
data ProtocolType
ProtocolType :: ID -> SAMLVersion -> DateTime -> Maybe AnyURI -> IdentifiedURI Consent -> Maybe Issuer -> Maybe Signature -> [Node] -> Maybe RelayState -> ProtocolType
[protocolID] :: ProtocolType -> ID
[protocolVersion] :: ProtocolType -> SAMLVersion
[protocolIssueInstant] :: ProtocolType -> DateTime
[protocolDestination] :: ProtocolType -> Maybe AnyURI
[protocolConsent] :: ProtocolType -> IdentifiedURI Consent
[protocolIssuer] :: ProtocolType -> Maybe Issuer
[protocolSignature] :: ProtocolType -> Maybe Signature
[protocolExtensions] :: ProtocolType -> [Node]

-- | out-of-band data, not part of XML
[relayState] :: ProtocolType -> Maybe RelayState
class (XmlPickler a, Signable a, Show a) => SAMLProtocol a
samlProtocol' :: SAMLProtocol a => Lens' a ProtocolType
isSAMLResponse :: SAMLProtocol a => a -> Bool
isSAMLResponse_ :: SAMLProtocol a => Proxy a -> Maybe Bool

-- | §3.2.1
newtype RequestAbstractType
RequestAbstractType :: ProtocolType -> RequestAbstractType
[requestProtocol] :: RequestAbstractType -> ProtocolType
class SAMLProtocol a => SAMLRequest a
samlRequest' :: SAMLRequest a => Lens' a RequestAbstractType
requestProtocol' :: Lens' RequestAbstractType ProtocolType

-- | §3.2.2
data StatusResponseType
StatusResponseType :: !ProtocolType -> Maybe NCName -> Status -> StatusResponseType
[statusProtocol] :: StatusResponseType -> !ProtocolType
[statusInResponseTo] :: StatusResponseType -> Maybe NCName
[status] :: StatusResponseType -> Status
class SAMLProtocol a => SAMLResponse a
samlResponse' :: SAMLResponse a => Lens' a StatusResponseType
statusProtocol' :: Lens' StatusResponseType ProtocolType

-- | §3.2.2.1
data Status
Status :: StatusCode -> Maybe XString -> Maybe Nodes -> Status
[statusCode] :: Status -> StatusCode

-- | §3.2.2.3
[statusMessage] :: Status -> Maybe XString

-- | §3.2.2.4
[statusDetail] :: Status -> Maybe Nodes

-- | §3.2.2.2
data StatusCode
StatusCode :: StatusCode1 -> [IdentifiedURI StatusCode2] -> StatusCode
[statusCode1] :: StatusCode -> StatusCode1
[statusCodes] :: StatusCode -> [IdentifiedURI StatusCode2]
data StatusCode1
StatusSuccess :: StatusCode1
StatusRequester :: StatusCode1
StatusResponder :: StatusCode1
StatusVersionMismatch :: StatusCode1
data StatusCode2
StatusAuthnFailed :: StatusCode2
StatusInvalidAttrNameOrValue :: StatusCode2
StatusInvalidNameIDPolicy :: StatusCode2
StatusNoAuthnContext :: StatusCode2
StatusNoAvailableIDP :: StatusCode2
StatusNoPassive :: StatusCode2
StatusNoSupportedIDP :: StatusCode2
StatusPartialLogout :: StatusCode2
StatusProxyCountExceeded :: StatusCode2
StatusRequestDenied :: StatusCode2
StatusRequestUnsupported :: StatusCode2
StatusRequestVersionDeprecated :: StatusCode2
StatusRequestVersionTooHigh :: StatusCode2
StatusRequestVersionTooLow :: StatusCode2
StatusResourceNotRecognized :: StatusCode2
StatusTooManyResponses :: StatusCode2
StatusUnknownAttrProfile :: StatusCode2
StatusUnknownPrincipal :: StatusCode2
StatusUnsupportedBinding :: StatusCode2
successStatus :: Status

-- | §3.3.1
data AssertionIDRequest
AssertionIDRequest :: !RequestAbstractType -> List1 (AssertionIDRef) -> AssertionIDRequest
[assertionIDRequest] :: AssertionIDRequest -> !RequestAbstractType
[assertionIDRequestRef] :: AssertionIDRequest -> List1 (AssertionIDRef)

-- | §3.3.2.1
data SubjectQueryAbstractType
SubjectQueryAbstractType :: !RequestAbstractType -> Subject -> SubjectQueryAbstractType
[subjectQuery] :: SubjectQueryAbstractType -> !RequestAbstractType
[subjectQuerySubject] :: SubjectQueryAbstractType -> Subject
subjectQuery' :: Lens' SubjectQueryAbstractType RequestAbstractType

-- | §3.3.2.2
data AuthnQuery
AuthnQuery :: !SubjectQueryAbstractType -> Maybe XString -> Maybe RequestedAuthnContext -> AuthnQuery
[authnQuery] :: AuthnQuery -> !SubjectQueryAbstractType
[authnQuerySessionIndex] :: AuthnQuery -> Maybe XString
[authnQueryRequestedAuthnContext] :: AuthnQuery -> Maybe RequestedAuthnContext

-- | §3.3.2.2.1
data RequestedAuthnContext
RequestedAuthnContext :: Maybe AuthnContextComparisonType -> AuthnContextRefs -> RequestedAuthnContext
[requestedAuthnContextComparison] :: RequestedAuthnContext -> Maybe AuthnContextComparisonType
[requestedAuthnContextRefs] :: RequestedAuthnContext -> AuthnContextRefs
data AuthnContextRefs
AuthnContextClassRefs :: (List1 AnyURI) -> AuthnContextRefs
AuthnContextDeclRefs :: (List1 AnyURI) -> AuthnContextRefs
data AuthnContextComparisonType
ComparisonExact :: AuthnContextComparisonType
ComparisonMinimum :: AuthnContextComparisonType
ComparisonMaximum :: AuthnContextComparisonType
ComparisonBetter :: AuthnContextComparisonType

-- | §3.3.2.3
data AttributeQuery
AttributeQuery :: !SubjectQueryAbstractType -> [Attribute] -> AttributeQuery
[attributeQuery] :: AttributeQuery -> !SubjectQueryAbstractType
[attributeQueryAttributes] :: AttributeQuery -> [Attribute]

-- | §3.3.2.4
data AuthzDecisionQuery
AuthzDecisionQuery :: !SubjectQueryAbstractType -> AnyURI -> [Action] -> Evidence -> AuthzDecisionQuery
[authzDecisionQuery] :: AuthzDecisionQuery -> !SubjectQueryAbstractType
[authzDecisionQueryResource] :: AuthzDecisionQuery -> AnyURI
[authzDecisionQueryActions] :: AuthzDecisionQuery -> [Action]
[authzDecisionQueryEvidence] :: AuthzDecisionQuery -> Evidence

-- | §3.3.3
data Response
Response :: !StatusResponseType -> [PossiblyEncrypted Assertion] -> Response
[response] :: Response -> !StatusResponseType
[responseAssertions] :: Response -> [PossiblyEncrypted Assertion]

