1 <?xml version="1.0" encoding="UTF-8"?>
2 <schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:oidcmd="urn:mace:shibboleth:metadata:oidc:1.0" targetNamespace="urn:mace:shibboleth:metadata:oidc:1.0" elementFormDefault="unqualified" attributeFormDefault="unqualified" blockDefault="substitution" version="2.0">
6 Document title: SAML Metadata Extension Schema for OIDC OP/RP information.
10 <simpleType name="string">
11 <restriction base="string">
12 <minLength value="1"/>
16 <simpleType name="anyURI">
17 <restriction base="anyURI">
18 <minLength value="1"/>
22 <simpleType name="stringListType">
23 <list itemType="oidcmd:string"/>
26 <simpleType name="anyURIListType">
27 <list itemType="oidcmd:anyURI"/>
30 <element name="OAuthRPExtensions">
33 <element ref="oidcmd:default_acr_value" minOccurs="0" maxOccurs="unbounded"/><!-- order matters -->
34 <element ref="oidcmd:request_uri" minOccurs="0" maxOccurs="unbounded"/>
35 <element ref="oidcmd:post_logout_redirect_uri" minOccurs="0" maxOccurs="unbounded" />
36 <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
38 <attribute name="token_endpoint_auth_method" type="oidcmd:string" />
39 <attribute name="grant_types" type="oidcmd:stringListType" />
40 <attribute name="response_types" type="oidcmd:stringListType" />
41 <attribute name="application_type" type="oidcmd:string" />
42 <attribute name="client_uri" type="oidcmd:anyURI" />
43 <attribute name="scopes" type="oidcmd:stringListType" />
44 <attribute name="software_id" type="oidcmd:string" />
45 <attribute name="software_version" type="oidcmd:string" />
46 <attribute name="sector_identifier_uri" type="oidcmd:anyURI" />
47 <attribute name="id_token_signed_response_alg" type="oidcmd:string" />
48 <attribute name="id_token_encrypted_response_alg" type="oidcmd:string" />
49 <attribute name="id_token_encrypted_response_enc" type="oidcmd:string" />
50 <attribute name="userinfo_signed_response_alg" type="oidcmd:string" />
51 <attribute name="userinfo_encrypted_response_alg" type="oidcmd:string" />
52 <attribute name="userinfo_encrypted_response_enc" type="oidcmd:string" />
53 <attribute name="request_object_signing_alg" type="oidcmd:string" />
54 <attribute name="request_object_encryption_alg" type="oidcmd:string" />
55 <attribute name="request_object_encryption_enc" type="oidcmd:string" />
56 <attribute name="token_endpoint_auth_signing_alg" type="oidcmd:string" />
57 <attribute name="initiate_login_uri" type="oidcmd:anyURI" />
58 <attribute name="default_max_age" type="int" />
59 <attribute name="require_auth_time" type="boolean" />
60 <anyAttribute namespace="##other" processContents="lax" />
64 <element name="default_acr_value" type="oidcmd:string" />
65 <element name="request_uri" type="oidcmd:anyURI" />
66 <element name="post_logout_redirect_uri" type="oidcmd:anyURI" />
68 <element name="JwksUri" type="oidcmd:anyURI" />
69 <element name="JwksData" type="base64Binary" />
70 <element name="ClientSecret" type="oidcmd:string" />
71 <element name="ClientSecretKeyReference" type="oidcmd:string" />