Add support for a couple of attributes from the SCHAC profile.

InCommon · Feb 27, 2012 · f033ac2 · f033ac2
1 parent ced373d
commit f033ac2
Showing 1 changed file with 56 additions and 0 deletions.
diff --git a/build/check_reqattr.xsl b/build/check_reqattr.xsl
@@ -22,6 +22,13 @@
 		from http://aai.grnet.gr/static/grEduPerson.schema
 		and http://aai.grnet.gr/static/policy/policy-en.pdf
 	
+	* SCHAC
+		Only very basic coverage, most attributes to come later.
+		http://www.terena.org/activities/tf-emc2/docs/schac/schac-schema-IAD-1.4.1.pdf
+		http://www.terena.org/registry/terena.org/attribute-def/
+		http://www.terena.org/registry/terena.org/schac/
+		Assuming encoding rules equivalent to MACEAttr.
+    
 
 	Author: Ian A. Young <ian@iay.org.uk>
 
@@ -319,6 +326,37 @@
 				</xsl:call-template>
 			</xsl:when>
 
+			<!--
+                SCHAC SAML 1.x binding
+            -->
+			<xsl:when test="
+				@Name='urn:mace:terena.org:attribute-def:schacHomeOrganization' or
+				@Name='urn:mace:terena.org:attribute-def:schacPersonalUniqueCode'
+				">
+				<!-- OK -->
+			</xsl:when>
+
+			<!--
+                SCHAC SAML 2.0 names should not appear.
+            -->
+			<xsl:when test="
+				@Name='urn:oid:1.3.6.1.4.1.25178.1.2.9' or
+				@Name='urn:oid:1.3.6.1.4.1.25178.1.2.14'
+				">
+				<xsl:call-template name="error">
+					<xsl:with-param name="m">
+						<xsl:text>RequestedAttribute uses OID name </xsl:text>
+						<xsl:value-of select="@Name"/>
+						<xsl:text> with SAML 1.x NameFormat: should use urn:mace name or SAML 2.0 NameFormat</xsl:text>
+						<xsl:if test="@FriendlyName">
+							<xsl:text> (</xsl:text>
+							<xsl:value-of select="@FriendlyName"/>
+							<xsl:text>)</xsl:text>
+						</xsl:if>
+					</xsl:with-param>
+				</xsl:call-template>
+			</xsl:when>
+
 			<!--
 				MACE-Dir Attribute Profile for SAML 1.x
 				
@@ -415,6 +453,24 @@
 				</xsl:call-template>
 			</xsl:when>
 
+			<!--
+                Common error: using the legacy SCHAC name with the SAML 2.0 NameFormat.
+            -->
+			<xsl:when test="starts-with(@Name, 'urn:mace:terena.org:attribute-def:')">
+				<xsl:call-template name="error">
+					<xsl:with-param name="m">
+						<xsl:text>RequestedAttribute uses legacy format name </xsl:text>
+						<xsl:value-of select="@Name"/>
+						<xsl:text> with SAML 2.0 NameFormat: should use urn:oid name or SAML 1.x NameFormat</xsl:text>
+						<xsl:if test="@FriendlyName">
+							<xsl:text> (</xsl:text>
+							<xsl:value-of select="@FriendlyName"/>
+							<xsl:text>)</xsl:text>
+						</xsl:if>
+					</xsl:with-param>
+				</xsl:call-template>
+			</xsl:when>
+
 			<!--
 				MACE-Dir Attribute Profile for SAML 2.0