-- | §3.4.1
data AuthnRequest
AuthnRequest :: !RequestAbstractType -> Boolean -> Boolean -> AssertionConsumerService -> Maybe UnsignedShort -> Maybe XString -> Maybe Subject -> Maybe NameIDPolicy -> Maybe Conditions -> Maybe RequestedAuthnContext -> Maybe Scoping -> AuthnRequest
[authnRequest] :: AuthnRequest -> !RequestAbstractType
[authnRequestForceAuthn] :: AuthnRequest -> Boolean
[authnRequestIsPassive] :: AuthnRequest -> Boolean
[authnRequestAssertionConsumerService] :: AuthnRequest -> AssertionConsumerService
[authnRequestAssertionConsumingServiceIndex] :: AuthnRequest -> Maybe UnsignedShort
[authnRequestProviderName] :: AuthnRequest -> Maybe XString
[authnRequestSubject] :: AuthnRequest -> Maybe Subject
[authnRequestNameIDPolicy] :: AuthnRequest -> Maybe NameIDPolicy
[authnRequestConditions] :: AuthnRequest -> Maybe Conditions
[authnRequestRequestedAuthnContext] :: AuthnRequest -> Maybe RequestedAuthnContext
[authnRequestScoping] :: AuthnRequest -> Maybe Scoping
data AssertionConsumerService
AssertionConsumerServiceIndex :: UnsignedShort -> AssertionConsumerService
AssertionConsumerServiceURL :: Maybe AnyURI -> Maybe (IdentifiedURI Binding) -> AssertionConsumerService
[authnRequestAssertionConsumerServiceURL] :: AssertionConsumerService -> Maybe AnyURI
[authnRequestProtocolBinding] :: AssertionConsumerService -> Maybe (IdentifiedURI Binding)

-- | §3.4.1.1
data NameIDPolicy
NameIDPolicy :: IdentifiedURI NameIDFormat -> Maybe XString -> Bool -> NameIDPolicy
[nameIDPolicyFormat] :: NameIDPolicy -> IdentifiedURI NameIDFormat
[nameIDPolicySPNameQualifier] :: NameIDPolicy -> Maybe XString
[nameIDPolicyAllowCreate] :: NameIDPolicy -> Bool

-- | §3.4.1.2
data Scoping
Scoping :: Maybe NonNegativeInteger -> Maybe IDPList -> [AnyURI] -> Scoping
[scopingProxyCount] :: Scoping -> Maybe NonNegativeInteger
[scopingIDPList] :: Scoping -> Maybe IDPList
[scopingRequesterID] :: Scoping -> [AnyURI]

-- | §3.4.1.3
data IDPList
IDPList :: List1 IDPEntry -> Maybe AnyURI -> IDPList
[idpList] :: IDPList -> List1 IDPEntry
[idpGetComplete] :: IDPList -> Maybe AnyURI

-- | §3.4.1.3.1
data IDPEntry
IDPEntry :: AnyURI -> Maybe XString -> Maybe AnyURI -> IDPEntry
[idpEntryProviderID] :: IDPEntry -> AnyURI
[idpEntryName] :: IDPEntry -> Maybe XString
[idpEntryLoc] :: IDPEntry -> Maybe AnyURI

-- | §3.5.1
data ArtifactResolve
ArtifactResolve :: !RequestAbstractType -> XString -> ArtifactResolve
[artifactResolve] :: ArtifactResolve -> !RequestAbstractType
[artifactResolveArtifact] :: ArtifactResolve -> XString

-- | §3.5.2
data ArtifactResponse
ArtifactResponse :: !StatusResponseType -> Maybe Node -> ArtifactResponse
[artifactResponse] :: ArtifactResponse -> !StatusResponseType
[artifactResponseMessage] :: ArtifactResponse -> Maybe Node

-- | §3.6.1
data ManageNameIDRequest
ManageNameIDRequest :: !RequestAbstractType -> PossiblyEncrypted NameID -> Maybe (PossiblyEncrypted NewID) -> ManageNameIDRequest
[manageNameIDRequest] :: ManageNameIDRequest -> !RequestAbstractType
[manageNameIDRequestNameID] :: ManageNameIDRequest -> PossiblyEncrypted NameID
[manageNameIDRequestNewID] :: ManageNameIDRequest -> Maybe (PossiblyEncrypted NewID)
newtype NewID
NewID :: XString -> NewID
[newID] :: NewID -> XString
type NewEncryptedID = EncryptedElement NewID

-- | §3.6.2
newtype ManageNameIDResponse
ManageNameIDResponse :: StatusResponseType -> ManageNameIDResponse
[manageNameIDResponse] :: ManageNameIDResponse -> StatusResponseType

-- | §3.7.1
data LogoutRequest
LogoutRequest :: !RequestAbstractType -> Maybe (Identified XString LogoutReason) -> Maybe DateTime -> PossiblyEncrypted Identifier -> Maybe XString -> LogoutRequest
[logoutRequest] :: LogoutRequest -> !RequestAbstractType
[logoutRequestReason] :: LogoutRequest -> Maybe (Identified XString LogoutReason)
[logoutRequestNotOnOrAfter] :: LogoutRequest -> Maybe DateTime
[logoutRequestIdentifier] :: LogoutRequest -> PossiblyEncrypted Identifier
[logoutRequestSessionIndex] :: LogoutRequest -> Maybe XString

-- | §3.7.2
newtype LogoutResponse
LogoutResponse :: StatusResponseType -> LogoutResponse
[logoutResponse] :: LogoutResponse -> StatusResponseType

-- | §3.7.3
data LogoutReason
LogoutReasonUser :: LogoutReason
LogoutReasonAdmin :: LogoutReason

-- | §3.8.1
data NameIDMappingRequest
NameIDMappingRequest :: !RequestAbstractType -> PossiblyEncrypted Identifier -> NameIDPolicy -> NameIDMappingRequest
[nameIDMappingRequest] :: NameIDMappingRequest -> !RequestAbstractType
[nameIDMappingRequestIdentifier] :: NameIDMappingRequest -> PossiblyEncrypted Identifier
[nameIDMappingRequestPolicy] :: NameIDMappingRequest -> NameIDPolicy

