OIDC XML Metadata Schema Location

Fuhr, Emily efuhr at austin.utexas.edu
Wed Apr 14 15:11:36 UTC 2021


Thanks for the incredibly fast response and I noticed a link to the schema has appeared in the wiki. I've since worked to plug this schema into our validation process. Now onto a new related question with some background. We manage an internal SAML metadata federation and currently enforce schema correctness according to https://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd. Since there is a version of OIDC metadata that fits the general mold of SAML metadata, we'd like to add it to our federation.

Now onto my question: In order to enforce validation against the OIDC XML metadata schema at http://shibboleth.net/schema/oidc/saml-metadata-ext-oidcmd.xsd, I need to set processContents="strict" for the Extensions element in the SAML schema and add an import for the OIDC XML schema. Is this the expected method for enforcing schema correctness here? Is there a better way to do so?
 
Thanks,
Emily Fuhr (she/her)
 

On 4/2/21, 10:09 AM, "users on behalf of Cantor, Scott" <users-bounces at shibboleth.net on behalf of cantor.2 at osu.edu> wrote:

    > I'm going through the documentation for using the new OIDC plugin for IDPv4.1
    > and I don't see a location to access the XSD. Is that still being finalized or does
    > someone have a link they could share? I haven't found it yet in the IDP wiki.
    
    The schema isn't in flux but we're still "finalizing" some of the housekeeping from the release. All our schemas have redirects installed to get to them from the web so editors work, and this one will too but I don't think it's there yet. It wouldn't be remiss to just file a Documentation bug on it in Jira so we don't forget.
    
    We'll deal with it next week at the latest, but in the meantime, the schema's here:
    https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fgit.shibboleth.net%2Fview%2F%3Fp%3Djava-oidc-common.git%3Ba%3Dblob%3Bf%3Doidc-common-saml-api%2Fsrc%2Fmain%2Fresources%2Fschema%2Fsaml-metadata-ext-oidcmd.xsd%3Bh%3Dff61873eacec24512d9cd0e2b109ad5011258f97%3Bhb%3DHEAD&data=04%7C01%7Cefuhr%40austin.utexas.edu%7Ca89a544cacc541093f1108d8f5e94231%7C31d7e2a5bdd8414e9e97bea998ebdfe1%7C1%7C0%7C637529729506531170%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=LpuF3Su7fnuUPfcxyfRJnCxfJ3VhgfcMvY0xcCWLVII%3D&reserved=0
    
    If that link gets mangled, it's in the java-oidc-common project in oidc-common-saml-api under src/main/resources/schema/
    
    -- Scott
    
    -- 
    For Consortium Member technical support, see https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.shibboleth.net%2Fconfluence%2Fx%2FcoFAAg&data=04%7C01%7Cefuhr%40austin.utexas.edu%7Ca89a544cacc541093f1108d8f5e94231%7C31d7e2a5bdd8414e9e97bea998ebdfe1%7C1%7C0%7C637529729506531170%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=DCc5n6TYJvqimFYUmeRng6nt4k3nWwMe3kJMQZSLcKo%3D&reserved=0
    To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
    >> This message is from an external sender. Learn more about why this <<
    >> matters at https://links.utexas.edu/rtyclf.                        <<
    
    



More information about the users mailing list