-- | §3.8.2
data NameIDMappingResponse
NameIDMappingResponse :: !StatusResponseType -> PossiblyEncrypted NameID -> NameIDMappingResponse
[nameIDMappingResponse] :: NameIDMappingResponse -> !StatusResponseType
[nameIDMappingResponseNameID] :: NameIDMappingResponse -> PossiblyEncrypted NameID
data AnyRequest
RequestAssertionIDRequest :: !AssertionIDRequest -> AnyRequest
RequestAuthnQuery :: !AuthnQuery -> AnyRequest
RequestAttributeQuery :: !AttributeQuery -> AnyRequest
RequestAuthzDecisionQuery :: !AuthzDecisionQuery -> AnyRequest
RequestAuthnRequest :: !AuthnRequest -> AnyRequest
RequestArtifactResolve :: !ArtifactResolve -> AnyRequest
RequestManageNameIDRequest :: !ManageNameIDRequest -> AnyRequest
RequestLogoutRequest :: !LogoutRequest -> AnyRequest
RequestNameIDMappingRequest :: !NameIDMappingRequest -> AnyRequest
data AnyResponse
ResponseResponse :: !Response -> AnyResponse
ResponseArtifactResponse :: !ArtifactResponse -> AnyResponse
data AnyProtocol
ProtocolRequest :: !AnyRequest -> AnyProtocol
ProtocolResponse :: !AnyResponse -> AnyProtocol
instance GHC.Show.Show SAML2.Core.Protocols.AnyProtocol
instance GHC.Classes.Eq SAML2.Core.Protocols.AnyProtocol
instance GHC.Show.Show SAML2.Core.Protocols.AnyResponse
instance GHC.Classes.Eq SAML2.Core.Protocols.AnyResponse
instance GHC.Show.Show SAML2.Core.Protocols.AnyRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.AnyRequest
instance GHC.Show.Show SAML2.Core.Protocols.NameIDMappingResponse
instance GHC.Classes.Eq SAML2.Core.Protocols.NameIDMappingResponse
instance GHC.Show.Show SAML2.Core.Protocols.NameIDMappingRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.NameIDMappingRequest
instance GHC.Show.Show SAML2.Core.Protocols.LogoutRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.LogoutRequest
instance GHC.Show.Show SAML2.Core.Protocols.LogoutReason
instance GHC.Enum.Bounded SAML2.Core.Protocols.LogoutReason
instance GHC.Enum.Enum SAML2.Core.Protocols.LogoutReason
instance GHC.Classes.Eq SAML2.Core.Protocols.LogoutReason
instance GHC.Show.Show SAML2.Core.Protocols.LogoutResponse
instance GHC.Classes.Eq SAML2.Core.Protocols.LogoutResponse
instance GHC.Show.Show SAML2.Core.Protocols.ManageNameIDResponse
instance GHC.Classes.Eq SAML2.Core.Protocols.ManageNameIDResponse
instance GHC.Show.Show SAML2.Core.Protocols.ManageNameIDRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.ManageNameIDRequest
instance GHC.Show.Show SAML2.Core.Protocols.NewID
instance GHC.Classes.Eq SAML2.Core.Protocols.NewID
instance GHC.Show.Show SAML2.Core.Protocols.ArtifactResponse
instance GHC.Classes.Eq SAML2.Core.Protocols.ArtifactResponse
instance GHC.Show.Show SAML2.Core.Protocols.ArtifactResolve
instance GHC.Classes.Eq SAML2.Core.Protocols.ArtifactResolve
instance GHC.Show.Show SAML2.Core.Protocols.AuthnRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.AuthnRequest
instance GHC.Show.Show SAML2.Core.Protocols.Scoping
instance GHC.Classes.Eq SAML2.Core.Protocols.Scoping
instance GHC.Show.Show SAML2.Core.Protocols.IDPList
instance GHC.Classes.Eq SAML2.Core.Protocols.IDPList
instance GHC.Show.Show SAML2.Core.Protocols.IDPEntry
instance GHC.Classes.Eq SAML2.Core.Protocols.IDPEntry
instance GHC.Show.Show SAML2.Core.Protocols.NameIDPolicy
instance GHC.Classes.Eq SAML2.Core.Protocols.NameIDPolicy
instance GHC.Show.Show SAML2.Core.Protocols.AssertionConsumerService
instance GHC.Classes.Eq SAML2.Core.Protocols.AssertionConsumerService
instance GHC.Show.Show SAML2.Core.Protocols.Response
instance GHC.Classes.Eq SAML2.Core.Protocols.Response
instance GHC.Show.Show SAML2.Core.Protocols.AuthzDecisionQuery
instance GHC.Classes.Eq SAML2.Core.Protocols.AuthzDecisionQuery
instance GHC.Show.Show SAML2.Core.Protocols.AttributeQuery
instance GHC.Classes.Eq SAML2.Core.Protocols.AttributeQuery
instance GHC.Show.Show SAML2.Core.Protocols.AuthnQuery
instance GHC.Classes.Eq SAML2.Core.Protocols.AuthnQuery
instance GHC.Show.Show SAML2.Core.Protocols.RequestedAuthnContext
instance GHC.Classes.Eq SAML2.Core.Protocols.RequestedAuthnContext
instance GHC.Show.Show SAML2.Core.Protocols.AuthnContextComparisonType
instance GHC.Enum.Bounded SAML2.Core.Protocols.AuthnContextComparisonType
instance GHC.Enum.Enum SAML2.Core.Protocols.AuthnContextComparisonType
instance GHC.Classes.Eq SAML2.Core.Protocols.AuthnContextComparisonType
instance GHC.Show.Show SAML2.Core.Protocols.AuthnContextRefs
instance GHC.Classes.Eq SAML2.Core.Protocols.AuthnContextRefs
instance GHC.Show.Show SAML2.Core.Protocols.SubjectQueryAbstractType
instance GHC.Classes.Eq SAML2.Core.Protocols.SubjectQueryAbstractType
instance GHC.Show.Show SAML2.Core.Protocols.AssertionIDRequest
instance GHC.Classes.Eq SAML2.Core.Protocols.AssertionIDRequest
instance GHC.Show.Show SAML2.Core.Protocols.StatusResponseType
instance GHC.Classes.Eq SAML2.Core.Protocols.StatusResponseType
instance GHC.Show.Show SAML2.Core.Protocols.Status
instance GHC.Classes.Eq SAML2.Core.Protocols.Status
instance GHC.Show.Show SAML2.Core.Protocols.StatusCode
instance GHC.Classes.Eq SAML2.Core.Protocols.StatusCode
instance GHC.Show.Show SAML2.Core.Protocols.StatusCode2
instance GHC.Enum.Enum SAML2.Core.Protocols.StatusCode2
instance GHC.Enum.Bounded SAML2.Core.Protocols.StatusCode2
instance GHC.Classes.Eq SAML2.Core.Protocols.StatusCode2
instance GHC.Show.Show SAML2.Core.Protocols.StatusCode1
instance GHC.Enum.Enum SAML2.Core.Protocols.StatusCode1
instance GHC.Enum.Bounded SAML2.Core.Protocols.StatusCode1
instance GHC.Classes.Eq SAML2.Core.Protocols.StatusCode1
instance GHC.Show.Show SAML2.Core.Protocols.RequestAbstractType
instance GHC.Classes.Eq SAML2.Core.Protocols.RequestAbstractType
instance GHC.Show.Show SAML2.Core.Protocols.ProtocolType
instance GHC.Classes.Eq SAML2.Core.Protocols.ProtocolType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AnyProtocol
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AnyProtocol
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AnyProtocol
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AnyResponse
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AnyResponse
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AnyResponse
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.AnyResponse
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AnyRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AnyRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AnyRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AnyRequest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.NameIDMappingResponse
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.NameIDMappingResponse
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.NameIDMappingResponse
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.NameIDMappingResponse
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.NameIDMappingRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.NameIDMappingRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.NameIDMappingRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.NameIDMappingRequest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.LogoutRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.LogoutRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.LogoutRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.LogoutRequest
instance SAML2.XML.Identifiable SAML2.Core.Datatypes.XString SAML2.Core.Protocols.LogoutReason
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler (SAML2.XML.Identified SAML2.Core.Datatypes.XString SAML2.Core.Protocols.LogoutReason)
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.LogoutResponse
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.LogoutResponse
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.LogoutResponse
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.LogoutResponse
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.ManageNameIDResponse
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.ManageNameIDResponse
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.ManageNameIDResponse
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.ManageNameIDResponse
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.NewEncryptedID
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.ManageNameIDRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.ManageNameIDRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.ManageNameIDRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.ManageNameIDRequest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.NewID
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.ArtifactResponse
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.ArtifactResponse
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.ArtifactResponse
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.ArtifactResponse
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.ArtifactResolve
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.ArtifactResolve
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.ArtifactResolve
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.ArtifactResolve
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AuthnRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AuthnRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AuthnRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AuthnRequest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.Scoping
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.IDPList
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.IDPEntry
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.NameIDPolicy
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.Response
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.Response
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.Response
instance SAML2.Core.Protocols.SAMLResponse SAML2.Core.Protocols.Response
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AuthzDecisionQuery
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AuthzDecisionQuery
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AuthzDecisionQuery
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AuthzDecisionQuery
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AttributeQuery
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AttributeQuery
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AttributeQuery
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AttributeQuery
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AuthnQuery
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AuthnQuery
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AuthnQuery
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AuthnQuery
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.RequestedAuthnContext
instance SAML2.XML.Identifiable SAML2.Core.Datatypes.XString SAML2.Core.Protocols.AuthnContextComparisonType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AuthnContextComparisonType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AuthnContextRefs
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.SubjectQueryAbstractType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.AssertionIDRequest
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.AssertionIDRequest
instance SAML2.Core.Protocols.SAMLProtocol SAML2.Core.Protocols.AssertionIDRequest
instance SAML2.Core.Protocols.SAMLRequest SAML2.Core.Protocols.AssertionIDRequest
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.StatusResponseType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.Status
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.StatusCode
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Protocols.StatusCode2
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Core.Protocols.StatusCode1
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.StatusCode1
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.RequestAbstractType
instance Text.XML.HXT.Arrow.Pickle.Xml.XmlPickler SAML2.Core.Protocols.ProtocolType
instance SAML2.XML.Signature.Types.Signable SAML2.Core.Protocols.ProtocolType


-- | SAML and XML Signature Syntax and Processing
--   
--   <a>saml-core-2.0-os</a> §5
module SAML2.Core.Signature
signSAMLProtocol :: SAMLProtocol a => SigningKey -> a -> IO a
verifySAMLProtocol :: SAMLProtocol a => ByteString -> IO a


-- | Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0
--   
--   <a>saml-bindings-2.0-os</a>
module SAML2.Bindings


-- | HTTP Redirect Binding
--   
--   <a>saml-bindings-2.0-os</a> §3.4
module SAML2.Bindings.HTTPRedirect
encodeQuery :: SAMLProtocol a => Maybe SigningKey -> a -> IO Query
encodeHeaders :: SAMLProtocol a => Maybe SigningKey -> a -> IO ResponseHeaders
decodeURI :: forall a. SAMLProtocol a => PublicKeys -> URI -> IO a
instance GHC.Show.Show SAML2.Bindings.HTTPRedirect.Encoding
instance GHC.Enum.Enum SAML2.Bindings.HTTPRedirect.Encoding
instance GHC.Enum.Bounded SAML2.Bindings.HTTPRedirect.Encoding
instance GHC.Classes.Eq SAML2.Bindings.HTTPRedirect.Encoding
instance SAML2.XML.Identifiable Network.URI.URI SAML2.Bindings.HTTPRedirect.Encoding


-- | HTTP POST Binding
--   
--   <a>saml-bindings-2.0-os</a> §3.5
module SAML2.Bindings.HTTPPOST
encodeValue :: SAMLProtocol a => a -> ByteString
encodeForm :: SAMLProtocol a => a -> [(ByteString, ByteString)]
decodeValue :: SAMLProtocol a => Bool -> ByteString -> IO a
decodeForm :: forall a. (SAMLProtocol a) => Bool -> (ByteString -> Maybe ByteString) -> IO a


-- | Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0
--   
--   <a>saml-metadata-2.0-os</a>
module SAML2.Metadata
nsMD :: Namespace

-- | §2.2.1
type EntityID = AnyURI

-- | §2.2.2
data Endpoint
Endpoint :: IdentifiedURI Binding -> AnyURI -> Maybe AnyURI -> Nodes -> Nodes -> Endpoint
[endpointBinding] :: Endpoint -> IdentifiedURI Binding
[endpointLocation] :: Endpoint -> AnyURI
[endpointResponseLocation] :: Endpoint -> Maybe AnyURI
[endpointAttrs] :: Endpoint -> Nodes
[endpointXML] :: Endpoint -> Nodes

-- | §2.2.3
data IndexedEndpoint
IndexedEndpoint :: Endpoint -> UnsignedShort -> Boolean -> IndexedEndpoint
[indexedEndpoint] :: IndexedEndpoint -> Endpoint
[indexedEndpointIndex] :: IndexedEndpoint -> UnsignedShort
[indexedEndpointIsDefault] :: IndexedEndpoint -> Boolean
data Localized a
Localized :: Language -> a -> Localized a
[localizedLang] :: Localized a -> Language
[localized] :: Localized a -> a

-- | §2.2.4
type LocalizedName = Localized String

-- | §2.2.5
type LocalizedURI = Localized AnyURI
data Metadata

-- | §2.3.2
EntityDescriptor :: EntityID -> Maybe ID -> Maybe DateTime -> Maybe Duration -> Nodes -> Maybe Signature -> Extensions -> Descriptors -> Maybe Organization -> [Contact] -> [AdditionalMetadataLocation] -> Metadata
[entityID] :: Metadata -> EntityID
[metadataID] :: Metadata -> Maybe ID
[metadataValidUntil] :: Metadata -> Maybe DateTime
[metadataCacheDuration] :: Metadata -> Maybe Duration
[entityAttrs] :: Metadata -> Nodes
[metadataSignature] :: Metadata -> Maybe Signature
[metadataExtensions] :: Metadata -> Extensions
[entityDescriptors] :: Metadata -> Descriptors
[entityOrganization] :: Metadata -> Maybe Organization
[entityContactPerson] :: Metadata -> [Contact]
[entityAditionalMetadataLocation] :: Metadata -> [AdditionalMetadataLocation]

-- | §2.3.1
EntitiesDescriptor :: Maybe ID -> Maybe DateTime -> Maybe Duration -> Maybe String -> Maybe Signature -> Extensions -> List1 Metadata -> Metadata
[metadataID] :: Metadata -> Maybe ID
[metadataValidUntil] :: Metadata -> Maybe DateTime
[metadataCacheDuration] :: Metadata -> Maybe Duration
[entitiesName] :: Metadata -> Maybe String
[metadataSignature] :: Metadata -> Maybe Signature
[metadataExtensions] :: Metadata -> Extensions
[entities] :: Metadata -> List1 Metadata

-- | §2.3.1 empty list means missing
newtype Extensions
Extensions :: Nodes -> Extensions
[extensions] :: Extensions -> Nodes
data Descriptors
Descriptors :: List1 Descriptor -> Descriptors
[descriptors] :: Descriptors -> List1 Descriptor

-- | §2.5
AffiliationDescriptor :: EntityID -> Maybe ID -> Maybe DateTime -> Maybe Duration -> Nodes -> Maybe Signature -> Extensions -> List1 EntityID -> [KeyDescriptor] -> Descriptors
[affiliationDescriptorAffiliationOwnerID] :: Descriptors -> EntityID
[affiliationDescriptorID] :: Descriptors -> Maybe ID
[affiliationDescriptorValidUntil] :: Descriptors -> Maybe DateTime
[affiliationDescriptorCacheDuration] :: Descriptors -> Maybe Duration
[affiliationDescriptorAttrs] :: Descriptors -> Nodes
[affiliationDescriptorSignature] :: Descriptors -> Maybe Signature
[affiliationDescriptorExtensions] :: Descriptors -> Extensions
[affiliationDescriptorAffiliateMember] :: Descriptors -> List1 EntityID
[affiliationDescriptorKeyDescriptor] :: Descriptors -> [KeyDescriptor]
data Descriptor

-- | §2.4.1
Descriptor :: !RoleDescriptor -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor

-- | §2.4.3
IDPSSODescriptor :: !RoleDescriptor -> !SSODescriptor -> Boolean -> List1 Endpoint -> [Endpoint] -> [Endpoint] -> [AnyURI] -> [Attribute] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorSSO] :: Descriptor -> !SSODescriptor
[descriptorWantAuthnRequestsSigned] :: Descriptor -> Boolean
[descriptorSingleSignOnService] :: Descriptor -> List1 Endpoint
[descriptorNameIDMappingService] :: Descriptor -> [Endpoint]
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorAttributeProfile] :: Descriptor -> [AnyURI]
[descriptorAttribute] :: Descriptor -> [Attribute]

-- | §2.4.4
SPSSODescriptor :: !RoleDescriptor -> !SSODescriptor -> Boolean -> Boolean -> List1 IndexedEndpoint -> [AttributeConsumingService] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorSSO] :: Descriptor -> !SSODescriptor
[descriptorAuthnRequestsSigned] :: Descriptor -> Boolean
[descriptorWantAssertionsSigned] :: Descriptor -> Boolean
[descriptorAssertionConsumerService] :: Descriptor -> List1 IndexedEndpoint
[descriptorAttributeConsumingService] :: Descriptor -> [AttributeConsumingService]

-- | §2.4.5
AuthnAuthorityDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAuthnQueryService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]

-- | §2.4.7
AttributeAuthorityDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> [AnyURI] -> [Attribute] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAttributeService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]
[descriptorAttributeProfile] :: Descriptor -> [AnyURI]
[descriptorAttribute] :: Descriptor -> [Attribute]

-- | §2.4.6
PDPDescriptor :: !RoleDescriptor -> List1 Endpoint -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> Descriptor
[descriptorRole] :: Descriptor -> !RoleDescriptor
[descriptorAuthzService] :: Descriptor -> List1 Endpoint
[descriptorAssertionIDRequestService] :: Descriptor -> [Endpoint]
[descriptorNameIDFormat] :: Descriptor -> [IdentifiedURI NameIDFormat]

-- | §2.3.2.1
data Organization
Organization :: Nodes -> Extensions -> List1 LocalizedName -> List1 LocalizedName -> List1 LocalizedURI -> Organization
[organizationAttrs] :: Organization -> Nodes
[organizationExtensions] :: Organization -> Extensions
[organizationName] :: Organization -> List1 LocalizedName
[organizationDisplayName] :: Organization -> List1 LocalizedName
[organizationURL] :: Organization -> List1 LocalizedURI

-- | §2.3.2.2
data Contact
ContactPerson :: ContactType -> Nodes -> Extensions -> Maybe String -> Maybe String -> Maybe String -> [AnyURI] -> [String] -> Contact
[contactType] :: Contact -> ContactType
[contactAttrs] :: Contact -> Nodes
[contactExtensions] :: Contact -> Extensions
[contactCompany] :: Contact -> Maybe String
[contactGivenName] :: Contact -> Maybe String
[contactSurName] :: Contact -> Maybe String
[contactEmailAddress] :: Contact -> [AnyURI]
[contactTelephoneNumber] :: Contact -> [String]
data ContactType
ContactTypeTechnical :: ContactType
ContactTypeSupport :: ContactType
ContactTypeAdministrative :: ContactType
ContactTypeBilling :: ContactType
ContactTypeOther :: ContactType

-- | §2.3.2.3
data AdditionalMetadataLocation
AdditionalMetadataLocation :: AnyURI -> AnyURI -> AdditionalMetadataLocation
[additionalMetadataLocationNamespace] :: AdditionalMetadataLocation -> AnyURI
[additionalMetadataLocation] :: AdditionalMetadataLocation -> AnyURI

-- | §2.4.1
data RoleDescriptor
RoleDescriptor :: Maybe ID -> Maybe DateTime -> Maybe Duration -> [AnyURI] -> Maybe AnyURI -> Nodes -> Maybe Signature -> Extensions -> [KeyDescriptor] -> Maybe Organization -> [Contact] -> RoleDescriptor
[roleDescriptorID] :: RoleDescriptor -> Maybe ID
[roleDescriptorValidUntil] :: RoleDescriptor -> Maybe DateTime
[roleDescriptorCacheDuration] :: RoleDescriptor -> Maybe Duration
[roleDescriptorProtocolSupportEnumeration] :: RoleDescriptor -> [AnyURI]
[roleDescriptorErrorURL] :: RoleDescriptor -> Maybe AnyURI
[roleDescriptorAttrs] :: RoleDescriptor -> Nodes
[roleDescriptorSignature] :: RoleDescriptor -> Maybe Signature
[roleDescriptorExtensions] :: RoleDescriptor -> Extensions
[roleDescriptorKeyDescriptor] :: RoleDescriptor -> [KeyDescriptor]
[roleDescriptorOrganization] :: RoleDescriptor -> Maybe Organization
[roleDescriptorContactPerson] :: RoleDescriptor -> [Contact]

-- | §2.4.1.1
data KeyDescriptor
KeyDescriptor :: KeyTypes -> KeyInfo -> [EncryptionMethod] -> KeyDescriptor
[keyDescriptorUse] :: KeyDescriptor -> KeyTypes
[keyDescriptorKeyInfo] :: KeyDescriptor -> KeyInfo
[keyDescriptorEncryptionMethod] :: KeyDescriptor -> [EncryptionMethod]
data KeyTypes
KeyTypeSigning :: KeyTypes
KeyTypeEncryption :: KeyTypes
KeyTypeBoth :: KeyTypes

-- | §2.4.2
data SSODescriptor
SSODescriptor :: [IndexedEndpoint] -> [Endpoint] -> [Endpoint] -> [IdentifiedURI NameIDFormat] -> SSODescriptor
[ssoDescriptorArtifactResolutionService] :: SSODescriptor -> [IndexedEndpoint]
[ssoDescriptorSingleLogoutService] :: SSODescriptor -> [Endpoint]
[ssoDescriptorManageNameIDService] :: SSODescriptor -> [Endpoint]
[ssoDescriptorNameIDFormat] :: SSODescriptor -> [IdentifiedURI NameIDFormat]

-- | §2.4.4.1
data AttributeConsumingService
AttributeConsumingService :: UnsignedShort -> Bool -> List1 LocalizedName -> [LocalizedName] -> List1 RequestedAttribute -> AttributeConsumingService
[attributeConsumingServiceIndex] :: AttributeConsumingService -> UnsignedShort
[attributeConsumingServiceIsDefault] :: AttributeConsumingService -> Bool
[attributeConsumingServiceServiceName] :: AttributeConsumingService -> List1 LocalizedName
[attributeConsumingServiceServiceDescription] :: AttributeConsumingService -> [LocalizedName]
[attributeConsumingServiceRequestedAttribute] :: AttributeConsumingService -> List1 RequestedAttribute

-- | §2.4.4.1.1
data RequestedAttribute
RequestedAttribute :: !Attribute -> Bool -> RequestedAttribute
[requestedAttribute] :: RequestedAttribute -> !Attribute
[requestedAttributeIsRequired] :: RequestedAttribute -> Bool


-- | Assertions and Protocols for the OASIS Security Assertion Markup
--   Language (SAML) V2.0
--   
--   <a>saml-core-2.0-os</a>
module SAML2.Core
samlURN :: SAMLVersion -> [String] -> URI

-- | §1.3.1
type XString = String

-- | §1.3.2
type AnyURI = AnyURI

-- | §1.3.3
type DateTime = DateTime

-- | §1.3.4
type ID = ID

-- | §1.3.4
type NCName = NCName
ns :: Namespace

-- | §2.2.1
data BaseID id
BaseID :: Maybe XString -> Maybe XString -> !id -> BaseID id
[baseNameQualifier] :: BaseID id -> Maybe XString
[baseSPNameQualifier] :: BaseID id -> Maybe XString
[baseID] :: BaseID id -> !id

-- | §2.2.3
data NameID
NameID :: BaseID XString -> IdentifiedURI NameIDFormat -> Maybe XString -> NameID
[nameBaseID] :: NameID -> BaseID XString
[nameIDFormat] :: NameID -> IdentifiedURI NameIDFormat
[nameSPProvidedID] :: NameID -> Maybe XString
simpleNameID :: NameIDFormat -> XString -> NameID
type EncryptedNameID = EncryptedElement NameID
data Identifier
IdentifierName :: NameID -> Identifier
IdentifierBase :: (BaseID Nodes) -> Identifier

-- | §2.2.4
type EncryptedID = EncryptedElement Identifier
data EncryptedElement a
EncryptedElement :: EncryptedData -> [EncryptedKey] -> EncryptedElement a
[encryptedData] :: EncryptedElement a -> EncryptedData
[encryptedKey] :: EncryptedElement a -> [EncryptedKey]
data PossiblyEncrypted a
NotEncrypted :: !a -> PossiblyEncrypted a
SoEncrypted :: (EncryptedElement a) -> PossiblyEncrypted a
data AssertionRef
AssertionRefID :: AssertionIDRef -> AssertionRef

-- | §2.3.2
AssertionURIRef :: AnyURI -> AssertionRef
AssertionRef :: (PossiblyEncrypted Assertion) -> AssertionRef

-- | §2.2.5
newtype Issuer
Issuer :: NameID -> Issuer
[issuer] :: Issuer -> NameID

-- | §2.3.1
newtype AssertionIDRef
AssertionIDRef :: ID -> AssertionIDRef
[assertionIDRef] :: AssertionIDRef -> ID

-- | §2.3.3
data Assertion
Assertion :: SAMLVersion -> ID -> DateTime -> Issuer -> Maybe Signature -> Subject -> Maybe Conditions -> Maybe Advice -> [Statement] -> Assertion
[assertionVersion] :: Assertion -> SAMLVersion
[assertionID] :: Assertion -> ID
[assertionIssueInstant] :: Assertion -> DateTime
[assertionIssuer] :: Assertion -> Issuer
[assertionSignature] :: Assertion -> Maybe Signature

-- | use <a>noSubject</a> to omit
[assertionSubject] :: Assertion -> Subject
[assertionConditions] :: Assertion -> Maybe Conditions
[assertionAdvice] :: Assertion -> Maybe Advice
[assertionStatement] :: Assertion -> [Statement]

-- | §2.3.4
type EncryptedAssertion = EncryptedElement Assertion

-- | §2.4.1
data Subject
Subject :: Maybe (PossiblyEncrypted Identifier) -> [SubjectConfirmation] -> Subject
[subjectIdentifier] :: Subject -> Maybe (PossiblyEncrypted Identifier)
[subjectConfirmation] :: Subject -> [SubjectConfirmation]
noSubject :: Subject

-- | §2.4.1.1
data SubjectConfirmation
SubjectConfirmation :: IdentifiedURI ConfirmationMethod -> Maybe (PossiblyEncrypted Identifier) -> Maybe SubjectConfirmationData -> SubjectConfirmation
[subjectConfirmationMethod] :: SubjectConfirmation -> IdentifiedURI ConfirmationMethod
[subjectConfirmationIdentifier] :: SubjectConfirmation -> Maybe (PossiblyEncrypted Identifier)
[subjectConfirmationData] :: SubjectConfirmation -> Maybe SubjectConfirmationData

-- | §2.4.1.2
data SubjectConfirmationData
SubjectConfirmationData :: Maybe DateTime -> Maybe AnyURI -> Maybe ID -> Maybe IP -> [KeyInfo] -> Nodes -> SubjectConfirmationData
[subjectConfirmationNotBefore, subjectConfirmationNotOnOrAfter] :: SubjectConfirmationData -> Maybe DateTime
[subjectConfirmationRecipient] :: SubjectConfirmationData -> Maybe AnyURI
[subjectConfirmationInResponseTo] :: SubjectConfirmationData -> Maybe ID
[subjectConfirmationAddress] :: SubjectConfirmationData -> Maybe IP
[subjectConfirmationKeyInfo] :: SubjectConfirmationData -> [KeyInfo]

-- | anything
[subjectConfirmationXML] :: SubjectConfirmationData -> Nodes

-- | §2.5.1
data Conditions
Conditions :: Maybe DateTime -> [Condition] -> Conditions
[conditionsNotBefore, conditionsNotOnOrAfter] :: Conditions -> Maybe DateTime
[conditions] :: Conditions -> [Condition]
data Condition

-- | §2.5.1.3
Condition :: Node -> Condition

-- | §2.5.1.4
AudienceRestriction :: (List1 Audience) -> Condition

-- | §2.5.1.5
OneTimeUse :: Condition

-- | §2.5.1.6
ProxyRestriction :: Maybe NonNegativeInteger -> [Audience] -> Condition
[proxyRestrictionCount] :: Condition -> Maybe NonNegativeInteger
[proxyRestrictionAudience] :: Condition -> [Audience]

-- | §2.5.1.4
newtype Audience
Audience :: AnyURI -> Audience
[audience] :: Audience -> AnyURI

-- | §2.6.1
type Advice = [AdviceElement]
data AdviceElement
AdviceAssertion :: AssertionRef -> AdviceElement
Advice :: Node -> AdviceElement

-- | §2.7.1
data Statement
StatementAuthn :: AuthnStatement -> Statement
StatementAttribute :: AttributeStatement -> Statement
StatementAuthzDecision :: AuthzDecisionStatement -> Statement
Statement :: Node -> Statement

-- | §2.7.2
data AuthnStatement
AuthnStatement :: DateTime -> Maybe XString -> Maybe DateTime -> Maybe SubjectLocality -> AuthnContext -> AuthnStatement
[authnStatementInstant] :: AuthnStatement -> DateTime
[authnStatementSessionIndex] :: AuthnStatement -> Maybe XString
[authnStatementSessionNotOnOrAfter] :: AuthnStatement -> Maybe DateTime
[authnStatementSubjectLocality] :: AuthnStatement -> Maybe SubjectLocality
[authnStatementContext] :: AuthnStatement -> AuthnContext

-- | §2.7.2.1
data SubjectLocality
SubjectLocality :: Maybe IP -> Maybe XString -> SubjectLocality
[subjectLocalityAddress] :: SubjectLocality -> Maybe IP
[subjectLocalityDNSName] :: SubjectLocality -> Maybe XString

-- | §2.7.2.2
data AuthnContext
AuthnContext :: Maybe AnyURI -> Maybe AuthnContextDecl -> [AnyURI] -> AuthnContext
[authnContextClassRef] :: AuthnContext -> Maybe AnyURI
[authnContextDecl] :: AuthnContext -> Maybe AuthnContextDecl
[authnContextAuthenticatingAuthority] :: AuthnContext -> [AnyURI]
data AuthnContextDecl
AuthnContextDecl :: Nodes -> AuthnContextDecl
AuthnContextDeclRef :: AnyURI -> AuthnContextDecl

-- | §2.7.3
newtype AttributeStatement
AttributeStatement :: List1 (PossiblyEncrypted Attribute) -> AttributeStatement
[attributeStatement] :: AttributeStatement -> List1 (PossiblyEncrypted Attribute)

-- | §2.7.3.1
data Attribute
Attribute :: XString -> IdentifiedURI AttributeNameFormat -> Maybe XString -> Nodes -> [Nodes] -> Attribute
[attributeName] :: Attribute -> XString
[attributeNameFormat] :: Attribute -> IdentifiedURI AttributeNameFormat
[attributeFriendlyName] :: Attribute -> Maybe XString
[attributeAttrs] :: Attribute -> Nodes

-- | §2.7.3.1.1
[attributeValues] :: Attribute -> [Nodes]

-- | §2.7.3.2
type EncryptedAttribute = EncryptedElement Attribute

-- | §2.7.4
data AuthzDecisionStatement
AuthzDecisionStatement :: AnyURI -> DecisionType -> List1 Action -> Evidence -> AuthzDecisionStatement
[authzDecisionStatementResource] :: AuthzDecisionStatement -> AnyURI
[authzDecisionStatementDecision] :: AuthzDecisionStatement -> DecisionType
[authzDecisionStatementAction] :: AuthzDecisionStatement -> List1 Action
[authzDecisionStatementEvidence] :: AuthzDecisionStatement -> Evidence

-- | §2.7.4.1
data DecisionType
DecisionTypePermit :: DecisionType
DecisionTypeDeny :: DecisionType
DecisionTypeIndeterminate :: DecisionType

-- | §2.7.4.2
data Action
Action :: IdentifiedURI ActionNamespace -> XString -> Action
[actionNamespace] :: Action -> IdentifiedURI ActionNamespace
[action] :: Action -> XString

-- | §2.7.4.3
newtype Evidence
Evidence :: [AssertionRef] -> Evidence
[evidence] :: Evidence -> [AssertionRef]
nsP :: Namespace
data ProtocolType
ProtocolType :: ID -> SAMLVersion -> DateTime -> Maybe AnyURI -> IdentifiedURI Consent -> Maybe Issuer -> Maybe Signature -> [Node] -> Maybe RelayState -> ProtocolType
[protocolID] :: ProtocolType -> ID
[protocolVersion] :: ProtocolType -> SAMLVersion
[protocolIssueInstant] :: ProtocolType -> DateTime
[protocolDestination] :: ProtocolType -> Maybe AnyURI
[protocolConsent] :: ProtocolType -> IdentifiedURI Consent
[protocolIssuer] :: ProtocolType -> Maybe Issuer
[protocolSignature] :: ProtocolType -> Maybe Signature
[protocolExtensions] :: ProtocolType -> [Node]

-- | out-of-band data, not part of XML
[relayState] :: ProtocolType -> Maybe RelayState

-- | §3.2.1
newtype RequestAbstractType
RequestAbstractType :: ProtocolType -> RequestAbstractType
[requestProtocol] :: RequestAbstractType -> ProtocolType

-- | §3.2.2
data StatusResponseType
StatusResponseType :: !ProtocolType -> Maybe NCName -> Status -> StatusResponseType
[statusProtocol] :: StatusResponseType -> !ProtocolType
[statusInResponseTo] :: StatusResponseType -> Maybe NCName
[status] :: StatusResponseType -> Status

-- | §3.2.2.1
data Status
Status :: StatusCode -> Maybe XString -> Maybe Nodes -> Status
[statusCode] :: Status -> StatusCode

-- | §3.2.2.3
[statusMessage] :: Status -> Maybe XString

-- | §3.2.2.4
[statusDetail] :: Status -> Maybe Nodes

-- | §3.2.2.2
data StatusCode
StatusCode :: StatusCode1 -> [IdentifiedURI StatusCode2] -> StatusCode
[statusCode1] :: StatusCode -> StatusCode1
[statusCodes] :: StatusCode -> [IdentifiedURI StatusCode2]
data StatusCode1
StatusSuccess :: StatusCode1
StatusRequester :: StatusCode1
StatusResponder :: StatusCode1
StatusVersionMismatch :: StatusCode1
data StatusCode2
StatusAuthnFailed :: StatusCode2
StatusInvalidAttrNameOrValue :: StatusCode2
StatusInvalidNameIDPolicy :: StatusCode2
StatusNoAuthnContext :: StatusCode2
StatusNoAvailableIDP :: StatusCode2
StatusNoPassive :: StatusCode2
StatusNoSupportedIDP :: StatusCode2
StatusPartialLogout :: StatusCode2
StatusProxyCountExceeded :: StatusCode2
StatusRequestDenied :: StatusCode2
StatusRequestUnsupported :: StatusCode2
StatusRequestVersionDeprecated :: StatusCode2
StatusRequestVersionTooHigh :: StatusCode2
StatusRequestVersionTooLow :: StatusCode2
StatusResourceNotRecognized :: StatusCode2
StatusTooManyResponses :: StatusCode2
StatusUnknownAttrProfile :: StatusCode2
StatusUnknownPrincipal :: StatusCode2
StatusUnsupportedBinding :: StatusCode2
successStatus :: Status

-- | §3.3.1
data AssertionIDRequest
AssertionIDRequest :: !RequestAbstractType -> List1 (AssertionIDRef) -> AssertionIDRequest
[assertionIDRequest] :: AssertionIDRequest -> !RequestAbstractType
[assertionIDRequestRef] :: AssertionIDRequest -> List1 (AssertionIDRef)

-- | §3.3.2.1
data SubjectQueryAbstractType
SubjectQueryAbstractType :: !RequestAbstractType -> Subject -> SubjectQueryAbstractType
[subjectQuery] :: SubjectQueryAbstractType -> !RequestAbstractType
[subjectQuerySubject] :: SubjectQueryAbstractType -> Subject

-- | §3.3.2.2
data AuthnQuery
AuthnQuery :: !SubjectQueryAbstractType -> Maybe XString -> Maybe RequestedAuthnContext -> AuthnQuery
[authnQuery] :: AuthnQuery -> !SubjectQueryAbstractType
[authnQuerySessionIndex] :: AuthnQuery -> Maybe XString
[authnQueryRequestedAuthnContext] :: AuthnQuery -> Maybe RequestedAuthnContext

-- | §3.3.2.2.1
data RequestedAuthnContext
RequestedAuthnContext :: Maybe AuthnContextComparisonType -> AuthnContextRefs -> RequestedAuthnContext
[requestedAuthnContextComparison] :: RequestedAuthnContext -> Maybe AuthnContextComparisonType
[requestedAuthnContextRefs] :: RequestedAuthnContext -> AuthnContextRefs
data AuthnContextRefs
AuthnContextClassRefs :: (List1 AnyURI) -> AuthnContextRefs
AuthnContextDeclRefs :: (List1 AnyURI) -> AuthnContextRefs
data AuthnContextComparisonType
ComparisonExact :: AuthnContextComparisonType
ComparisonMinimum :: AuthnContextComparisonType
ComparisonMaximum :: AuthnContextComparisonType
ComparisonBetter :: AuthnContextComparisonType

-- | §3.3.2.3
data AttributeQuery
AttributeQuery :: !SubjectQueryAbstractType -> [Attribute] -> AttributeQuery
[attributeQuery] :: AttributeQuery -> !SubjectQueryAbstractType
[attributeQueryAttributes] :: AttributeQuery -> [Attribute]

-- | §3.3.2.4
data AuthzDecisionQuery
AuthzDecisionQuery :: !SubjectQueryAbstractType -> AnyURI -> [Action] -> Evidence -> AuthzDecisionQuery
[authzDecisionQuery] :: AuthzDecisionQuery -> !SubjectQueryAbstractType
[authzDecisionQueryResource] :: AuthzDecisionQuery -> AnyURI
[authzDecisionQueryActions] :: AuthzDecisionQuery -> [Action]
[authzDecisionQueryEvidence] :: AuthzDecisionQuery -> Evidence

-- | §3.3.3
data Response
Response :: !StatusResponseType -> [PossiblyEncrypted Assertion] -> Response
[response] :: Response -> !StatusResponseType
[responseAssertions] :: Response -> [PossiblyEncrypted Assertion]

-- | §3.4.1
data AuthnRequest
AuthnRequest :: !RequestAbstractType -> Boolean -> Boolean -> AssertionConsumerService -> Maybe UnsignedShort -> Maybe XString -> Maybe Subject -> Maybe NameIDPolicy -> Maybe Conditions -> Maybe RequestedAuthnContext -> Maybe Scoping -> AuthnRequest
[authnRequest] :: AuthnRequest -> !RequestAbstractType
[authnRequestForceAuthn] :: AuthnRequest -> Boolean
[authnRequestIsPassive] :: AuthnRequest -> Boolean
[authnRequestAssertionConsumerService] :: AuthnRequest -> AssertionConsumerService
[authnRequestAssertionConsumingServiceIndex] :: AuthnRequest -> Maybe UnsignedShort
[authnRequestProviderName] :: AuthnRequest -> Maybe XString
[authnRequestSubject] :: AuthnRequest -> Maybe Subject
[authnRequestNameIDPolicy] :: AuthnRequest -> Maybe NameIDPolicy
[authnRequestConditions] :: AuthnRequest -> Maybe Conditions
[authnRequestRequestedAuthnContext] :: AuthnRequest -> Maybe RequestedAuthnContext
[authnRequestScoping] :: AuthnRequest -> Maybe Scoping
data AssertionConsumerService
AssertionConsumerServiceIndex :: UnsignedShort -> AssertionConsumerService
AssertionConsumerServiceURL :: Maybe AnyURI -> Maybe (IdentifiedURI Binding) -> AssertionConsumerService
[authnRequestAssertionConsumerServiceURL] :: AssertionConsumerService -> Maybe AnyURI
[authnRequestProtocolBinding] :: AssertionConsumerService -> Maybe (IdentifiedURI Binding)

-- | §3.4.1.1
data NameIDPolicy
NameIDPolicy :: IdentifiedURI NameIDFormat -> Maybe XString -> Bool -> NameIDPolicy
[nameIDPolicyFormat] :: NameIDPolicy -> IdentifiedURI NameIDFormat
[nameIDPolicySPNameQualifier] :: NameIDPolicy -> Maybe XString
[nameIDPolicyAllowCreate] :: NameIDPolicy -> Bool

-- | §3.4.1.2
data Scoping
Scoping :: Maybe NonNegativeInteger -> Maybe IDPList -> [AnyURI] -> Scoping
[scopingProxyCount] :: Scoping -> Maybe NonNegativeInteger
[scopingIDPList] :: Scoping -> Maybe IDPList
[scopingRequesterID] :: Scoping -> [AnyURI]

-- | §3.4.1.3
data IDPList
IDPList :: List1 IDPEntry -> Maybe AnyURI -> IDPList
[idpList] :: IDPList -> List1 IDPEntry
[idpGetComplete] :: IDPList -> Maybe AnyURI

-- | §3.4.1.3.1
data IDPEntry
IDPEntry :: AnyURI -> Maybe XString -> Maybe AnyURI -> IDPEntry
[idpEntryProviderID] :: IDPEntry -> AnyURI
[idpEntryName] :: IDPEntry -> Maybe XString
[idpEntryLoc] :: IDPEntry -> Maybe AnyURI

-- | §3.5.1
data ArtifactResolve
ArtifactResolve :: !RequestAbstractType -> XString -> ArtifactResolve
[artifactResolve] :: ArtifactResolve -> !RequestAbstractType
[artifactResolveArtifact] :: ArtifactResolve -> XString

-- | §3.5.2
data ArtifactResponse
ArtifactResponse :: !StatusResponseType -> Maybe Node -> ArtifactResponse
[artifactResponse] :: ArtifactResponse -> !StatusResponseType
[artifactResponseMessage] :: ArtifactResponse -> Maybe Node

-- | §3.6.1
data ManageNameIDRequest
ManageNameIDRequest :: !RequestAbstractType -> PossiblyEncrypted NameID -> Maybe (PossiblyEncrypted NewID) -> ManageNameIDRequest
[manageNameIDRequest] :: ManageNameIDRequest -> !RequestAbstractType
[manageNameIDRequestNameID] :: ManageNameIDRequest -> PossiblyEncrypted NameID
[manageNameIDRequestNewID] :: ManageNameIDRequest -> Maybe (PossiblyEncrypted NewID)
newtype NewID
NewID :: XString -> NewID
[newID] :: NewID -> XString
type NewEncryptedID = EncryptedElement NewID

-- | §3.6.2
newtype ManageNameIDResponse
ManageNameIDResponse :: StatusResponseType -> ManageNameIDResponse
[manageNameIDResponse] :: ManageNameIDResponse -> StatusResponseType

-- | §3.7.1
data LogoutRequest
LogoutRequest :: !RequestAbstractType -> Maybe (Identified XString LogoutReason) -> Maybe DateTime -> PossiblyEncrypted Identifier -> Maybe XString -> LogoutRequest
[logoutRequest] :: LogoutRequest -> !RequestAbstractType
[logoutRequestReason] :: LogoutRequest -> Maybe (Identified XString LogoutReason)
[logoutRequestNotOnOrAfter] :: LogoutRequest -> Maybe DateTime
[logoutRequestIdentifier] :: LogoutRequest -> PossiblyEncrypted Identifier
[logoutRequestSessionIndex] :: LogoutRequest -> Maybe XString

-- | §3.7.2
newtype LogoutResponse
LogoutResponse :: StatusResponseType -> LogoutResponse
[logoutResponse] :: LogoutResponse -> StatusResponseType

-- | §3.7.3
data LogoutReason
LogoutReasonUser :: LogoutReason
LogoutReasonAdmin :: LogoutReason

-- | §3.8.1
data NameIDMappingRequest
NameIDMappingRequest :: !RequestAbstractType -> PossiblyEncrypted Identifier -> NameIDPolicy -> NameIDMappingRequest
[nameIDMappingRequest] :: NameIDMappingRequest -> !RequestAbstractType
[nameIDMappingRequestIdentifier] :: NameIDMappingRequest -> PossiblyEncrypted Identifier
[nameIDMappingRequestPolicy] :: NameIDMappingRequest -> NameIDPolicy

-- | §3.8.2
data NameIDMappingResponse
NameIDMappingResponse :: !StatusResponseType -> PossiblyEncrypted NameID -> NameIDMappingResponse
[nameIDMappingResponse] :: NameIDMappingResponse -> !StatusResponseType
[nameIDMappingResponseNameID] :: NameIDMappingResponse -> PossiblyEncrypted NameID
data AnyRequest
RequestAssertionIDRequest :: !AssertionIDRequest -> AnyRequest
RequestAuthnQuery :: !AuthnQuery -> AnyRequest
RequestAttributeQuery :: !AttributeQuery -> AnyRequest
RequestAuthzDecisionQuery :: !AuthzDecisionQuery -> AnyRequest
RequestAuthnRequest :: !AuthnRequest -> AnyRequest
RequestArtifactResolve :: !ArtifactResolve -> AnyRequest
RequestManageNameIDRequest :: !ManageNameIDRequest -> AnyRequest
RequestLogoutRequest :: !LogoutRequest -> AnyRequest
RequestNameIDMappingRequest :: !NameIDMappingRequest -> AnyRequest
data AnyResponse
ResponseResponse :: !Response -> AnyResponse
ResponseArtifactResponse :: !ArtifactResponse -> AnyResponse
data AnyProtocol
ProtocolRequest :: !AnyRequest -> AnyProtocol
ProtocolResponse :: !AnyResponse -> AnyProtocol
data SAMLVersion
SAML10 :: SAMLVersion
SAML11 :: SAMLVersion
SAML20 :: SAMLVersion
samlVersion :: SAMLVersion -> Version

-- | §8.1
data ActionNamespace

-- | §8.1.1: Read Write Execute Delete Control
ActionNamespaceRWEDC :: ActionNamespace

-- | §8.1.2: RWEDC ~RWEDC
ActionNamespaceRWEDCNegation :: ActionNamespace

-- | §8.1.3: GET HEAD PUT POST
ActionNamespaceGHPP :: ActionNamespace

-- | §8.1.4: octal
ActionNamespaceUNIX :: ActionNamespace

-- | §8.2
data AttributeNameFormat

-- | §8.2.1: Text
AttributeNameFormatUnspecified :: AttributeNameFormat

-- | §8.2.2: URI
AttributeNameFormatURI :: AttributeNameFormat

-- | §8.2.3: Name
AttributeNameFormatBasic :: AttributeNameFormat

-- | §8.3
data NameIDFormat

-- | §8.3.1: Text
NameIDFormatUnspecified :: NameIDFormat

-- | §8.3.2: rfc2822
NameIDFormatEmail :: NameIDFormat

-- | §8.3.3: XML signature
NameIDFormatX509 :: NameIDFormat

-- | §8.3.4: Maybe Domain, User
NameIDFormatWindows :: NameIDFormat

-- | §8.3.5: rfc1510
NameIDFormatKerberos :: NameIDFormat

-- | §8.3.6: SAML endpoint (BaseId and SPProvidedID must be Nothing)
NameIDFormatEntity :: NameIDFormat

-- | §8.3.7: String &lt;= 256 char (NameQualifier same as idp
--   ident<i>Nothing, SPNameQualifier same as sp ident</i>Nothing,
--   SPProvidedID alt ident from sp)
NameIDFormatPersistent :: NameIDFormat

-- | §8.3.8: String &lt;= 256 char
NameIDFormatTransient :: NameIDFormat

-- | §3.4.1.1: only for NameIDPolicy
NameIDFormatEncrypted :: NameIDFormat

-- | §8.4
data Consent

-- | §8.4.1
ConsentUnspecified :: Consent

-- | §8.4.2
ConsentObtained :: Consent

-- | §8.4.3
ConsentPrior :: Consent

-- | §8.4.4
ConsentImplicit :: Consent

-- | §8.4.5
ConsentExplicit :: Consent

-- | §8.4.6
ConsentUnavailable :: Consent

-- | §8.4.7
ConsentInapplicable :: Consent


-- | OASIS Security Assertion Markup Language (SAML) V2.0
module SAML2
data Identified b a
Identified :: !a -> Identified b a
Unidentified :: !b -> Identified b a
namespaceURI :: Namespace -> URI
samlToXML :: XmlPickler a => a -> ByteString
xmlToSAML :: XmlPickler a => ByteString -> Either String a